www.bankingfeessuck.com Open in urlscan Pro
52.21.227.162 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bankingfeessuck.com/
Submission: On September 16 via automatic, source certstream-suspicious (September 16th 2021, 2:03:26 am UTC) — Scanned from DE

Summary HTTP 130 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 55 IPs in 4 countries across 40 domains to perform 130 HTTP transactions. The main IP is 52.21.227.162, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.bankingfeessuck.com.
TLS certificate: Issued by R3 on September 16th 2021. Valid for: 3 months.

This is the only time www.bankingfeessuck.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	52.21.227.162 52.21.227.162	14618 (AMAZON-AES) (AMAZON-AES)
5	2600:1f18:446... 2600:1f18:4462:400:ed5c:a777:17fd:c84b	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	23.67.128.30 23.67.128.30	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1	143.204.99.83 143.204.99.83	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba28	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	208.118.62.69 208.118.62.69	7296 (ALCHEMYNET) (ALCHEMYNET)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1 5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2016	15169 (GOOGLE) (GOOGLE)
2	34.249.113.116 34.249.113.116	16509 (AMAZON-02) (AMAZON-02)
1	3.224.117.145 3.224.117.145	14618 (AMAZON-AES) (AMAZON-AES)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	54.72.99.35 54.72.99.35	16509 (AMAZON-02) (AMAZON-02)
1	54.70.178.119 54.70.178.119	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.76 143.204.98.76	16509 (AMAZON-02) (AMAZON-02)
4 6	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:84f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	143.204.98.106 143.204.98.106	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.92 143.204.98.92	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.87 143.204.98.87	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:215... 2600:9000:2156:1a00:17:3f5c:f800:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:4000:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.45 143.204.98.45	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.102 143.204.98.102	16509 (AMAZON-02) (AMAZON-02)
1 2	18.194.85.80 18.194.85.80	16509 (AMAZON-02) (AMAZON-02)
4 7	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	54.228.170.24 54.228.170.24	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	143.204.98.110 143.204.98.110	16509 (AMAZON-02) (AMAZON-02)
1	143.204.101.144 143.204.101.144	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:1c00:3:760:2800:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:de00:17:f683:1d40:21	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
130	55

24 52.21.227.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-227-162.compute-1.amazonaws.com

www.bankingfeessuck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:4462:400:ed5c:a777:17fd:c84b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

cdn.stash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a0::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.67.128.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-128-30.deploy.static.akamaitechnologies.com

a19529930113.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.99.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-99-83.fra50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 208.118.62.69 (United States)

ASN7296 (ALCHEMYNET, US)

www.upsellit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.113.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-113-116.eu-west-1.compute.amazonaws.com

wa.onelink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.224.117.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-117-145.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.99.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-99-35.eu-west-1.compute.amazonaws.com

wa.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.70.178.119 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-178-119.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.166 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

9786632.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:84f (United States)

ASN13335 (CLOUDFLARENET, US)

js.appboycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-106.fra50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-92.fra50.r.cloudfront.net

w8cf-prod.the8app.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net

px.airpr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:1a00:17:3f5c:f800:21 (United States)

ASN16509 (AMAZON-02, US)

d2hrivdxn8ekm8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:4000:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-45.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-102.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.85.80 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-85-80.eu-central-1.compute.amazonaws.com

dpx.airpr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.172.36 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.170.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-170-24.eu-west-1.compute.amazonaws.com

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-110.fra50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-144.fra50.r.cloudfront.net

dvqigh9b7wa32.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1c00:3:760:2800:21 (United States)

ASN16509 (AMAZON-02, US)

d330aiyvva2oww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:de00:17:f683:1d40:21 (United States)

ASN16509 (AMAZON-02, US)

d1lu3pmaz2ilpx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	bankingfeessuck.com www.bankingfeessuck.com	884 KB
13	doubleclick.net 5 redirects googleads.g.doubleclick.net static.doubleclick.net stats.g.doubleclick.net 9786632.fls.doubleclick.net ad.doubleclick.net	8 KB
11	youtube.com www.youtube.com	725 KB
8	adnxs.com 4 redirects secure.adnxs.com acdn.adnxs.com ib.adnxs.com	10 KB
8	google.com www.google.com adservice.google.com	15 KB
6	cloudfront.net d2hrivdxn8ekm8.cloudfront.net dvqigh9b7wa32.cloudfront.net d330aiyvva2oww.cloudfront.net d1lu3pmaz2ilpx.cloudfront.net	28 KB
5	stash.com cdn.stash.com	284 KB
4	google.de www.google.de	892 B
4	appsflyer.com websdk.appsflyer.com wa.appsflyer.com	20 KB
4	google-analytics.com www.google-analytics.com	62 KB
3	bing.com bat.bing.com	10 KB
3	airpr.com 1 redirects px.airpr.com dpx.airpr.com	3 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
3	facebook.com www.facebook.com	573 B
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
3	upsellit.com www.upsellit.com	15 KB
3	facebook.net connect.facebook.net	124 KB
3	optimizely.com cdn.optimizely.com a19529930113.cdn.optimizely.com logx.optimizely.com	85 KB
2	yimg.com s.yimg.com	7 KB
2	fontawesome.com use.fontawesome.com	8 KB
2	snapchat.com tr.snapchat.com	277 B
2	sc-static.net sc-static.net	15 KB
2	onelink.me wa.onelink.me	835 B
2	googletagmanager.com www.googletagmanager.com	104 KB
1	yahoo.com sp.analytics.yahoo.com	964 B
1	hotjar.io vc.hotjar.io	257 B
1	xg4ken.com resources.xg4ken.com	4 KB
1	attn.tv cdn.attn.tv	231 B
1	the8app.com w8cf-prod.the8app.com	7 KB
1	appboycdn.com js.appboycdn.com	44 KB
1	segment.io api.segment.io	148 B
1	ytimg.com i.ytimg.com	35 KB
1	ggpht.com yt3.ggpht.com	2 KB
1	t.co t.co	455 B
1	twitter.com analytics.twitter.com	659 B
1	googleadservices.com www.googleadservices.com	14 KB
1	segment.com cdn.segment.com	63 KB
1	impactradius-event.com d.impactradius-event.com	13 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
0	quantserve.com Failed secure.quantserve.com Failed
130	40

	Domain	Requested by
24	www.bankingfeessuck.com	www.bankingfeessuck.com
11	www.youtube.com	www.bankingfeessuck.com www.youtube.com
6	secure.adnxs.com	4 redirects 9786632.fls.doubleclick.net
5	www.google.com	www.youtube.com www.bankingfeessuck.com
5	googleads.g.doubleclick.net	1 redirects www.youtube.com www.googleadservices.com
5	cdn.stash.com	www.bankingfeessuck.com
4	9786632.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	www.google.de	www.bankingfeessuck.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	bat.bing.com	9786632.fls.doubleclick.net bat.bing.com
3	adservice.google.com	9786632.fls.doubleclick.net
3	d2hrivdxn8ekm8.cloudfront.net	www.bankingfeessuck.com d2hrivdxn8ekm8.cloudfront.net
3	www.facebook.com	www.bankingfeessuck.com
3	www.upsellit.com	www.googletagmanager.com www.upsellit.com
3	connect.facebook.net	www.bankingfeessuck.com connect.facebook.net
2	ad.doubleclick.net	2 redirects
2	s.yimg.com	9786632.fls.doubleclick.net s.yimg.com
2	use.fontawesome.com	js.appboycdn.com use.fontawesome.com
2	tr.snapchat.com
2	dpx.airpr.com	1 redirects
2	sc-static.net	www.bankingfeessuck.com sc-static.net
2	wa.appsflyer.com	websdk.appsflyer.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	wa.onelink.me	websdk.appsflyer.com
2	websdk.appsflyer.com	www.bankingfeessuck.com
2	www.googletagmanager.com	www.bankingfeessuck.com www.googletagmanager.com
1	sp.analytics.yahoo.com	9786632.fls.doubleclick.net
1	ib.adnxs.com
1	d1lu3pmaz2ilpx.cloudfront.net	d2hrivdxn8ekm8.cloudfront.net
1	d330aiyvva2oww.cloudfront.net	d2hrivdxn8ekm8.cloudfront.net
1	dvqigh9b7wa32.cloudfront.net	d2hrivdxn8ekm8.cloudfront.net
1	vc.hotjar.io	script.hotjar.com
1	resources.xg4ken.com	9786632.fls.doubleclick.net
1	acdn.adnxs.com	d2hrivdxn8ekm8.cloudfront.net
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	cdn.attn.tv	www.googletagmanager.com
1	px.airpr.com	www.bankingfeessuck.com
1	w8cf-prod.the8app.com	www.googletagmanager.com
1	js.appboycdn.com	www.bankingfeessuck.com
1	static.hotjar.com	www.googletagmanager.com
1	api.segment.io	cdn.segment.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	logx.optimizely.com	cdn.optimizely.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	t.co	www.bankingfeessuck.com
1	analytics.twitter.com	static.ads-twitter.com
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.gstatic.com	www.youtube.com
1	cdn.segment.com	www.bankingfeessuck.com
1	d.impactradius-event.com	www.bankingfeessuck.com
1	static.ads-twitter.com	www.bankingfeessuck.com
1	a19529930113.cdn.optimizely.com	cdn.optimizely.com
1	cdn.optimizely.com	www.bankingfeessuck.com
0	secure.quantserve.com Failed	www.bankingfeessuck.com
130	57

This site contains links to these domains. Also see Links.

Domain
app.stash.com
ask.stash.com
learn.stash.com
www.stash.com
lp.stash.com
status.stash.com
play.google.com
itunes.apple.com
www.instagram.com
twitter.com
www.linkedin.com
www.facebook.com
www.youtube.com
cdn.stashinvest.com
cdn.stash.com
party.stash.com
www.finra.org
www.apexclearing.com

Subject Issuer	Validity	Valid
www.bankingfeessuck.com R3	`2021-09-16` - `2021-12-15`	3 months	crt.sh
stash.com Amazon	`2021-03-22` - `2022-04-20`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-06` - `2022-01-06`	a year	crt.sh
*.segment.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-19` - `2022-08-09`	a year	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-03` - `2021-12-07`	a year	crt.sh
*.upsellit.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-30` - `2022-11-01`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.onelink.me Amazon	`2021-04-05` - `2022-05-04`	a year	crt.sh
logx.optimizely.com Amazon	`2021-08-23` - `2022-09-21`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.appsflyersdk.com Amazon	`2021-06-10` - `2022-07-09`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-13` - `2022-07-12`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
the8app.com Amazon	`2020-12-15` - `2022-01-13`	a year	crt.sh
*.airpr.com Amazon	`2021-01-10` - `2022-02-07`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.attn.tv Amazon	`2021-03-08` - `2022-04-06`	a year	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2020-09-14` - `2021-10-16`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-09-06` - `2021-10-27`	2 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.bankingfeessuck.com/
Frame ID: 41E78CD186EA3B93C0F4991158D1CCD9
Requests: 94 HTTP requests in this frame

Frame: https://a19529930113.cdn.optimizely.com/client_storage/a19529930113.html
Frame ID: ACB59EDDD1959AF11575E996B82478DE
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1
Frame ID: F12857E3303BC6C48CFA133BBFA9C218
Requests: 18 HTTP requests in this frame

Frame: https://9786632.fls.doubleclick.net/activityi;dc_pre=CJ-en8CzgvMCFYV04Aodi8EAow;src=9786632;type=stash0;cat=unive0;ord=5991293841011;gtm=2wg9f0;auiddc=794646912.1631757799;u27=https%3A%2F%2Fwww.bankingfeessuck.com%2F;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F
Frame ID: 92933FB9EF0F64744D5E4E122AEB55F9
Requests: 11 HTTP requests in this frame

Frame: https://9786632.fls.doubleclick.net/activityi;dc_pre=CNbdn8CzgvMCFVUQ4AodORwHyQ;src=9786632;type=stash0;cat=stash0;ord=1;num=2130374137708;gtm=2wg9f0;auiddc=794646912.1631757799;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F
Frame ID: 23288C43B9F6F89DAD201307DADF37D0
Requests: 3 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: B6D6AACA97C4E6804329633E726CA866
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=a1803992-6d0b-447a-949e-ffe3d80bc2f1
Frame ID: 26E26356A83D9AB5AC528E00149C0C8D
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 63F9A96E892BAD2668CFB05A70E900C0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4718797CA4F1EAC8116C208B4D60AA2A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Stash | Investing for Beginners.

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Braze (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

js\.appboycdn\.com/web-sdk/([\d.]+)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

130
Requests

98 %
HTTPS

48 %
IPv6

40
Domains

57
Subdomains

55
IPs

4
Countries

2687 kB
Transfer

6449 kB
Size

31
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://app.stash.com/sign-up/get-started?utm_content=dot-com_homepage
Title: Get started

Search URL Search Domain Scan URL

URL: https://app.stash.com/sign-up/get-started?utm_content=dot-com_homepage_beginner
Title: Get started

Search URL Search Domain Scan URL

URL: https://app.stash.com/sign-up/get-started?utm_content=dot-com_homepage_growth
Title: Get started

Search URL Search Domain Scan URL

URL: https://app.stash.com/sign-up/get-started?utm_content=dot-com_homepage_plus
Title: Get started

Search URL Search Domain Scan URL

URL: https://ask.stash.com/ask/what-is-the-subscription-plan-offering-for-the-beta-group/
Title: Click here for more details.

Search URL Search Domain Scan URL

URL: https://learn.stash.com/
Title: financial education

Search URL Search Domain Scan URL

URL: https://www.stash.com/termsofuse
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.stash.com/theprivacypolicy
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://ask.stash.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://app.stash.com/log-in
Title: Log in

Search URL Search Domain Scan URL

URL: https://app.stash.com/sign-up/get-started?utm_content=dot-com_homepage_nav
Title: Get started

Search URL Search Domain Scan URL

URL: https://lp.stash.com/press/
Title: Press

Search URL Search Domain Scan URL

URL: https://status.stash.com/
Title: System status

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.stash.stashinvest&hl=en

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/stash-invest-investing-financial/id1017148055?mt=8

Search URL Search Domain Scan URL

URL: https://www.instagram.com/stash_app/

Search URL Search Domain Scan URL

URL: https://twitter.com/Stash

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/stashfinancial

Search URL Search Domain Scan URL

URL: https://www.facebook.com/stashinvestapp/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/stash

Search URL Search Domain Scan URL

URL: https://cdn.stashinvest.com/disclosures/StashInvest_Advisory_Agreement.pdf
Title: Advisory Agreement

Search URL Search Domain Scan URL

URL: https://cdn.stash.com/disclosures/greenDotBankDepositAccountAgreement202006.pdf
Title: Deposit Account Agreement

Search URL Search Domain Scan URL

URL: https://lp.stash.com/group-life-insurance-stash-avibra-041521/
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://lp.stash.com/stash-stock-back-rewards-terms-and-conditions/
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://cdn.stash.com/disclosures/Platform_Tier_3_Supplemental.pdf
Title: terms and conditions

Search URL Search Domain Scan URL

URL: https://party.stash.com/terms
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.stash.com/investments/stocks/
Title: full list of available investments on Stash

Search URL Search Domain Scan URL

URL: https://ask.stash.com/ask/how-are-fees-calculated/
Title: fees

Search URL Search Domain Scan URL

URL: https://ask.stash.com/ask/apex-clearing-custodial-account-maintenance-bank-transfer-fees/
Title: custodial fees

Search URL Search Domain Scan URL

URL: https://www.finra.org/
Title: FINRA/SIPC

Search URL Search Domain Scan URL

URL: http://www.finra.org/brokercheck
Title: http://www.finra.org/brokercheck

Search URL Search Domain Scan URL

URL: https://www.apexclearing.com/
Title: Apex Clearing Corporation

Search URL Search Domain Scan URL

URL: https://www.stash.com/disclosurelibrary
Title: disclosures

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 83

https://9786632.fls.doubleclick.net/activityi;src=9786632;type=stash0;cat=unive0;ord=5991293841011;gtm=2wg9f0;auiddc=794646912.1631757799;u27=https%3A%2F%2Fwww.bankingfeessuck.com%2F;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F HTTP 302
https://9786632.fls.doubleclick.net/activityi;dc_pre=CJ-en8CzgvMCFYV04Aodi8EAow;src=9786632;type=stash0;cat=unive0;ord=5991293841011;gtm=2wg9f0;auiddc=794646912.1631757799;u27=https%3A%2F%2Fwww.bankingfeessuck.com%2F;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F

Request Chain 84

https://9786632.fls.doubleclick.net/activityi;src=9786632;type=stash0;cat=stash0;ord=1;num=2130374137708;gtm=2wg9f0;auiddc=794646912.1631757799;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F HTTP 302
https://9786632.fls.doubleclick.net/activityi;dc_pre=CNbdn8CzgvMCFVUQ4AodORwHyQ;src=9786632;type=stash0;cat=stash0;ord=1;num=2130374137708;gtm=2wg9f0;auiddc=794646912.1631757799;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F

Request Chain 97

https://dpx.airpr.com/px?hostname=www.bankingfeessuck.com&profile=450806&ga_account_id=UA-62761031-8&ga_account_type=UA&ga_c=1662868171.1631757799&an=true HTTP 302
https://secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=4062197317 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdpx.airpr.com%2Fanpx%3Fadnxs_uid%3D%24UID%26airpr_id%3D4062197317 HTTP 302
https://dpx.airpr.com/anpx?adnxs_uid=3095941860575817156&airpr_id=4062197317

Request Chain 105

https://secure.adnxs.com/px?id=1192257&seg=19904598&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1192257%26seg%3D19904598%26t%3D1

Request Chain 110

https://secure.adnxs.com/px?id=1207484&seg=20520856&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1207484%26seg%3D20520856%26t%3D1

Request Chain 120

https://ad.doubleclick.net/ddm/activity/src=9879431;type=invmedia;cat=stash0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9879431;dc_pre=CJidq8CzgvMCFdO1UQod0nkEDQ;type=invmedia;cat=stash0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9879431;dc_pre=CJidq8CzgvMCFdO1UQod0nkEDQ;type=invmedia;cat=stash0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

130 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.bankingfeessuck.com/ 112 KB
28 KB 336ms
101ms Document
text/html 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

28a6e0c0b2bbf4e338bdfeb8e39c30552bcd893f3621d8d552057dcb59fcc48b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.bankingfeessuck.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: Cowboy
Connection: keep-alive
X-Dns-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Etag: W/"1bf4d-k0XuHIr3EmHMogdLMXK+QVxXbrY"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 16 Sep 2021 02:03:17 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur

GET
H/1.1 200
OK stash-rise-v3.css
www.bankingfeessuck.com/css/ 46 KB
9 KB 254ms
105ms Stylesheet
text/css 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankingfeessuck.com/css/stash-rise-v3.css

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

94c32514423d12352de48af8ea8a28b4023a169690043c87374499d97ea32a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.bankingfeessuck.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:28:56 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:17 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Etag: W/"b709-17beb25eb40"
Accept-Ranges: bytes

GET
H/1.1 200
OK styles.css
www.bankingfeessuck.com/css/ 11 KB
4 KB 287ms
99ms Stylesheet
text/css 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankingfeessuck.com/css/styles.css

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

818c4220e47743794846bf6215ba534f98488617bedf10ae1698ab462ee13f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.bankingfeessuck.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:31:51 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:17 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Etag: W/"2a51-17beb289a26"
Accept-Ranges: bytes

GET
H2 200 RiformaLLSub-RegularSubset.woff2
cdn.stash.com/assets/fonts/ 26 KB
27 KB 718ms
356ms Font
font/woff2 2600:1f18:4462:400:ed5c:a777:17fd:c84b
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.stash.com/assets/fonts/RiformaLLSub-RegularSubset.woff2

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4462:400:ed5c:a777:17fd:c84b Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Openresty /

Resource Hash

bb59d90a093f3730442af17888f99cc011c027aeea0d4c011d8bdaeb425b7da2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankingfeessuck.com/
Origin: https://www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:18 GMT
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
content-length: 26461
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Sep 2021 20:27:40 GMT
server: Openresty
x-frame-options: SAMEORIGIN
etag: W/"9a2d8e96f26ef87ae0271c16f3970d2875f8a4db0e815481a47892a9391e8bcf"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: font/woff2
access-control-allow-origin: https://www.bankingfeessuck.com
cache-control: public, max-age=86400, s-maxage=86400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: i-0a91f4b9d7d8e684b:9072325
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-smaug-id: i-0a91f4b9d7d8e684b:9072325

GET
H2 200 RiformaLLSub-MediumSubset.woff2
cdn.stash.com/assets/fonts/ 26 KB
27 KB 718ms
357ms Font
font/woff2 2600:1f18:4462:400:ed5c:a777:17fd:c84b
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.stash.com/assets/fonts/RiformaLLSub-MediumSubset.woff2

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4462:400:ed5c:a777:17fd:c84b Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Openresty /

Resource Hash

ee0337603ab6f7fd6b728e5ceecec6f07a0c97fc766d86550b638c410ba004f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankingfeessuck.com/
Origin: https://www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:18 GMT
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
content-length: 26884
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Sep 2021 20:27:40 GMT
server: Openresty
x-frame-options: SAMEORIGIN
etag: W/"a8229e26caa1c22605655629e9f12b85ff0dad1916b9891defebb54bba23bf0d"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: font/woff2
access-control-allow-origin: https://www.bankingfeessuck.com
cache-control: public, max-age=86400, s-maxage=86400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: i-0fceccf58d9daadbf:8987683
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-smaug-id: i-0fceccf58d9daadbf:8987683

GET
H2 200 RiformaLLSub-BoldSubset.woff2
cdn.stash.com/assets/fonts/ 26 KB
27 KB 719ms
357ms Font
font/woff2 2600:1f18:4462:400:ed5c:a777:17fd:c84b
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.stash.com/assets/fonts/RiformaLLSub-BoldSubset.woff2

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4462:400:ed5c:a777:17fd:c84b Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Openresty /

Resource Hash

05b0346db87314e39a29b4d177d4ef304a8eab4b383843c51af17c6f4cb4a925

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankingfeessuck.com/
Origin: https://www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:18 GMT
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
content-length: 26977
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Sep 2021 20:27:40 GMT
server: Openresty
x-frame-options: SAMEORIGIN
etag: W/"fb3534349018c92f4ab95210ee9653adcc6d13bcbf7dd146be2ebb285de7b2ed"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: font/woff2
access-control-allow-origin: https://www.bankingfeessuck.com
cache-control: public, max-age=86400, s-maxage=86400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: i-001d941a3658e0358:8972695
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-smaug-id: i-001d941a3658e0358:8972695

GET
H2 200 Inter-Regular.woff2
cdn.stash.com/assets/fonts/ 98 KB
99 KB 718ms
357ms Font
font/woff2 2600:1f18:4462:400:ed5c:a777:17fd:c84b
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.stash.com/assets/fonts/Inter-Regular.woff2

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4462:400:ed5c:a777:17fd:c84b Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Openresty /

Resource Hash

89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankingfeessuck.com/
Origin: https://www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:18 GMT
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
content-length: 100368
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Sep 2021 20:27:40 GMT
server: Openresty
x-frame-options: SAMEORIGIN
etag: W/"f51654324b3e45dcf0ff17e25c6f8058017530abb4cfad0cdaecf27355a6bbf4"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: font/woff2
access-control-allow-origin: https://www.bankingfeessuck.com
cache-control: public, max-age=86400, s-maxage=86400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: i-0562fd38699441880:8881179
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-smaug-id: i-0562fd38699441880:8881179

GET
H2 200 Inter-SemiBold.woff2
cdn.stash.com/assets/fonts/ 104 KB
104 KB 547ms
186ms Font
font/woff2 2600:1f18:4462:400:ed5c:a777:17fd:c84b
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.stash.com/assets/fonts/Inter-SemiBold.woff2

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4462:400:ed5c:a777:17fd:c84b Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Openresty /

Resource Hash

77b8d327de844bfaab4618c424bbe957523752f31633058281e9204a47e0d414

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankingfeessuck.com/
Origin: https://www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:18 GMT
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
content-length: 105992
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Sep 2021 20:27:40 GMT
server: Openresty
x-frame-options: SAMEORIGIN
etag: W/"e973eacaaaa8479f018dc72c610c8671f94f62c8ea9d879bcc1cd0d4e5d4256b"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: font/woff2
access-control-allow-origin: https://www.bankingfeessuck.com
cache-control: public, max-age=86400, s-maxage=86400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: i-0b0d5c0359cbddcec:8946300
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-smaug-id: i-0b0d5c0359cbddcec:8946300

GET
H/1.1 200
OK jquery-min.js Show response
www.bankingfeessuck.com/ 87 KB
31 KB 288ms
99ms Script
application/javascript 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankingfeessuck.com/jquery-min.js

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.bankingfeessuck.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:17 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Etag: W/"15d83-17beb24c260"
Accept-Ranges: bytes

GET
H2 200 20545654061.js Show response
cdn.optimizely.com/js/ 269 KB
83 KB 183ms
117ms Script
text/javascript 2a02:26f0:6c00:2a0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/20545654061.js

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

edfd01ca699a2b3adb2afa0ce0816952a0609bb98f9b90b0f31ab56aff24ae66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: Gr1syesA10JXz_yCLYwmAZ0xSvxeS29j
content-encoding: gzip
etag: "7e0b77b7540331cb6a0eeb0c36ad4b2e"
x-amz-request-id: 0AFB34KQ158GEWER
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 7
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="0";dur=0,cdnip;desc="2a02:26f0:6c00:2a0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 84594
x-amz-id-2: IwgLaONzB1aF684+iEHbvIArdRS4bSTDxhNxSJ20LzB5NV0ldWjnn0VmWDw1aek7N/GnHe8yi5E=
last-modified: Mon, 23 Aug 2021 20:54:10 GMT
server: AmazonS3
date: Thu, 16 Sep 2021 02:03:17 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK person-175.png
www.bankingfeessuck.com/assets/images/people/ 351 KB
351 KB 100ms
98ms Image
image/png 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/people/person-175.png

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

3778ff4e82e09886e672cc1d5b5e1bbab0e267ab421be921299bcf54b679efe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
Content-Length: 359281
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
Date: Thu, 16 Sep 2021 02:03:18 GMT
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=0
Etag: W/"57b71-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK digital-wallet.png
www.bankingfeessuck.com/assets/images/home-page/ 285 KB
286 KB 99ms
97ms Image
image/png 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/home-page/digital-wallet.png

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

f9c6fa16a9fb2daaadc145f3fdcba6531fb1b88263384d2152a679fba1212756

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
Content-Length: 292148
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
Date: Thu, 16 Sep 2021 02:03:18 GMT
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=0
Etag: W/"47534-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK mobile-arrow.svg
www.bankingfeessuck.com/assets/images/home-page// 784 B
1 KB 105ms
102ms Image
image/svg+xml 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/home-page//mobile-arrow.svg

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

ccac1d205368071f0ae36d5b4f89b0b37b00c2ea2bc7cf5d940a1394b78011ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
Content-Length: 784
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:18 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Etag: W/"310-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK whystash-slide1.png
www.bankingfeessuck.com/assets/images/home-page// 79 KB
80 KB 290ms
100ms Image
image/png 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/home-page//whystash-slide1.png

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

61590a32a1a66ef591c9c9957d513bd7376a56572840d23bf5f5d0e7a411fb94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
Content-Length: 81254
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
Date: Thu, 16 Sep 2021 02:03:18 GMT
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=0
Etag: W/"13d66-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK whystash-slide2.png
www.bankingfeessuck.com/assets/images/home-page// 26 KB
27 KB 296ms
100ms Image
image/png 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/home-page//whystash-slide2.png

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

bcb3b96bd5db9378016b18374dd2afdeb91de9678daf9ab1ad73a199173a1e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
Content-Length: 27128
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
Date: Thu, 16 Sep 2021 02:03:18 GMT
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=0
Etag: W/"69f8-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK whystash-slide3.png
www.bankingfeessuck.com/assets/images/home-page// 28 KB
28 KB 118ms
103ms Image
image/png 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/home-page//whystash-slide3.png

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

d939f22548cb64f594cabff27deee5812345484e7f036d6cbfd1ed5bb054efae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
Content-Length: 28429
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
Date: Thu, 16 Sep 2021 02:03:18 GMT
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=0
Etag: W/"6f0d-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-check.svg
www.bankingfeessuck.com/assets/images/globals/ 505 B
1 KB 109ms
107ms Image
image/svg+xml 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/globals/icon-check.svg

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

2b3f241ef7d3708e8c1471a6bd66c79c84d5758d50f4e48730f0fa62727b8e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
Content-Length: 505
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:18 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Etag: W/"1f9-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-chevron.svg
www.bankingfeessuck.com/assets/images/globals/ 513 B
1 KB 123ms
118ms Image
image/svg+xml 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/globals/icon-chevron.svg

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

9156f7977f473c0c7fbee670e9eac37e3281cd14a6c53bbd7d3efa8b138b5655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
Content-Length: 513
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:18 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Etag: W/"201-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK logo-rise.svg
www.bankingfeessuck.com/assets/images/globals/ 1 KB
1 KB 117ms
101ms Image
image/svg+xml 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/globals/logo-rise.svg

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

44f3886883fdb47f2f6ea653698b7b70914b994f2a70f8b68c27421302740c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:18 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 vegur
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Etag: W/"573-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK stash-logo.svg
www.bankingfeessuck.com/assets/images/interstitial/ 1 KB
1 KB 131ms
129ms Image
image/svg+xml 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/interstitial/stash-logo.svg

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

004eb00664f5d5382d33e6f40ce5aefeeb866c9ec9a6d226a3511db436068b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:18 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 vegur
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Etag: W/"57a-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK chev.svg
www.bankingfeessuck.com/assets/images/interstitial// 230 B
759 B 164ms
105ms Image
image/svg+xml 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/interstitial//chev.svg

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

661199733f2b9c02af192c728df9469f58d51e166ee6f0c5bf7512bc992ae441

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
Content-Length: 230
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:18 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Etag: W/"e6-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK 101-logo.svg
www.bankingfeessuck.com/assets/images/interstitial/ 3 KB
2 KB 123ms
105ms Image
image/svg+xml 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/interstitial/101-logo.svg

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

d046c58df3b78a3c9174d95ef5d6787de9da23b21db729b606436c736970a31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:18 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 vegur
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Etag: W/"a9d-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK badge-google-play.svg
www.bankingfeessuck.com/assets/images/globals/ 21 KB
7 KB 124ms
107ms Image
image/svg+xml 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/globals/badge-google-play.svg

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

7f52102df17d81e361e49407c9902d3b01c57e19a28d6a0e88cb58b0fac93305

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:18 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 vegur
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Etag: W/"54da-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK badge-app-store.svg
www.bankingfeessuck.com/assets/images/globals/ 11 KB
5 KB 105ms
101ms Image
image/svg+xml 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/globals/badge-app-store.svg

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:18 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 vegur
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Etag: W/"2a34-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-instagram.svg
www.bankingfeessuck.com/assets/images/globals/ 4 KB
2 KB 112ms
108ms Image
image/svg+xml 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/globals/icon-instagram.svg

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

623e6bf32b8f7af45e44a88b99328128ee1daa5ab460d81bc96e16f20d3e77fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:18 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 vegur
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Etag: W/"114e-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-twitter.svg
www.bankingfeessuck.com/assets/images/globals/ 2 KB
1 KB 107ms
96ms Image
image/svg+xml 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/globals/icon-twitter.svg

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

3a1366fee2bc8f5ec4babe9fccc61d4ec1bb638f187a45d5e4c211629d89158a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085; _gcl_au=1.1.794646912.1631757799
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:19 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 vegur
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Etag: W/"77c-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-linkedin.svg
www.bankingfeessuck.com/assets/images/globals/ 2 KB
1 KB 118ms
106ms Image
image/svg+xml 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/globals/icon-linkedin.svg

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

054841c27f06f78224ef2fd2130977ea825f48cef5f2fab22b54b775287c1e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085; _gcl_au=1.1.794646912.1631757799
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:19 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 vegur
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Etag: W/"6f5-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-facebook.svg
www.bankingfeessuck.com/assets/images/globals/ 1 KB
1 KB 119ms
107ms Image
image/svg+xml 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/globals/icon-facebook.svg

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

9cd28b655e93f642bfe112e660c887254996924ab657bc03363c1f6f0385dd44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085; _gcl_au=1.1.794646912.1631757799
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:19 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 vegur
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Etag: W/"48b-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-youtube.svg
www.bankingfeessuck.com/assets/images/globals/ 1 KB
1 KB 120ms
108ms Image
image/svg+xml 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankingfeessuck.com/assets/images/globals/icon-youtube.svg

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

a955a9146e0b335ac5db745dd38826250795ec880250aba4c843962c4c2a8002

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085; _gcl_au=1.1.794646912.1631757799
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:27:40 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:19 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 vegur
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Etag: W/"40f-17beb24c260"
Accept-Ranges: bytes

GET
H/1.1 200
OK main-min.js Show response
www.bankingfeessuck.com/ 50 KB
14 KB 102ms
100ms Script
application/javascript 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankingfeessuck.com/main-min.js

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-227-162.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

eac748290909a53886c88142b649bd68a47fc220ae546746b3163882358b80f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.bankingfeessuck.com/
Cookie: optimizelyEndUserId=oeu1631757798245r0.04958631623711085
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 15 Sep 2021 20:30:22 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 16 Sep 2021 02:03:18 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Etag: W/"c902-17beb273c08"
Accept-Ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 196 KB
65 KB 228ms
32ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TFGKH8

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9dc3f5ebfa90a88e1fa8e30d2f97fe274436fa6d8e9662690bff3d77c365d83d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66305
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 00:14:51 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Sep 2021 02:03:18 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 217ms
28ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d58ec10678df035f4fd517509f207848056cc21dfb1066c40508368942cda9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires: Thu, 16 Sep 2021 02:03:18 GMT

GET
H2 200 a19529930113.html Show response
a19529930113.cdn.optimizely.com/client_storage/ Frame ACB5 1 KB
1 KB 671ms
240ms Document
text/html 23.67.128.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a19529930113.cdn.optimizely.com/client_storage/a19529930113.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20545654061.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.67.128.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-128-30.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

59a34e57485f40d90d949703e7efe938bdfd06253a3753cc16c23cda455538cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: a19529930113.cdn.optimizely.com
:scheme: https
:path: /client_storage/a19529930113.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankingfeessuck.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/

Response headers

x-amz-id-2: 9vWESHIlJWUdieA7pz9NEXWS09IbJHeO4OFdv/0sF1OJw1hTEpai5klUxgRcjsmUNkQcgyubQ6g=
x-amz-request-id: YWX6EZC0A363TJ2J
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Sep 2021 16:36:06 GMT
etag: "ee1b166083eab3204811674247b7a0c8"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: 3Wcz6O04YxCiX3L88dBBgUjFz3SS..E1
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: AmazonS3
content-length: 774
vary: Accept-Encoding
cache-control: max-age=120
date: Thu, 16 Sep 2021 02:03:19 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="15";dur=0,cdnip;desc="23.67.128.30";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H2 200 AHhbApto_n4 Show response
www.youtube.com/embed/ Frame F128 56 KB
24 KB 83ms
73ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52d1d183145748058f5bdfb1cf9337d3f3bb8c687c7a4655d79b5504e5dba73a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankingfeessuck.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 16 Sep 2021 02:03:18 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=1g2Lt6kFGoY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=Z59iK9QjQ0M; Domain=.youtube.com; Expires=Tue, 15-Mar-2022 02:03:18 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+790; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET banner.json
cdn.stash.com/jnld/ 0
0

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/1256b7e2/www-widgetapi.vflset/ 135 KB
44 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da588f64f4fbfd746d132775505493b244ab8d6800def6413f9f016f90257454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 00:59:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44724
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 00:59:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 72ms
11ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFGKH8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4581
date: Thu, 16 Sep 2021 00:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 16 Sep 2021 02:46:57 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 6 KB
2 KB 72ms
13ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:18 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 16:20:44 GMT
etag: "934b8997f9fc81b2d0e16fca4cd0b8bb+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra: DE-RP
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 2119
x-served-by: cache-iad-kcgs7200114-IAD, cache-hhn11576-HHN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 71ms
12ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: aNKSlHokyJAJ5tQQ5gYH2FWkGIC80Jdu+lnF0J3tOZHYxzrvASzuZz2tWuCMyoHtTYF8isFHXoNBSy7cb49VRg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 16 Sep 2021 02:03:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 A320370-86ed-42b6-aaee-b71c80837b6f1.js Show response
d.impactradius-event.com/ 41 KB
13 KB 73ms
9ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A320370-86ed-42b6-aaee-b71c80837b6f1.js
Requested by: Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8e428deda8f2086fd17316e2620503094416cc58261634128f437ee6d7a14fd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:13 GMT
content-encoding: gzip
age: 5
x-guploader-uploadid: ADPycdvpTZ0kYrcW6Zk1rYzsAQIE23UyH8XAhoLGWRwo0YIXYPpp3MUKNv4WA0EsMWNSQUG1IyqCA9k8b3rbLWyu4Wc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 13038
last-modified: Wed, 02 Jun 2021 07:08:57 GMT
server: UploadServer
etag: "679e4e625d7fd7da264edc2ef0595f4d"
vary: Accept-Encoding
x-goog-hash: crc32c=PJtL7w==, md5=Z55OYl1/19omTtwu8FlfTQ==
x-goog-generation: 1622617737821549
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13038
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Thu, 16 Sep 2021 02:08:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 33ms
31ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-866822537

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFGKH8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

abbef42bb1562d0f2dee1c2543774319ba57875ddeb4eef55c42be7c0f77f174

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39349
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 00:14:51 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Sep 2021 02:03:18 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/TZCshFL82skfrxA6BzAQjqgvPcAWlFX4/ 348 KB
63 KB 732ms
668ms Script
text/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/TZCshFL82skfrxA6BzAQjqgvPcAWlFX4/analytics.min.js
Requested by: Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a12064a10625210b98742b84d1964b75b79673f13b2ee567dce38fbc989a3e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: zPhDBsOyb6ChJM.82QPb2bNCOohEPGAY
content-encoding: gzip
etag: W/"afd10abe5be0b2a0660895536b5715a7"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Sat, 11 Sep 2021 04:13:18 GMT
server: AmazonS3
date: Thu, 16 Sep 2021 02:03:20 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: 8GqPPviIR0p2_ROa40b7IarJzSO28p4ge8iYV6GaJY9iKA3PK1l8Qg==

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 33 KB
10 KB 125ms
12ms Script
application/javascript 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=pba&
Requested by: Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c9e5a30fa855bce862506d44d6290908b0a7f8f8f594421bf978246f57c46c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Thu, 16 Sep 2021 02:03:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Aug 2021 07:15:34 GMT
Server: AmazonS3
x-amz-request-id: 3NNC2SK6E5ESN0HC
ETag: "e8d8525a7396c6f5b2c2d9d4fda589ac"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2255
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9258
x-amz-id-2: 1eONv2nfAsXVDBDvERBAqVxpUoBTFbgLnGoFIdsM1mhlLfP6RrnuXduVqj+2OhAMX9ps136NcMg=
Expires: Thu, 16 Sep 2021 02:40:54 GMT

GET
H2 200 stash.jsp Show response
www.upsellit.com/active/ 24 KB
8 KB 504ms
152ms Script
application/x-javascript 208.118.62.69
ALCHEMYNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.upsellit.com/active/stash.jsp
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFGKH8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.118.62.69 , United States, ASN7296 (ALCHEMYNET, US),
Reverse DNS
Software: nginx /
Resource Hash: 177f16f9ddfcc4d609f7b02b1b4519895af8d2de4e38a5310b56c6f2072b771b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:19 GMT
content-encoding: gzip
expires: Fri, 17 Sep 2021 02:03:19 GMT
server: nginx
cache-control: max-age=86400
content-type: application/x-javascript;charset=ISO-8859-1

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/1256b7e2/ Frame F128 329 KB
45 KB 31ms
27ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f48ebd2372c6d901f56fa7bb12d57960094e8efdff9099ee7f5e10c06ac2e513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:28:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
age: 124507
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46342
x-xss-protection: 0
expires: Wed, 14 Sep 2022 15:28:11 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/ Frame F128 201 KB
66 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f34e3dd42302f7589f4c05d28e501d2ebf24d1585e83db4aba1b7443d0a7cf6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:28:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
age: 124507
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67242
x-xss-protection: 0
expires: Wed, 14 Sep 2022 15:28:11 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame F128 2 MB
504 KB 40ms
37ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ecd5e6658606bd3ebe5230987a60837c536ff525517218a8b3ddfd41d66311a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:29:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
age: 124418
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516210
x-xss-protection: 0
expires: Wed, 14 Sep 2022 15:29:40 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/1256b7e2/fetch-polyfill.vflset/ Frame F128 8 KB
3 KB 39ms
35ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:28:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
age: 124507
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Wed, 14 Sep 2022 15:28:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F128 15 KB
15 KB 64ms
9ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 19:58:13 GMT
x-content-type-options: nosniff
age: 194705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 19:58:13 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 51ms
29ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-866822537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4c967c069f7a16252b2fa438ce43396ffaabb1479b5c6accab78f32604b8ade3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14042
x-xss-protection: 0
server: cafe
etag: 5157641309300231189
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 02:03:19 GMT

GET
H2 200 139896346474433 Show response
connect.facebook.net/signals/config/ 39 KB
11 KB 68ms
60ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/139896346474433?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

71a72eb4e77a5046ee3e3b6b1a71822cd792d5792013c1103bfffaaab3534997

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: gK7rCFiqn5DI4cLuUEViftL6y6r8oyKbm4yCTZccnYdR+o9Tl1BKHHoDKzV7LMWjr1DEuDvTWYIvj+6d2bqoPw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 16 Sep 2021 02:03:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 112 KB
42 KB 28ms
25ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NBM3FB6&t=gtm4&cid=1662868171.1631757799

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4eb0e0adfe35db79a1a966530f6866f118d861dad34c65c8ff18c40c2f2c7db2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:19 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43013
x-xss-protection: 0
expires: Thu, 16 Sep 2021 02:03:19 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
659 B 167ms
123ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=nw8k8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.bankingfeessuck.com%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 16 Sep 2021 02:03:19 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 67853e98277c075be8ac7a956168fd85613b274165f19b30425d82a8ad1f5446
x-transaction: 3c2f86d12bbd9c4b
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
455 B 142ms
113ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=nw8k8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.bankingfeessuck.com%2F

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 16 Sep 2021 02:03:19 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: cdeeb75ab31f9f7d55467edc07d78006f9e2dba7f8d20e7ce9d4e71bdbcb8d45
x-transaction: c49d4f1dad045b83
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame F128
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
230 B

22ms
21ms

XHR
application/json

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933d8bb2e9e589153a817429ad889187b7105a4dfd19c82f460fb81b07f9856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 16 Sep 2021 02:03:19 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F128 29 B
609 B 32ms
6ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:54:16 GMT
x-content-type-options: nosniff
age: 543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 Sep 2021 02:09:16 GMT

GET
H2 200 remote.js Show response
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame F128 95 KB
29 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9e30dccc8ac3d91e997eee228488bd5650602f3ce2734beadf6d21cbcc328ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:29:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
age: 124401
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29907
x-xss-protection: 0
expires: Wed, 14 Sep 2022 15:29:58 GMT

GET
H2 200 3kAHTdcT5fG0Js-DZv11sXxKdgJzwYcAKGwQ7tsGiFU.js Show response
www.google.com/js/th/ Frame F128 34 KB
13 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/3kAHTdcT5fG0Js-DZv11sXxKdgJzwYcAKGwQ7tsGiFU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de40074dd713e5f1b426cf8366fd75b17c4a760273c18700286c10eedb068855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 13:38:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13157
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 13:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 15 Sep 2022 13:38:54 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/ Frame F128 24 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0162754f11024315f58623795cccac1fd1c3e289d13c08ad1490b0dbaa0c65e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:29:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7343
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Sep 2022 15:29:58 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/866822537/ 2 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/866822537/?random=1631757799316&cv=9&fst=1631757799316&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.bankingfeessuck.com%2F&tiba=Stash%20%7C%20Investing%20for%20Beginners.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58a963efb1177857b4f5730d5b3fd15dd04e26300b6abf51a87fa9c120bfe4e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1042
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F128 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLSN27rwXTcAGxWCWdrsaQnqg-7ZWD046IDojNz8lQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F128 2 KB
2 KB 36ms
7ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLSN27rwXTcAGxWCWdrsaQnqg-7ZWD046IDojNz8lQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a12953e82e6818315aec0ceb8e2eb8ae9b546c55ca54281d85e78c9853c20978

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 00:39:35 GMT
x-content-type-options: nosniff
age: 5024
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1776
x-xss-protection: 0
server: fife
etag: "v152"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Sep 2021 08:42:23 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/AHhbApto_n4/ Frame F128 34 KB
35 KB 45ms
16ms Image
image/webp 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/AHhbApto_n4/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72e16cbd2deca80245978772adb5c70ea959b61527b89f59e0991d1d23c077e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:19 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1629312061"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35070
x-xss-protection: 0
expires: Thu, 16 Sep 2021 04:03:19 GMT

GET
H/1.1 200
OK onelink Show response
wa.onelink.me/v1/ 13 B
325 B 166ms
31ms XHR
application/json 34.249.113.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.onelink.me/v1/onelink
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.113.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-113-116.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bankingfeessuck.com
Date: Thu, 16 Sep 2021 02:03:19 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 13
Content-Type: application/json

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
368 B 431ms
97ms XHR
text/plain 3.224.117.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20545654061.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.117.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-117-145.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankingfeessuck.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 16 Sep 2021 02:03:19 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.bankingfeessuck.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 22c042fe-f4a0-4117-94f6-c4975b65d4cd

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 31ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=139896346474433&ev=PageView&dl=https%3A%2F%2Fwww.bankingfeessuck.com%2F&rl=&if=false&ts=1631757799416&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=28&fbp=fb.1.1631757799415.1641595217&it=1631757799075&coo=false&rqm=GET

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 16 Sep 2021 02:03:19 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/866822537/ 2 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/866822537/?random=1631757799456&cv=9&fst=1631757799456&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.bankingfeessuck.com%2F&tiba=Stash%20%7C%20Investing%20for%20Beginners.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b662e1e12cdbb00fb60080d94f964604ff52c06d51868238805777239210e9eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1044
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
186 B 16ms
15ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2027020248&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bankingfeessuck.com%2F&ul=en-us&de=UTF-8&dt=Stash%20%7C%20Investing%20for%20Beginners.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=258965297&gjid=804636910&cid=1662868171.1631757799&tid=UA-62761031-8&_gid=2001405715.1631757799&_r=1&gtm=2wg9f0TFGKH8&z=1368454044

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankingfeessuck.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:03:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bankingfeessuck.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/866822537/ 42 B
340 B 24ms
18ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/866822537/?random=1631757799316&cv=9&fst=1631757600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.bankingfeessuck.com%2F&tiba=Stash%20%7C%20Investing%20for%20Beginners.&async=1&fmt=3&is_vtc=1&random=3739284045&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:03:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/866822537/ 42 B
569 B 66ms
20ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/866822537/?random=1631757799316&cv=9&fst=1631757600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.bankingfeessuck.com%2F&tiba=Stash%20%7C%20Investing%20for%20Beginners.&async=1&fmt=3&is_vtc=1&random=3739284045&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:03:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F128 4 KB
3 KB 75ms
23ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview"
expires: Thu, 16 Sep 2021 02:03:19 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
469 B 68ms
23ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-62761031-8&cid=1662868171.1631757799&jid=258965297&gjid=804636910&_gid=2001405715.1631757799&_u=aGDAAEACQAAAAC~&z=1791818644

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankingfeessuck.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 16 Sep 2021 02:03:19 GMT
content-type: text/plain
access-control-allow-origin: https://www.bankingfeessuck.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 generate_204
www.youtube.com/ Frame F128 0
39 B 8ms
6ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?um4cCw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/866822537/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/866822537/?random=1631757799456&cv=9&fst=1631757600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.bankingfeessuck.com%2F&tiba=Stash%20%7C%20Investing%20for%20Beginners.&async=1&fmt=3&is_vtc=1&random=1989866237&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:03:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/866822537/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/866822537/?random=1631757799456&cv=9&fst=1631757600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.bankingfeessuck.com%2F&tiba=Stash%20%7C%20Investing%20for%20Beginners.&async=1&fmt=3&is_vtc=1&random=1989866237&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:03:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK events Show response
wa.appsflyer.com/ 83 B
537 B 155ms
32ms XHR
application/json 54.72.99.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.appsflyer.com/events?site-id=ZB7BDMjD
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.99.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-99-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01362ddf2ec5e61876f50079a23ec3d414457794ca3411332b350868ba37ea89

Request headers

Referer: https://www.bankingfeessuck.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bankingfeessuck.com
Date: Thu, 16 Sep 2021 02:03:19 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 83
Content-Type: application/json

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 20ms
20ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-62761031-8&cid=1662868171.1631757799&jid=258965297&_u=aGDAAEACQAAAAC~&z=323619501

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:03:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
19ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-62761031-8&cid=1662868171.1631757799&jid=258965297&_u=aGDAAEACQAAAAC~&z=323619501

Requested by

Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:03:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hit.js Show response
www.upsellit.com/analytics/ 0
170 B 157ms
153ms Script
application/javascript 208.118.62.69
ALCHEMYNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.upsellit.com/analytics/hit.js?usi_a=zdwq46_1631757800&usi_t=1631757799711&usi_r=VIEW&usi_c=7101&usi_u=https%3A%2F%2Fwww.bankingfeessuck.com%2F
Requested by: Host: www.upsellit.com
URL: https://www.upsellit.com/active/stash.jsp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.118.62.69 , United States, ASN7296 (ALCHEMYNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:19 GMT
last-modified: Wed, 07 Aug 2019 19:46:56 GMT
server: nginx
etag: "5d4b2ab0-0"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 0
expires: Sat, 16 Oct 2021 02:03:19 GMT

GET
H2 200 stash_pixel.jsp Show response
www.upsellit.com/active/ 20 KB
7 KB 157ms
154ms Script
application/x-javascript 208.118.62.69
ALCHEMYNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.upsellit.com/active/stash_pixel.jsp
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFGKH8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.118.62.69 , United States, ASN7296 (ALCHEMYNET, US),
Reverse DNS
Software: nginx /
Resource Hash: d22930c8710843d047b258282569049499e52b61390c13835678186ebf8d6010

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:19 GMT
content-encoding: gzip
expires: Fri, 17 Sep 2021 02:03:19 GMT
server: nginx
cache-control: max-age=86400
content-type: application/x-javascript;charset=ISO-8859-1

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/92/ Frame F128 52 KB
15 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/92/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

347929e823326917ec72df0adfe9a05f12ac69dca63e1c1ff0c9265bd87b1550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15330
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 15:08:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Thu, 16 Sep 2021 17:41:07 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
148 B 499ms
159ms XHR
application/json 54.70.178.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/TZCshFL82skfrxA6BzAQjqgvPcAWlFX4/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.70.178.119 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-70-178-119.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.bankingfeessuck.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bankingfeessuck.com
date: Thu, 16 Sep 2021 02:03:20 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H/1.1 200
OK onelink Show response
wa.onelink.me/v1/ 51 B
510 B 29ms
28ms XHR
application/json 34.249.113.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.onelink.me/v1/onelink?af_id=5e93f648-d364-4a63-bc33-f39cac63d5cd-p
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.113.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-113-116.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6510201c201fa5092e261a3087aa90be15939215eb925c1309c60e0aa3a9cea3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bankingfeessuck.com
Date: Thu, 16 Sep 2021 02:03:19 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 51
Content-Type: application/json

GET
H2 200 hotjar-924144.js Show response
static.hotjar.com/c/ 6 KB
3 KB 35ms
10ms Script
application/javascript 143.204.98.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-924144.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFGKH8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-76.fra50.r.cloudfront.net

Software

Resource Hash

88df258d7ffad08c1c1c2c1aa70f450b4c538acfdd7f2b4d0c5dcf67ec19610c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/2f4ce6d4ebeddbff79216fb0f670445d
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-id: Rkv_SME41aIqkEq046YP5LAnnA53uCDKM_a6l6nVljovCYz3g9HKjA==
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)

GET
H2

200

activityi;dc_pre=CJ-en8CzgvMCFYV04Aodi8EAow;src=9786632;type=stash0;cat=unive0;ord=5991293841011;gtm=2wg9f0;auiddc=794646912.1631757799;u27=https%3A%2F%2Fwww.bankingfeessuck.com%2F;~oref=https%3A%2... Show response
9786632.fls.doubleclick.net/ Frame 9293
Redirect Chain

https://9786632.fls.doubleclick.net/activityi;src=9786632;type=stash0;cat=unive0;ord=5991293841011;gtm=2wg9f0;auiddc=794646912.1631757799;u27=https%3A%2F%2Fwww.bankingfeessuck.com%2F;~oref=https%3A...
https://9786632.fls.doubleclick.net/activityi;dc_pre=CJ-en8CzgvMCFYV04Aodi8EAow;src=9786632;type=stash0;cat=unive0;ord=5991293841011;gtm=2wg9f0;auiddc=794646912.1631757799;u27=https%3A%2F%2Fwww.ban...

2 KB
1 KB

27ms
26ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9786632.fls.doubleclick.net/activityi;dc_pre=CJ-en8CzgvMCFYV04Aodi8EAow;src=9786632;type=stash0;cat=unive0;ord=5991293841011;gtm=2wg9f0;auiddc=794646912.1631757799;u27=https%3A%2F%2Fwww.bankingfeessuck.com%2F;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFGKH8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

487c96db5f0b93490432da2e0033229059e2411270d84d593e54e29a31b6cc17

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9786632.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJ-en8CzgvMCFYV04Aodi8EAow;src=9786632;type=stash0;cat=unive0;ord=5991293841011;gtm=2wg9f0;auiddc=794646912.1631757799;u27=https%3A%2F%2Fwww.bankingfeessuck.com%2F;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankingfeessuck.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlEcFAiuYru1QSShzJrE4VZh_kb6uxRFfCiDolfe73Qizc_X5V8hXsD5H6L
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 16 Sep 2021 02:03:20 GMT
expires: Thu, 16 Sep 2021 02:03:20 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1106
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 16 Sep 2021 02:03:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9786632.fls.doubleclick.net/activityi;dc_pre=CJ-en8CzgvMCFYV04Aodi8EAow;src=9786632;type=stash0;cat=unive0;ord=5991293841011;gtm=2wg9f0;auiddc=794646912.1631757799;u27=https%3A%2F%2Fwww.bankingfeessuck.com%2F;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

activityi;dc_pre=CNbdn8CzgvMCFVUQ4AodORwHyQ;src=9786632;type=stash0;cat=stash0;ord=1;num=2130374137708;gtm=2wg9f0;auiddc=794646912.1631757799;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F Show response
9786632.fls.doubleclick.net/ Frame 2328
Redirect Chain

https://9786632.fls.doubleclick.net/activityi;src=9786632;type=stash0;cat=stash0;ord=1;num=2130374137708;gtm=2wg9f0;auiddc=794646912.1631757799;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F?
https://9786632.fls.doubleclick.net/activityi;dc_pre=CNbdn8CzgvMCFVUQ4AodORwHyQ;src=9786632;type=stash0;cat=stash0;ord=1;num=2130374137708;gtm=2wg9f0;auiddc=794646912.1631757799;~oref=https%3A%2F%2...

507 B
468 B

33ms
33ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9786632.fls.doubleclick.net/activityi;dc_pre=CNbdn8CzgvMCFVUQ4AodORwHyQ;src=9786632;type=stash0;cat=stash0;ord=1;num=2130374137708;gtm=2wg9f0;auiddc=794646912.1631757799;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFGKH8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

ebc993c8e143557e26fdda36f0330792f6443e19b2d37c815200da877756669b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9786632.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNbdn8CzgvMCFVUQ4AodORwHyQ;src=9786632;type=stash0;cat=stash0;ord=1;num=2130374137708;gtm=2wg9f0;auiddc=794646912.1631757799;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankingfeessuck.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlEcFAiuYru1QSShzJrE4VZh_kb6uxRFfCiDolfe73Qizc_X5V8hXsD5H6L
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 16 Sep 2021 02:03:20 GMT
expires: Thu, 16 Sep 2021 02:03:20 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 398
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 16 Sep 2021 02:03:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9786632.fls.doubleclick.net/activityi;dc_pre=CNbdn8CzgvMCFVUQ4AodORwHyQ;src=9786632;type=stash0;cat=stash0;ord=1;num=2130374137708;gtm=2wg9f0;auiddc=794646912.1631757799;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 33 KB
10 KB 11ms
10ms Script
application/javascript 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=pba&
Requested by: Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c9e5a30fa855bce862506d44d6290908b0a7f8f8f594421bf978246f57c46c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Thu, 16 Sep 2021 02:03:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Aug 2021 07:15:34 GMT
Server: AmazonS3
x-amz-request-id: 3NNC2SK6E5ESN0HC
ETag: "e8d8525a7396c6f5b2c2d9d4fda589ac"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2255
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9258
x-amz-id-2: 1eONv2nfAsXVDBDvERBAqVxpUoBTFbgLnGoFIdsM1mhlLfP6RrnuXduVqj+2OhAMX9ps136NcMg=
Expires: Thu, 16 Sep 2021 02:40:54 GMT

GET
H2 200 appboy.min.js Show response
js.appboycdn.com/web-sdk/2.2/ 169 KB
44 KB 79ms
30ms Script
application/javascript 2606:4700:10::6816:84f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.appboycdn.com/web-sdk/2.2/appboy.min.js
Requested by: Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:84f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 931add09e127ca50348ab16152295d65947c09c35e7b5219eda5de7bf2ee4920

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Jan 2019 22:52:57 GMT
server: cloudflare
age: 6658
etag: W/"185fc0dbed2416948ba586bac243db63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 68f68489e999c26d-FRA
x-amz-request-id: 0TMS0XWYSTB6FDMP
x-amz-id-2: 3P8clOVyOqL4TpoBp9X5Vd2RNTn6y9nECES4oyTn5DZCok9VKPMYEe4i+O/TU6fYlcloKP/IJPo=

GET quant.js
secure.quantserve.com/ 0
0

GET
H2 200 scevent.min.js Show response
sc-static.net/ 15 KB
6 KB 71ms
24ms Script
application/javascript 143.204.98.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-106.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash: a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:19 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 5873
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
x-amz-cf-id: nTGwanPqHlaCRe08SZIdC7gh9WoiQbIz3rOP37WK3NB3voRYFj34VQ==

GET
H/1.1 200
OK sdk.js Show response
w8cf-prod.the8app.com/Content/api/tracking/ 7 KB
7 KB 119ms
26ms Script
application/javascript 143.204.98.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w8cf-prod.the8app.com/Content/api/tracking/sdk.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFGKH8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-92.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 203abee94a317532500d85a9126678f1eb4d746a5ff7fb66e8ee9b2d81f15d58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 5A7W4lRL_V9obGfFkh21S.vP0JY0PGPp
Via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
Last-Modified: Thu, 23 Jan 2020 10:35:20 GMT
Server: AmazonS3
Age: 19551
ETag: "a81c2d65adaf2716c50c968c0d71cede"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Date: Wed, 15 Sep 2021 20:37:30 GMT
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 6767
X-Amz-Cf-Id: Pi__iBtXUJgceLhDpK5CU8RxWmLAUV79kqb3scZOqekSxskPQ1nN2w==

GET
H2 200 airpr.js Show response
px.airpr.com/ 7 KB
2 KB 63ms
7ms Script
application/javascript 143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.airpr.com/airpr.js
Requested by: Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 529b9c583e6cf8da02c9cadf8c38b5714198f0fde2dcde01da2d5ee681228738

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:00:55 GMT
content-encoding: gzip
last-modified: Sat, 21 Apr 2018 18:03:55 GMT
server: nginx
age: 36144
etag: "5adb7d0b-853"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: FRA50-C1
content-length: 2131
x-amz-cf-id: iuuORwZynZriofn6LDD7LCtmX2HFvC_5yAWMpfwFP2k61783BFcJgw==
expires: Thu, 16 Sep 2021 04:15:42 GMT

GET
H2 200 c4014cd4-ee3e-4731-be02-5c900b80ac50-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 7 KB
7 KB 113ms
22ms Script
application/javascript 2600:9000:2156:1a00:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/c4014cd4-ee3e-4731-be02-5c900b80ac50-latest.js
Requested by: Host: www.bankingfeessuck.com
URL: https://www.bankingfeessuck.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1a00:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0b9c16f0f937c2b8815de4834876d89ee30f77c1ee820872e6a0279ca1b91e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: TJVv9d_oR1Dj4W4T87zFRa10KflR6bMV
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 19:49:49 GMT
server: AmazonS3
age: 38833
etag: "3144fdee3db68bf87418c006a6cbc78d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Wed, 15 Sep 2021 15:16:08 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 6952
x-amz-cf-id: GqOxXD9-Hx1SnIXr2yr4tZXjpfXsNf8bwOy1MWtMkq-plMZzl9QwgQ==

GET
H2 204 dtag.js Show response
cdn.attn.tv/stash/ 0
231 B 956ms
840ms Script
text/plain 2600:9000:2156:4000:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/stash/dtag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFGKH8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4000:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:20 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
server: CloudFront
cache-control: public, max-age=120
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: FGapfY31-KWvXtD7mPoU9znbj2QVmwtzS2T7pJz1hbKPs7_eH-n-_A==
x-cache: Miss from cloudfront

GET
H2 200 modules.5fe2f4f38cf4833026a9.js Show response
script.hotjar.com/ 221 KB
59 KB 55ms
10ms Script
application/javascript 143.204.98.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-924144.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-45.fra50.r.cloudfront.net

Software

Resource Hash

33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 07:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 586094
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59626
access-control-allow-origin: *
last-modified: Thu, 09 Sep 2021 07:14:26 GMT
etag: "e8c5ca8d148a212696c04c37e713b2a1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: TkDJ-cjfeQkX7Pi4KGJFqMxbsAvJxV_oJAe6dU84CUBdLnZxz-r0_A==

POST
H/1.1 200
OK events Show response
wa.appsflyer.com/ 83 B
537 B 30ms
30ms XHR
application/json 54.72.99.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.appsflyer.com/events?site-id=ZB7BDMjD
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.99.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-99-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01362ddf2ec5e61876f50079a23ec3d414457794ca3411332b350868ba37ea89

Request headers

Referer: https://www.bankingfeessuck.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bankingfeessuck.com
Date: Thu, 16 Sep 2021 02:03:19 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 83
Content-Type: application/json

GET
H2 200 box-dfc01efbdc94bb0936d9a35a502b0b64.html Show response
vars.hotjar.com/ Frame B6D6 2 KB
1 KB 81ms
7ms Document
text/html 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-924144.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: /
Resource Hash: 88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankingfeessuck.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/

Response headers

content-type: text/html
content-length: 1044
date: Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "10714b84569172431728622d7c8098e4"
last-modified: Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ydA-mPq0wxSFPeSvxmYM9vz1snicwpPsmyFJKBibkMGSDd3YATb39g==
age: 4971495

GET
H2 200 collect
www.google-analytics.com/ 35 B
130 B 11ms
9ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=2027020248&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.bankingfeessuck.com%2F&ul=en-us&de=UTF-8&dt=Stash%20%7C%20Investing%20for%20Beginners.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=airpr&ea=visitor%20hit&_u=aHDAAEADQAAAAC~&jid=&gjid=&cid=1662868171.1631757799&tid=UA-62761031-8&_gid=2001405715.1631757799&gtm=2wg9f0TFGKH8&cd3=1662868171.1631757799&z=74732825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 22:30:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12799
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

204

anpx
dpx.airpr.com/
Redirect Chain

https://dpx.airpr.com/px?hostname=www.bankingfeessuck.com&profile=450806&ga_account_id=UA-62761031-8&ga_account_type=UA&ga_c=1662868171.1631757799&an=true
https://secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=4062197317
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdpx.airpr.com%2Fanpx%3Fadnxs_uid%3D%24UID%26airpr_id%3D4062197317
https://dpx.airpr.com/anpx?adnxs_uid=3095941860575817156&airpr_id=4062197317

0
63 B

17ms
17ms

Image
text/plain

18.194.85.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpx.airpr.com/anpx?adnxs_uid=3095941860575817156&airpr_id=4062197317
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.85.80 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-85-80.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:20 GMT
cache-control: private
server: nginx

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 02:03:20 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 802d4005-a4a6-4167-8a70-f756d0650d8e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpx.airpr.com/anpx?adnxs_uid=3095941860575817156&airpr_id=4062197317
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 26E2 0
262 B 61ms
22ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=a1803992-6d0b-447a-949e-ffe3d80bc2f1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=a1803992-6d0b-447a-949e-ffe3d80bc2f1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankingfeessuck.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/

Response headers

server: nginx/1.17.3
date: Thu, 16 Sep 2021 02:03:20 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 7f85a56ba4.css
use.fontawesome.com/ 1 KB
1 KB 32ms
14ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/7f85a56ba4.css
Requested by: Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/2.2/appboy.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1031
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: MWFFP00J4FN56JFH
x-amz-id-2: 5/bOKr313dKi97KTRRannnbDKb5WWOZXzqOg4bws+qaziPjRH+6pNsddmlQ6sG5z8q6p2P5PBcA=
last-modified: Wed, 30 Jun 2021 21:14:33 GMT
server: cloudflare
etag: W/"8360eb270b919a1fb4776bc448d9ed14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQCKyeI2fnKpQq2HCQiCMrabtiBffpOuO6593o7zA5Y4xmzL6bZuzwx%2FcEAhG%2BmB60pYTCi402ZXI4tby6PzrJ8XlVrwnD%2B5%2FK66PC%2BABIGuLSp5zB%2Fkfjrkj9bWh2RdudLRFqKMPmev5EZ0hKxmcoSd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 68f6848ad8765c1a-FRA

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 9 KB
4 KB 86ms
14ms Script
application/javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/c4014cd4-ee3e-4731-be02-5c900b80ac50-latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 02:03:20 GMT
Content-Encoding: gzip
Age: 76972
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3340
X-Served-By: cache-lga21982-LGA, cache-fra19156-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.13.10
X-Timer: S1631757800.215226,VS0,VE0
ETag: W/"60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 10 Jun 2021 04:37:09 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 13314

GET
H2 200 c4014cd4-ee3e-4731-be02-5c900b80ac50-additional-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 9 KB
9 KB 15ms
14ms Script
application/javascript 2600:9000:2156:1a00:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/c4014cd4-ee3e-4731-be02-5c900b80ac50-additional-latest.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/c4014cd4-ee3e-4731-be02-5c900b80ac50-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1a00:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f179816d373bc45ffa037c69a49f094000c4218cf61fb4306a90c7bd1ba8fd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:43:08 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 19:49:50 GMT
server: AmazonS3
age: 19213
etag: "a839c745599e2aaac92e61d1876bcb92"
x-cache: Hit from cloudfront
x-amz-version-id: zDf.vjpyXA27HPufFlsk8DblDJVcYNCj
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 8766
x-amz-cf-id: 0_dcjgqZOPNW_sHcUaW3r-Z7DHt6t69204klnJKCRw2GsCaXioeajA==

GET
H2 200 tracker-latest.min.js Show response
d2hrivdxn8ekm8.cloudfront.net/ 10 KB
10 KB 12ms
11ms Script
application/javascript 2600:9000:2156:1a00:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/c4014cd4-ee3e-4731-be02-5c900b80ac50-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1a00:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8dd95d85ec6c727b643ee77877b0f0f871e5e0c23c4a4f8b2717c8e2992113ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: TMoLD_DiUBmYAiSnr6YprAKLygQ3P9GG
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified: Thu, 25 Mar 2021 23:09:46 GMT
server: AmazonS3
age: 15302
etag: "0e1055fa94f517c775220f50e87ea05b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
date: Wed, 15 Sep 2021 21:48:25 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 9967
x-amz-cf-id: RPmnI2QZ0WQaxAMv6bT2j16RId7Pk0VMaVUKWPysZymP9IeJygvjiw==

GET
H2 200 2107291109330650 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 430ms
430ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2107291109330650?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b81dc1e1d0af98447d5cdc051b1c3f4f2b7f44ab34019460853058ca48aa9542

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: M9ggrv8sAVlD3y2Z9fqxBBQOhh/+6hgIli1Wm7VHIlTswdAeCibf5iq1lofPdlLQmxZPRsgvV7Eb7TZok2MsJw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 16 Sep 2021 02:03:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js-sha256-v1.min.js Show response
sc-static.net/ 22 KB
8 KB 438ms
421ms Script
application/javascript 143.204.98.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/js-sha256-v1.min.js
Requested by: Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-106.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

Referer: https://www.bankingfeessuck.com/
Origin: https://www.bankingfeessuck.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:21 GMT
content-encoding: gzip
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"68f2467c84878293c9ee497dbc99a17f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, s-maxage=86400, max-age=600
x-cache: Miss from cloudfront
x-amz-cf-id: wSMS64T7ZNpbWthxIUK5Zwh2OksaWVepZwtDgFZq-KetiW2OuBg70A==
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame 9293
Redirect Chain

https://secure.adnxs.com/px?id=1192257&seg=19904598&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1192257%26seg%3D19904598%26t%3D1

313 B
1 KB

12ms
12ms

Script
application/javascript

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1192257%26seg%3D19904598%26t%3D1

Requested by

Host: 9786632.fls.doubleclick.net
URL: https://9786632.fls.doubleclick.net/activityi;dc_pre=CJ-en8CzgvMCFYV04Aodi8EAow;src=9786632;type=stash0;cat=unive0;ord=5991293841011;gtm=2wg9f0;auiddc=794646912.1631757799;u27=https%3A%2F%2Fwww.bankingfeessuck.com%2F;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

be991522d06cfd258c99ca86786f9103043d4b6df9e717cd37d65863a00cedc6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9786632.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 02:03:20 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b61ccae3-ff77-4090-b7d6-0e49f782eefb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 313
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 02:03:20 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 646209b0-b726-418a-97de-46e2fabadbe8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1192257%26seg%3D19904598%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dc_pre=CJ-en8CzgvMCFYV04Aodi8EAow;src=9786632;type=stash0;cat=unive0;ord=5991293841011;gtm=2wg9f0;auiddc=*;u27=https%3A%2F%2Fwww.bankingfeessuck.com%2F;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F
adservice.google.com/ddm/fls/z/ Frame 9293 42 B
107 B 81ms
25ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ-en8CzgvMCFYV04Aodi8EAow;src=9786632;type=stash0;cat=unive0;ord=5991293841011;gtm=2wg9f0;auiddc=*;u27=https%3A%2F%2Fwww.bankingfeessuck.com%2F;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9786632.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:03:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ktag.js Show response
resources.xg4ken.com/js/v2/ Frame 9293 10 KB
4 KB 219ms
29ms Script
text/plain 54.228.170.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N3ABF-3EB

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.170.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-170-24.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6be2d3525ac65706af2673badcb5232afe47ae9e1bf5099948db1f767565b8b7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9786632.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 02:03:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Jul 2021 07:00:44 GMT
Server: nginx
ETag: "60f7c61c-ef2"
Content-Type: text/plain
Cache-Control: max-age=86400, public
Connection: keep-alive
Content-Length: 3826
X-XSS-Protection: 1; mode=block
Expires: Fri, 17 Sep 2021 02:03:20 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 9293 34 KB
10 KB 94ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: 9786632.fls.doubleclick.net
URL: https://9786632.fls.doubleclick.net/activityi;dc_pre=CJ-en8CzgvMCFYV04Aodi8EAow;src=9786632;type=stash0;cat=unive0;ord=5991293841011;gtm=2wg9f0;auiddc=794646912.1631757799;u27=https%3A%2F%2Fwww.bankingfeessuck.com%2F;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9786632.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:19 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 18:56:21 GMT
x-msedge-ref: Ref A: 46C8380FD1B447DA97F05D528515B3CE Ref B: FRAEDGE1506 Ref C: 2021-09-16T02:03:20Z
etag: "80386a5f63aad71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9827

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame 9293 15 KB
6 KB 77ms
15ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9786632.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 16 Sep 2021 01:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2647
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5639
x-amz-id-2: Cqh6blbcryA0RAAB2bSBpwDBsUHdpWTuNxg4tuXg+wZxiZAg0K4eW06IECLSmBBvmE3t0Bi2mfg=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 27 May 2021 13:00:20 GMT
server: ATS
etag: "6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: CKJJ1MRZT35CB49A
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame 2328
Redirect Chain

https://secure.adnxs.com/px?id=1207484&seg=20520856&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1207484%26seg%3D20520856%26t%3D1

0
1005 B

12ms
11ms

Script
application/javascript

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1207484%26seg%3D20520856%26t%3D1

Requested by

Host: 9786632.fls.doubleclick.net
URL: https://9786632.fls.doubleclick.net/activityi;dc_pre=CNbdn8CzgvMCFVUQ4AodORwHyQ;src=9786632;type=stash0;cat=stash0;ord=1;num=2130374137708;gtm=2wg9f0;auiddc=794646912.1631757799;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9786632.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 02:03:20 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c091c612-f5f7-4ea4-ae27-a92c00183c83
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 02:03:20 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b92e6003-63b8-4f98-9c7a-a726a5566e22
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1207484%26seg%3D20520856%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dc_pre=CNbdn8CzgvMCFVUQ4AodORwHyQ;src=9786632;type=stash0;cat=stash0;ord=1;num=2130374137708;gtm=2wg9f0;auiddc=*;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F
adservice.google.com/ddm/fls/z/ Frame 2328 42 B
515 B 77ms
25ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNbdn8CzgvMCFVUQ4AodORwHyQ;src=9786632;type=stash0;cat=stash0;ord=1;num=2130374137708;gtm=2wg9f0;auiddc=*;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9786632.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:03:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 313ms
12ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/7f85a56ba4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.fontawesome.com/7f85a56ba4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6155757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: BVYNR017DZMX3ZD5
x-amz-id-2: QGjj4hxJUhuaeVUZXRjN85iZvcJa67QWP4rmwsnDS8rLQDMUxrDVFqF/Bir2ZYZv+FIyO3nBxiU=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"36082410df2ef7f83932219089dc1443"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5SSMAXpwqX8D0Vm4PiCW5qKfUE2yw%2FrDVgJMg75KtDdz3nX5xo9A8QO1z17tqxAjGtMccAmLygM%2BSGziSDG0FSO9IqJJ12kYk4Gp8lNOuWuAHhvtxl39pIV7bXjRJ4zYDyBETQiPBM9GppoSmpXqmQyU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 68f6848cda975c1a-FRA

GET
H2 204 924144 Show response
vc.hotjar.io/sessions/ 0
257 B 116ms
34ms XHR
text/plain 143.204.98.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/924144?s=0.25&r=0.03662957642001308
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-110.fra50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:20 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 4UoqhgbIp87Xl_eQvtEkaCTDpTU9xEcviaGiTPJLVoglu6yoU-WDPw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/866822537/ 2 KB
1 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/866822537/?random=1631757800162&cv=9&fst=1631757800162&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.bankingfeessuck.com%2F&tiba=Stash%20%7C%20Investing%20for%20Beginners.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c7fb21ce0e5abc39233cfc462f1421d457b4c74c286d041d8c53b1b876720f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1045
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5a28e627 Show response
dvqigh9b7wa32.cloudfront.net/ 43 B
485 B 693ms
626ms XHR
image/gif 143.204.101.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dvqigh9b7wa32.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTImdG9rZW49YzQwMTRjZDQtZWUzZS00NzMxLWJlMDItNWM5MDBiODBhYzUwJnNlc3Npb25JZD00NDdhZjI0Ny0zY2FlLWE0ZmEtYmMxOS03MmMyYTZiNTdkZjE%3D&date=1631757800175
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-144.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:21 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "fb02f374b8f73825415db1bccd4bd76d"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 43
x-amz-cf-id: CHgngy3YtURsDBDXXS8m0m7GttNH5wzLe9GPdia7wK4DV1tEu8oqRg==

GET
H2 200 5a28e627 Show response
d330aiyvva2oww.cloudfront.net/ 43 B
485 B 702ms
636ms XHR
image/gif 2600:9000:2156:1c00:3:760:2800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d330aiyvva2oww.cloudfront.net/5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjEyJnRva2VuPWM0MDE0Y2Q0LWVlM2UtNDczMS1iZTAyLTVjOTAwYjgwYWM1MCZzZXNzaW9uSWQ9NDQ3YWYyNDctM2NhZS1hNGZhLWJjMTktNzJjMmE2YjU3ZGYx&date=1631757800176
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1c00:3:760:2800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:21 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "fb02f374b8f73825415db1bccd4bd76d"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 43
x-amz-cf-id: HX16-rrg_8Velykvrf9sZNxuddeFiDKcYq6ZIXHrZrCkiOU0GnSJYA==

GET
H2 200 5a28e627 Show response
d1lu3pmaz2ilpx.cloudfront.net/ 43 B
442 B 674ms
616ms XHR
image/gif 2600:9000:2156:de00:17:f683:1d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lu3pmaz2ilpx.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTImdG9rZW49YzQwMTRjZDQtZWUzZS00NzMxLWJlMDItNWM5MDBiODBhYzUwJnNlc3Npb25JZD00NDdhZjI0Ny0zY2FlLWE0ZmEtYmMxOS03MmMyYTZiNTdkZjEmY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPVdpbmRvd3MmJTI0Y3VycmVudFVybD1odHRwcyUzQSUyRiUyRnd3dy5iYW5raW5nZmVlc3N1Y2suY29tJTJG&date=1631757800186
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:de00:17:f683:1d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:21 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "fb02f374b8f73825415db1bccd4bd76d"
vary: Origin
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 43
x-amz-cf-id: SPzJYl8cuOIljGUvtotZpzRkMPlYYsimFowkG9QQuVwlRLEpuaT4ag==

GET
H2 200 /
www.google.com/pagead/1p-user-list/866822537/ 42 B
108 B 27ms
26ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/866822537/?random=1631757800162&cv=9&fst=1631757600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.bankingfeessuck.com%2F&tiba=Stash%20%7C%20Investing%20for%20Beginners.&async=1&fmt=3&is_vtc=1&random=3834395825&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:03:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/866822537/ 42 B
108 B 27ms
26ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/866822537/?random=1631757800162&cv=9&fst=1631757600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.bankingfeessuck.com%2F&tiba=Stash%20%7C%20Investing%20for%20Beginners.&async=1&fmt=3&is_vtc=1&random=3834395825&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:03:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=9879431;dc_pre=CJidq8CzgvMCFdO1UQod0nkEDQ;type=invmedia;cat=stash0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/ Frame 9293
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9879431;type=invmedia;cat=stash0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=9879431;dc_pre=CJidq8CzgvMCFdO1UQod0nkEDQ;type=invmedia;cat=stash0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=9879431;dc_pre=CJidq8CzgvMCFdO1UQod0nkEDQ;type=invmedia;cat=stash0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
107 B

321ms
19ms

Image
image/gif

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9879431;dc_pre=CJidq8CzgvMCFdO1UQod0nkEDQ;type=invmedia;cat=stash0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9786632.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:03:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 02:03:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=9879431;dc_pre=CJidq8CzgvMCFdO1UQod0nkEDQ;type=invmedia;cat=stash0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10004326.json Show response
s.yimg.com/wi/config/ Frame 9293 2 B
449 B 23ms
8ms XHR
application/json 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10004326.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9786632.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:51:36 GMT
x-content-type-options: nosniff
age: 705
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 07XRSRBKQHMFTFBS
x-amz-id-2: rJibGoVIPpdmuHwX7GjIzMF1LsIRs5czWewzaV9HQt19zh9D3S5fbIIzNhNr0JpwZrLM6TP7t4s=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
335 B 28ms
8ms Image
image/gif 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=802d047e-8bc3-44c7-a30a-bf34ede76b43&it=1631757800250&v=0.0.20&u=https%3A%2F%2Fwww.bankingfeessuck.com%2F&st=1631757800250&et=1631757800251&if=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 02:03:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
Content-Length: 42
Content-Type: image/gif

GET
H2 204 5668329.js Show response
bat.bing.com/p/action/ Frame 9293 0
109 B 174ms
173ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5668329.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9786632.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Sep 2021 02:03:19 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: AC4C2D18BF9347CD97F19494E4777157 Ref B: FRAEDGE1506 Ref C: 2021-09-16T02:03:20Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 9293 0
148 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5668329&Ver=2&mid=97d633ba-6fdd-4759-9705-d68905cd99e7&sid=43f15cc0169211eca4d1c5279eb7ff6c&vid=43f1c0b0169211ecab78a9b834568338&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.bankingfeessuck.com%2F&r=&lt=296&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=10103
Requested by: Host: 9786632.fls.doubleclick.net
URL: https://9786632.fls.doubleclick.net/activityi;dc_pre=CJ-en8CzgvMCFYV04Aodi8EAow;src=9786632;type=stash0;cat=unive0;ord=5991293841011;gtm=2wg9f0;auiddc=794646912.1631757799;u27=https%3A%2F%2Fwww.bankingfeessuck.com%2F;~oref=https%3A%2F%2Fwww.bankingfeessuck.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9786632.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 16 Sep 2021 02:03:19 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 2B439BA838F94B27A69674E11B5AA808 Ref B: FRAEDGE1506 Ref C: 2021-09-16T02:03:20Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sp.pl
sp.analytics.yahoo.com/ Frame 9293 43 B
964 B 152ms
35ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2016%20Sep%202021%2002%3A03%3A20%20GMT&n=0&.yp=10004326&f=https%3A%2F%2F9786632.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJ-en8CzgvMCFYV04Aodi8EAow%3Bsrc%3D9786632%3Btype%3Dstash0%3Bcat%3Dunive0%3Bord%3D5991293841011%3Bgtm%3D2wg9f0%3Bauiddc%3D794646912.1631757799%3Bu27%3Dhttps%253A%252F%252Fwww.bankingfeessuck.com%252F%3B~oref%3Dhttps%253A%252F%252Fwww.bankingfeessuck.com%252F%3F&e=https%3A%2F%2Fwww.bankingfeessuck.com%2F&enc=UTF-8&yv=1.10.1&isIframe=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9786632.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 02:03:20 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 16 Sep 2021 02:03:20 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2107291109330650&ev=PageView&dl=https%3A%2F%2Fwww.bankingfeessuck.com%2F&rl=&if=false&ts=1631757800662&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631757799415.1641595217&it=1631757799075&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 02:03:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 16 Sep 2021 02:03:20 GMT

POST
H3 200 p Show response
tr.snapchat.com/ Frame 63F9 0
15 B 35ms
27ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 308
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.bankingfeessuck.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankingfeessuck.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.bankingfeessuck.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/

Response headers

server: nginx/1.17.3
date: Thu, 16 Sep 2021 02:03:20 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBiQ0AIAgEsIlIeEXWOZUpGN5WD2TfMHLtR164hKikSKzScjzrGVkmGbmZhz9fG+p9MgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 4718 0
113 B 12ms
12ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 11788
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.bankingfeessuck.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankingfeessuck.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.bankingfeessuck.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankingfeessuck.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.bankingfeessuck.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date: Thu, 16 Sep 2021 02:03:21 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F128 28 B
320 B 22ms
22ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1256b7e2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/AHhbApto_n4?modestbranding=1&rel=0&enablejsapi=1
X-YouTube-Client-Version: 1.20210913.1.0
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtaNTlpSzlRalEwTSjmy4qKBg%3D%3D
X-YouTube-Ad-Signals: dt=1631757799060&flash=0&frm=2&u_tz&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1112%2C626&vis=1&wgl=true&ca_type=image&bid=ANyPxKpG-2rNcQCd2pdtb9bEL6kw_aVJ0AjVvY6KUyyUThbbDqBOZQoQHM9pTbmOv8S_wKkhrLHB9DH8VViPJ__DSpyFMC-xCg

Response headers

date: Thu, 16 Sep 2021 02:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 16 Sep 2021 02:03:21 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.stash.com
URL: https://cdn.stash.com/jnld/banner.json

Domain: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-19 21:17:24	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.bankingfeessuck.com/	1970-01-20 01:35:09	Name: optimizelyEndUserId Value: oeu1631757798245r0.04958631623711085
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 1g2Lt6kFGoY
.youtube.com/	1970-01-20 01:35:09	Name: VISITOR_INFO1_LIVE Value: Z59iK9QjQ0M
.bankingfeessuck.com/	1970-01-19 23:25:33	Name: _gcl_au Value: 1.1.794646912.1631757799
.bankingfeessuck.com/	1970-01-20 14:47:09	Name: _ga Value: GA1.2.1662868171.1631757799
.bankingfeessuck.com/	1970-01-19 21:17:24	Name: _gid Value: GA1.2.2001405715.1631757799
.twitter.com/	1970-01-20 14:47:09	Name: personalization_id Value: "v1_rqlAtHIMotx5z/PoQwGKKA=="
.doubleclick.net/	1970-01-20 06:37:33	Name: IDE Value: AHWqTUlEcFAiuYru1QSShzJrE4VZh_kb6uxRFfCiDolfe73Qizc_X5V8hXsD5H6L
.bankingfeessuck.com/	1970-01-19 23:25:33	Name: _fbp Value: fb.1.1631757799415.1641595217
.bankingfeessuck.com/	1970-01-19 21:15:57	Name: _gat_UA-62761031-8 Value: 1
.bankingfeessuck.com/	1970-01-19 21:59:09	Name: usi_id Value: zdwq46_1631757800
.bankingfeessuck.com/	1970-01-20 06:01:33	Name: ajs_anonymous_id Value: %229bcadd79-834f-458a-8e4d-e2646c08a56b%22
.appsflyer.com/	1970-01-20 14:47:09	Name: af_id Value: 5e93f648-d364-4a63-bc33-f39cac63d5cd-p
.bankingfeessuck.com/	1970-01-20 14:47:09	Name: afUserId Value: 5e93f648-d364-4a63-bc33-f39cac63d5cd-p
.onelink.me/	1970-01-20 14:47:09	Name: af_id Value: 5e93f648-d364-4a63-bc33-f39cac63d5cd-p
.bankingfeessuck.com/	1970-01-19 21:26:02	Name: AF_SYNC Value: 1631757799940
.bankingfeessuck.com/	1970-01-20 06:01:33	Name: _hjid Value: ecbecb0f-4827-4ee3-9f89-486bf9fbc0cb
.bankingfeessuck.com/	1970-01-19 21:15:59	Name: _hjFirstSeen Value: 1
dpx.airpr.com/	1970-01-19 21:15:58	Name: an_airpr_recent_visit Value: 1
.bankingfeessuck.com/	1970-01-20 06:45:44	Name: _scid Value: d272fbbd-23e9-4c94-8161-a1bfa4b555d0
www.bankingfeessuck.com/	1970-01-19 21:15:57	Name: _hjIncludedInSessionSample Value: 0
.bankingfeessuck.com/	1970-01-19 21:15:59	Name: _hjAbsoluteSessionInProgress Value: 1
www.bankingfeessuck.com/	1970-01-23 10:42:21	Name: tatari-cookie-test Value: 31073497
.bankingfeessuck.com/	1970-01-19 21:15:58	Name: t-ip Value: 1
.adnxs.com/	1970-01-19 23:25:33	Name: uuid2 Value: 3095941860575817156
.bankingfeessuck.com/	1970-01-23 10:42:21	Name: tatari-session-cookie Value: 447af247-3cae-a4fa-bc19-72c2a6b57df1
.adnxs.com/	1970-01-19 23:25:33	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E>1vYCwZ!]tbP6j2F-XstGt!@D7t$Rz0k
.bing.com/	1970-01-20 06:37:33	Name: MUID Value: 00D3EB2D83BC678429CBFB9982D76603
.yahoo.com/	1970-01-20 06:01:55	Name: A3 Value: d=AQABBOilQmECEIcaiO-uEOQFzWeMkVvUFg0FEgEBAQH3Q2FMYQAAAAAA_SMAAA&S=AQAAAlCVsxOJRMf0q6SFmBkfrrY
.snapchat.com/	1970-01-20 06:37:33	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBiQ0AIAgEsIlIeEXWOZUpGN5WD2TfMHLtR164hKikSKzScjzrGVkmGbmZhz9fG+p9MgAAAA==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.bankingfeessuck.com/ Message: Access to XMLHttpRequest at 'https://cdn.stash.com/jnld/banner.json' from origin 'https://www.bankingfeessuck.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://cdn.stash.com' that is not equal to the supplied origin.
network	error	URL: https://cdn.stash.com/jnld/banner.json Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9786632.fls.doubleclick.net
a19529930113.cdn.optimizely.com
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
analytics.twitter.com
api.segment.io
bat.bing.com
cdn.attn.tv
cdn.optimizely.com
cdn.segment.com
cdn.stash.com
connect.facebook.net
d.impactradius-event.com
d1lu3pmaz2ilpx.cloudfront.net
d2hrivdxn8ekm8.cloudfront.net
d330aiyvva2oww.cloudfront.net
dpx.airpr.com
dvqigh9b7wa32.cloudfront.net
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
js.appboycdn.com
logx.optimizely.com
px.airpr.com
resources.xg4ken.com
s.yimg.com
sc-static.net
script.hotjar.com
secure.adnxs.com
secure.quantserve.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
use.fontawesome.com
vars.hotjar.com
vc.hotjar.io
w8cf-prod.the8app.com
wa.appsflyer.com
wa.onelink.me
websdk.appsflyer.com
www.bankingfeessuck.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.upsellit.com
www.youtube.com
yt3.ggpht.com
cdn.stash.com
secure.quantserve.com
104.244.42.131
104.244.42.133
142.250.184.226
142.250.185.166
143.204.101.144
143.204.98.102
143.204.98.106
143.204.98.110
143.204.98.45
143.204.98.76
143.204.98.87
143.204.98.92
143.204.99.83
151.101.129.108
18.194.85.80
199.232.136.157
208.118.62.69
212.82.100.181
23.67.128.30
2600:1f18:4462:400:ed5c:a777:17fd:c84b
2600:9000:2156:1a00:17:3f5c:f800:21
2600:9000:2156:1c00:3:760:2800:21
2600:9000:2156:4000:1c:9484:cec0:93a1
2600:9000:2156:de00:17:f683:1d40:21
2606:4700:10::6816:84f
2606:4700:3031::ac43:d645
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:800::2003
2a00:1450:4001:808::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:80f::2016
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::2006
2a00:1450:4001:812::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9b
2a02:26f0:6c00:2a0::13b8
2a02:26f0:6c00::210:ba28
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.224.117.145
34.249.113.116
35.186.226.184
35.186.249.72
37.252.172.36
52.21.227.162
54.228.170.24
54.70.178.119
54.72.99.35
004eb00664f5d5382d33e6f40ce5aefeeb866c9ec9a6d226a3511db436068b5b
01362ddf2ec5e61876f50079a23ec3d414457794ca3411332b350868ba37ea89
0162754f11024315f58623795cccac1fd1c3e289d13c08ad1490b0dbaa0c65e0
054841c27f06f78224ef2fd2130977ea825f48cef5f2fab22b54b775287c1e0e
05b0346db87314e39a29b4d177d4ef304a8eab4b383843c51af17c6f4cb4a925
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
177f16f9ddfcc4d609f7b02b1b4519895af8d2de4e38a5310b56c6f2072b771b
1d58ec10678df035f4fd517509f207848056cc21dfb1066c40508368942cda9f
203abee94a317532500d85a9126678f1eb4d746a5ff7fb66e8ee9b2d81f15d58
28a6e0c0b2bbf4e338bdfeb8e39c30552bcd893f3621d8d552057dcb59fcc48b
2b3f241ef7d3708e8c1471a6bd66c79c84d5758d50f4e48730f0fa62727b8e57
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
347929e823326917ec72df0adfe9a05f12ac69dca63e1c1ff0c9265bd87b1550
3778ff4e82e09886e672cc1d5b5e1bbab0e267ab421be921299bcf54b679efe2
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
3a1366fee2bc8f5ec4babe9fccc61d4ec1bb638f187a45d5e4c211629d89158a
3c7fb21ce0e5abc39233cfc462f1421d457b4c74c286d041d8c53b1b876720f4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ecd5e6658606bd3ebe5230987a60837c536ff525517218a8b3ddfd41d66311a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f3886883fdb47f2f6ea653698b7b70914b994f2a70f8b68c27421302740c46
487c96db5f0b93490432da2e0033229059e2411270d84d593e54e29a31b6cc17
4c967c069f7a16252b2fa438ce43396ffaabb1479b5c6accab78f32604b8ade3
4eb0e0adfe35db79a1a966530f6866f118d861dad34c65c8ff18c40c2f2c7db2
529b9c583e6cf8da02c9cadf8c38b5714198f0fde2dcde01da2d5ee681228738
52d1d183145748058f5bdfb1cf9337d3f3bb8c687c7a4655d79b5504e5dba73a
58a963efb1177857b4f5730d5b3fd15dd04e26300b6abf51a87fa9c120bfe4e9
59a34e57485f40d90d949703e7efe938bdfd06253a3753cc16c23cda455538cf
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
61590a32a1a66ef591c9c9957d513bd7376a56572840d23bf5f5d0e7a411fb94
623e6bf32b8f7af45e44a88b99328128ee1daa5ab460d81bc96e16f20d3e77fc
6510201c201fa5092e261a3087aa90be15939215eb925c1309c60e0aa3a9cea3
661199733f2b9c02af192c728df9469f58d51e166ee6f0c5bf7512bc992ae441
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a12064a10625210b98742b84d1964b75b79673f13b2ee567dce38fbc989a3e6
6be2d3525ac65706af2673badcb5232afe47ae9e1bf5099948db1f767565b8b7
6f179816d373bc45ffa037c69a49f094000c4218cf61fb4306a90c7bd1ba8fd8
71a72eb4e77a5046ee3e3b6b1a71822cd792d5792013c1103bfffaaab3534997
72e16cbd2deca80245978772adb5c70ea959b61527b89f59e0991d1d23c077e4
77b8d327de844bfaab4618c424bbe957523752f31633058281e9204a47e0d414
7c9e5a30fa855bce862506d44d6290908b0a7f8f8f594421bf978246f57c46c3
7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea
7f52102df17d81e361e49407c9902d3b01c57e19a28d6a0e88cb58b0fac93305
818c4220e47743794846bf6215ba534f98488617bedf10ae1698ab462ee13f8c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
88df258d7ffad08c1c1c2c1aa70f450b4c538acfdd7f2b4d0c5dcf67ec19610c
89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814
8dd95d85ec6c727b643ee77877b0f0f871e5e0c23c4a4f8b2717c8e2992113ea
8e428deda8f2086fd17316e2620503094416cc58261634128f437ee6d7a14fd0
9156f7977f473c0c7fbee670e9eac37e3281cd14a6c53bbd7d3efa8b138b5655
931add09e127ca50348ab16152295d65947c09c35e7b5219eda5de7bf2ee4920
94c32514423d12352de48af8ea8a28b4023a169690043c87374499d97ea32a45
9cd28b655e93f642bfe112e660c887254996924ab657bc03363c1f6f0385dd44
9dc3f5ebfa90a88e1fa8e30d2f97fe274436fa6d8e9662690bff3d77c365d83d
a12953e82e6818315aec0ceb8e2eb8ae9b546c55ca54281d85e78c9853c20978
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f
a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197
a955a9146e0b335ac5db745dd38826250795ec880250aba4c843962c4c2a8002
abbef42bb1562d0f2dee1c2543774319ba57875ddeb4eef55c42be7c0f77f174
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b662e1e12cdbb00fb60080d94f964604ff52c06d51868238805777239210e9eb
b81dc1e1d0af98447d5cdc051b1c3f4f2b7f44ab34019460853058ca48aa9542
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
bb59d90a093f3730442af17888f99cc011c027aeea0d4c011d8bdaeb425b7da2
bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6
bcb3b96bd5db9378016b18374dd2afdeb91de9678daf9ab1ad73a199173a1e57
be991522d06cfd258c99ca86786f9103043d4b6df9e717cd37d65863a00cedc6
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ccac1d205368071f0ae36d5b4f89b0b37b00c2ea2bc7cf5d940a1394b78011ed
d046c58df3b78a3c9174d95ef5d6787de9da23b21db729b606436c736970a31c
d22930c8710843d047b258282569049499e52b61390c13835678186ebf8d6010
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d933d8bb2e9e589153a817429ad889187b7105a4dfd19c82f460fb81b07f9856
d939f22548cb64f594cabff27deee5812345484e7f036d6cbfd1ed5bb054efae
da588f64f4fbfd746d132775505493b244ab8d6800def6413f9f016f90257454
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de40074dd713e5f1b426cf8366fd75b17c4a760273c18700286c10eedb068855
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0b9c16f0f937c2b8815de4834876d89ee30f77c1ee820872e6a0279ca1b91e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48
e9e30dccc8ac3d91e997eee228488bd5650602f3ce2734beadf6d21cbcc328ac
eac748290909a53886c88142b649bd68a47fc220ae546746b3163882358b80f4
ebc993c8e143557e26fdda36f0330792f6443e19b2d37c815200da877756669b
edfd01ca699a2b3adb2afa0ce0816952a0609bb98f9b90b0f31ab56aff24ae66
ee0337603ab6f7fd6b728e5ceecec6f07a0c97fc766d86550b638c410ba004f8
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f34e3dd42302f7589f4c05d28e501d2ebf24d1585e83db4aba1b7443d0a7cf6f
f48ebd2372c6d901f56fa7bb12d57960094e8efdff9099ee7f5e10c06ac2e513
f9c6fa16a9fb2daaadc145f3fdcba6531fb1b88263384d2152a679fba1212756
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.bankingfeessuck.com Open in urlscan Pro 52.21.227.162 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

130 Requests

98 %HTTPS

48 %IPv6

40 Domains

57 Subdomains

55 IPs

4 Countries

2687 kBTransfer

6449 kBSize

31 Cookies

33 Outgoing links

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bankingfeessuck.com Open in urlscan Pro
52.21.227.162 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

98 %
HTTPS

48 %
IPv6

40
Domains

57
Subdomains

55
IPs

4
Countries

2687 kB
Transfer

6449 kB
Size

31
Cookies

130 HTTP transactions
1 data transactions