bankinghelper.com Open in urlscan Pro
2606:4700:3036::6815:290 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bankinghelper.com/
Submission: On October 21 via automatic, source certstream-suspicious (October 21st 2024, 3:15:27 am UTC) — Scanned from US

Summary HTTP 44 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 7 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3036::6815:290, located in United States and belongs to CLOUDFLARENET, US. The main domain is bankinghelper.com.
TLS certificate: Issued by WE1 on October 19th 2024. Valid for: 3 months.

This is the only time bankinghelper.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:303... 2606:4700:3036::6815:290	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:400d:c04::9c	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:400d:c07::9d	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:400d:c0f::8b	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:400d:c0c::5f	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0b::5e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c0b::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0b::69	15169 (GOOGLE) (GOOGLE)
44	10

11 2606:4700:3036::6815:290 (United States)

ASN13335 (CLOUDFLARENET, US)

bankinghelper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:400d:c04::9c (Morganton, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c07::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:400d:c0f::8b (Morganton, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c0c::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0b::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0b::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0b::69 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 www.google.com — Cisco Umbrella Rank: 3	75 KB
11	bankinghelper.com bankinghelper.com	220 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	267 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	3 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
1	gstatic.com fonts.gstatic.com	16 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 683	7 KB
44	7

	Domain	Requested by
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	bankinghelper.com	bankinghelper.com static.cloudflareinsights.com
6	pagead2.googlesyndication.com	bankinghelper.com pagead2.googlesyndication.com
4	fonts.googleapis.com	pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.cloudflareinsights.com	bankinghelper.com
44	9

This site contains links to these domains. Also see Links.

Domain
news.google.com

Subject Issuer	Validity	Valid
bankinghelper.com WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://bankinghelper.com/
Frame ID: AAE7411A3F2E50F528B62551D58099BB
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: 70035D7223E0AC1DDE9EB0107E479645
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6381797927032292&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729448835&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fbankinghelper.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729480522661&bpp=9&bdt=357&idt=193&shv=r20241014&mjsv=m202410150101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7774241780834&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31087659%2C31088131%2C95344189&oid=2&pvsid=1178427996417281&tmod=61295563&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=244
Frame ID: 3E6D9D48C74E6C43246A72F7FC7EF0D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6381797927032292&output=html&h=280&slotname=7776375091&adk=2904885418&adf=995376434&pi=t.ma~as.7776375091&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1729448835&rafmt=1&format=1200x280&url=https%3A%2F%2Fbankinghelper.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729480522670&bpp=4&bdt=367&idt=270&shv=r20241014&mjsv=m202410150101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7774241780834&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31087659%2C31088131%2C95344189&oid=2&pvsid=1178427996417281&tmod=61295563&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=281
Frame ID: E144068D8D58584781CECCE1D4165DD8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: F5E28237CD5C2677D8979027D0D041E4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2518EBDAB5D35B6416364BA2C6B14616
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Banking Helper - Learn Banking Easily

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

44
Requests

98 %
HTTPS

100 %
IPv6

7
Domains

9
Subdomains

10
IPs

1
Countries

588 kB
Transfer

1638 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://news.google.com/publications/CAAqBwgKMI2zrQswmr7FAw?ceid=US:en&oc=3

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
bankinghelper.com/ 214 KB
37 KB 195ms
106ms Document
text/html 2606:4700:3036::6815:290
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankinghelper.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:290 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a95446d4d55d3d583576e9591e95cb769bca5ca30ac73621832d94c3fb407c83

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000
cf-cache-status: HIT
cf-ray: 8d5e152fbcb97290-EWR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Mon, 21 Oct 2024 03:15:22 GMT
expires: Tue, 19 Nov 2024 18:27:15 GMT
last-modified: Sun, 20 Oct 2024 18:27:15 GMT
link: <https://bankinghelper.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1WR80%2BtiylSYhI11JCqVzArpXYRxmJbsxDOyY3bpUa%2BghMK5jlETrk5BUCp1%2Fi6oSLTPBMlk%2FfBOOic0BURUxCuQ%2FttWTCUjzYMpSPlZ50Wl2jZDeai9oK7PXab4%2BnHiBB%2F2VpK5%2FlnB%2F2dRSH0Szg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="HIT" cfL4;desc="?proto=QUIC&rtt=12177&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4264&recv_bytes=4472&delivery_rate=837&cwnd=12000&unsent_bytes=0&cid=286a795d78f1fa4a&ts=115&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding,User-Agent,Accept-Encoding
x-docket-cache: on; 2471

GET
H3 200 impact-of-remittance-1024x702.jpg.avif
bankinghelper.com/wp-content/uploads/2024/08/ 122 KB
123 KB 101ms
101ms Image
image/avif 2606:4700:3036::6815:290
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bankinghelper.com/wp-content/uploads/2024/08/impact-of-remittance-1024x702.jpg.avif
Requested by: Host: bankinghelper.com
URL: https://bankinghelper.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:290 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fac699bef072f689c05f69190f3ae064e6ace048dbb63086643cfa2025865a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tDTh1DFhMzKJyQEzTILzGcTW2RZEK%2F6VtaJHxDJxVDFspv2MBQB%2F9FySbdwABFNRnkTE3s7t4YzzehI%2FldhKbv8%2FWbSmq2oKHc4MQDky2IR1p2B4mBLMjGlipm%2FkdgfDiOsT90gUiZ7%2FTg8s9d2R3w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 17 Feb 2025 18:31:59 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9417&sent=50&recv=36&lost=0&retrans=0&sent_bytes=43474&recv_bytes=7844&delivery_rate=638382&cwnd=28800&unsent_bytes=0&cid=286a795d78f1fa4a&ts=265&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 21 Oct 2024 03:15:22 GMT
content-type: image/avif
last-modified: Fri, 02 Aug 2024 18:15:22 GMT
vary: User-Agent,Accept-Encoding
priority: u=1,i
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d5e1530ad777290-EWR
accept-ranges: bytes
content-length: 125010
server: cloudflare

GET
H3 200 style.min.css
bankinghelper.com/wp-content/themes/astra/assets/css/minified/ 71 KB
14 KB 109ms
108ms Stylesheet
text/css 2606:4700:3036::6815:290
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankinghelper.com/wp-content/themes/astra/assets/css/minified/style.min.css?ver=4.8.3
Requested by: Host: bankinghelper.com
URL: https://bankinghelper.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:290 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6630d6c662439a39fb2271041ca2a7a01cc2b9a8a59c5b652bd15dd460702d88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

server: cloudflare
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2FIPKmTjXfmlure8j5wAgrhXpjJosORO6TcrXyXCV0KfY3GNfg%2B0xOafeYU08XhDMEm8WsZcOqi7upehLt55SxtlMhBfd7mRzNXvBPmAHHNg9x1exHGjzo2BlEsnYdfcl2G5M1vk5ZsZ42h3dQCc7A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d5e1530bd797290-EWR
expires: Mon, 20 Oct 2025 18:41:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9417&sent=74&recv=36&lost=0&retrans=0&sent_bytes=72274&recv_bytes=7844&delivery_rate=638382&cwnd=28800&unsent_bytes=0&cid=286a795d78f1fa4a&ts=272&x=1", cfExtPri, cfHdrFlush;dur=2
date: Mon, 21 Oct 2024 03:15:22 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 11 Oct 2024 11:30:09 GMT
vary: Accept-Encoding,User-Agent,Accept-Encoding
priority: u=0,i=?0

GET
H3 200 style.min.css
bankinghelper.com/wp-includes/css/dist/block-library/ 110 KB
17 KB 110ms
108ms Stylesheet
text/css 2606:4700:3036::6815:290
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankinghelper.com/wp-includes/css/dist/block-library/style.min.css?ver=45bad7dfb4290395bef1a9ffcb227d8d
Requested by: Host: bankinghelper.com
URL: https://bankinghelper.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:290 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

server: cloudflare
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=76VI37pL%2FKfxjIB2ZpGOoRCQKmwk5ujefwkLa%2BGOunxAzYstI5%2BjxURCDMm%2Fax7p8EqA5xhTH4gIhARliYU%2BgsFz5Jhplj5kUxq7GpXRF8HYGtRNRi%2B3XVdrl3o9pSwsBMJAlGcLNny8F0e4bW%2BGaA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d5e1530bd7c7290-EWR
expires: Mon, 20 Oct 2025 18:41:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9417&sent=74&recv=36&lost=0&retrans=0&sent_bytes=72274&recv_bytes=7844&delivery_rate=638382&cwnd=28800&unsent_bytes=0&cid=286a795d78f1fa4a&ts=269&x=1", cfExtPri, cfHdrFlush;dur=6
date: Mon, 21 Oct 2024 03:15:22 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 11 Sep 2024 02:23:02 GMT
vary: Accept-Encoding,User-Agent,Accept-Encoding
priority: u=0,i=?0

GET
H3 200 rounded-thumbs.min.css
bankinghelper.com/wp-content/plugins/contextual-related-posts/css/ 1 KB
1 KB 112ms
111ms Stylesheet
text/css 2606:4700:3036::6815:290
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankinghelper.com/wp-content/plugins/contextual-related-posts/css/rounded-thumbs.min.css?ver=3.5.4
Requested by: Host: bankinghelper.com
URL: https://bankinghelper.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:290 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f4a5683b6483776c7f839693c2d270ba41d0c3f72cffe007c920647fa47b74e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

server: cloudflare
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZYF578cQyQkqfxLq05W6n2GDgnOLSBHmw7MEO69pYQhd1utTalwLqYvnQJxX8Lh%2FlHo65Hb92Xnon81v34eJbwffrJGMKw3iCC3CFb9LTKW7iG6ZRE2UOKmzk5A0ZDt6NkvbQ%2FPHllGV4ln0o4ZEHA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d5e1530bd7e7290-EWR
expires: Mon, 20 Oct 2025 18:41:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9417&sent=74&recv=36&lost=0&retrans=0&sent_bytes=72274&recv_bytes=7844&delivery_rate=638382&cwnd=28800&unsent_bytes=0&cid=286a795d78f1fa4a&ts=269&x=1", cfExtPri, cfHdrFlush;dur=6
date: Mon, 21 Oct 2024 03:15:22 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 26 Aug 2024 19:29:30 GMT
vary: Accept-Encoding,User-Agent,Accept-Encoding
priority: u=0,i=?0

GET
H3 200 astra-addon-67090c2ec9c780-77389980.css
bankinghelper.com/wp-content/cache/min/1/wp-content/uploads/astra-addon/ 54 KB
8 KB 113ms
112ms Stylesheet
text/css 2606:4700:3036::6815:290
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankinghelper.com/wp-content/cache/min/1/wp-content/uploads/astra-addon/astra-addon-67090c2ec9c780-77389980.css?ver=1729448830
Requested by: Host: bankinghelper.com
URL: https://bankinghelper.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:290 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f58add0e105ea541d1b03596b7e03c06cdafc8b7f51a5c7c1236fbf2d574df06

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

server: cloudflare
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=axDyZTnUk9zbtIHF2JxV1xMpavyQWAVXxzQ9wkex3b%2Fb0QeZiivhpGbESv5Od1YmKjzbSubkEJSd8MJriDNvYIJIiasN0NVNvrJn0B5eeFKMGZIclgKhMSlygO%2Bp966yOtKSoFtCagq%2F1qTpe%2F1QWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d5e1530bd807290-EWR
expires: Mon, 20 Oct 2025 18:28:02 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9417&sent=74&recv=36&lost=0&retrans=0&sent_bytes=72274&recv_bytes=7844&delivery_rate=638382&cwnd=28800&unsent_bytes=0&cid=286a795d78f1fa4a&ts=271&x=1", cfExtPri, cfHdrFlush;dur=4
date: Mon, 21 Oct 2024 03:15:22 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 20 Oct 2024 18:27:10 GMT
vary: Accept-Encoding,User-Agent,Accept-Encoding
priority: u=0,i=?0

GET
H3 200 cropped-Banking-Helper-349x101.png.webp
bankinghelper.com/wp-content/uploads/2023/08/ 9 KB
9 KB 121ms
120ms Image
image/webp 2606:4700:3036::6815:290
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bankinghelper.com/wp-content/uploads/2023/08/cropped-Banking-Helper-349x101.png.webp
Requested by: Host: bankinghelper.com
URL: https://bankinghelper.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:290 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6228f3aa54a94bd64cc9c6d7ccaa088983eacda0389c414cbb0a61d58328c7c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pU9uApvy9Q536L0Jvqp%2BqR4kBfL4JSePNfNHh9gT0pCUwtfw6bq5uBu258WdPmfRYpz8Oj0fRtQTQCZ6pgITzF7ip%2FUe9%2B5K1JnghGZGDMatW5BgLjDMnQm4RDH6e35rNc%2BrXFTyFhG3VkpCRUEy9g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 17 Feb 2025 18:41:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9417&sent=74&recv=36&lost=0&retrans=0&sent_bytes=72274&recv_bytes=7844&delivery_rate=638382&cwnd=28800&unsent_bytes=0&cid=286a795d78f1fa4a&ts=270&x=1", cfExtPri, cfHdrFlush;dur=5
date: Mon, 21 Oct 2024 03:15:22 GMT
content-type: image/webp
last-modified: Thu, 23 Nov 2023 17:36:53 GMT
vary: User-Agent,Accept-Encoding
priority: u=2,i
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d5e1530bd837290-EWR
accept-ranges: bytes
content-length: 8804
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
52 KB 118ms
40ms Script
text/javascript 2607:f8b0:400d:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6381797927032292

Requested by

Host: bankinghelper.com
URL: https://bankinghelper.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8b0749072a5a705894b0c55457a3e020bed5bed8afa7c482328063f0d27f8b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://bankinghelper.com
Referer: https://bankinghelper.com/

Response headers

content-encoding: br
etag: 5681180568399212765
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 03:15:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 21 Oct 2024 03:15:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53709
x-xss-protection: 0
server: cafe

GET
H3 200 Follow-us-on-google-news.png.avif
bankinghelper.com/wp-content/uploads/2023/08/ 5 KB
5 KB 122ms
120ms Image
image/avif 2606:4700:3036::6815:290
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bankinghelper.com/wp-content/uploads/2023/08/Follow-us-on-google-news.png.avif
Requested by: Host: bankinghelper.com
URL: https://bankinghelper.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:290 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 811335de44a9383325f894f6e284b2b932ba9963e9931bf56ede43e8bc8a1c62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hG46sODnEPii24Fl3d6rB21G0Ccmn6j%2FDzApCzaPlORhWLvOH6XcGWLmjdInKUuudg33EMLDzhzq%2FV0xmtAxRLiMgDPELqH5ewDZQJnsP6UssWwrQOAJRFykWQw7LBlEkVgaOfDpakakohURpM%2FqEw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 17 Feb 2025 18:41:20 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9417&sent=74&recv=36&lost=0&retrans=0&sent_bytes=72274&recv_bytes=7844&delivery_rate=638382&cwnd=28800&unsent_bytes=0&cid=286a795d78f1fa4a&ts=268&x=1", cfExtPri, cfHdrFlush;dur=7
date: Mon, 21 Oct 2024 03:15:22 GMT
content-type: image/avif
last-modified: Sun, 23 Jun 2024 05:20:43 GMT
vary: User-Agent,Accept-Encoding
priority: u=2,i
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d5e1530bd847290-EWR
accept-ranges: bytes
content-length: 4757
server: cloudflare

GET
H3 200 lazyload.min.js Show response
bankinghelper.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
4 KB 97ms
97ms Script
application/javascript 2606:4700:3036::6815:290
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankinghelper.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by: Host: bankinghelper.com
URL: https://bankinghelper.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:290 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

server: cloudflare
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F4YCNb0NG8x9ZmFVg%2BbwFD7bqjgKjor8tSt9%2FA6bR3DlsNnvURdIw0f7REUeWDu85QvIvwJzusGB9gnAlh%2FUhGJ68xdtLbabu1BNY%2BoXvJelyxggYEyXPm4WAGE984rGFxtnjn4Akp5QnAK2oemDeA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d5e15318e0e7290-EWR
expires: Mon, 20 Oct 2025 18:27:20 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10011&sent=212&recv=76&lost=0&retrans=0&sent_bytes=228410&recv_bytes=9877&delivery_rate=5911003&cwnd=112800&unsent_bytes=0&cid=286a795d78f1fa4a&ts=396&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 21 Oct 2024 03:15:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 19 Oct 2024 19:48:19 GMT
vary: Accept-Encoding,User-Agent,Accept-Encoding
priority: u=3,i=?0

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 62ms
33ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: bankinghelper.com
URL: https://bankinghelper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://bankinghelper.com
Referer: https://bankinghelper.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8d5e1531beae430e-EWR
access-control-allow-origin: *
date: Mon, 21 Oct 2024 03:15:22 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 402cc178776146f9b910b2e02a6fbe4c4fc2a9324722749f61ebc6e28ad181d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2769d81a1ba68cee2a9b7cc297b65dee2860c5e7d301862f916d0f3987d96d08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7de98979e5b7f4b44cafb29992ee019af9d9d64e1be6760475f22863790ab418

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8741bbc9e2af86c83115ea43339134d1b4e9b160e60e02028758ad1b76bab17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f87991aec554155a4d1351fd12fb81186bae76f951781e88da0b0b501bb1241

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd6bd11a2f4a87f17b0abf72d0f0274183869001ccdb4979650239b0c3f1d8d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b818717e473d40f8d2814b5b305796ddb6073293c507bf9b526a033f2d5dcd17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 404917f3229d20cc96821ef0a55bfa367ff7765147f9f94d50b030cb608cba3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/ 432 KB
144 KB 115ms
71ms Script
text/javascript 2607:f8b0:400d:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6381797927032292

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa76d17af6efc3b003882928a65d9d7b23687a6455f9198ebca62cc4990937c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

content-encoding: br
etag: 3874370759397990933
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 03:15:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 21 Oct 2024 03:15:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147109
x-xss-protection: 0
server: cafe

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/ Frame 7003 0
0 67ms
22ms Document
text/html 2607:f8b0:400d:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bankinghelper.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 46942
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Oct 2024 14:13:00 GMT
etag: 13108003645644964576
expires: Sun, 03 Nov 2024 14:13:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3E6D 0
0 387ms
375ms Document
text/html 2607:f8b0:400d:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6381797927032292&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729448835&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fbankinghelper.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729480522661&bpp=9&bdt=357&idt=193&shv=r20241014&mjsv=m202410150101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7774241780834&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31087659%2C31088131%2C95344189&oid=2&pvsid=1178427996417281&tmod=61295563&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=244

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bankinghelper.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 6625
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Oct 2024 03:15:23 GMT
expires: Mon, 21 Oct 2024 03:15:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame E144 0
0 471ms
470ms Document
text/html 2607:f8b0:400d:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6381797927032292&output=html&h=280&slotname=7776375091&adk=2904885418&adf=995376434&pi=t.ma~as.7776375091&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1729448835&rafmt=1&format=1200x280&url=https%3A%2F%2Fbankinghelper.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729480522670&bpp=4&bdt=367&idt=270&shv=r20241014&mjsv=m202410150101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7774241780834&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31087659%2C31088131%2C95344189&oid=2&pvsid=1178427996417281&tmod=61295563&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=281

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bankinghelper.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Oct 2024 03:15:23 GMT
expires: Mon, 21 Oct 2024 03:15:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-6381797927032292 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 164ms
73ms Script
application/javascript 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6381797927032292?href=https%3A%2F%2Fbankinghelper.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddd7c2db932b5b0ee638e998fa23ebc2d06845d5b085422daf586ec054f6cc8d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4JUGG4USz7R6WVfghfG6xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:23 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XCc7ru-g01gxoPrnUxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGhqZ6BubxBQYAQPRKgQ"
content-security-policy: script-src 'report-sample' 'nonce-4JUGG4USz7R6WVfghfG6xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 1 KB
527 B 121ms
63ms Stylesheet
text/css 2607:f8b0:400d:c0c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

994ce109d02320c6b806eb90475b4b24adf22c58af553cc91e85129816f72cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 03:15:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:23 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 21 Oct 2024 03:15:23 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 4 KB
743 B 117ms
61ms Stylesheet
text/css 2607:f8b0:400d:c0c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b1bb264d3f4e9e18f183190a3c443c6409502514f56e670dc60ea04c40747de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 03:15:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:23 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 21 Oct 2024 01:18:20 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 656 B
487 B 118ms
62ms Stylesheet
text/css 2607:f8b0:400d:c0c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Google+Symbols:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2754c6a1814ae741991e6c4d47ae6572888c363eeb56a4ff910ba925e21d08d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 03:15:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:23 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 21 Oct 2024 03:15:23 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 87ms
31ms Stylesheet
text/css 2607:f8b0:400d:c0c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans+Text_old:400,500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b1bb264d3f4e9e18f183190a3c443c6409502514f56e670dc60ea04c40747de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 03:15:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:23 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 21 Oct 2024 03:11:25 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 31ms
31ms Image
image/gif 2607:f8b0:400d:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=31087659%2C31088131%2C95344189&hl=bn&pvc=1178427996417281

Requested by

Host: bankinghelper.com
URL: https://bankinghelper.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 21 Oct 2024 03:15:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 30ms
29ms Fetch
text/html 2607:f8b0:400d:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c04::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://bankinghelper.com/

Response headers

GET
H3 200 5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
fonts.gstatic.com/s/googlesanstext/v22/ 16 KB
16 KB 55ms
23ms Font
font/woff2 2607:f8b0:400d:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97399a2914c593da2895d9729aa0170a1956e91ee54cf7550696691949558a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://bankinghelper.com
Referer: https://fonts.googleapis.com/

Response headers

age: 440902
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 00:47:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 00:47:01 GMT
last-modified: Wed, 31 Jul 2024 20:31:46 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15996
x-xss-protection: 0
server: sffe

POST
H3 204 AGSKWxUlLKwYBFA356AV3HxKyTe1B_caU4e2_3VA8L2KIpM6pfF3AueqbygjEIq0QjTaGNfRJBRPLytCPpG27KzCILn5aWnxhBr6yJoG95M49XoPsaFkJzN5U4EVuLjIE54JmUn4U_HuHg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 111ms
66ms XHR
text/html 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUlLKwYBFA356AV3HxKyTe1B_caU4e2_3VA8L2KIpM6pfF3AueqbygjEIq0QjTaGNfRJBRPLytCPpG27KzCILn5aWnxhBr6yJoG95M49XoPsaFkJzN5U4EVuLjIE54JmUn4U_HuHg==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gZqNisUVzTEBolbtkE09uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bankinghelper.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:23 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1ZBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiH43Tf9R1sAjP2PLzLpOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MzfUMzOMLDAD0Ny_C"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gZqNisUVzTEBolbtkE09uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bankinghelper.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxWEtEqMj1Wn120bOnuJk19TBeV2FuABT8JPrXbSbtN7PQsgX_e7jrF_d00e522_wAOZHx5VxzFcBW5LSeDhEeLeMENMXxLELpd7X-4toAYdQjweK3N0r4e0oB0NTpKVQ1xwukBDxw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 47ms
46ms Script
application/javascript 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWEtEqMj1Wn120bOnuJk19TBeV2FuABT8JPrXbSbtN7PQsgX_e7jrF_d00e522_wAOZHx5VxzFcBW5LSeDhEeLeMENMXxLELpd7X-4toAYdQjweK3N0r4e0oB0NTpKVQ1xwukBDxw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5NDgwNTIzLDY3MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9iYW5raW5naGVscGVyLmNvbS8iLG51bGwsW1s4LCJUeTBoZU1melgzcyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e67eb04e79e901ad3ce8b45c81c42162745ebfe6a1cbc674a60a1c164e91e00

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VRuNFqPtdfa20E3lF5r5FQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:23 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJiCNaQYjhx6zbTBSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1gYgvt10hfUxEAvxcJzuu76DTWDG5Q3nmZQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MTfUMzOMLDADBxE-s"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VRuNFqPtdfa20E3lF5r5FQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 34ms
34ms XHR
application/json 2607:f8b0:400d:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241014&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d06dcb3d4ed3863b57e24bb22f4f4369d398f9e8fe9e81d6be4df9cb8c6eb03e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12938
date: Mon, 21 Oct 2024 03:15:23 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H3 204 rum Show response
bankinghelper.com/cdn-cgi/ 0
142 B 19ms
18ms XHR
text/plain 2606:4700:3036::6815:290
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankinghelper.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:290 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://bankinghelper.com/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8d5e15395d577290-EWR
access-control-allow-origin: https://bankinghelper.com
date: Mon, 21 Oct 2024 03:15:23 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 cropped-Banking-Helper-favicon-1-32x32.png
bankinghelper.com/wp-content/uploads/2023/08/ 881 B
2 KB 104ms
103ms Other
image/png 2606:4700:3036::6815:290
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankinghelper.com/wp-content/uploads/2023/08/cropped-Banking-Helper-favicon-1-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:290 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faf03b384bc21e45dd3dcc4a78b8689511676c8f410c5c347b8ece99431ba336

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K3r0klX2k67NeFIEJ4ku1JAfpkYwYeE8dyWEwwYIj38Z1PKnYU2H5ypCUW7ZTdVZX9v%2FI9%2B3KMvMZ3pVKLQ2PA3gkZIDzm6PSSOQ77KGSSjnw%2BHAsbQEvoqm9OlfCGT69z0i5vVfgDudjMyE2C6Qsg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 17 Feb 2025 18:52:23 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9600&sent=218&recv=82&lost=0&retrans=0&sent_bytes=232682&recv_bytes=12975&delivery_rate=7934&cwnd=112800&unsent_bytes=0&cid=286a795d78f1fa4a&ts=1651&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 21 Oct 2024 03:15:23 GMT
content-type: image/png
last-modified: Thu, 23 Nov 2023 17:37:44 GMT
vary: User-Agent,Accept-Encoding
priority: u=1,i
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d5e15395d597290-EWR
accept-ranges: bytes
content-length: 881
server: cloudflare

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 87ms
27ms Script
text/javascript 2607:f8b0:400d:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 03:15:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:23 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame F5E2 0
0 63ms
22ms Document
text/html 2607:f8b0:400d:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bankinghelper.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Oct 2024 03:04:57 GMT
expires: Mon, 21 Oct 2024 03:54:57 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 2518 0
0 73ms
35ms Document
text/html 2607:f8b0:400d:c0b::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::69 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Hd0C6oCf_HRU-bjtBk4aEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bankinghelper.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Hd0C6oCf_HRU-bjtBk4aEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Oct 2024 03:15:23 GMT
expires: Mon, 21 Oct 2024 03:15:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad600x250.-ad-300x450. Show response
fundingchoicesmessages.google.com/f/AGSKWxXliWzrb0VyBxmzZAxhhjykDiATc7JujdL20192xsqs9aBzzqK8SiJ8DgksTgQYuQIPmuZfGWFX0onC-kMqsxNOmw1QOb3vq6mQYs6DINqovWlPboCL5lJ_NBOCy0NUGjL1mRt46LAXQUHZN1vitFMWG4qAh... 54 B
109 B 71ms
70ms Script
application/javascript 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXliWzrb0VyBxmzZAxhhjykDiATc7JujdL20192xsqs9aBzzqK8SiJ8DgksTgQYuQIPmuZfGWFX0onC-kMqsxNOmw1QOb3vq6mQYs6DINqovWlPboCL5lJ_NBOCy0NUGjL1mRt46LAXQUHZN1vitFMWG4qAh6J0gn0pPUA65N5tKL5-2V0JBPzLgXtr/__StickyAdFunc.&adsize=/indexwaterad./ad600x250.-ad-300x450.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxUPD0xmZnYVZPX03o5ddtfCFBSgg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8360eff13db4b6d54c11f89e146d3a3d168ab3723f4c3e3aef4b033228055b83

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KJefOhzAhf0TZTJ-W1RCZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:24 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XCc6bu-g01gQc__bYxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGhqZ6BubxBQYAQiJKig"
content-security-policy: script-src 'report-sample' 'nonce-KJefOhzAhf0TZTJ-W1RCZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
52 KB 41ms
40ms Script
text/javascript 2607:f8b0:400d:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4959a34e36a40a4cf7597a1f8bcb09df60493c22148d771119807fe60ae19f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

content-encoding: br
etag: 16022747084714815914
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 03:15:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 21 Oct 2024 03:15:24 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53000
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxUlLKwYBFA356AV3HxKyTe1B_caU4e2_3VA8L2KIpM6pfF3AueqbygjEIq0QjTaGNfRJBRPLytCPpG27KzCILn5aWnxhBr6yJoG95M49XoPsaFkJzN5U4EVuLjIE54JmUn4U_HuHg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 33ms
32ms XHR
text/html 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUlLKwYBFA356AV3HxKyTe1B_caU4e2_3VA8L2KIpM6pfF3AueqbygjEIq0QjTaGNfRJBRPLytCPpG27KzCILn5aWnxhBr6yJoG95M49XoPsaFkJzN5U4EVuLjIE54JmUn4U_HuHg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PY9X3FinW53FP9gnywm4sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bankinghelper.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw05BicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiH40zf9R1sAg173i1lVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhgaG5noG5vEFBgDd5i94"
content-security-policy: script-src 'report-sample' 'nonce-PY9X3FinW53FP9gnywm4sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bankinghelper.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxUlLKwYBFA356AV3HxKyTe1B_caU4e2_3VA8L2KIpM6pfF3AueqbygjEIq0QjTaGNfRJBRPLytCPpG27KzCILn5aWnxhBr6yJoG95M49XoPsaFkJzN5U4EVuLjIE54JmUn4U_HuHg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 35ms
35ms XHR
text/html 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUlLKwYBFA356AV3HxKyTe1B_caU4e2_3VA8L2KIpM6pfF3AueqbygjEIq0QjTaGNfRJBRPLytCPpG27KzCILn5aWnxhBr6yJoG95M49XoPsaFkJzN5U4EVuLjIE54JmUn4U_HuHg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2SO9tn-IpJSLp9IwoB_amg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bankinghelper.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1pBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiH40zf9R1sAgtmXDzCqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MzfUMzOMLDADjaS-D"
content-security-policy: script-src 'report-sample' 'nonce-2SO9tn-IpJSLp9IwoB_amg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bankinghelper.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxUlLKwYBFA356AV3HxKyTe1B_caU4e2_3VA8L2KIpM6pfF3AueqbygjEIq0QjTaGNfRJBRPLytCPpG27KzCILn5aWnxhBr6yJoG95M49XoPsaFkJzN5U4EVuLjIE54JmUn4U_HuHg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 54ms
53ms XHR
text/html 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUlLKwYBFA356AV3HxKyTe1B_caU4e2_3VA8L2KIpM6pfF3AueqbygjEIq0QjTaGNfRJBRPLytCPpG27KzCILn5aWnxhBr6yJoG95M49XoPsaFkJzN5U4EVuLjIE54JmUn4U_HuHg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vUPPexO8G55Naj3ls8siGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bankinghelper.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiH40zf9R1sAifaj1xiVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhgaG5noG5vEFBgDhii-I"
content-security-policy: script-src 'report-sample' 'nonce-vUPPexO8G55Naj3ls8siGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bankinghelper.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxUlLKwYBFA356AV3HxKyTe1B_caU4e2_3VA8L2KIpM6pfF3AueqbygjEIq0QjTaGNfRJBRPLytCPpG27KzCILn5aWnxhBr6yJoG95M49XoPsaFkJzN5U4EVuLjIE54JmUn4U_HuHg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 65ms
64ms XHR
text/html 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUlLKwYBFA356AV3HxKyTe1B_caU4e2_3VA8L2KIpM6pfF3AueqbygjEIq0QjTaGNfRJBRPLytCPpG27KzCILn5aWnxhBr6yJoG95M49XoPsaFkJzN5U4EVuLjIE54JmUn4U_HuHg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-29iXvuymLV7pr0T66g-hqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bankinghelper.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw15BicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiH40zf9R1sAh3_zlxnVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhgaG5noG5vEFBgD76C_b"
content-security-policy: script-src 'report-sample' 'nonce-29iXvuymLV7pr0T66g-hqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bankinghelper.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxUU1x4KDooxywinfBTj471HL7sDCWkXn9eIdP6eD4wGByZ8U9AjAxVxwnD1b5eUWXVM3PL-2Ds0IZG8TeE8R49kSmU-ccagI57XTJy2M89BqDPNDteFI5HGjXd528P--a6pLcyv0Q== Show response
fundingchoicesmessages.google.com/f/ 5 KB
2 KB 46ms
45ms Script
application/javascript 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUU1x4KDooxywinfBTj471HL7sDCWkXn9eIdP6eD4wGByZ8U9AjAxVxwnD1b5eUWXVM3PL-2Ds0IZG8TeE8R49kSmU-ccagI57XTJy2M89BqDPNDteFI5HGjXd528P--a6pLcyv0Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5NDgwNTI0LDQwMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYmFua2luZ2hlbHBlci5jb20vIixudWxsLFtbOCwiVHkwaGVNZnpYM3MiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7adbb7b09f3e1c58f5c9e613dc6f89443dfe5d4a3da6005c1b9d435a7199c37

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-xyPqUkY5hEIeBi_eTZ6GHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:24 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw15BiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XCc6bu-g02gYfuJc4xKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGhqZ6BubxBQYAPRlKdA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-xyPqUkY5hEIeBi_eTZ6GHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxUlLKwYBFA356AV3HxKyTe1B_caU4e2_3VA8L2KIpM6pfF3AueqbygjEIq0QjTaGNfRJBRPLytCPpG27KzCILn5aWnxhBr6yJoG95M49XoPsaFkJzN5U4EVuLjIE54JmUn4U_HuHg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 34ms
32ms XHR
text/html 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUlLKwYBFA356AV3HxKyTe1B_caU4e2_3VA8L2KIpM6pfF3AueqbygjEIq0QjTaGNfRJBRPLytCPpG27KzCILn5aWnxhBr6yJoG95M49XoPsaFkJzN5U4EVuLjIE54JmUn4U_HuHg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H6y2Yb4w87ASToWewPVUAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bankinghelper.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1ZBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiH40zf9R1sAh9uPXvIqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MzfUMzOMLDAAZUTBB"
content-security-policy: script-src 'report-sample' 'nonce-H6y2Yb4w87ASToWewPVUAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bankinghelper.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxUIgHp-bnDxWUR9XwD8weg3C_kCFGuKbgBrXRvNYvrDtoTJ04E1mVuHr__qEYd51jytz0P6rFO5MVA5KBZASX-rI-toNJmhqjIA5WMDTfzqoM_O6pxfYMRZ-RUNoifLoHwfTYajjg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 46ms
44ms Script
application/javascript 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUIgHp-bnDxWUR9XwD8weg3C_kCFGuKbgBrXRvNYvrDtoTJ04E1mVuHr__qEYd51jytz0P6rFO5MVA5KBZASX-rI-toNJmhqjIA5WMDTfzqoM_O6pxfYMRZ-RUNoifLoHwfTYajjg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5NDgwNTI0LDQ1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYmFua2luZ2hlbHBlci5jb20vIixudWxsLFtbOCwiVHkwaGVNZnpYM3MiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97218eef143533ce39c491dd5290da0ec331ccb6e231b54a258b096b7bc97610

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-P6WN1bYhOissPS_74bh9BA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:24 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII1JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XCc6bu-g03gwLKDzxmVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDE31DMzjCwwAT5RKvw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-P6WN1bYhOissPS_74bh9BA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxUterNdJobaOF38Di5K9eE3ZTbrDNZcLJX0xPHf5Ockju_Bg7C6g4Uwlo_qiaEFAGwr75lA7ElcjLOaHfVtn_JGXHkQL0ZbS-gUD4x2jIeQymujfK6geVnMLtPT0J-h4i_tx9Fq8w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 43ms
42ms Script
application/javascript 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUterNdJobaOF38Di5K9eE3ZTbrDNZcLJX0xPHf5Ockju_Bg7C6g4Uwlo_qiaEFAGwr75lA7ElcjLOaHfVtn_JGXHkQL0ZbS-gUD4x2jIeQymujfK6geVnMLtPT0J-h4i_tx9Fq8w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5NDgwNTI0LDUwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9iYW5raW5naGVscGVyLmNvbS8iLG51bGwsW1s4LCJUeTBoZU1melgzcyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71862a96f5d47dba3ab599a85f01298f2968407e908a3d8c659b2a0ca79324eb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HqkP_zjtt4dIWg6WblydVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bankinghelper.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:24 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJiCNSQYjhx6zbTBSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1gYgvt10hfUxEAvxcJzpu76DTWDGqxP_GZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MTfUMzOMLDADRAFAJ"
content-security-policy: script-src 'report-sample' 'nonce-HqkP_zjtt4dIWg6WblydVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxVXQr6AtiZ1oVqta90m-JhExnqlDyqDckIQ8QJ6ID8MJJLfU6BdJPt0Eqg9DxVW4Yuc9GEd-E-2xDnnJTjMJSjYrxNBWLqqse4_8yJMxQexjwP-ebRCRiKssqD5PuSY1A2KCO4grQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 34ms
33ms XHR
text/html 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVXQr6AtiZ1oVqta90m-JhExnqlDyqDckIQ8QJ6ID8MJJLfU6BdJPt0Eqg9DxVW4Yuc9GEd-E-2xDnnJTjMJSjYrxNBWLqqse4_8yJMxQexjwP-ebRCRiKssqD5PuSY1A2KCO4grQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CfL5xPjQxHcZSzsSXjN11A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bankinghelper.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0JBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiH40zf9R1sAhPeL5_MpOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MzfUMzOMLDADZPC9l"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CfL5xPjQxHcZSzsSXjN11A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bankinghelper.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxUlLKwYBFA356AV3HxKyTe1B_caU4e2_3VA8L2KIpM6pfF3AueqbygjEIq0QjTaGNfRJBRPLytCPpG27KzCILn5aWnxhBr6yJoG95M49XoPsaFkJzN5U4EVuLjIE54JmUn4U_HuHg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 65ms
64ms XHR
text/html 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUlLKwYBFA356AV3HxKyTe1B_caU4e2_3VA8L2KIpM6pfF3AueqbygjEIq0QjTaGNfRJBRPLytCPpG27KzCILn5aWnxhBr6yJoG95M49XoPsaFkJzN5U4EVuLjIE54JmUn4U_HuHg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eR_v_Opxf8akhoVr70dAnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bankinghelper.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 03:15:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0pBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiH40zf9R1sAjO2zVrEpOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MzfUMzOMLDADQTS9A"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eR_v_Opxf8akhoVr70dAnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bankinghelper.com
content-length: 0
x-xss-protection: 0
server: ESF

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241014&jk=1178427996417281&bg=!jo2ljcLNAAaUWUsktFk7ADQBe5WfOKGGwrSzovy3T2xmlsZS7bM6-WViJg-OF2XeQ3pyV8TQ-tPNgpgotxl8QeuctVZtAgAAAFBSAAAABmgBB34ANohY291eSgtcH2gtUeClxx1Wtt59Ctsqj-3oBFfeUIqAnrwbFPzPiEgIWemqP57K7JEneDTwjZkClLAsHfRes_C8CCGfTaBd8Pp-NAbJhLBi7OhuA1D-BBH2KeuCiazhlbdK6jQOjkf8y-YbR0tov3l0eky_21Y9ZNeeuZJq7QE5vrlmdaJDW0pLHw3ecX8zBG6vgOSzdfy4Fl3b7t__31BiixFqSztK5uUcyKci3I9cHwqf_7orguHYxX80UlYc64uukPpEPbiLTreOP4txqMg8JCu_Y9sPYRR34ugRcpEC-KfU7-D9LRf8Og58yyWubB9D05GQAvb1WcvDRXX_eEhvKmg5n76F81xwFUWsOQ-mPZeIa5vIH1HE2hZ1ZFyUXRe9UPsFgB5TKmdxNQPRVB2T6rTrnHZsB6HU5yh0WPjU4dnR4kUX-K6nOVyKNc9EFfyT7WNwNhMTSPgeCkrQiaWW1ZPX6lKQCOFUwcYRj2vuuXRzXStwL8h48DP-u2iKTo4iTFzfKsJKYl-o0_MZxDv5Aaghyf1ASENYe-BH-XzzF_h5n2uz9WOzJgdnnL2eO-hEVpEFtc1orBMMdavqk7Gsbc7AdPedXBcTEJHyomz23OTf2dovKS6dcuxnGpewXvf465Ives8acl6PPFK06B_f-pKg_Wv8VTbs2_RUBiUR2i6WEEhqX61qI9ITGlGVBG4pwAXteiW4-JMFvSvx8IUX0lH4YerhmoD5bSTLiTEYuYtk_IRtJQkCSNyUOZVEhvJ01KbsDA88rI2GWXkgos_jHewN6B5SlMB-96wypWFRzS_Pn7w6Bx5lOEdArDr_cTDB_KN6KOPldFu7GW8Pggvlt0PW9OjcjusNbk7gWBFQ8V9EXq630phg0IfF2TUOLswRaaeBugC2M1nHN7uBBIgzJi46cmZy_2_OYL0EZF04bbwWZJIA-heVo8ngiw

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 00:24:41	Name: test_cookie Value: CheckForPermission
.bankinghelper.com/	1970-01-21 09:46:16	Name: __gads Value: ID=e476d37464538129:T=1729480522:RT=1729480522:S=ALNI_Maf0EDV-ZSgeSSgg1dVBBZX3c0cbA
.bankinghelper.com/	1970-01-21 09:46:16	Name: __gpi Value: UID=00000db2dc77950a:T=1729480522:RT=1729480522:S=ALNI_MbDaEQnLjq_ofBuZZ8N8ItUS9oSVQ
.bankinghelper.com/	1970-01-21 04:43:52	Name: __eoi Value: ID=da381828c1810ad4:T=1729480522:RT=1729480522:S=AA-AfjZ9QeTCLRQIcxsdo_MmtKmC
.bankinghelper.com/	1970-01-21 09:10:16	Name: FCNEC Value: %5B%5B%22AKsRol_n_kq5XhzM79CqtJikwxwIvzWM1ZxASA3SXa731hcBZ6MWAuSxRezkHdpqNGac7EET6lJR--0ZRehmHYB9CuU3_Br9iNlZTrnXS9GVUGVcAYibJBhdd4SsWrZk9e0KimglIqg-pg-0Rv5v2_u51dsBP3M_zw%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bankinghelper.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
static.cloudflareinsights.com
tpc.googlesyndication.com
www.google.com
pagead2.googlesyndication.com
2606:4700:3036::6815:290
2606:4700::6810:5049
2607:f8b0:400d:c04::9c
2607:f8b0:400d:c07::9d
2607:f8b0:400d:c0b::5e
2607:f8b0:400d:c0b::69
2607:f8b0:400d:c0b::84
2607:f8b0:400d:c0c::5f
2607:f8b0:400d:c0f::8b
2754c6a1814ae741991e6c4d47ae6572888c363eeb56a4ff910ba925e21d08d7
2769d81a1ba68cee2a9b7cc297b65dee2860c5e7d301862f916d0f3987d96d08
3fac699bef072f689c05f69190f3ae064e6ace048dbb63086643cfa2025865a9
402cc178776146f9b910b2e02a6fbe4c4fc2a9324722749f61ebc6e28ad181d7
404917f3229d20cc96821ef0a55bfa367ff7765147f9f94d50b030cb608cba3e
4f4a5683b6483776c7f839693c2d270ba41d0c3f72cffe007c920647fa47b74e
6228f3aa54a94bd64cc9c6d7ccaa088983eacda0389c414cbb0a61d58328c7c5
6630d6c662439a39fb2271041ca2a7a01cc2b9a8a59c5b652bd15dd460702d88
6e67eb04e79e901ad3ce8b45c81c42162745ebfe6a1cbc674a60a1c164e91e00
71862a96f5d47dba3ab599a85f01298f2968407e908a3d8c659b2a0ca79324eb
7de98979e5b7f4b44cafb29992ee019af9d9d64e1be6760475f22863790ab418
811335de44a9383325f894f6e284b2b932ba9963e9931bf56ede43e8bc8a1c62
8360eff13db4b6d54c11f89e146d3a3d168ab3723f4c3e3aef4b033228055b83
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8b1bb264d3f4e9e18f183190a3c443c6409502514f56e670dc60ea04c40747de
97218eef143533ce39c491dd5290da0ec331ccb6e231b54a258b096b7bc97610
97399a2914c593da2895d9729aa0170a1956e91ee54cf7550696691949558a37
994ce109d02320c6b806eb90475b4b24adf22c58af553cc91e85129816f72cf0
9f87991aec554155a4d1351fd12fb81186bae76f951781e88da0b0b501bb1241
a95446d4d55d3d583576e9591e95cb769bca5ca30ac73621832d94c3fb407c83
b4959a34e36a40a4cf7597a1f8bcb09df60493c22148d771119807fe60ae19f5
b818717e473d40f8d2814b5b305796ddb6073293c507bf9b526a033f2d5dcd17
b8b0749072a5a705894b0c55457a3e020bed5bed8afa7c482328063f0d27f8b8
c8741bbc9e2af86c83115ea43339134d1b4e9b160e60e02028758ad1b76bab17
d06dcb3d4ed3863b57e24bb22f4f4369d398f9e8fe9e81d6be4df9cb8c6eb03e
d7adbb7b09f3e1c58f5c9e613dc6f89443dfe5d4a3da6005c1b9d435a7199c37
dd6bd11a2f4a87f17b0abf72d0f0274183869001ccdb4979650239b0c3f1d8d5
ddd7c2db932b5b0ee638e998fa23ebc2d06845d5b085422daf586ec054f6cc8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f58add0e105ea541d1b03596b7e03c06cdafc8b7f51a5c7c1236fbf2d574df06
fa76d17af6efc3b003882928a65d9d7b23687a6455f9198ebca62cc4990937c0
faf03b384bc21e45dd3dcc4a78b8689511676c8f410c5c347b8ece99431ba336
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

bankinghelper.com Open in urlscan Pro 2606:4700:3036::6815:290 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

100 %IPv6

7 Domains

9 Subdomains

10 IPs

1 Countries

588 kBTransfer

1638 kBSize

5 Cookies

1 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bankinghelper.com Open in urlscan Pro
2606:4700:3036::6815:290 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

100 %
IPv6

7
Domains

9
Subdomains

10
IPs

1
Countries

588 kB
Transfer

1638 kB
Size

5
Cookies

44 HTTP transactions
8 data transactions