irs.primeramfbank.com Open in urlscan Pro
162.240.216.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://irs.primeramfbank.com/
Effective URL:
https://irs.primeramfbank.com/login/
Submission Tags: analytics-framework
Submission: On April 20 via api (April 20th 2023, 6:37:19 pm UTC) from US — Scanned from DE

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 53 HTTP transactions. The main IP is 162.240.216.164, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is irs.primeramfbank.com.
TLS certificate: Issued by R3 on April 20th 2023. Valid for: 3 months.

This is the only time irs.primeramfbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	162.240.216.164 162.240.216.164	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
3	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:205e:8000:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.208.115.43 34.208.115.43	16509 (AMAZON-02) (AMAZON-02)
53	12

31 162.240.216.164 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 6684375.primerairs.com

irs.primeramfbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:205e:8000:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.208.115.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-115-43.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	primeramfbank.com 1 redirects irs.primeramfbank.com	1 MB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 2411 q.stripe.com — Cisco Umbrella Rank: 20152 m.stripe.com — Cisco Umbrella Rank: 2198	128 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119 maps.googleapis.com — Cisco Umbrella Rank: 613	190 KB
3	gstatic.com fonts.gstatic.com	70 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	15 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2669	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	88 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	2 KB
53	8

	Domain	Requested by
31	irs.primeramfbank.com	1 redirects irs.primeramfbank.com
4	maps.googleapis.com	irs.primeramfbank.com maps.googleapis.com
3	q.stripe.com	irs.primeramfbank.com
3	fonts.gstatic.com	fonts.googleapis.com
3	js.stripe.com	irs.primeramfbank.com js.stripe.com
3	cdn.jsdelivr.net	irs.primeramfbank.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	connect.facebook.net	irs.primeramfbank.com connect.facebook.net
1	m.stripe.com	m.stripe.network
1	cdnjs.cloudflare.com	irs.primeramfbank.com
1	fonts.googleapis.com	irs.primeramfbank.com
53	11

This site contains no links.

Subject Issuer	Validity	Valid
irs.primeramfbank.com R3	`2023-04-20` - `2023-07-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-28` - `2023-04-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh

This page contains 3 frames:

Primary Page: https://irs.primeramfbank.com/login/
Frame ID: 89AAFAB14D96C43F9D5AC7F2DAB9627E
Requests: 46 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 5D7321CC9539E808B84BF8A1A9C23683
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: DB11D59FB188A342BEC54561345BF80E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login – Primera Internal Resource Stream

Page URL History Show full URLs

https://irs.primeramfbank.com/ HTTP 302
https://irs.primeramfbank.com/login/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

53
Requests

100 %
HTTPS

64 %
IPv6

8
Domains

11
Subdomains

12
IPs

2
Countries

2035 kB
Transfer

5925 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://irs.primeramfbank.com/ HTTP 302
https://irs.primeramfbank.com/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
irs.primeramfbank.com/login/
Redirect Chain

https://irs.primeramfbank.com/
https://irs.primeramfbank.com/login/

113 KB
24 KB

1051ms
1050ms

Document
text/html

162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

4ec729d6990b87f5be72c7587f6ffbb215a9454c2a07602934e1692bac4d2492

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 24756
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 20 Apr 2023 18:37:11 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://irs.primeramfbank.com/wp-json/>; rel="https://api.w.org/", <https://irs.primeramfbank.com/?p=4>; rel=shortlink
pragma: no-cache
server: Apache
vary: Accept-Encoding,User-Agent

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 20 Apr 2023 18:37:10 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://irs.primeramfbank.com/login/
pragma: no-cache
server: Apache
vary: User-Agent

GET
H2 200 alertify.min.css
cdn.jsdelivr.net/alertifyjs/1.8.0/css/ 18 KB
4 KB 88ms
38ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/alertifyjs/1.8.0/css/alertify.min.css

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaaa1d3d000618b91ccc4a906c85d9024a484484d75ff5e7381abffb12cbdd28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:37:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4960902
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230099-FRA, cache-yyz4540-YYZ
server: cloudflare
etag: W/"4905-zm4qxxSU72UCdgztOXWX+u1V2ks"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MnwHiP%2B%2FHVVxC8GMqoA8R6cxHJS6bNi5RXQCjLRoOZEBypmjQ2blPz8%2BuPzRFt2EBDwaZKWzASz5FK5liASZ%2BIOcVBLdP3%2B4MDonA%2Fbi6NRzR%2FVKZlRnSutNiPlEY4RsTDk96B3tPLsJe9Uxug%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7baf7f4bfb8030e4-FRA

GET
H2 200 default.min.css
cdn.jsdelivr.net/alertifyjs/1.8.0/css/themes/ 1 KB
936 B 90ms
40ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/alertifyjs/1.8.0/css/themes/default.min.css

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

956fd70c10d8530b2739b87baa54e77212904d582fd9e9e615eab66692401908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:37:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4960902
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230111-FRA, cache-yyz4561-YYZ
server: cloudflare
etag: W/"5f0-eNdamcE+BaIdzsYzXXLAKKeY2wo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiVNbiUVffD%2Bd6kCO6F4CjD8eHTfSX%2FNEDTgm2y13KJisPE9%2B23x%2Bxham5nsgK8ZZAaFWDTweHPxlCnPWhauJkO2O6EQubSGSO4KfQ59NAtN0%2BisoZNgZYs9Jt7jvA8cIy0eXtPX3nvaO4oIXUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7baf7f4bfb8330e4-FRA

GET
H2 200 57861013-1539179860.min.css
irs.primeramfbank.com/wp-content/mmr/ 30 KB
6 KB 163ms
162ms Stylesheet
text/css 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/mmr/57861013-1539179860.min.css

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

770af2a82f7c9a7bc08994d4d916362a0c78d94ea3487a5bd4c5a42b9f757feb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:12 GMT
last-modified: Wed, 28 Sep 2022 15:44:47 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 5721

GET
H2 200 99646400-1682002122.min.css
irs.primeramfbank.com/wp-content/mmr/ 322 KB
57 KB 323ms
321ms Stylesheet
text/css 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/mmr/99646400-1682002122.min.css

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

93edec60cfb8efbaeece0255ce0fb03a65d2bc98225ed47e0ff9d806c7f37e25

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:12 GMT
last-modified: Thu, 20 Apr 2023 15:04:03 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 4 KB
908 B 86ms
36ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,200,300,400,400italic,600,700italic,800,900|Lato:100,200,300,400,400italic,600,700italic,800,900

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc1a5cf6a7d01686659407846612e14265be8c4aa00f5fc10e30a3e94f6b68bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 18:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 18:37:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 18:37:12 GMT

GET
H2 200 94aa169e-1556277804.min.css
irs.primeramfbank.com/wp-content/mmr/ 462 KB
70 KB 477ms
476ms Stylesheet
text/css 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/mmr/94aa169e-1556277804.min.css

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

6900e6736ec849ae06a54fee23365962e71e9735fcb80a0b06ced992e439c293

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:12 GMT
last-modified: Wed, 28 Sep 2022 15:44:47 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes

GET
H2 200 7b942c4d-1618495856.min.css
irs.primeramfbank.com/wp-content/mmr/ 137 KB
47 KB 165ms
164ms Stylesheet
text/css 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/mmr/7b942c4d-1618495856.min.css

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

699594e0dd50492b7193625934fd80ae19837ee3d73a21ec5b252108a7966401

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:12 GMT
last-modified: Wed, 28 Sep 2022 15:44:47 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes

GET
H2 200 3eff1540-1567653580.js Show response
irs.primeramfbank.com/wp-content/mmr/ 118 KB
40 KB 167ms
166ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/mmr/3eff1540-1567653580.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

4a28dd1fd7aeb5f630c7271dd3d52586bdb3850e8c440913f150894c1c0c745b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 28 Sep 2022 15:44:36 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 41298

GET
H2 200 alertify.min.js Show response
cdn.jsdelivr.net/alertifyjs/1.8.0/ 35 KB
10 KB 21ms
20ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/alertifyjs/1.8.0/alertify.min.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa13f2a7d42e023c8b7e6158197191b9e412805ecd107e0e2dd13b73f5114c22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:37:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4960903
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230096-FRA, cache-yyz4520-YYZ
server: cloudflare
etag: W/"8aaa-TYsU5nRtVWHyjWatrj2q0Q3kB6Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMJ57CMU2fl%2Fknn7XGMimzovZDFxtfHHmMROZQoONm7PH%2FCylRvqaO6ELemJt8hGCFdcOEKGDS%2BZXXgj0j6Rtxy818zjjBiujF5ZUnmDrH1p%2FdjmDMjugICFf5I7q%2BqOl06fT6GcR3VdG5w8rzk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7baf7f4ebfbe30e4-FRA

GET
H2 200 161e3319-1618495856.js Show response
irs.primeramfbank.com/wp-content/mmr/ 72 KB
18 KB 167ms
165ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/mmr/161e3319-1618495856.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

954b1192c5d5691aadd6c7a52baf8b3090f1f8a44c29b74b604d903320416965

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 28 Sep 2022 15:44:36 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 18768

GET
H2 200 / Show response
js.stripe.com/v3/ 463 KB
124 KB 129ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a2b05251d8b8c6398b5c64c9ba15d9cc917381474ae77d24aeb6242fc5ba7087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 18:37:13 GMT
via: 1.1 varnish
age: 34
x-cache: HIT
content-length: 126901
x-request-id: 8657cecd-208e-45ce-a649-838874859316
x-served-by: cache-hhn-etou8220027-HHN
last-modified: Thu, 20 Apr 2023 17:39:08 GMT
server: Fastly
etag: "1253c080fca94decd8be23f2b2b76021"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9

GET
H2 200 1f5f5a53-1618495856.js Show response
irs.primeramfbank.com/wp-content/mmr/ 52 KB
15 KB 163ms
160ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/mmr/1f5f5a53-1618495856.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

6c48d61410121b333795a2eae4f24678b0a2db0bd78e4818e6c6dcd1aa7f9233

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 28 Sep 2022 15:44:36 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 15352

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 167 KB
55 KB 160ms
39ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?v=3&libraries=places&language=en&key=AIzaSyAyXqXI9qYLIWaD9gLErobDccodaCgHiGs&ver=4.9.22

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

4a5a91eece37c51badee3cfd7b594dda1f9ebae4e838986512f17f477dfacb37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55686
x-xss-protection: 0

GET
H2 200 67533854-1618495856.js Show response
irs.primeramfbank.com/wp-content/mmr/ 669 KB
181 KB 304ms
302ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/mmr/67533854-1618495856.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

692883cc62b32e2cc09e3e312f0beef3b24c6a774e89e1374913fe29ee16ce7b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 28 Sep 2022 15:44:36 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 89284bca-1618495856.js Show response
irs.primeramfbank.com/wp-content/mmr/ 788 KB
173 KB 304ms
301ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/mmr/89284bca-1618495856.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

2a47d02071e925e256fab69072c3f0c24dc31f21be7adaa1566ccc2449d513ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 28 Sep 2022 15:44:36 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 frontend.min.css
irs.primeramfbank.com/wp-content/plugins/global-gallery/css/ 34 KB
6 KB 165ms
164ms Stylesheet
text/css 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/plugins/global-gallery/css/frontend.min.css?ver=6.203

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

f12b57ea2a2305c9c48917f1dfd86d072f8db91bb21bfb08f9b4aad103092211

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:12 GMT
last-modified: Wed, 10 Oct 2018 13:57:35 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 6144

GET
H2 200 galleria.ggallery_minimal.css
irs.primeramfbank.com/wp-content/plugins/global-gallery/js/jquery.galleria/themes/ggallery/ 12 KB
2 KB 320ms
319ms Stylesheet
text/css 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/plugins/global-gallery/js/jquery.galleria/themes/ggallery/galleria.ggallery_minimal.css?ver=6.203

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

de59e2831f8bbfa383ef9fbf6ac36d6e6a7e02f9b032742d73abcce3c5f80f6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:12 GMT
last-modified: Wed, 10 Oct 2018 13:57:35 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 2318

GET
H2 200 IRS-Logo-for-WHITE-background.png
irs.primeramfbank.com/wp-content/uploads/2018/07/ 52 KB
52 KB 166ms
164ms Image
image/png 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://irs.primeramfbank.com/wp-content/uploads/2018/07/IRS-Logo-for-WHITE-background.png

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

b8a04beca34d6f99ccd59fc1c7baf04b9b8d031d393d26d8cf7d178a169f4cd1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 10 Oct 2018 13:57:42 GMT
server: Apache
accept-ranges: bytes
content-length: 52830
content-type: image/png

GET
H2 200 scripts.js Show response
irs.primeramfbank.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 303ms
300ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/plugins/contact-form-7/includes/js/scripts.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Tue, 26 Mar 2019 17:06:09 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 3993

GET
H2 200 alloy_finger.min.js Show response
irs.primeramfbank.com/wp-content/plugins/global-gallery/js/lightboxes/lc-lightbox/lib/ 6 KB
2 KB 302ms
300ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/plugins/global-gallery/js/lightboxes/lc-lightbox/lib/alloy_finger.min.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

0c14cbdf005732a41b9dccd59376ae0770e7342ba745041d268b94f06cc322f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 10 Oct 2018 13:57:35 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 1715

GET
H2 200 lc_lightbox.gg.min.js Show response
irs.primeramfbank.com/wp-content/plugins/global-gallery/js/lightboxes/lc-lightbox/js/ 51 KB
15 KB 303ms
301ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/plugins/global-gallery/js/lightboxes/lc-lightbox/js/lc_lightbox.gg.min.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

ed37cf77312ceada6b2332620f7fb2bc1734e949a3a6563a859582a3481cad5f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 10 Oct 2018 13:57:35 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 15129

GET
H2 200 bootstrap.min.js Show response
irs.primeramfbank.com/wp-content/plugins/masterstudy-lms-learning-management-system/assets/vendors/ 35 KB
9 KB 303ms
301ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/plugins/masterstudy-lms-learning-management-system/assets/vendors/bootstrap.min.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Tue, 26 Mar 2019 17:06:11 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 9441

GET
H2 200 polls-js.js Show response
irs.primeramfbank.com/wp-content/plugins/wp-polls/ 3 KB
755 B 306ms
304ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/plugins/wp-polls/polls-js.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

224546ee41f8aacc21cb2067284a16ce5fffd04bbf79a5e4fc04c810dfe6ce67

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 19 Dec 2018 08:43:56 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 700

GET
H2 200 directory.js Show response
irs.primeramfbank.com/wp-content/themes/kingsley/framework-customizations/extensions/woffice-directory/static/js/ 1 KB
367 B 307ms
306ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/themes/kingsley/framework-customizations/extensions/woffice-directory/static/js/directory.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

b2d7c56375d999016b690a06911e9aeeb807b39b5acdecd4606f7e566bd6901e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 10 Oct 2018 13:57:41 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 312

GET
H2 200 plugins.min.js Show response
irs.primeramfbank.com/wp-content/themes/kingsley/js/ 174 KB
50 KB 465ms
464ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/themes/kingsley/js/plugins.min.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

44779d474eaede8cabe7189e7239393fcea679942adf297cc1b4c82756018c57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 10 Oct 2018 13:57:41 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 51214

GET
H2 200 scripts.min.js Show response
irs.primeramfbank.com/wp-content/themes/kingsley/js/ 23 KB
6 KB 462ms
460ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/themes/kingsley/js/scripts.min.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

c73238f36155914d4a2998d24164fb51bb243818220a6f5f3ca2366dae589dc3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 10 Oct 2018 13:57:41 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 6019

GET
H2 200 woffice-poll-scripts.js Show response
irs.primeramfbank.com/wp-content/themes/kingsley/framework-customizations/extensions/woffice-poll/static/js/ 884 B
416 B 462ms
460ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/themes/kingsley/framework-customizations/extensions/woffice-poll/static/js/woffice-poll-scripts.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

37f92bc73a4d6ccc017fcc0f0a03f89fa60b4d450d29dbc3f337b81edf016a15

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 10 Oct 2018 13:57:41 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 383

GET
H2 200 wiki.js Show response
irs.primeramfbank.com/wp-content/themes/kingsley/framework-customizations/extensions/woffice-wiki/static/js/ 3 KB
660 B 461ms
460ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/themes/kingsley/framework-customizations/extensions/woffice-wiki/static/js/wiki.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

6dab388701a6bd10b4b6dc49ab1f3ea046eebe50581bf9672a569be1656aa8b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 10 Oct 2018 13:57:41 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 627

GET
H2 200 fixed-nav.js Show response
irs.primeramfbank.com/wp-content/themes/kingsley/js/ 4 KB
1 KB 462ms
461ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/themes/kingsley/js/fixed-nav.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

3d16a3856d18b17772dd2af9a0850f43a43ddb357c37b3292b6662beb96cfdbb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 10 Oct 2018 13:57:41 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 1013

GET
H2 200 0ba60e25-1618495856.min.js Show response
irs.primeramfbank.com/wp-content/mmr/ 1 KB
775 B 461ms
460ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/mmr/0ba60e25-1618495856.min.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

c1f56e06872d5e3714ddd84e3613be713f5288e12881a6f3f41dd743bf592c03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 28 Sep 2022 15:44:36 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 742

GET
H2 200 wp-emoji-release.min.js Show response
irs.primeramfbank.com/wp-includes/js/ 12 KB
4 KB 462ms
461ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Thu, 15 Apr 2021 14:10:56 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 4347

GET
H2 200 ea1e1378-1539179861.min.css
irs.primeramfbank.com/wp-content/mmr/ 898 B
420 B 461ms
460ms Stylesheet
text/css 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/mmr/ea1e1378-1539179861.min.css

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

74d7e12a879fa65c88f9c10ff02f0c48f0a289d87b7e65837231fe032eb40c9c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 28 Sep 2022 15:44:47 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 387

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 128ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7286b77165fd4ed90e5c0b2499e95af5b737163b8a0e1c2594ee0de17fe5f187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 18:37:13 GMT
content-md5: NzD872r2bUEPOmg+8yhWJg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: kryUSzn0PqLc4hOPqBhxIl3N7aepxqJCt1YLWcY8a4jWhCERSJMYFvmhsPn5dGe5PyJih8qAljW/4zC+ufG+fA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: f8025a897928c1eed448371e4f070d72
cross-origin-opener-policy: same-origin-allow-popups
etag: "8ac6a7a4512fa70e6d3cd4f2944712f1"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 20 Apr 2023 18:41:12 GMT

GET
H2 200 background.png
irs.primeramfbank.com/wp-content/uploads/2018/07/ 274 KB
274 KB 301ms
300ms Image
image/png 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://irs.primeramfbank.com/wp-content/uploads/2018/07/background.png

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

2f92b13e0e8ddd561eb2e4c70fcb0e29c2b1d9b199789ec278d55e300e1ae440

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 10 Oct 2018 13:57:42 GMT
server: Apache
accept-ranges: bytes
content-length: 280686
content-type: image/png

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 124ms
15ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,200,300,400,400italic,600,700italic,800,900|Lato:100,200,300,400,400italic,600,700italic,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://irs.primeramfbank.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:32:15 GMT
x-content-type-options: nosniff
age: 201898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:32:15 GMT

GET
H2 200 fontawesome-webfont.woff2
irs.primeramfbank.com/wp-content/plugins/global-gallery/css/font-awesome/fonts/ 75 KB
75 KB 451ms
450ms Font
font/woff2 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-content/plugins/global-gallery/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/wp-content/mmr/7b942c4d-1618495856.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://irs.primeramfbank.com/wp-content/mmr/7b942c4d-1618495856.min.css
Origin: https://irs.primeramfbank.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:13 GMT
last-modified: Wed, 10 Oct 2018 13:57:35 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: font/woff2
accept-ranges: bytes

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
22 KB 137ms
28ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,200,300,400,400italic,600,700italic,800,900|Lato:100,200,300,400,400italic,600,700italic,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://irs.primeramfbank.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:11 GMT
x-content-type-options: nosniff
age: 232562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 02:01:11 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 144ms
35ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,200,300,400,400italic,600,700italic,800,900|Lato:100,200,300,400,400italic,600,700italic,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://irs.primeramfbank.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:44 GMT
x-content-type-options: nosniff
age: 201929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:44 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 20ms
10ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=779149a4d995d0616cd0516b9b1938a1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e677421c5253c923bfc7f24843e3e53f6b1505a2a807da6aa7e06187bcfe033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://irs.primeramfbank.com/
Origin: https://irs.primeramfbank.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 18:37:13 GMT
content-md5: bLKRc6dMBFgbrSX7n2OGVQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87122
x-fb-rlafr: 0
x-fb-debug: aBpNZIMoSXY29alWtA1qUgt/0Dc6WTa9sQVAPDdU4rAACubcCKISjJefW3IfiyC44pOZz2dk0OmowC4HQ7LadA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 3e6cb70ab4d23b487818fc1349d90149
cross-origin-opener-policy: same-origin-allow-popups
etag: "9f239e33c8185f28a5a2e267ecae70dc"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 19 Apr 2024 13:45:53 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 61ms
31ms XHR
application/json 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&libraries=places&language=en&key=AIzaSyAyXqXI9qYLIWaD9gLErobDccodaCgHiGs&ver=4.9.22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://irs.primeramfbank.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/ 3 KB
2 KB 483ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/wp-content/mmr/3eff1540-1567653580.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:37:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2466634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1065
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2Bo0J%2B9PEEW9phDaiygV4d6osLhDE0iV5Dzd2eEKXqlGRRqHpO4YcIeX8Hahar8Ss0GNdRZMpB98%2FGTvlvrHbq%2Bo36apLo8%2BrLDc0X6uCvbWsx%2F0lfbK22AvkW1omlTtTJOpi33NXq5bUwVF1P57y%2B5Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7baf7f5549225c92-FRA
expires: Tue, 09 Apr 2024 18:37:14 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 5D73 200 B
809 B 8ms
7ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://irs.primeramfbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 11550731
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 20 Apr 2023 18:37:14 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 07 Dec 2022 23:30:12 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 78409
x-content-type-options: nosniff
x-request-id: a3023de1-4c67-41e6-a3ba-b8f74577be88
x-served-by: cache-hhn-etou8220027-HHN

GET
H2 200 zxcvbn.min.js Show response
irs.primeramfbank.com/wp-includes/js/ 803 KB
391 KB 173ms
173ms Script
application/javascript 162.240.216.164
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.primeramfbank.com/wp-includes/js/zxcvbn.min.js

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/wp-content/mmr/1f5f5a53-1618495856.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.240.216.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

6684375.primerairs.com

Software

Apache /

Resource Hash

15244ca7aea2452ed1d66b0bd2aac4ba82e6bc59cd064761788d8494a9ab2728

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 20 Apr 2023 18:37:14 GMT
last-modified: Wed, 10 Oct 2018 13:57:48 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes

POST
H2 200 csp-report
q.stripe.com/ Frame 5D73 0
716 B 578ms
185ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 20 Apr 2023 18:37:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682015834959109
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682015834958497
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 5D73 0
716 B 582ms
189ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 20 Apr 2023 18:37:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682015834958927
x-envoy-upstream-service-time: 5
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682015834958388
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5D73 631 B
467 B 7ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 18:37:14 GMT
via: 1.1 varnish
age: 11550732
x-cache: HIT
content-length: 332
x-request-id: 33807ec2-b483-4d4b-8cba-69118cf4e06d
x-served-by: cache-hhn-etou8220027-HHN
last-modified: Wed, 07 Dec 2022 23:30:11 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 71196

GET
H2 200 inner.html Show response
m.stripe.network/ Frame DB11 930 B
2 KB 70ms
11ms Document
text/html 2600:9000:205e:8000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:205e:8000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 20 Apr 2023 18:36:46 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
x-amz-cf-id: UAimlaNeQx5vuHpm0NCQMD9ZY8vmcaOSukEKsDnr5y-tdGwUyaoGcQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame DB11 0
491 B 493ms
184ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: irs.primeramfbank.com
URL: https://irs.primeramfbank.com/login/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 20 Apr 2023 18:37:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682015834958608
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1682015834958417
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame DB11 86 KB
14 KB 11ms
10ms Script
text/javascript 2600:9000:205e:8000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:205e:8000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 18:36:51 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 23
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: b63cDbcduPlgoiw5386Fb8uAxRsyvswlUH0nL7ASDWRpp8zubmaC2A==

POST
H2 200 6 Show response
m.stripe.com/ Frame DB11 156 B
670 B 573ms
187ms XHR
application/json 34.208.115.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.208.115.43 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-208-115-43.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

65f3fe6be53e97bb3b3ed2320bcdb6001e79f516d5e740d7167c5aace4178fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 20 Apr 2023 18:37:15 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682015835095107
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1682015835094301
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8a/ 271 KB
76 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8a/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&libraries=places&language=en&key=AIzaSyAyXqXI9qYLIWaD9gLErobDccodaCgHiGs&ver=4.9.22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c388d207ee89237012775f1beedb92413f19e754fd08728a34efa36c70f1547f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 13:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77259
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 00:54:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 13:44:03 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8a/ 159 KB
58 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8a/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&libraries=places&language=en&key=AIzaSyAyXqXI9qYLIWaD9gLErobDccodaCgHiGs&ver=4.9.22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eda4967806f34499d6e937d868857c7bb92ec0a5d7861530336433732c5face5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irs.primeramfbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59680
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 00:54:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 18:36:57 GMT

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
irs.primeramfbank.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8acb476729d5cf8432835da0cae4d2ec
irs.primeramfbank.com/	1970-01-20 12:39:59	Name: wcUserSettings Value: %7B%7D
m.stripe.com/	1970-01-20 20:49:35	Name: m Value: ca09b5b0-ab14-4c6f-b3cf-d1da734d81fc4181dc
.irs.primeramfbank.com/	1970-01-20 19:59:11	Name: __stripe_mid Value: 053c8137-05fa-495f-868b-6e2d5ab3cd5ecf9548
.irs.primeramfbank.com/	1970-01-20 11:13:37	Name: __stripe_sid Value: 7ab3d95b-bebc-47c4-a5ab-6b12209a037e22a187

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
irs.primeramfbank.com
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
q.stripe.com
151.101.0.176
162.240.216.164
2600:9000:205e:8000:19:7d10:bd80:93a1
2606:4700::6810:5914
2606:4700::6811:180e
2a00:1450:4001:802::200a
2a00:1450:4001:809::2003
2a00:1450:4001:813::200a
2a03:2880:f084:d:face:b00c:0:3
34.208.115.43
54.186.23.98
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0c14cbdf005732a41b9dccd59376ae0770e7342ba745041d268b94f06cc322f7
0e677421c5253c923bfc7f24843e3e53f6b1505a2a807da6aa7e06187bcfe033
15244ca7aea2452ed1d66b0bd2aac4ba82e6bc59cd064761788d8494a9ab2728
1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe
224546ee41f8aacc21cb2067284a16ce5fffd04bbf79a5e4fc04c810dfe6ce67
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2a47d02071e925e256fab69072c3f0c24dc31f21be7adaa1566ccc2449d513ce
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f92b13e0e8ddd561eb2e4c70fcb0e29c2b1d9b199789ec278d55e300e1ae440
37f92bc73a4d6ccc017fcc0f0a03f89fa60b4d450d29dbc3f337b81edf016a15
3d16a3856d18b17772dd2af9a0850f43a43ddb357c37b3292b6662beb96cfdbb
44779d474eaede8cabe7189e7239393fcea679942adf297cc1b4c82756018c57
4a28dd1fd7aeb5f630c7271dd3d52586bdb3850e8c440913f150894c1c0c745b
4a5a91eece37c51badee3cfd7b594dda1f9ebae4e838986512f17f477dfacb37
4ec729d6990b87f5be72c7587f6ffbb215a9454c2a07602934e1692bac4d2492
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
65f3fe6be53e97bb3b3ed2320bcdb6001e79f516d5e740d7167c5aace4178fb8
6900e6736ec849ae06a54fee23365962e71e9735fcb80a0b06ced992e439c293
692883cc62b32e2cc09e3e312f0beef3b24c6a774e89e1374913fe29ee16ce7b
699594e0dd50492b7193625934fd80ae19837ee3d73a21ec5b252108a7966401
6c48d61410121b333795a2eae4f24678b0a2db0bd78e4818e6c6dcd1aa7f9233
6dab388701a6bd10b4b6dc49ab1f3ea046eebe50581bf9672a569be1656aa8b4
7286b77165fd4ed90e5c0b2499e95af5b737163b8a0e1c2594ee0de17fe5f187
74d7e12a879fa65c88f9c10ff02f0c48f0a289d87b7e65837231fe032eb40c9c
770af2a82f7c9a7bc08994d4d916362a0c78d94ea3487a5bd4c5a42b9f757feb
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93edec60cfb8efbaeece0255ce0fb03a65d2bc98225ed47e0ff9d806c7f37e25
954b1192c5d5691aadd6c7a52baf8b3090f1f8a44c29b74b604d903320416965
956fd70c10d8530b2739b87baa54e77212904d582fd9e9e615eab66692401908
a2b05251d8b8c6398b5c64c9ba15d9cc917381474ae77d24aeb6242fc5ba7087
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aaaa1d3d000618b91ccc4a906c85d9024a484484d75ff5e7381abffb12cbdd28
b2d7c56375d999016b690a06911e9aeeb807b39b5acdecd4606f7e566bd6901e
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b8a04beca34d6f99ccd59fc1c7baf04b9b8d031d393d26d8cf7d178a169f4cd1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c1f56e06872d5e3714ddd84e3613be713f5288e12881a6f3f41dd743bf592c03
c388d207ee89237012775f1beedb92413f19e754fd08728a34efa36c70f1547f
c73238f36155914d4a2998d24164fb51bb243818220a6f5f3ca2366dae589dc3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc1a5cf6a7d01686659407846612e14265be8c4aa00f5fc10e30a3e94f6b68bd
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
de59e2831f8bbfa383ef9fbf6ac36d6e6a7e02f9b032742d73abcce3c5f80f6a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed37cf77312ceada6b2332620f7fb2bc1734e949a3a6563a859582a3481cad5f
eda4967806f34499d6e937d868857c7bb92ec0a5d7861530336433732c5face5
f12b57ea2a2305c9c48917f1dfd86d072f8db91bb21bfb08f9b4aad103092211
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0
fa13f2a7d42e023c8b7e6158197191b9e412805ecd107e0e2dd13b73f5114c22

irs.primeramfbank.com Open in urlscan Pro 162.240.216.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

64 %IPv6

8 Domains

11 Subdomains

12 IPs

2 Countries

2035 kBTransfer

5925 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

irs.primeramfbank.com Open in urlscan Pro
162.240.216.164 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

64 %
IPv6

8
Domains

11
Subdomains

12
IPs

2
Countries

2035 kB
Transfer

5925 kB
Size

5
Cookies

53 HTTP transactions
1 data transactions