mortgage.bankatcity.com Open in urlscan Pro
134.122.17.44 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mortgage.bankatcity.com/
Submission: On September 15 via automatic, source certstream-suspicious (September 15th 2021, 8:26:42 pm UTC) — Scanned from DE

Summary HTTP 43 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 43 HTTP transactions. The main IP is 134.122.17.44, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is mortgage.bankatcity.com.
TLS certificate: Issued by R3 on September 15th 2021. Valid for: 3 months.

This is the only time mortgage.bankatcity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	134.122.17.44 134.122.17.44	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	216.58.213.10 216.58.213.10	15169 (GOOGLE) (GOOGLE)
5	142.250.179.228 142.250.179.228	15169 (GOOGLE) (GOOGLE)
1	172.217.16.232 172.217.16.232	15169 (GOOGLE) (GOOGLE)
15	142.250.179.227 142.250.179.227	15169 (GOOGLE) (GOOGLE)
2	142.250.178.14 142.250.178.14	15169 (GOOGLE) (GOOGLE)
1 3	172.217.16.230 172.217.16.230	15169 (GOOGLE) (GOOGLE)
1 1	216.58.212.226 216.58.212.226	15169 (GOOGLE) (GOOGLE)
1 1	204.2.255.218 204.2.255.218	2914 (NTT-COMMU...) (NTT-COMMUNICATIONS-2914)
1 1	142.250.178.2 142.250.178.2	15169 (GOOGLE) (GOOGLE)
2 2	4.78.226.225 4.78.226.225	3356 (LEVEL3) (LEVEL3)
2 2	44.238.250.73 44.238.250.73	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
43	8

16 134.122.17.44 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

mortgage.bankatcity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.213.10 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ber01s14-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.179.228 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s31-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.232 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s28-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.179.227 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s31-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.178.14 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr48s28-in-f6.1e100.net

9308828.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.226 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr25s28-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.2.255.218 (United States) 1 redirects

ASN2914 (NTT-COMMUNICATIONS-2914, US)

mpp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.178.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 4.78.226.225 (Dallas, United States) 2 redirects

ASN3356 (LEVEL3, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.238.250.73 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-250-73.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	bankatcity.com mortgage.bankatcity.com	1 MB
15	gstatic.com fonts.gstatic.com www.gstatic.com	562 KB
6	google.com 1 redirects www.google.com adservice.google.com	43 KB
4	doubleclick.net 2 redirects 9308828.fls.doubleclick.net cm.g.doubleclick.net	2 KB
3	mxptint.net 3 redirects mpp.mxptint.net aep.mxptint.net	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com	1 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
1	googleapis.com fonts.googleapis.com	1 KB
43	10

	Domain	Requested by
16	mortgage.bankatcity.com	mortgage.bankatcity.com
9	www.gstatic.com	www.google.com www.gstatic.com
6	fonts.gstatic.com	fonts.googleapis.com www.google.com mortgage.bankatcity.com
5	www.google.com	mortgage.bankatcity.com www.gstatic.com www.google.com
3	9308828.fls.doubleclick.net	1 redirects www.googletagmanager.com 9308828.fls.doubleclick.net
2	ups.analytics.yahoo.com	1 redirects 9308828.fls.doubleclick.net
2	dpm.demdex.net	2 redirects
2	aep.mxptint.net	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	cm.g.doubleclick.net	1 redirects
1	mpp.mxptint.net	1 redirects
1	adservice.google.com	1 redirects
1	www.googletagmanager.com	mortgage.bankatcity.com
1	fonts.googleapis.com	mortgage.bankatcity.com
43	14

This site contains links to these domains. Also see Links.

Domain
www.bankatcity.com
bankatcity.com

Subject Issuer	Validity	Valid
mortgage.bankatcity.com R3	`2021-09-15` - `2021-12-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh

This page contains 5 frames:

Primary Page: https://mortgage.bankatcity.com/
Frame ID: E390E23A6757AABD729EBC9285AB08B5
Requests: 24 HTTP requests in this frame

Frame: https://9308828.fls.doubleclick.net/activityi;dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.bankatcity.com%2F
Frame ID: A6E6AF1C26D39CFED28E19DFE03D14F9
Requests: 1 HTTP requests in this frame

Frame: https://9308828.fls.doubleclick.net/ddm/fls/r/dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.bankatcity.com%2F
Frame ID: E474C003CA754B2AC58FFF4524886263
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-4ZkUAAAAADNMcusbTwtohwTjMIDan4nZkO45&co=aHR0cHM6Ly9tb3J0Z2FnZS5iYW5rYXRjaXR5LmNvbTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&theme=light&size=invisible&cb=k07nxj5uox0l
Frame ID: D2331EC88C3E9FC772A7DA86DB0821EE
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6Ld-4ZkUAAAAADNMcusbTwtohwTjMIDan4nZkO45&cb=3o93v2au6cgy
Frame ID: 8AE3C4F538D7D9C148A044D63FBE0785
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

City National Bank | Mortgage Loans

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

WordPress Super Cache (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

<!--[^>]+WP-Super-Cache

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

43
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

8
IPs

2
Countries

1817 kB
Transfer

3210 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bankatcity.com/Mortgage

Search URL Search Domain Scan URL

URL: https://bankatcity.com/Mortgage_Originators
Title: Apply Online

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://9308828.fls.doubleclick.net/activityi;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.bankatcity.com%2F HTTP 302
https://9308828.fls.doubleclick.net/activityi;dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.bankatcity.com%2F

Request Chain 24

https://adservice.google.com/ddm/fls/i/dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.bankatcity.com%2F HTTP 302
https://9308828.fls.doubleclick.net/ddm/fls/r/dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.bankatcity.com%2F

Request Chain 26

https://mpp.mxptint.net/2/31775/?rnd=2036885374 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_hm=UjFCMzNGX0UzNzdBQjM5XzVBRDI3RTk%3D HTTP 302
https://aep.mxptint.net/sn.ashx HTTP 302
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B33F_E377AB39_5AD27E9&redir=https://aep.mxptint.net/sn.ashx?ak=1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=75557&dpuuid=R1B33F_E377AB39_5AD27E9&redir=https://aep.mxptint.net/sn.ashx HTTP 302
https://aep.mxptint.net/sn.ashx HTTP 302
https://ups.analytics.yahoo.com/ups/56550/sync?_origin=1&uid=R1B33F_E377AB39_5AD27E9 HTTP 302
https://ups.analytics.yahoo.com/ups/56550/sync?_origin=1&uid=R1B33F_E377AB39_5AD27E9&verify=true

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mortgage.bankatcity.com/ 20 KB
6 KB 359ms
172ms Document
text/html 134.122.17.44
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mortgage.bankatcity.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.17.44 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 749423eb7ea7ffbe7ef404a8ebcdea0705fa6ef06ccb9a0745ddd6da92db80b4

Request headers

:method: GET
:authority: mortgage.bankatcity.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Wed, 15 Sep 2021 20:26:35 GMT
content-type: text/html; charset=UTF-8
content-length: 5987
vary: Accept-Encoding,Cookie
cache-control: max-age=3, must-revalidate
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 20:18:08 GMT

GET
H2 200 formidableforms.css
mortgage.bankatcity.com/wp-content/plugins/formidable/css/ 131 KB
19 KB 173ms
173ms Stylesheet
text/css 134.122.17.44
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mortgage.bankatcity.com/wp-content/plugins/formidable/css/formidableforms.css?ver=981958
Requested by: Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.17.44 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3224a9e14e8120dea185ace169b7c983ffa12726c9371a86abd2832cc32cca2c

Request headers

:path: /wp-content/plugins/formidable/css/formidableforms.css?ver=981958
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mortgage.bankatcity.com
referer: https://mortgage.bankatcity.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:35 GMT
cache-control: max-age=2592000, public
last-modified: Wed, 08 Sep 2021 19:58:51 GMT
server: nginx
content-encoding: br
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.min.css
mortgage.bankatcity.com/wp-includes/css/dist/block-library/ 79 KB
10 KB 88ms
87ms Stylesheet
text/css 134.122.17.44
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mortgage.bankatcity.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by: Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.17.44 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mortgage.bankatcity.com
referer: https://mortgage.bankatcity.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:35 GMT
cache-control: max-age=2592000, public
last-modified: Mon, 26 Jul 2021 18:01:39 GMT
server: nginx
content-encoding: br
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
mortgage.bankatcity.com/wp-content/themes/cnb-m/ 14 KB
3 KB 174ms
174ms Stylesheet
text/css 134.122.17.44
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mortgage.bankatcity.com/wp-content/themes/cnb-m/style.css?ver=5.8.1
Requested by: Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.17.44 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 415540fc00d01bf3639ba5bb5909139c2f3cf12b4557b981307ffdac3f934a05

Request headers

:path: /wp-content/themes/cnb-m/style.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mortgage.bankatcity.com
referer: https://mortgage.bankatcity.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:35 GMT
cache-control: max-age=2592000, public
last-modified: Wed, 09 Jun 2021 13:39:53 GMT
server: nginx
content-encoding: br
vary: Accept-Encoding
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 80ms
30ms Stylesheet
text/css 216.58.213.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter%3A400%2C700%7COswald&ver=5.8.1

Requested by

Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.213.10 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ber01s14-in-f10.1e100.net

Software

ESF /

Resource Hash

fd8e9468388c0c783a4205ca5edaedb1c5caff55643498021c57fc20d9579d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 20:26:35 GMT
server: ESF
date: Wed, 15 Sep 2021 20:26:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 20:26:35 GMT

GET
H2 200 city_national_bank_logo.svg
mortgage.bankatcity.com/wp-content/themes/cnb-m/images/ 5 KB
2 KB 170ms
168ms Image
image/svg+xml 134.122.17.44
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mortgage.bankatcity.com/wp-content/themes/cnb-m/images/city_national_bank_logo.svg
Requested by: Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.17.44 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4dc911896c88667a1f3125e7eb5cf941636c7e7108c67d1c45e74deece5e9452

Request headers

:path: /wp-content/themes/cnb-m/images/city_national_bank_logo.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mortgage.bankatcity.com
referer: https://mortgage.bankatcity.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:36 GMT
cache-control: max-age=31556952, public
last-modified: Tue, 08 Jun 2021 18:54:31 GMT
server: nginx
content-encoding: br
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 icon_blue_zero.svg
mortgage.bankatcity.com/wp-content/uploads/2018/07/ 633 B
499 B 171ms
169ms Image
image/svg+xml 134.122.17.44
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mortgage.bankatcity.com/wp-content/uploads/2018/07/icon_blue_zero.svg
Requested by: Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.17.44 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 595d765b7d544c73c69c901eb8f08872167d2e1ce325492963f48996c61c29c0

Request headers

:path: /wp-content/uploads/2018/07/icon_blue_zero.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mortgage.bankatcity.com
referer: https://mortgage.bankatcity.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:36 GMT
cache-control: max-age=31556952, public
last-modified: Tue, 03 Jul 2018 14:22:11 GMT
server: nginx
content-encoding: br
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 icon_blue_house.svg
mortgage.bankatcity.com/wp-content/uploads/2018/07/ 1 KB
673 B 170ms
168ms Image
image/svg+xml 134.122.17.44
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mortgage.bankatcity.com/wp-content/uploads/2018/07/icon_blue_house.svg
Requested by: Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.17.44 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f10957c9258de34c58de952bf8ce48ef9cd0e8090ccbdc9ff0b69b3cb412f60

Request headers

:path: /wp-content/uploads/2018/07/icon_blue_house.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mortgage.bankatcity.com
referer: https://mortgage.bankatcity.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:36 GMT
cache-control: max-age=31556952, public
last-modified: Tue, 03 Jul 2018 14:22:10 GMT
server: nginx
content-encoding: br
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 icon_blue_arrow.svg
mortgage.bankatcity.com/wp-content/uploads/2018/07/ 508 B
450 B 170ms
168ms Image
image/svg+xml 134.122.17.44
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mortgage.bankatcity.com/wp-content/uploads/2018/07/icon_blue_arrow.svg
Requested by: Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.17.44 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 05d5f0e7d0512b880b3518c58ecd609f17a2c5e0effabdb31e547c8eb080e5c2

Request headers

:path: /wp-content/uploads/2018/07/icon_blue_arrow.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mortgage.bankatcity.com
referer: https://mortgage.bankatcity.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:36 GMT
cache-control: max-age=31556952, public
last-modified: Tue, 03 Jul 2018 14:22:09 GMT
server: nginx
content-encoding: br
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 icon_blue_check.svg
mortgage.bankatcity.com/wp-content/uploads/2018/07/ 539 B
456 B 170ms
169ms Image
image/svg+xml 134.122.17.44
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mortgage.bankatcity.com/wp-content/uploads/2018/07/icon_blue_check.svg
Requested by: Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.17.44 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: c09b82f8130ad2fb3287e178777563d382b530b5644efe45a00a9bdec21355da

Request headers

:path: /wp-content/uploads/2018/07/icon_blue_check.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mortgage.bankatcity.com
referer: https://mortgage.bankatcity.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:36 GMT
cache-control: max-age=31556952, public
last-modified: Tue, 03 Jul 2018 14:22:10 GMT
server: nginx
content-encoding: br
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 equal_housing_lender.svg
mortgage.bankatcity.com/wp-content/themes/cnb-m/images/ 4 KB
2 KB 171ms
169ms Image
image/svg+xml 134.122.17.44
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mortgage.bankatcity.com/wp-content/themes/cnb-m/images/equal_housing_lender.svg
Requested by: Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.17.44 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: cdbf5d1026d8003bff8bd65dd66dca6d7fc476f8ea6d212a1119eef2283362dd

Request headers

:path: /wp-content/themes/cnb-m/images/equal_housing_lender.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mortgage.bankatcity.com
referer: https://mortgage.bankatcity.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:36 GMT
cache-control: max-age=31556952, public
last-modified: Tue, 08 Jun 2021 18:54:31 GMT
server: nginx
content-encoding: br
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 jquery.js Show response
mortgage.bankatcity.com/wp-includes/js/jquery/ 282 KB
78 KB 89ms
89ms Script
application/javascript 134.122.17.44
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mortgage.bankatcity.com/wp-includes/js/jquery/jquery.js
Requested by: Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.17.44 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335

Request headers

:path: /wp-includes/js/jquery/jquery.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mortgage.bankatcity.com
referer: https://mortgage.bankatcity.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:36 GMT
cache-control: max-age=2592000, public
last-modified: Mon, 26 Jul 2021 18:01:39 GMT
server: nginx
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-embed.min.js Show response
mortgage.bankatcity.com/wp-includes/js/ 1 KB
823 B 174ms
174ms Script
application/javascript 134.122.17.44
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mortgage.bankatcity.com/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.17.44 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mortgage.bankatcity.com
referer: https://mortgage.bankatcity.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:36 GMT
cache-control: max-age=2592000, public
last-modified: Thu, 04 Feb 2021 08:27:11 GMT
server: nginx
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 frm.min.js Show response
mortgage.bankatcity.com/wp-content/plugins/formidable-pro/js/ 207 KB
50 KB 170ms
168ms Script
application/javascript 134.122.17.44
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mortgage.bankatcity.com/wp-content/plugins/formidable-pro/js/frm.min.js?ver=5.0.03
Requested by: Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.17.44 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 131878184e80d74d041b1ab3546fb9bb063c683ebecf46fbb5e7a64b46c0894b

Request headers

:path: /wp-content/plugins/formidable-pro/js/frm.min.js?ver=5.0.03
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mortgage.bankatcity.com
referer: https://mortgage.bankatcity.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:36 GMT
cache-control: max-age=2592000, public
last-modified: Wed, 08 Sep 2021 19:58:51 GMT
server: nginx
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
987 B 108ms
37ms Script
text/javascript 142.250.179.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?ver=3

Requested by

Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f4.1e100.net

Software

GSE /

Resource Hash

1c9eab627784ec862dd97635d015b259fa3fdc1f58d7fd198ae0a449e6790848

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Wed, 15 Sep 2021 20:26:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 97 KB
39 KB 94ms
43ms Script
application/javascript 172.217.16.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NGZ6DDZ

Requested by

Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s28-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3da4a5d088c0db8ab0cf5c2cc590232e3c8313893c6eecc9cf292934484c5116

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39194
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 19:42:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 20:26:36 GMT

GET
H2 200 wp-emoji-release.min.js Show response
mortgage.bankatcity.com/wp-includes/js/ 18 KB
5 KB 170ms
169ms Script
application/javascript 134.122.17.44
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mortgage.bankatcity.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.17.44 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mortgage.bankatcity.com
referer: https://mortgage.bankatcity.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:36 GMT
cache-control: max-age=2592000, public
last-modified: Mon, 26 Jul 2021 18:01:39 GMT
server: nginx
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 hero-image-large-mortgage.jpg
mortgage.bankatcity.com/wp-content/themes/cnb-m/images/ 973 KB
975 KB 168ms
168ms Image
image/jpeg 134.122.17.44
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mortgage.bankatcity.com/wp-content/themes/cnb-m/images/hero-image-large-mortgage.jpg
Requested by: Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/wp-content/themes/cnb-m/style.css?ver=5.8.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.17.44 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ad124df1d83e3e554eeda454eddb74333ac6c1acfeba48c21a17e3d918db213c

Request headers

:path: /wp-content/themes/cnb-m/images/hero-image-large-mortgage.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mortgage.bankatcity.com
referer: https://mortgage.bankatcity.com/wp-content/themes/cnb-m/style.css?ver=5.8.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/wp-content/themes/cnb-m/style.css?ver=5.8.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:36 GMT
cache-control: max-age=31556952, public
last-modified: Wed, 16 Jun 2021 16:08:57 GMT
server: nginx
accept-ranges: bytes
content-length: 996740
content-type: image/jpeg

GET
H2 200 rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v19/ 30 KB
31 KB 92ms
27ms Font
font/woff2 142.250.179.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v19/rax8HiqOu8IVPmn7f4xp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter%3A400%2C700%7COswald&ver=5.8.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f3.1e100.net

Software

sffe /

Resource Hash

ebb47fd79ee856806fec5c85f947b3a908cbe3cfef92099fa4c9b481f092f6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mortgage.bankatcity.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 03:01:03 GMT
x-content-type-options: nosniff
age: 494733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30792
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 23:04:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Sep 2022 03:01:03 GMT

GET
H2 200 chevron-down.svg
mortgage.bankatcity.com/wp-content/themes/cnb-m/images/ 307 B
351 B 164ms
163ms Image
image/svg+xml 134.122.17.44
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mortgage.bankatcity.com/wp-content/themes/cnb-m/images/chevron-down.svg
Requested by: Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/wp-content/themes/cnb-m/style.css?ver=5.8.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.17.44 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e4bba5de2471292211f0ef5986a47e1369ff6c7f82b385a7290750f6e7d31b5e

Request headers

:path: /wp-content/themes/cnb-m/images/chevron-down.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mortgage.bankatcity.com
referer: https://mortgage.bankatcity.com/wp-content/themes/cnb-m/style.css?ver=5.8.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/wp-content/themes/cnb-m/style.css?ver=5.8.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:36 GMT
cache-control: max-age=31556952, public
last-modified: Tue, 08 Jun 2021 18:54:31 GMT
server: nginx
content-encoding: br
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v40/ 16 KB
16 KB 121ms
58ms Font
font/woff2 142.250.179.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v40/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter%3A400%2C700%7COswald&ver=5.8.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f3.1e100.net

Software

sffe /

Resource Hash

76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mortgage.bankatcity.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 02:58:49 GMT
x-content-type-options: nosniff
age: 494867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16016
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:16:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:58:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 88ms
25ms Script
text/javascript 142.250.178.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ6DDZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2998
date: Wed, 15 Sep 2021 19:36:38 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 15 Sep 2021 21:36:38 GMT

GET
H2

200

activityi;dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.bankatcity.com%2F Show response
9308828.fls.doubleclick.net/ Frame A6E6
Redirect Chain

https://9308828.fls.doubleclick.net/activityi;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.bankatcity.com%2F?
https://9308828.fls.doubleclick.net/activityi;dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmort...

488 B
565 B

30ms
29ms

Document
text/html

172.217.16.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9308828.fls.doubleclick.net/activityi;dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.bankatcity.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ6DDZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s28-in-f6.1e100.net

Software

cafe /

Resource Hash

c6e56a05aadfbdd875c59e81858cd3f34f2ae3e9a36c3aa14a8c73c327e69971

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9308828.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.bankatcity.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mortgage.bankatcity.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Sep 2021 20:26:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 388
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 20:41:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Sep 2021 20:26:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9308828.fls.doubleclick.net/activityi;dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.bankatcity.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
211 B 31ms
31ms XHR
text/plain 142.250.178.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1775629850&t=pageview&_s=1&dl=https%3A%2F%2Fmortgage.bankatcity.com%2F&ul=en-us&de=UTF-8&dt=City%20National%20Bank%20%7C%20Mortgage%20Loans&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=71049382&gjid=1988384310&cid=1343688526.1631737596&tid=UA-86662085-4&_gid=883373591.1631737596&_r=1&gtm=2wg9d0NGZ6DDZ&z=556388404

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mortgage.bankatcity.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:26:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mortgage.bankatcity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ 342 KB
134 KB 33ms
26ms Script
text/javascript 142.250.179.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?ver=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f3.1e100.net

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mortgage.bankatcity.com/
Origin: https://mortgage.bankatcity.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 22:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Wed, 14 Sep 2022 22:57:37 GMT

GET
H3

200

dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.bankatcity.com%2F Show response
9308828.fls.doubleclick.net/ddm/fls/r/ Frame E474
Redirect Chain

https://adservice.google.com/ddm/fls/i/dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.ba...
https://9308828.fls.doubleclick.net/ddm/fls/r/dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmort...

296 B
273 B

38ms
38ms

Document
text/html

172.217.16.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9308828.fls.doubleclick.net/ddm/fls/r/dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.bankatcity.com%2F

Requested by

Host: 9308828.fls.doubleclick.net
URL: https://9308828.fls.doubleclick.net/activityi;dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.bankatcity.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s28-in-f6.1e100.net

Software

cafe /

Resource Hash

cf01acfa6a9716e500596dc6eb3d5a96cbb344d06acdbcf1e577e642e2526067

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9308828.fls.doubleclick.net
:scheme: https
:path: /ddm/fls/r/dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.bankatcity.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9308828.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9308828.fls.doubleclick.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Sep 2021 20:26:36 GMT
expires: Wed, 15 Sep 2021 20:26:36 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 248
x-xss-protection: 0
set-cookie: IDE=AHWqTUnF_jnkvSEUiMAJPwepT6durWPYXW3DE2Cr5ForiRltJwSVnehJOojqRO3245o; expires=Fri, 15-Sep-2023 20:26:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Sep 2021 20:26:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://9308828.fls.doubleclick.net/ddm/fls/r/dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.bankatcity.com%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D233 40 KB
20 KB 81ms
43ms Document
text/html 142.250.179.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-4ZkUAAAAADNMcusbTwtohwTjMIDan4nZkO45&co=aHR0cHM6Ly9tb3J0Z2FnZS5iYW5rYXRjaXR5LmNvbTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&theme=light&size=invisible&cb=k07nxj5uox0l

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f4.1e100.net

Software

GSE /

Resource Hash

3407909de1378b16ddc99f56e1551860766005314ef7f449a4b1b4afdfffd637

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OtyG9JAZqhbYl/tIt7JbeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ld-4ZkUAAAAADNMcusbTwtohwTjMIDan4nZkO45&co=aHR0cHM6Ly9tb3J0Z2FnZS5iYW5rYXRjaXR5LmNvbTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&theme=light&size=invisible&cb=k07nxj5uox0l
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mortgage.bankatcity.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 15 Sep 2021 20:26:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-OtyG9JAZqhbYl/tIt7JbeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20729
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/56550/ Frame E474
Redirect Chain

https://mpp.mxptint.net/2/31775/?rnd=2036885374
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_hm=UjFCMzNGX0UzNzdBQjM5XzVBRDI3RTk%3D
https://aep.mxptint.net/sn.ashx
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B33F_E377AB39_5AD27E9&redir=https://aep.mxptint.net/sn.ashx?ak=1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=75557&dpuuid=R1B33F_E377AB39_5AD27E9&redir=https://aep.mxptint.net/sn.ashx
https://aep.mxptint.net/sn.ashx
https://ups.analytics.yahoo.com/ups/56550/sync?_origin=1&uid=R1B33F_E377AB39_5AD27E9
https://ups.analytics.yahoo.com/ups/56550/sync?_origin=1&uid=R1B33F_E377AB39_5AD27E9&verify=true

0
735 B

10ms
10ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56550/sync?_origin=1&uid=R1B33F_E377AB39_5AD27E9&verify=true

Requested by

Host: 9308828.fls.doubleclick.net
URL: https://9308828.fls.doubleclick.net/ddm/fls/r/dc_pre=CPXEqJ7ogfMCFUxV0wodgWEFAw;src=9308828;type=cityn0;cat=landi00;ord=6176046733409;gtm=2wg9d0;auiddc=302082723.1631737596;~oref=https%3A%2F%2Fmortgage.bankatcity.com%2F

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9308828.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 20:26:38 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Wed, 15 Sep 2021 20:26:38 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/56550/sync?_origin=1&uid=R1B33F_E377AB39_5AD27E9&verify=true
Connection: keep-alive
Content-Length: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame D233 52 KB
25 KB 45ms
18ms Stylesheet
text/css 142.250.179.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-4ZkUAAAAADNMcusbTwtohwTjMIDan4nZkO45&co=aHR0cHM6Ly9tb3J0Z2FnZS5iYW5rYXRjaXR5LmNvbTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&theme=light&size=invisible&cb=k07nxj5uox0l

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f3.1e100.net

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 15 Sep 2022 07:07:06 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame D233 342 KB
134 KB 55ms
29ms Script
text/javascript 142.250.179.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f3.1e100.net

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 22:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Wed, 14 Sep 2022 22:57:37 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D233 2 KB
2 KB 19ms
18ms Image
image/png 142.250.179.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:40:25 GMT
x-content-type-options: nosniff
age: 2771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Wed, 22 Sep 2021 19:40:25 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D233 15 KB
15 KB 58ms
27ms Font
font/woff2 142.250.179.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 06:50:15 GMT
x-content-type-options: nosniff
age: 480981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Sep 2022 06:50:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D233 15 KB
15 KB 56ms
25ms Font
font/woff2 142.250.179.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 23:20:54 GMT
x-content-type-options: nosniff
age: 162342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 23:20:54 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame D233 102 B
132 B 28ms
27ms Other
text/javascript 142.250.179.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f4.1e100.net

Software

GSE /

Resource Hash

392ed442867566d8cbd08f7e0d9a379c49177a9c96186ad0d1eba1a316721267

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-4ZkUAAAAADNMcusbTwtohwTjMIDan4nZkO45&co=aHR0cHM6Ly9tb3J0Z2FnZS5iYW5rYXRjaXR5LmNvbTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&theme=light&size=invisible&cb=k07nxj5uox0l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 15 Sep 2021 20:26:36 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 8AE3 7 KB
1 KB 27ms
27ms Document
text/html 142.250.179.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6Ld-4ZkUAAAAADNMcusbTwtohwTjMIDan4nZkO45&cb=3o93v2au6cgy

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f4.1e100.net

Software

GSE /

Resource Hash

63969b0d845c83ee79ac93e4895392435f5f53c576054a8b1c3831e908b6418f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-39iTLM6Ra1bkXQjqNFHIng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6Ld-4ZkUAAAAADNMcusbTwtohwTjMIDan4nZkO45&cb=3o93v2au6cgy
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mortgage.bankatcity.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mortgage.bankatcity.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 15 Sep 2021 20:26:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-39iTLM6Ra1bkXQjqNFHIng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame 8AE3 52 KB
25 KB 18ms
18ms Stylesheet
text/css 142.250.179.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6Ld-4ZkUAAAAADNMcusbTwtohwTjMIDan4nZkO45&cb=3o93v2au6cgy

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f3.1e100.net

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 07:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 15 Sep 2022 07:07:06 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame 8AE3 342 KB
134 KB 19ms
19ms Script
text/javascript 142.250.179.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6Ld-4ZkUAAAAADNMcusbTwtohwTjMIDan4nZkO45&cb=3o93v2au6cgy

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f3.1e100.net

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 22:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Wed, 14 Sep 2022 22:57:37 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 8AE3 34 KB
20 KB 64ms
64ms XHR
application/json 142.250.179.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Ld-4ZkUAAAAADNMcusbTwtohwTjMIDan4nZkO45

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f4.1e100.net

Software

GSE /

Resource Hash

fc0a28e0041f1d961b15cb0143854f2c83a75de3325c13307a0144f559a5a37d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6Ld-4ZkUAAAAADNMcusbTwtohwTjMIDan4nZkO45&cb=3o93v2au6cgy
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 15 Sep 2021 20:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20487
x-xss-protection: 1; mode=block
expires: Wed, 15 Sep 2021 20:26:36 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8AE3 600 B
622 B 19ms
19ms Image
image/png 142.250.179.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f3.1e100.net

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 05:47:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 225544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
expires: Mon, 20 Sep 2021 05:47:32 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8AE3 530 B
554 B 20ms
19ms Image
image/png 142.250.179.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f3.1e100.net

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:23:20 GMT
x-content-type-options: nosniff
age: 28996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Wed, 22 Sep 2021 12:23:20 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8AE3 665 B
687 B 20ms
20ms Image
image/png 142.250.179.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f3.1e100.net

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 06:04:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 224516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
expires: Mon, 20 Sep 2021 06:04:40 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8AE3 15 KB
15 KB 25ms
25ms Font
font/woff2 142.250.179.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 06:50:15 GMT
x-content-type-options: nosniff
age: 480981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Sep 2022 06:50:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8AE3 15 KB
15 KB 25ms
25ms Font
font/woff2 142.250.179.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: mortgage.bankatcity.com
URL: https://mortgage.bankatcity.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 23:20:54 GMT
x-content-type-options: nosniff
age: 162342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 23:20:54 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 01:34:49	Name: _GRECAPTCHA Value: 09AJv90RcjfLZZztuHGT--DFF8ruvR4G8XCE3AnjL-hoziC59puAU7Z4vNEjFPLHGlifGHygTBlRkJ6NDl3--_fL4
.bankatcity.com/	1970-01-19 23:25:13	Name: _gcl_au Value: 1.1.302082723.1631737596
.mortgage.bankatcity.com/	1970-01-20 14:46:49	Name: _ga Value: GA1.3.1343688526.1631737596
.mortgage.bankatcity.com/	1970-01-19 21:17:03	Name: _gid Value: GA1.3.883373591.1631737596
.mortgage.bankatcity.com/	1970-01-19 21:15:37	Name: _gat_UA-86662085-4 Value: 1
.doubleclick.net/	1970-01-20 14:46:49	Name: IDE Value: AHWqTUnF_jnkvSEUiMAJPwepT6durWPYXW3DE2Cr5ForiRltJwSVnehJOojqRO3245o
.demdex.net/	1970-01-20 01:34:49	Name: demdex Value: 80270433005083237292592695526682864609
.dpm.demdex.net/	1970-01-20 01:34:49	Name: dpm Value: 80270433005083237292592695526682864609
.mxptint.net/	1970-01-20 14:46:49	Name: mxpim Value: R1B33F_E377AB39_5AD27E9.1.614256FC614256FE0000000000000000000000000000000000000000614256FD
.yahoo.com/	1970-01-20 06:01:35	Name: A3 Value: d=AQABBP5WQmECENHGj7yHpOiAg0FZ7qo2CH4FEgEBAQGoQ2FMYQAAAAAA_eMAAA&S=AQAAAnVeHLbf4p_RMRPZG-bfX8Q
.analytics.yahoo.com/	1970-01-20 06:02:39	Name: IDSYNC Value: 17mu~20f8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9308828.fls.doubleclick.net
adservice.google.com
aep.mxptint.net
cm.g.doubleclick.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
mortgage.bankatcity.com
mpp.mxptint.net
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
134.122.17.44
142.250.178.14
142.250.178.2
142.250.179.227
142.250.179.228
172.217.16.230
172.217.16.232
18.156.0.31
204.2.255.218
216.58.212.226
216.58.213.10
4.78.226.225
44.238.250.73
05d5f0e7d0512b880b3518c58ecd609f17a2c5e0effabdb31e547c8eb080e5c2
0f10957c9258de34c58de952bf8ce48ef9cd0e8090ccbdc9ff0b69b3cb412f60
131878184e80d74d041b1ab3546fb9bb063c683ebecf46fbb5e7a64b46c0894b
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c9eab627784ec862dd97635d015b259fa3fdc1f58d7fd198ae0a449e6790848
3224a9e14e8120dea185ace169b7c983ffa12726c9371a86abd2832cc32cca2c
3407909de1378b16ddc99f56e1551860766005314ef7f449a4b1b4afdfffd637
392ed442867566d8cbd08f7e0d9a379c49177a9c96186ad0d1eba1a316721267
3da4a5d088c0db8ab0cf5c2cc590232e3c8313893c6eecc9cf292934484c5116
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
415540fc00d01bf3639ba5bb5909139c2f3cf12b4557b981307ffdac3f934a05
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4dc911896c88667a1f3125e7eb5cf941636c7e7108c67d1c45e74deece5e9452
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
595d765b7d544c73c69c901eb8f08872167d2e1ce325492963f48996c61c29c0
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
63969b0d845c83ee79ac93e4895392435f5f53c576054a8b1c3831e908b6418f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
749423eb7ea7ffbe7ef404a8ebcdea0705fa6ef06ccb9a0745ddd6da92db80b4
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
ad124df1d83e3e554eeda454eddb74333ac6c1acfeba48c21a17e3d918db213c
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
c09b82f8130ad2fb3287e178777563d382b530b5644efe45a00a9bdec21355da
c6e56a05aadfbdd875c59e81858cd3f34f2ae3e9a36c3aa14a8c73c327e69971
cdbf5d1026d8003bff8bd65dd66dca6d7fc476f8ea6d212a1119eef2283362dd
cf01acfa6a9716e500596dc6eb3d5a96cbb344d06acdbcf1e577e642e2526067
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bba5de2471292211f0ef5986a47e1369ff6c7f82b385a7290750f6e7d31b5e
ebb47fd79ee856806fec5c85f947b3a908cbe3cfef92099fa4c9b481f092f6f7
fc0a28e0041f1d961b15cb0143854f2c83a75de3325c13307a0144f559a5a37d
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd8e9468388c0c783a4205ca5edaedb1c5caff55643498021c57fc20d9579d7d

mortgage.bankatcity.com Open in urlscan Pro 134.122.17.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

0 %IPv6

10 Domains

14 Subdomains

8 IPs

2 Countries

1817 kBTransfer

3210 kBSize

11 Cookies

2 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

mortgage.bankatcity.com Open in urlscan Pro
134.122.17.44 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

8
IPs

2
Countries

1817 kB
Transfer

3210 kB
Size

11
Cookies

43 HTTP transactions
0 data transactions