Submitted URL: https://bystrobank.ru/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-hu...
Effective URL: https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-hu...
Submission Tags: bank ru l4ing mass Search All
Submission: On January 27 via manual from UA — Scanned from DE

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 19 HTTP transactions. The main IP is 35.198.128.33, located in Frankfurt am Main, Germany and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is ban-dera.com.
TLS certificate: Issued by R3 on January 4th 2023. Valid for: 3 months.
This is the only time ban-dera.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.41.101.5 35558 (IZHNET-AS)
13 35.198.128.33 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.130.133 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
19 7
Apex Domain
Subdomains
Transfer
13 ban-dera.com
ban-dera.com
485 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2284
44 KB
1 gstatic.com
fonts.gstatic.com
18 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2456
252 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
944 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
76 KB
1 bystrobank.ru
bystrobank.ru
397 B
19 7
Domain Requested by
13 ban-dera.com ban-dera.com
2 www.paypalobjects.com ban-dera.com
1 fonts.gstatic.com fonts.googleapis.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com ban-dera.com
1 www.googletagmanager.com ban-dera.com
1 bystrobank.ru 1 redirects
19 7
Subject Issuer Validity Valid
ban-dera.com
R3
2023-01-04 -
2023-04-04
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA
2022-10-13 -
2023-11-13
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh

This page contains 1 frames:

Primary Page: https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
Frame ID: CDCD957C969F71F550E975A28477DB0A
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Ban-DERA

Page URL History Show full URLs

  1. https://bystrobank.ru/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&u... HTTP 302
    https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&u... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

19
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

623 kB
Transfer

1335 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bystrobank.ru/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO HTTP 302
    https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ban-dera.com/
Redirect Chain
  • https://bystrobank.ru/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
  • https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
906 B
2 KB
Document
General
Full URL
https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.198.128.33 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.128.198.35.bc.googleusercontent.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
45002b8cf2f880e07c5edd85c58658268601bdae357ac33a50ad0154dde0b179

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
507
Content-Type
text/html; charset=UTF-8
Date
Fri, 27 Jan 2023 01:05:27 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Cache-Control
max-age=1, must-revalidate
Connection
close
Content-Encoding
gzip
Content-Length
239
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 27 Jan 2023 01:05:27 GMT
Location
https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
Server
Apache
Vary
Accept-Encoding
app.css
ban-dera.com/css/
229 KB
36 KB
Stylesheet
General
Full URL
https://ban-dera.com/css/app.css
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.198.128.33 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.128.198.35.bc.googleusercontent.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
02df721af63bfb5fe78684534b4cecdd344becc57adf6eb936a6385afd4ad0f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 27 Jan 2023 01:05:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 May 2022 19:16:27 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"39392-5de5cb1ed108d-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
36814
js
www.googletagmanager.com/gtag/
215 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E2JP8HENB3
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
41510e05813010a5dfb51a415fed8d7f06bac0d8d828bd539fc73a3eee550341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ban-dera.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 01:05:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77224
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 27 Jan 2023 01:05:27 GMT
donate-sdk.js
www.paypalobjects.com/donate/sdk/
134 KB
41 KB
Script
General
Full URL
https://www.paypalobjects.com/donate/sdk/donate-sdk.js
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
54866fbff058a2812fdec10b71d17d987db3616525a7c915688f18e63a2f0891
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ban-dera.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 01:05:27 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
377bb5b9beaa3
dc
ccg11-origin-www-1.paypal.com
content-length
41002
x-served-by
cache-sjc10080-SJC, cache-hhn-etou8220075-HHN
last-modified
Mon, 11 Oct 2021 17:21:16 GMT
traceparent
00-0000000000000000000377bb5b9beaa3-35ca1225b251770f-01
x-timer
S1674781528.877795,VS0,VE0
etag
W/"6164728c-21635"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
1478, 3
app.js
ban-dera.com/js/
432 KB
140 KB
Script
General
Full URL
https://ban-dera.com/js/app.js
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.198.128.33 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.128.198.35.bc.googleusercontent.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c8a157d4dabcb3d6d8e18b7950b6a513cfe8d80d267abccf01ded13934855f76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 27 Jan 2023 01:05:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Dec 2022 10:32:12 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"6beab-5ef62aaa42bf4-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
css2
fonts.googleapis.com/
1 KB
944 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Anonymous+Pro&display=swap
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bb7d3684cb42a4d70196d25046661222df52254fb53dde71c462d48b5170ee03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ban-dera.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 27 Jan 2023 01:05:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 27 Jan 2023 00:55:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 27 Jan 2023 01:05:28 GMT
collect
region1.google-analytics.com/g/
0
252 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-E2JP8HENB3&gtm=2oe1p0&_p=708840651&cid=955951946.1674781528&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674781528&sct=1&seg=0&dl=https%3A%2F%2Fban-dera.com%2F%3Futm_source%3Dpootin-huilo%26utm_medium%3Dpootin-huilo%26utm_campaign%3Dpootin-huilo%26utm_content%3Dpootin-huilo%26utm_term%3DHUILO&dt=Ban-DERA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E2JP8HENB3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ban-dera.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Jan 2023 01:05:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ban-dera.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
108 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f27b2160255b0a3bbe960f0af6a1772a8514e2b3ba0acbeea1e622ebb5f3e4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
rP2Bp2a15UIB7Un-bOeISG3pHls29Q.woff2
fonts.gstatic.com/s/anonymouspro/v21/
17 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/anonymouspro/v21/rP2Bp2a15UIB7Un-bOeISG3pHls29Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anonymous+Pro&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
148b358d5c6a32ff44aa901fdd583519210675846edb6ccf8913a402054196a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ban-dera.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 10:51:28 GMT
x-content-type-options
nosniff
age
483240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17528
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:59:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 10:51:28 GMT
bootstrap-icons.woff2
ban-dera.com/fonts/vendor/bootstrap-icons/
100 KB
100 KB
Font
General
Full URL
https://ban-dera.com/fonts/vendor/bootstrap-icons/bootstrap-icons.woff2?a13b815539b49de48d2358b4281b2f1a
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/css/app.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.198.128.33 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.128.198.35.bc.googleusercontent.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13

Request headers

Referer
https://ban-dera.com/css/app.css
Origin
https://ban-dera.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 27 Jan 2023 01:05:28 GMT
Last-Modified
Fri, 06 May 2022 19:16:27 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"19088-5de5cb1ed108d"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
102536
ua.svg
ban-dera.com/img/flags/
213 B
500 B
Image
General
Full URL
https://ban-dera.com/img/flags/ua.svg
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.198.128.33 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.128.198.35.bc.googleusercontent.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a8eb62de2c51163a1687396eb8c4b40b5689147b2adfa00da3fb6625adba4f52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 27 Jan 2023 01:05:28 GMT
Last-Modified
Fri, 09 Dec 2022 22:29:20 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"d5-5ef6caf4e999c"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
213
gb.svg
ban-dera.com/img/flags/
865 B
1 KB
Image
General
Full URL
https://ban-dera.com/img/flags/gb.svg
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.198.128.33 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.128.198.35.bc.googleusercontent.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
88d0f601aa8d3d545beb810a49e7da9279beebe9f4dd08349c8aa18ca48d5b48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 27 Jan 2023 01:05:28 GMT
Last-Modified
Fri, 09 Dec 2022 22:29:20 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"361-5ef6caf4d2296"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
865
fr.svg
ban-dera.com/img/flags/
268 B
557 B
Image
General
Full URL
https://ban-dera.com/img/flags/fr.svg
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.198.128.33 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.128.198.35.bc.googleusercontent.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f156bbab3eb6ba82cbc9d8a021202f23cf21e8e6f939cd25b122646bf4f6cf3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 27 Jan 2023 01:05:28 GMT
Last-Modified
Fri, 09 Dec 2022 22:29:20 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"10c-5ef6caf4d12f6"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
268
es.svg
ban-dera.com/img/flags/
140 KB
140 KB
Image
General
Full URL
https://ban-dera.com/img/flags/es.svg
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.198.128.33 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.128.198.35.bc.googleusercontent.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
661f2d501830c045aa6d96f0f0a5650ff9df3360693f2037ec504d068d8661b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 27 Jan 2023 01:05:28 GMT
Last-Modified
Fri, 09 Dec 2022 22:29:20 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"23057-5ef6caf4cf3b6"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
143447
pl.svg
ban-dera.com/img/flags/
197 B
484 B
Image
General
Full URL
https://ban-dera.com/img/flags/pl.svg
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.198.128.33 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.128.198.35.bc.googleusercontent.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9ab46af4be55372260bc706842a4c4ba6333ba1891e849d36bea234053f2e23c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 27 Jan 2023 01:05:28 GMT
Last-Modified
Fri, 09 Dec 2022 22:29:20 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"c5-5ef6caf4e0cfa"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
197
ban-dera-logo.svg
ban-dera.com/img/
22 KB
22 KB
Image
General
Full URL
https://ban-dera.com/img/ban-dera-logo.svg
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.198.128.33 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.128.198.35.bc.googleusercontent.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d435b70a625da888f78e05b17516cc5e1d8b5215cc36a1f7f9cb2dc86722fe22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 27 Jan 2023 01:05:28 GMT
Last-Modified
Fri, 09 Dec 2022 22:29:20 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"584f-5ef6caf4c3833"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
22607
monobank-logo.svg
ban-dera.com/img/
7 KB
7 KB
Image
General
Full URL
https://ban-dera.com/img/monobank-logo.svg
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.198.128.33 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.128.198.35.bc.googleusercontent.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9244984cd30963b73e947e0844944a30db785146b77c78c8993c60abcd1a7ede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 27 Jan 2023 01:05:28 GMT
Last-Modified
Fri, 09 Dec 2022 22:29:20 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1a51-5ef6caf4ec87d"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6737
btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/
3 KB
3 KB
Image
General
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ee1c4cfd1b1818743cf6930452dee0e56aa4709359e06ded6052d1e7abb14474
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ban-dera.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 01:05:28 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
fastly-io-info
ifsz=3099 idim=147x47 ifmt=gif ofsz=3098 odim=147x47 ofmt=gif
paypal-debug-id
7ed1454d06446
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
3098
x-served-by
cache-sjc10069-SJC, cache-hhn-etou8220075-HHN
x-timer
S1674781528.222786,VS0,VE0
etag
"W+Pu/C7SAaVROD4yxJfYhtmfI4zA8n2pGKd1zdw5nBA"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
27876, 80497
targets
ban-dera.com/api/
33 KB
34 KB
XHR
General
Full URL
https://ban-dera.com/api/targets
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.198.128.33 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.128.198.35.bc.googleusercontent.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c150170863e4c6b101470e46a31209b3f34df770f301b48fcca1c07061535e5d

Request headers

Accept
application/json
Referer
https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
X-XSRF-TOKEN
eyJpdiI6ImpRUy9Yak1yMEg5YUVrVkZ4NjRqaHc9PSIsInZhbHVlIjoiNkJldEJDZERHQ2hvcVhTSDlsTFUrWGUvNUU3S3Z5MVVWSTNkM2VhaHZqQjhsMG1rL1BPSkwxUkd0N0tuY0c5WU45VThubjdrSUJ0c2lOUzhMekhPTmhsZ01oaGdxdkdscHNGaVd6YzhnWlNCMFdhMENmRHFEUUpxZXhFOFcxVDQiLCJtYWMiOiIzZTBjNTE3NmZiZDA3OWI5NTdhNGJjY2YxMTRkMTY1Mjc1MTJiNTMwMTk3NzdlZTY2YTZlOGM5YTdlMzI3ZTI1IiwidGFnIjoiIn0=
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 27 Jan 2023 01:05:28 GMT
Server
Apache/2.4.41 (Ubuntu)
X-RateLimit-Remaining
4
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
X-RateLimit-Limit
5
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
de.svg
ban-dera.com/img/flags/
241 B
528 B
Image
General
Full URL
https://ban-dera.com/img/flags/de.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.198.128.33 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.128.198.35.bc.googleusercontent.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
10ddb928f1d77520fb65b19340cee26eb532efe33aab84e80c4ec1ea73a8f905

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ban-dera.com/?utm_source=pootin-huilo&utm_medium=pootin-huilo&utm_campaign=pootin-huilo&utm_content=pootin-huilo&utm_term=HUILO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 27 Jan 2023 01:05:28 GMT
Last-Modified
Fri, 09 Dec 2022 22:29:20 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"f1-5ef6caf4cd475"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
241

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| gaGlobal object| __post_robot_10_0_41__ object| PayPal object| __zoid_9_0_58__ object| Donation object| webpackChunk function| _ function| axios object| regeneratorRuntime number| uidEvent object| bootstrap

4 Cookies

Domain/Path Name / Value
ban-dera.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImpRUy9Yak1yMEg5YUVrVkZ4NjRqaHc9PSIsInZhbHVlIjoiNkJldEJDZERHQ2hvcVhTSDlsTFUrWGUvNUU3S3Z5MVVWSTNkM2VhaHZqQjhsMG1rL1BPSkwxUkd0N0tuY0c5WU45VThubjdrSUJ0c2lOUzhMekhPTmhsZ01oaGdxdkdscHNGaVd6YzhnWlNCMFdhMENmRHFEUUpxZXhFOFcxVDQiLCJtYWMiOiIzZTBjNTE3NmZiZDA3OWI5NTdhNGJjY2YxMTRkMTY1Mjc1MTJiNTMwMTk3NzdlZTY2YTZlOGM5YTdlMzI3ZTI1IiwidGFnIjoiIn0%3D
ban-dera.com/ Name: ban_dera_session
Value: eyJpdiI6InJ0SS82TVdrWldxTjVjYWtsRmpSZGc9PSIsInZhbHVlIjoiZVNZeG9sUEZTdUtsUU54S2J6N0VWN0VqODZtS3NHS3c3S0NGWHF1eXYyaTZxNEhwNm9yMkpHLzhxbjVvS3ZraWlLQmdScjlxNFQvUHBMN2pWZjdKTS9CVGIxNXBWWWdVOWZxOHhQcEFNSjhWMWVkVkVIdFN1eXNxa3ZsQ3ZITjMiLCJtYWMiOiJiMGM4MGRlZTBjZWIyOWVhZmU5YmEyNDJiYzdiZjA1MjM2NzgzZjY3MWIzYzJjMDEzMTQxOGMyYTU0YzA0Zjg1IiwidGFnIjoiIn0%3D
.ban-dera.com/ Name: _ga_E2JP8HENB3
Value: GS1.1.1674781528.1.0.1674781528.0.0.0
.ban-dera.com/ Name: _ga
Value: GA1.1.955951946.1674781528

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ban-dera.com
bystrobank.ru
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
www.googletagmanager.com
www.paypalobjects.com
151.101.130.133
185.41.101.5
2001:4860:4802:32::36
2a00:1450:4001:827::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
35.198.128.33
02df721af63bfb5fe78684534b4cecdd344becc57adf6eb936a6385afd4ad0f8
10ddb928f1d77520fb65b19340cee26eb532efe33aab84e80c4ec1ea73a8f905
148b358d5c6a32ff44aa901fdd583519210675846edb6ccf8913a402054196a0
41510e05813010a5dfb51a415fed8d7f06bac0d8d828bd539fc73a3eee550341
45002b8cf2f880e07c5edd85c58658268601bdae357ac33a50ad0154dde0b179
54866fbff058a2812fdec10b71d17d987db3616525a7c915688f18e63a2f0891
661f2d501830c045aa6d96f0f0a5650ff9df3360693f2037ec504d068d8661b5
88d0f601aa8d3d545beb810a49e7da9279beebe9f4dd08349c8aa18ca48d5b48
8f27b2160255b0a3bbe960f0af6a1772a8514e2b3ba0acbeea1e622ebb5f3e4a
9244984cd30963b73e947e0844944a30db785146b77c78c8993c60abcd1a7ede
9ab46af4be55372260bc706842a4c4ba6333ba1891e849d36bea234053f2e23c
a8eb62de2c51163a1687396eb8c4b40b5689147b2adfa00da3fb6625adba4f52
bb7d3684cb42a4d70196d25046661222df52254fb53dde71c462d48b5170ee03
c150170863e4c6b101470e46a31209b3f34df770f301b48fcca1c07061535e5d
c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13
c8a157d4dabcb3d6d8e18b7950b6a513cfe8d80d267abccf01ded13934855f76
d435b70a625da888f78e05b17516cc5e1d8b5215cc36a1f7f9cb2dc86722fe22
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee1c4cfd1b1818743cf6930452dee0e56aa4709359e06ded6052d1e7abb14474
f156bbab3eb6ba82cbc9d8a021202f23cf21e8e6f939cd25b122646bf4f6cf3b