URL: https://bankingfor.me/
Submission: On July 19 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 29 IPs in 4 countries across 20 domains to perform 85 HTTP transactions. The main IP is 52.63.87.65, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is bankingfor.me.
TLS certificate: Issued by R3 on July 19th 2022. Valid for: 3 months.
This is the only time bankingfor.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 44 52.63.87.65 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 143.204.89.62 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 151.139.128.11 20446 (STACKPATH...)
1 143.204.95.64 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
2 35.190.59.101 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 172.217.23.98 15169 (GOOGLE)
3 2600:9000:215... 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 143.204.93.3 16509 (AMAZON-02)
1 143.204.89.3 16509 (AMAZON-02)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 143.204.89.82 16509 (AMAZON-02)
1 143.204.89.14 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
85 29
Apex Domain
Subdomains
Transfer
44 bankingfor.me
bankingfor.me
2 MB
7 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 2803
t.skimresources.com — Cisco Umbrella Rank: 2721
p.skimresources.com — Cisco Umbrella Rank: 3815
r.skimresources.com — Cisco Umbrella Rank: 2602
22 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
517 B
4 amazon-adsystem.com
z-na.amazon-adsystem.com — Cisco Umbrella Rank: 7141
c.amazon-adsystem.com — Cisco Umbrella Rank: 340
49 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 164
196 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 69
region1.google-analytics.com — Cisco Umbrella Rank: 2603
20 KB
3 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2581
8 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 138
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 231
129 KB
2 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5323
buttons-config.sharethis.com — Cisco Umbrella Rank: 6274
43 KB
2 manofmany.com
manofmany.com — Cisco Umbrella Rank: 161439
317 KB
2 google.de
ampcid.google.de — Cisco Umbrella Rank: 42925
www.google.de — Cisco Umbrella Rank: 4915
961 B
2 google.com
ampcid.google.com — Cisco Umbrella Rank: 1778
www.google.com — Cisco Umbrella Rank: 17
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 101
124 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1516
595 B
1 btloader.com
btloader.com — Cisco Umbrella Rank: 1293
11 KB
1 videoplayerhub.com
publift-com.videoplayerhub.com — Cisco Umbrella Rank: 49801
539 B
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1442
37 KB
1 fuseplatform.net
cdn.fuseplatform.net — Cisco Umbrella Rank: 24597
94 KB
1 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3323
68 KB
1 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 67390
1 KB
85 20
Domain Requested by
44 bankingfor.me 5 redirects bankingfor.me
4 www.facebook.com bankingfor.me
4 connect.facebook.net bankingfor.me
connect.facebook.net
3 c.amazon-adsystem.com bankingfor.me
c.amazon-adsystem.com
3 quantcast.mgr.consensu.org bankingfor.me
quantcast.mgr.consensu.org
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
bankingfor.me
2 securepubads.g.doubleclick.net bankingfor.me
2 manofmany.com bankingfor.me
2 r.skimresources.com s.skimresources.com
2 p.skimresources.com bankingfor.me
2 t.skimresources.com bankingfor.me
s.skimresources.com
2 www.googletagmanager.com bankingfor.me
www.googletagmanager.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 platform-api.sharethis.com bankingfor.me
1 geo.privacymanager.io ats.rlcdn.com
1 btloader.com bankingfor.me
1 publift-com.videoplayerhub.com 1 redirects
1 ats.rlcdn.com bankingfor.me
1 cdn.fuseplatform.net bankingfor.me
1 cdn.onesignal.com bankingfor.me
1 www.google.de bankingfor.me
1 www.google.com bankingfor.me
1 stats.g.doubleclick.net www.google-analytics.com
1 ampcid.google.de www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 ampcid.google.com www.google-analytics.com
1 z-na.amazon-adsystem.com www.googletagmanager.com
1 s.skimresources.com www.googletagmanager.com
1 au-script.dotmetrics.net bankingfor.me
85 29
Subject Issuer Validity Valid
bankingfor.me
R3
2022-07-19 -
2022-10-17
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.dotmetrics.net
Amazon
2021-10-24 -
2022-11-21
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-04-27 -
2022-07-26
3 months crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA
2021-09-27 -
2022-10-28
a year crt.sh
ws-na.assoc-amazon.com
Amazon
2022-01-17 -
2023-01-16
a year crt.sh
*.google.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.google.de
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
www.google.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
www.google.de
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-03 -
2023-06-02
a year crt.sh
manofmany.com
Go Daddy Secure Certificate Authority - G2
2022-03-01 -
2023-03-11
a year crt.sh
*.cmp.quantcast.com
R3
2022-06-24 -
2022-09-22
3 months crt.sh
cdn.fuseplatform.net
R3
2022-06-06 -
2022-09-04
3 months crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.privacymanager.io
Amazon
2021-09-25 -
2022-10-24
a year crt.sh
sharethis.com
Amazon
2022-06-19 -
2023-07-18
a year crt.sh

This page contains 4 frames:

Primary Page: https://bankingfor.me/
Frame ID: D193FBE642416653A16970C85A2F1AAE
Requests: 88 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.7051293122005204
Frame ID: C3F34D50CB82BA4400698EED767205B4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0FF28D667A0C319EEF95572F4AABBA1C
Requests: 1 HTTP requests in this frame

Frame: https://bankingfor.me/
Frame ID: 4D28BD27F03A93E26BD36CD0D70C027D
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

While listening to a client.

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • /prebid\.js

Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

85
Requests

92 %
HTTPS

59 %
IPv6

20
Domains

29
Subdomains

29
IPs

4
Countries

2779 kB
Transfer

5112 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75
  • https://publift-com.videoplayerhub.com/galleryplayer.js HTTP 301
  • https://btloader.com/tag?h=publift-com&upapi=true
Request Chain 82
  • https://bankingfor.me/wp-content/themes/manofmany/images/share_facebook_square.svg HTTP 301
  • https://bankingfor.me/
Request Chain 83
  • https://bankingfor.me/wp-content/themes/manofmany/images/share_twitter_square.svg HTTP 301
  • https://bankingfor.me/
Request Chain 84
  • https://bankingfor.me/wp-content/themes/manofmany/images/share_pinterest_square.svg HTTP 301
  • https://bankingfor.me/
Request Chain 85
  • https://bankingfor.me/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1658188800 HTTP 301
  • https://bankingfor.me/
Request Chain 89
  • https://bankingfor.me/cdn-cgi/rum HTTP 301
  • https://bankingfor.me/

85 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bankingfor.me/
247 KB
69 KB
Document
General
Full URL
https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
21e0970c7c4ca4477544a71e09b666dbf024c039bb727988942abaaaba337322

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 19 Jul 2022 02:46:15 GMT
ETag
W/"62ce6eb8-3dac9"
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
clipboard.min.js%3Fver=1656905564
bankingfor.me/
10 KB
11 KB
Script
General
Full URL
https://bankingfor.me/clipboard.min.js%3Fver=1656905564
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f53211a4dbff6bcc04a6a82694c956e4bf5fe28286dc5c87592054ca4d3cfa36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:15 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-29a5"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10661
fuse.js
bankingfor.me/
460 KB
460 KB
Script
General
Full URL
https://bankingfor.me/fuse.js
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2c4c61577977c3c6e1cde8f02ca22fa5241e43b355f5c4eae0fb58101262a98a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:17 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-72f8d"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
470925
blocks.style.build.css%3Fver=1656905564.css
bankingfor.me/
3 KB
3 KB
Stylesheet
General
Full URL
https://bankingfor.me/blocks.style.build.css%3Fver=1656905564.css
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
077316018a76d8de0315f3b505fa9bde8002a38ee16396f28480b363f3120c93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:16 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-c8e"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3214
sbi-styles.min.css%3Fver=6.0.5.css
bankingfor.me/
24 KB
24 KB
Stylesheet
General
Full URL
https://bankingfor.me/sbi-styles.min.css%3Fver=6.0.5.css
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1871ae5674b537440872594488a2cee8cb792e8c66e6a695b607d716d1f94bd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:16 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-5fee"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24558
cookie-law-info-public.css%3Fver=1656905564.css
bankingfor.me/
3 KB
3 KB
Stylesheet
General
Full URL
https://bankingfor.me/cookie-law-info-public.css%3Fver=1656905564.css
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a3a896e1f596a54176d4f60c46851c25bd9667e0b13c56c9f7b8b9bfa156fb18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:16 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-cd0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3280
cookie-law-info-gdpr.css%3Fver=1656905564.css
bankingfor.me/
17 KB
18 KB
Stylesheet
General
Full URL
https://bankingfor.me/cookie-law-info-gdpr.css%3Fver=1656905564.css
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
379d9f7c61f689ae4abc38e7e49f4182d5622b9c7370cca2a2d2b46ef6c8533c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:16 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-4564"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17764
main.min.css%3Fver=48d4a4cd9d79c0444e57d597ce1c475c.css
bankingfor.me/
143 KB
143 KB
Stylesheet
General
Full URL
https://bankingfor.me/main.min.css%3Fver=48d4a4cd9d79c0444e57d597ce1c475c.css
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9dbd685c2ac53ecffb6b1907f3325a060df0d5208a1d3a89fd0c6dc70ab923b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:16 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-23aed"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
146157
post.min.css%3Fver=48d4a4cd9d79c0444e57d597ce1c475c.css
bankingfor.me/
14 KB
14 KB
Stylesheet
General
Full URL
https://bankingfor.me/post.min.css%3Fver=48d4a4cd9d79c0444e57d597ce1c475c.css
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c6b4a87a7ed4b3f3bd0ab5c949da6974a4833c9d2e62c66d10285eaa008ae64b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:16 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-3834"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14388
jquery.min.js%3Fver=3.6.0
bankingfor.me/
87 KB
88 KB
Script
General
Full URL
https://bankingfor.me/jquery.min.js%3Fver=3.6.0
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:16 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-15db1"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89521
jquery-migrate.min.js%3Fver=3.3.2
bankingfor.me/
11 KB
11 KB
Script
General
Full URL
https://bankingfor.me/jquery-migrate.min.js%3Fver=3.3.2
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:17 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-2bd8"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11224
cookie-law-info-public.js%3Fver=1656905564
bankingfor.me/
38 KB
38 KB
Script
General
Full URL
https://bankingfor.me/cookie-law-info-public.js%3Fver=1656905564
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
81b8c5b395bf12a5f04764520d725c989ccfafbf33f624879039c19720ab2a33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:17 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-975f"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38751
cookie-law-info-ccpa.js%3Fver=1656905564
bankingfor.me/
6 KB
6 KB
Script
General
Full URL
https://bankingfor.me/cookie-law-info-ccpa.js%3Fver=1656905564
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
35a31f3d674659c6133a578731c9052703e833ee92953426b0c2b9e73f3c96bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:17 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-175f"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5983
the_content-hook-script.js%3Fver=1656905581
bankingfor.me/
52 B
312 B
Script
General
Full URL
https://bankingfor.me/the_content-hook-script.js%3Fver=1656905581
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
473b02085c80cc8a1bb7593f30f4d218f7bd53c23ae0652feca323ec225dbc4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:17 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-34"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52
0bd48206165307e9ae7b2e20f7ed55ca.woff2
bankingfor.me/
17 KB
17 KB
Font
General
Full URL
https://bankingfor.me/0bd48206165307e9ae7b2e20f7ed55ca.woff2
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Request headers

Referer
https://bankingfor.me/
Origin
https://bankingfor.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:17 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-4398"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17304
0f9d3b560bae7d6283f13b731bc4f674.woff2
bankingfor.me/
20 KB
20 KB
Font
General
Full URL
https://bankingfor.me/0f9d3b560bae7d6283f13b731bc4f674.woff2
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51

Request headers

Referer
https://bankingfor.me/
Origin
https://bankingfor.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:17 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-4fdc"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20444
06ecc05a7b4f2f90ce64d3183b934287.woff2
bankingfor.me/
22 KB
22 KB
Font
General
Full URL
https://bankingfor.me/06ecc05a7b4f2f90ce64d3183b934287.woff2
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
62d5040b4c68f23598726ba32798f9465c6a6cc06d102e7cdc31bc76c0007497

Request headers

Referer
https://bankingfor.me/
Origin
https://bankingfor.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:17 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-5814"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22548
80fe119e5efa3911b9d61b265f723b3d.woff2
bankingfor.me/
15 KB
16 KB
Font
General
Full URL
https://bankingfor.me/80fe119e5efa3911b9d61b265f723b3d.woff2
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Request headers

Referer
https://bankingfor.me/
Origin
https://bankingfor.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:17 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-3d74"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15732
687db462348574d9464045c3fdd5a163.woff2
bankingfor.me/
22 KB
22 KB
Font
General
Full URL
https://bankingfor.me/687db462348574d9464045c3fdd5a163.woff2
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2b5365ef1cef7674b470b457cd272d7c208c90acd976e5fe6dd92131e94f15bd

Request headers

Referer
https://bankingfor.me/
Origin
https://bankingfor.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:17 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-57b4"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22452
aa23b7b4bcf2b8f0e876106bb3de69c6.woff2
bankingfor.me/
15 KB
16 KB
Font
General
Full URL
https://bankingfor.me/aa23b7b4bcf2b8f0e876106bb3de69c6.woff2
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Request headers

Referer
https://bankingfor.me/
Origin
https://bankingfor.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:17 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-3d48"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15688
9126e37748c1ee76d20fb783efef135b.woff2
bankingfor.me/
21 KB
21 KB
Font
General
Full URL
https://bankingfor.me/9126e37748c1ee76d20fb783efef135b.woff2
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb

Request headers

Referer
https://bankingfor.me/
Origin
https://bankingfor.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:17 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-5250"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21072
bf28241e67511184c14dbd0ef7d39f91.woff2
bankingfor.me/
15 KB
16 KB
Font
General
Full URL
https://bankingfor.me/bf28241e67511184c14dbd0ef7d39f91.woff2
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Request headers

Referer
https://bankingfor.me/
Origin
https://bankingfor.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:17 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-3dd4"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15828
e4f11143c6bf4e4aa3c65df0dc2f0cb6.woff2
bankingfor.me/
17 KB
17 KB
Font
General
Full URL
https://bankingfor.me/e4f11143c6bf4e4aa3c65df0dc2f0cb6.woff2
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762

Request headers

Referer
https://bankingfor.me/
Origin
https://bankingfor.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:17 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-444c"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17484
fa61eccc5d911d604a8739a7c9dc8bcb.woff2
bankingfor.me/
21 KB
21 KB
Font
General
Full URL
https://bankingfor.me/fa61eccc5d911d604a8739a7c9dc8bcb.woff2
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8

Request headers

Referer
https://bankingfor.me/
Origin
https://bankingfor.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:17 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-5258"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21080
gpt.js
bankingfor.me/
81 KB
81 KB
Script
General
Full URL
https://bankingfor.me/gpt.js
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
383c7bde982cc7d6de10a49c5c2acb824f2c635fe733e97b637bd3da697a0baa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:17 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-142be"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
82622
cookie-law-info-table.css%3Fver=1656905564.css
bankingfor.me/
5 KB
5 KB
Stylesheet
General
Full URL
https://bankingfor.me/cookie-law-info-table.css%3Fver=1656905564.css
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
484d2a59ebf4bec600c4d20aed383a0a38ee33d6d7043d31c0fcc423143222b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:16 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-147d"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5245
frontend.js%3Fver=1656905564
bankingfor.me/
6 KB
6 KB
Script
General
Full URL
https://bankingfor.me/frontend.js%3Fver=1656905564
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bfc74007a5da34364b70616b6ffadd05fa20152073a517793c9bc10634a92e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:18 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-16f0"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5872
OneSignalSDK.js%3Fver=1656905565
bankingfor.me/
9 KB
9 KB
Script
General
Full URL
https://bankingfor.me/OneSignalSDK.js%3Fver=1656905565
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
397dfcc83d0e338d7f98d937a1daca6cefb9bacf059cccb194f4fde89675bfb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:18 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-2388"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9096
responsive-video.js%3Fver=1656905565
bankingfor.me/
684 B
946 B
Script
General
Full URL
https://bankingfor.me/responsive-video.js%3Fver=1656905565
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2bcec157baea1c77ca890c3d2f471bcada2504c16ae7876364e085650501b648

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:18 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-2ac"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
684
lazyload.min.js
bankingfor.me/
8 KB
8 KB
Script
General
Full URL
https://bankingfor.me/lazyload.min.js
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:18 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-2063"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8291
main.min.js%3Fver=48d4a4cd9d79c0444e57d597ce1c475c
bankingfor.me/
179 KB
179 KB
Script
General
Full URL
https://bankingfor.me/main.min.js%3Fver=48d4a4cd9d79c0444e57d597ce1c475c
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
96422a1099ab76b3082abe7407f7b2d2f0e71501be555d9a07848de348e71cb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:18 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-2cab3"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
182963
post.min.js%3Fver=48d4a4cd9d79c0444e57d597ce1c475c
bankingfor.me/
15 KB
15 KB
Script
General
Full URL
https://bankingfor.me/post.min.js%3Fver=48d4a4cd9d79c0444e57d597ce1c475c
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8d15deb2b11b198645003645b73d793952750a2c6d3aa92a997bcda7d4e1d3bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:18 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-3a6f"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14959
v652eace1692a40cfa3763df669d7439c1639079717194
bankingfor.me/
14 KB
14 KB
Script
General
Full URL
https://bankingfor.me/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://bankingfor.me/
Origin
https://bankingfor.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:18 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-3692"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13970
gtm.js
www.googletagmanager.com/
147 KB
53 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5LQ4WZW
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b56132741e954a21ab17dc7d0d0c39c31bd8066217ece4ee4dceb5340d1fa84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:17 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53547
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 00:34:34 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 19 Jul 2022 02:46:17 GMT
door.js
au-script.dotmetrics.net/
69 B
1 KB
Script
General
Full URL
https://au-script.dotmetrics.net/door.js?d=bankingfor.me&t=watches
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-62.fra50.r.cloudfront.net
Software
Kestrel /
Resource Hash
d28a575c57591aa6256f31f4982e8f37132bef8525060bae2b2bfee3df42ba95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:18 GMT
content-encoding
br
server
Kestrel
x-amz-cf-pop
FRA50-C1
etag
".bankingfor.me.watches.208.2022071902"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
cache-control
private
content-type
application/javascript
x-amz-cf-id
UqVWjXmYSxshJw7lZww5c31J80OACa3S-gtbb_vPrlpo7klg3bpPbw==
truncated
/
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d33684975b2b9ec8d2fbc0422ee3c9591bc2cf6e54ee5457ca6b586025424354

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd6622300d2454b8cca34802b8e39b34906c08474bfe7154031f98cb8e333a97

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b606b9857c4d9d600a8244a86afaaf445bc1dcb5b7ecb5981e0b128196a3785

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
898b89159bba6943b772aaf1eeb2c3d202b4c57e74964cee22d2abdd655d01be

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbec7579d8c2963f13b8ef90847bef861b534371bfd2dab99ebb09ff1528b0e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
69 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75e0fe33a139622cde1d4bacdef52e609e623b514c56b113c69568fa16c23a12

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
js
www.googletagmanager.com/gtag/
198 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FDC1JYN3F5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LQ4WZW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3bacf9b5c1ca83ff190bea5d578f236f5a21f4dd2dcb0895b24175d0a16e0215
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:17 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72371
x-xss-protection
0
expires
Tue, 19 Jul 2022 02:46:17 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LQ4WZW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6020
date
Tue, 19 Jul 2022 01:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 19 Jul 2022 03:05:57 GMT
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26001
x-xss-protection
0
pragma
public
x-fb-debug
e1xNWWMSTQA83gopEtNAX68hpP74AtZlpY90sBg++gOZUZDkPHjpg3mq7kuBG1dBKisI+YoYeCjteoS13f1JXg==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 19 Jul 2022 02:46:17 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1451d1cc791e72f225b3fdca952e1604b1bf63094410b32402a9f706eb6ff2bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
uppsCq70zAQxEBhlUattHw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 19 Jul 2022 03:01:18 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
emiI8hJRnfHVAXgSEAqc0eDPl3f5ldGiL3PISe7QIloiHGBQuHZDnuuRgngF/a0zHSr0ENF+EEGKSJMEEwaS2Q==
x-fb-trip-id
686109401
x-fb-content-md5
0207e864d4f87d9ad88daf572ee43575
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 19 Jul 2022 02:46:17 GMT
x-frame-options
DENY
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"13866f3f8e1b259b0eb81a686574fc4f"
timing-allow-origin
*
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
57103X1340889.skimlinks.js
s.skimresources.com/js/
56 KB
21 KB
Script
General
Full URL
https://s.skimresources.com/js/57103X1340889.skimlinks.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LQ4WZW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e00b491d69c3dad66b7c1ab46d50b17b8160ae184bd5261ccd0a3b8fe4ec6e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:17 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 10:49:23 GMT
server
AmazonS3
x-amz-request-id
69Q8FVMX8WAEA31P
etag
"1a35b5415827ccf8905d480ed66ce225"
x-hw
1658198777.cds142.fr8.hn,1658198777.cds161.fr8.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
20706
x-amz-id-2
W1DJaPJOyAUfcadwlaZe08yOnITz9Z4Up/yZ9F23xbZteptFeWoE/mgw1qdNn2qE2rtcGT+ZrPU=
onejs
z-na.amazon-adsystem.com/widgets/
22 KB
8 KB
Script
General
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=30652b6e-1a7f-474a-8cc1-cc577eaec22a
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LQ4WZW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-64.fra50.r.cloudfront.net
Software
Server /
Resource Hash
ec576270583c7a0d8fc1f6595e8e33be91d3dcfc05d1aa3091f76be165f36a46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
Public
date
Tue, 19 Jul 2022 02:45:43 GMT
content-encoding
gzip
server
Server
age
34
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop
FRA50-C1
content-length
7390
via
1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
x-amz-cf-id
Pz8QZYXZj9kDeBjaMFAhrIMpFFWFAQL--3s_Va0QQNbOGVUqT9lD0g==
expires
Tue, 19 Jul 2022 02:50:43 GMT
sdk.js
connect.facebook.net/en_US/
294 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f7965ed8dfa0f5670b1fabeafd9bd751
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8acc7825e07370bcfa59777c364e5d85039689e3c9dbc93f5e63277b2004bd38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bankingfor.me/
Origin
https://bankingfor.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
dgi/aivhPSzc3gNRTIVFKQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85964
x-fb-rlafr
0
x-fb-debug
XLRai/fceadqc2hgTGCL9i2KMqxL4fHXE1k3g5Lsctx4sT2r3PUDpGC1K+oR0iDDJOQES6V43D/yvrgb3hIa8g==
x-fb-content-md5
01df8184662e3b9c538c11c514805b34
x-frame-options
DENY
date
Tue, 19 Jul 2022 02:46:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"2fcf5209514250643b4156b021f20583"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 19 Jul 2023 02:24:27 GMT
publisher:getClientId
ampcid.google.com/v1/
74 B
531 B
XHR
General
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bankingfor.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Jul 2022 02:46:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://bankingfor.me
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
509509486094005
connect.facebook.net/signals/config/
292 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/509509486094005?v=2.9.65&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
51e7d460aee6f70efe2da1ff2b1966ee6db1c5ef2bd61d9db1da734ba7f536e3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85776
x-xss-protection
0
pragma
public
x-fb-debug
c1iZz9VEGl7ZR2wVmq2bLBN/jh/hNYeZvgs/fWupfEYeJ85Y5z27MzN9hGFSzMrnBIgnyYpdYM7Vv9jRiW44xQ==
x-frame-options
DENY
date
Tue, 19 Jul 2022 02:46:17 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
346 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FDC1JYN3F5&gtm=2oe7i0&_p=551058015&_z=ccd.v9B&cid=199438449.1658198778&ul=en-us&sr=1600x1200&_s=1&sid=1658198777&sct=1&seg=0&dl=https%3A%2F%2Fbankingfor.me%2F&dt=While%20listening%20to%20a%20client.&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FDC1JYN3F5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 02:46:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bankingfor.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
robots.txt
t.skimresources.com/api/v2/ Frame C3F3
0
134 B
Image
General
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.7051293122005204
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:17 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/
43 B
276 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=4.087745946200389
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:17 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/
43 B
102 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=4.087745946200389
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:17 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
/
r.skimresources.com/api/
177 B
391 B
XHR
General
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/57103X1340889.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
b17191bc58e24625d71febf0c2503d0065b406f14aafd18a7f3af6e72c4af32c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://bankingfor.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 19 Jul 2022 02:46:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://bankingfor.me
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=509509486094005&ev=PageView&dl=https%3A%2F%2Fbankingfor.me%2F&rl=&if=false&ts=1658198777676&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658198777675.1149414&it=1658198777622&coo=false&exp=u0&rqm=GET
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 19 Jul 2022 02:46:17 GMT
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=509509486094005&ev=ViewContent&dl=https%3A%2F%2Fbankingfor.me%2F&rl=&if=false&ts=1658198777677&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658198777675.1149414&it=1658198777622&coo=false&exp=u0&rqm=GET
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 19 Jul 2022 02:46:17 GMT
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=509509486094005&ev=Search&dl=https%3A%2F%2Fbankingfor.me%2F&rl=&if=false&ts=1658198777677&sw=1600&sh=1200&v=2.9.65&r=stable&ec=2&o=30&fbp=fb.1.1658198777675.1149414&it=1658198777622&coo=false&exp=u0&rqm=GET
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 19 Jul 2022 02:46:17 GMT
publisher:getClientId
ampcid.google.de/v1/
3 B
460 B
XHR
General
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bankingfor.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Jul 2022 02:46:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://bankingfor.me
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=551058015&t=pageview&_s=1&dl=https%3A%2F%2Fbankingfor.me%2F&dp=https%3A%2F%2Fbankingfor.me%2F&ul=en-us&de=UTF-8&dt=While%20listening%20to%20a%20client.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAQCAC~&jid=422509965&gjid=1955223908&cid=199438449.1658198778&tid=UA-34930460-1&_gid=1405222061.1658198778&_r=1&gtm=2wg7i05LQ4WZW&cd3=2022-03-30&z=981505358
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bankingfor.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 02:46:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bankingfor.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=551058015&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbankingfor.me%2F&dp=https%3A%2F%2Fbankingfor.me%2F&ul=en-us&de=UTF-8&dt=While%20listening%20to%20a%20client.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Article%20View&ea=Jacob%20Osborn&_u=YADAAEABAAQCAC~&jid=&gjid=&cid=199438449.1658198778&tid=UA-34930460-1&_gid=1405222061.1658198778&gtm=2wg7i05LQ4WZW&cd3=2022-03-30&cd1=Jacob%20Osborn&z=570437413
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Jul 2022 18:51:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28489
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
r.skimresources.com/api/
177 B
171 B
XHR
General
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/57103X1340889.skimlinks.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
b17191bc58e24625d71febf0c2503d0065b406f14aafd18a7f3af6e72c4af32c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://bankingfor.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 19 Jul 2022 02:46:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://bankingfor.me
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
collect
stats.g.doubleclick.net/j/
4 B
441 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-34930460-1&cid=199438449.1658198778&jid=422509965&gjid=1955223908&_gid=1405222061.1658198778&_u=YADAAEAAAAQCAC~&z=625405073
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bankingfor.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 19 Jul 2022 02:46:17 GMT
content-type
text/plain
access-control-allow-origin
https://bankingfor.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
page
t.skimresources.com/api/v2/
22 B
43 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/57103X1340889.skimlinks.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bankingfor.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 02:46:17 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://bankingfor.me
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34930460-1&cid=199438449.1658198778&jid=422509965&_u=YADAAEAAAAQCAC~&z=1092998945
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 02:46:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34930460-1&cid=199438449.1658198778&jid=422509965&_u=YADAAEAAAAQCAC~&z=1092998945
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 02:46:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 0FF2
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://bankingfor.me
Referer
https://bankingfor.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://bankingfor.me
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 19 Jul 2022 02:46:18 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
283 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/OneSignalSDK.js%3Fver=1656905565
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72d0203c58bd9299-FRA
date
Tue, 19 Jul 2022 02:46:18 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
3252
etag
W/"0e269028feac530d16f00d8dad8ece74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 22 Jul 2022 02:46:18 GMT
Luxury-Watch-Brands-Feature-Image.jpg
manofmany.com/wp-content/uploads/2021/06/
315 KB
315 KB
Image
General
Full URL
https://manofmany.com/wp-content/uploads/2021/06/Luxury-Watch-Brands-Feature-Image.jpg
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:77f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3a1f064b24a5282320120498daef478ae281ff6e25f65a50eb3b572c95b162a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:18 GMT
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
age
286654
cf-polished
origSize=322310, status=webp_bigger
x-cache
PASS
content-type
image/jpeg
x-host
varnish-1
strict-transport-security
max-age=2592000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
322277
last-modified
Tue, 29 Jun 2021 07:32:57 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"60dacca9-4eb06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
15606735
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
72d0203caf136904-FRA
cf-bgj
imgq:100,h2pri
pubads_impl_2022070701.js
securepubads.g.doubleclick.net/gpt/
374 KB
128 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
31918f5f4ce49eaa63265c0b72b9a22886ed6eb95081772a3fbc1a0151a6e63c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 09:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130611
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 08:36:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 18 Jul 2023 09:42:24 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
46 B
694 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bankingfor.me
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
093d4feb576357a3c6fe05f7482b3c34864a10cf2b7e6bb4205bc4b20acccee8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Jul 2022 02:46:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58
x-xss-protection
0
expires
Tue, 19 Jul 2022 02:46:18 GMT
link-b.svg
manofmany.com/wp-content/themes/manofmany/images/
2 KB
2 KB
Image
General
Full URL
https://manofmany.com/wp-content/themes/manofmany/images/link-b.svg
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:77f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da69969c70516de778f359d8bb64761155e7c29a69d281058573de1991fe0a60
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-cacheable
NO:Not Cacheable
age
1292909
cf-ray
72d0203cbf146904-FRA
x-cache
PASS
x-host
varnish-1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 08 May 2022 22:36:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"627845df-8f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
x-varnish
524312
cache-control
max-age=315360000
content-type
image/svg+xml
expires
Thu, 31 Dec 2037 23:55:55 GMT
choice.js
quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/bankingfor.me/
0
437 B
XHR
General
Full URL
https://quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/bankingfor.me/choice.js
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:17 GMT
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA50-C1
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
https://bankingfor.me
access-control-max-age
3000
cache-control
max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
x-cache
Error from cloudfront
x-amz-cf-id
Mz3nq52I5ccoTYMsDbU8v4zJ2AVmyOb0DBcukUO_2RJ7z0I3VR6QWA==
prebid.js
cdn.fuseplatform.net/publift/tags/2/1172/
298 KB
94 KB
Script
General
Full URL
https://cdn.fuseplatform.net/publift/tags/2/1172/prebid.js
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
597507c4dd41c2cc4ddceab1d24b83e677175dc15f49b525267fa0e64c3b5ff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:18 GMT
content-encoding
gzip
last-modified
Mon, 20 Jun 2022 02:31:56 GMT
server
AkamaiNetStorage
etag
"d49751e9bc12a537587bd355a28f7182:1655692316.186706"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1800
accept-ranges
bytes
content-length
95789
expires
Tue, 19 Jul 2022 03:16:18 GMT
apstag.js
c.amazon-adsystem.com/aax2/
140 KB
39 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-93-3.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 19 Jul 2022 02:14:21 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront), 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified
Thu, 30 Jun 2022 20:51:40 GMT
server
AmazonS3
age
1918
etag
W/"72916dde70b34122b394074010b382ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA50-C1
content-encoding
gzip
x-amz-cf-id
5TbyBCrbHFxLJzJWOd4b3xyh0zpxQjbcyjIpba_jJO0qUtA03RfYSQ==
ats.js
ats.rlcdn.com/
109 KB
37 KB
Script
General
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-3.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
gzip
etag
W/"148e21f812b555a13b2a9c6b616141f4"
age
72487
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
date
Mon, 18 Jul 2022 06:38:12 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
imzoEP1CP4oMUGjATQmmGA4IDaOSliFsojWJ1exOO75L_xavkskdrQ==
tag
btloader.com/
Redirect Chain
  • https://publift-com.videoplayerhub.com/galleryplayer.js
  • https://btloader.com/tag?h=publift-com&upapi=true
35 KB
11 KB
Script
General
Full URL
https://btloader.com/tag?h=publift-com&upapi=true
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
H2
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebef8eb290b45410c1038671bcee91dada4edcc8db0e6e1be2741524cca557f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:18 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3243
content-length
10156
last-modified
Tue, 19 Jul 2022 01:52:09 GMT
server
cloudflare
etag
"9a70047caacfe89c21f696d54c8c9fcb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=batYzi4kroYH%2BLXFvthvBENRXRbUKZwbQ2Zdwi2G53qVeImOnZAdEDVLrrOPwEl13V7ZX1akrRkYq%2B5SoFLnxMjOyQTNzGhKitDUw8kIt3AfQyYuUahnUgHqmhaMCWpzTvSOJJ654LQUZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
via
1.1 google
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400, no-transform
accept-ranges
bytes
cf-ray
72d0203d8c7c91dd-FRA

Redirect headers

date
Tue, 19 Jul 2022 02:46:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yluEuOHM1ZXN80NfmJfSy8klkC2uA3VjWNdJEbs5He391zs26pJBWwwiog2GDXMbaMRy3OXEEZMB1LTcr%2BKREi%2BaxzTgyR0z73bBlx%2BoufTGB4xT2%2F%2BwXdehoIEWUD2a2qBKfG0TJ4%2FgL3fkAYGAayWcGvWz3gk9v5hIg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=publift-com&upapi=true
cache-control
max-age=3600
cf-ray
72d0203d2b3668ef-FRA
expires
Tue, 19 Jul 2022 03:46:18 GMT
/
geo.privacymanager.io/
30 B
595 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-82.fra50.r.cloudfront.net
Software
/
Resource Hash
a79f00e0930c3c99dbebf0a0f79384a8ab93dc88bb87e04b572f51a3b4b8367e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 06:52:38 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront), 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
age
71620
x-amzn-requestid
beeb775b-07ad-4bd5-9374-50a366007e32
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62d50336-0c2e18b24b7bb31d6f08d3cd;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA50-C1
x-amz-apigw-id
Vc1weG66DoEFl5Q=
content-length
30
x-amz-cf-id
Ab5x7THE3iCf0_jE4QRxn9fZcmvA0ovMl4kknsgSYJNns6QpLdSkJA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-93-3.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:19 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Wed, 29 Jun 2022 23:14:57 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
content-type
application/javascript
x-amz-cf-id
O1nOumYwq7PvVdMYj5amfP0YYWUvM2rsQ18GXQNimISwvt8Zp77y_g==
config
c.amazon-adsystem.com/cdn/prod/
0
303 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fbankingfor.me&pubid=8b48e249-e9e6-4a52-8b48-396ea93403e8
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-93-3.fra50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:18 GMT
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://bankingfor.me
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
yYFW2jljPuBcXEmZc2D9CfZnBwjIJq56Aa9zTtj9dyrLcVOfXXjWZg==
choice.js
quantcast.mgr.consensu.org/
3 KB
1 KB
Script
General
Full URL
https://quantcast.mgr.consensu.org/choice.js
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70d4d7732038bafed4923d082813743f1574c2c486829e9cb40ef91754995ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:45:43 GMT
content-encoding
br
etag
W/"152419aec08a79823165ba7ac2461d1d"
last-modified
Thu, 21 Jan 2021 17:35:15 GMT
server
AmazonS3
age
40
x-amz-server-side-encryption
AES256
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
9PwNM18Tl1-RD9jdweAI4eTM7q9N8A6P9ezhNOClkDnta5WEgk2DTA==
sharethis.js
platform-api.sharethis.com/js/
188 KB
42 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/main.min.js%3Fver=48d4a4cd9d79c0444e57d597ce1c475c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-14.fra50.r.cloudfront.net
Software
/
Resource Hash
c873718c2f520f4568851388561dc337aa6af0063b6d5b3bc94e7680fa7b7e61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:38:29 GMT
content-encoding
gzip
vary
Accept-Encoding
age
469
etag
W/"2f0e2-60l42D+2FfpJ7EEx6R3Sj1Npl9Q"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-amz-cf-pop
FRA50-C1
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
LsXol-GnEVHs04Lm42vjP71NCw1WbIt3yGwgoxUIMSjzNv_lXTlWRQ==
539e99d446cb3041bd20da079707d390.svg
bankingfor.me/
237 B
487 B
Image
General
Full URL
https://bankingfor.me/539e99d446cb3041bd20da079707d390.svg
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/main.min.css%3Fver=48d4a4cd9d79c0444e57d597ce1c475c.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0168932fb62e76afd686711aa32ebc48087c0d3aa173a213af7cfec4a2575078

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/main.min.css%3Fver=48d4a4cd9d79c0444e57d597ce1c475c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:18 GMT
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ce6eb8-ed"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
237
/
bankingfor.me/
Redirect Chain
  • https://bankingfor.me/wp-content/themes/manofmany/images/share_facebook_square.svg
  • https://bankingfor.me/
56 KB
56 KB
Image
General
Full URL
https://bankingfor.me/
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"62ce6eb8-3dac9"
Transfer-Encoding
chunked
Content-Type
text/html
Connection
keep-alive

Redirect headers

Location
https://bankingfor.me/
Date
Tue, 19 Jul 2022 02:46:18 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
178
Content-Type
text/html
/
bankingfor.me/
Redirect Chain
  • https://bankingfor.me/wp-content/themes/manofmany/images/share_twitter_square.svg
  • https://bankingfor.me/
11 KB
11 KB
Image
General
Full URL
https://bankingfor.me/
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"62ce6eb8-3dac9"
Transfer-Encoding
chunked
Content-Type
text/html
Connection
keep-alive

Redirect headers

Location
https://bankingfor.me/
Date
Tue, 19 Jul 2022 02:46:18 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
178
Content-Type
text/html
/
bankingfor.me/
Redirect Chain
  • https://bankingfor.me/wp-content/themes/manofmany/images/share_pinterest_square.svg
  • https://bankingfor.me/
56 KB
56 KB
Image
General
Full URL
https://bankingfor.me/
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"62ce6eb8-3dac9"
Transfer-Encoding
chunked
Content-Type
text/html
Connection
keep-alive

Redirect headers

Location
https://bankingfor.me/
Date
Tue, 19 Jul 2022 02:46:18 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
178
Content-Type
text/html
/
bankingfor.me/ Frame 4D28
Redirect Chain
  • https://bankingfor.me/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1658188800
  • https://bankingfor.me/
247 KB
69 KB
Script
General
Full URL
https://bankingfor.me/
Requested by
Host: bankingfor.me
URL: https://bankingfor.me/
Protocol
HTTP/1.1
Server
52.63.87.65 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-87-65.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
21e0970c7c4ca4477544a71e09b666dbf024c039bb727988942abaaaba337322

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"62ce6eb8-3dac9"
Transfer-Encoding
chunked
Content-Type
text/html
Connection
keep-alive

Redirect headers

Location
https://bankingfor.me/
Date
Tue, 19 Jul 2022 02:46:18 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
178
Content-Type
text/html
admin-ajax.php
manofmany.com/wp-admin/
0
0

cmp.js
quantcast.mgr.consensu.org/
16 KB
6 KB
Script
General
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:33:10 GMT
content-encoding
br
etag
W/"51870ee6d5cb32ca5311356b296af21f"
last-modified
Tue, 09 Mar 2021 20:17:06 GMT
server
AmazonS3
age
793
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
pz_EPm7rCgYUfLhWQGT1dVkuRvbhbDvUaNb_QJnH2iQp2fr3rcuE7g==
5a7789b187331000110e4b3c.js
buttons-config.sharethis.com/js/
487 B
904 B
Script
General
Full URL
https://buttons-config.sharethis.com/js/5a7789b187331000110e4b3c.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af6245de37ebb8c3b8313e06d9fc45ac00e8b62ab5815649b64c15d969a39e1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 02:46:18 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified
Tue, 06 Feb 2018 01:44:16 GMT
server
AmazonS3
age
4
etag
"718dcd72b6762542748d062db84307fc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=60,public
accept-ranges
bytes
x-amz-cf-pop
FRA50-C1
strict-transport-security
max-age=31536000; includeSubDomains
content-length
487
x-amz-cf-id
s7pPuKTa4EoGAAmZEj1rjRxGy2hNN48GRYkAvn_HeZtyXPnUxONfEA==
/
bankingfor.me/
Redirect Chain
  • https://bankingfor.me/cdn-cgi/rum?
  • https://bankingfor.me/
247 KB
69 KB
XHR

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bankingfor.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 02:46:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Jul 2022 07:05:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"62ce6eb8-3dac9"
Transfer-Encoding
chunked
Content-Type
text/html
Connection
keep-alive

Redirect headers

Location
https://bankingfor.me/
Date
Tue, 19 Jul 2022 02:46:19 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
178
Content-Type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
manofmany.com
URL
https://manofmany.com/wp-admin/admin-ajax.php?action=cli_get_settings_json

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| href function| ClipboardJS undefined| $ function| jQuery object| Cli_Data object| log_object object| ccpa_data object| dataLayer string| fn_pageskin object| fusetag object| dm boolean| is_block_infinite_scroll object| momShareData object| __APP object| wpilFrontend function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| render_header_ad function| wprRemoveCPCSS object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| skimlinks_settings object| FB object| gaplugins function| onYouTubeIframeAPIReady object| gaGlobal function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| __buffer function| amazon_assoc_ir_f_call_associates_ads function| amazon_assoc_ir_f_call function| amzn_assoc_ad_spec_type object| amzn_assoc_ad_spec object| amzn_assoc_ad_async_spec object| adUnitDeliveryNetwork object| slotCounter function| cmManager object| amzn_assoc_cm boolean| amzn_assoc_enable_abs object| amzn_assoc_internal_params function| assocUtilsMaker object| amzn_assoc_utils object| amzn_assoc_ad object| blockedMarketPlacesJson object| blockedViewerCountriesJson object| gaData object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP function| wpil_link_clicked function| openLinksInNewTab function| hasParentElements function| makeAjaxCall function| callWithJquery function| callWithVanilla function| getLinkLocation function| OneSignal function| LazyLoad object| googletag object| ggeac object| google_js_reporting_queue object| fusePbjs function| __tcfapi object| apstag object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy number| __oneSignalSdkLoadCount undefined| google_measure_js_timing object| ats boolean| apstagLOADED object| __bt_tag_d object| __bt_intrnl function| fusePbjsChunk object| pbjs object| _gsQueue function| Hammer object| __wae function| log function| requestAnimFrame object| __cfBeacon function| __cmp object| core function| __uspapi object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__

11 Cookies

Domain/Path Name / Value
.bankingfor.me/ Name: _ga_FDC1JYN3F5
Value: GS1.1.1658198777.1.0.1658198777.0
.bankingfor.me/ Name: _fbp
Value: fb.1.1658198777675.1149414
.bankingfor.me/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.bankingfor.me/ Name: _ga
Value: GA1.2.199438449.1658198778
.bankingfor.me/ Name: _gid
Value: GA1.2.1405222061.1658198778
.bankingfor.me/ Name: _gat_UA-34930460-1
Value: 1
au-script.dotmetrics.net/ Name: AWSALBCORS
Value: 02m0jpvOHWwqWDEv3RuoHtLJXk6NO+WEFy/jlF1dHzuLnWaQaCOf9VT00iEXQsbwNmZJnWl+Y0Ql12zR4wCesJIih5oMu4+f1Na6xZG08SUhLgktT//9S+ufCZZH
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=82ba11ea-797a-4150-a8b9-5ad015d261a6&Created=07/19/2022 02:46:18&UserMode=0&guid=346af920-1117-4860-bae1-fa972f9833a0&ver=1
bankingfor.me/ Name: _lr_geo_location
Value: DE
cdn.fuseplatform.net/ Name: akacd_manofmany
Value: 1660790778~rv=61~id=81a1746ebf46d07069d278fe88391536

3 Console Messages

Source Level URL
Text
javascript warning URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=30652b6e-1a7f-474a-8cc1-cc577eaec22a
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript error URL: https://bankingfor.me/
Message:
Access to XMLHttpRequest at 'https://manofmany.com/wp-admin/admin-ajax.php?action=cli_get_settings_json' from origin 'https://bankingfor.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://manofmany.com/wp-admin/admin-ajax.php?action=cli_get_settings_json
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampcid.google.com
ampcid.google.de
ats.rlcdn.com
au-script.dotmetrics.net
bankingfor.me
btloader.com
buttons-config.sharethis.com
c.amazon-adsystem.com
cdn.fuseplatform.net
cdn.onesignal.com
connect.facebook.net
geo.privacymanager.io
manofmany.com
p.skimresources.com
platform-api.sharethis.com
publift-com.videoplayerhub.com
quantcast.mgr.consensu.org
r.skimresources.com
region1.google-analytics.com
s.skimresources.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
t.skimresources.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
z-na.amazon-adsystem.com
manofmany.com
143.204.89.14
143.204.89.3
143.204.89.62
143.204.89.82
143.204.93.3
143.204.95.64
151.139.128.11
172.217.23.98
2001:4860:4802:34::36
2600:9000:2156:c200:c:abe:f440:93a1
2600:9000:2156:e00:9:46dc:4700:93a1
2606:4700:10::6816:77f
2606:4700:20::681a:78b
2606:4700:20::ac43:4acf
2606:4700::6812:e134
2a00:1450:4001:802::2004
2a00:1450:4001:802::2008
2a00:1450:4001:810::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200e
2a00:1450:400c:c0c::9a
2a02:26f0:6c00::210:ba08
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.190.59.101
35.190.91.160
35.201.67.47
52.63.87.65
0168932fb62e76afd686711aa32ebc48087c0d3aa173a213af7cfec4a2575078
023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
077316018a76d8de0315f3b505fa9bde8002a38ee16396f28480b363f3120c93
093d4feb576357a3c6fe05f7482b3c34864a10cf2b7e6bb4205bc4b20acccee8
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1451d1cc791e72f225b3fdca952e1604b1bf63094410b32402a9f706eb6ff2bb
1871ae5674b537440872594488a2cee8cb792e8c66e6a695b607d716d1f94bd7
21e0970c7c4ca4477544a71e09b666dbf024c039bb727988942abaaaba337322
2b5365ef1cef7674b470b457cd272d7c208c90acd976e5fe6dd92131e94f15bd
2bcec157baea1c77ca890c3d2f471bcada2504c16ae7876364e085650501b648
2c4c61577977c3c6e1cde8f02ca22fa5241e43b355f5c4eae0fb58101262a98a
31918f5f4ce49eaa63265c0b72b9a22886ed6eb95081772a3fbc1a0151a6e63c
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35a31f3d674659c6133a578731c9052703e833ee92953426b0c2b9e73f3c96bc
379d9f7c61f689ae4abc38e7e49f4182d5622b9c7370cca2a2d2b46ef6c8533c
383c7bde982cc7d6de10a49c5c2acb824f2c635fe733e97b637bd3da697a0baa
397dfcc83d0e338d7f98d937a1daca6cefb9bacf059cccb194f4fde89675bfb4
3b56132741e954a21ab17dc7d0d0c39c31bd8066217ece4ee4dceb5340d1fa84
3bacf9b5c1ca83ff190bea5d578f236f5a21f4dd2dcb0895b24175d0a16e0215
3e00b491d69c3dad66b7c1ab46d50b17b8160ae184bd5261ccd0a3b8fe4ec6e8
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb
473b02085c80cc8a1bb7593f30f4d218f7bd53c23ae0652feca323ec225dbc4f
484d2a59ebf4bec600c4d20aed383a0a38ee33d6d7043d31c0fcc423143222b3
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8
4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762
51e7d460aee6f70efe2da1ff2b1966ee6db1c5ef2bd61d9db1da734ba7f536e3
597507c4dd41c2cc4ddceab1d24b83e677175dc15f49b525267fa0e64c3b5ff7
5b606b9857c4d9d600a8244a86afaaf445bc1dcb5b7ecb5981e0b128196a3785
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a
62d5040b4c68f23598726ba32798f9465c6a6cc06d102e7cdc31bc76c0007497
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
70d4d7732038bafed4923d082813743f1574c2c486829e9cb40ef91754995ba5
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
75e0fe33a139622cde1d4bacdef52e609e623b514c56b113c69568fa16c23a12
7ebef8eb290b45410c1038671bcee91dada4edcc8db0e6e1be2741524cca557f
81b8c5b395bf12a5f04764520d725c989ccfafbf33f624879039c19720ab2a33
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
898b89159bba6943b772aaf1eeb2c3d202b4c57e74964cee22d2abdd655d01be
8acc7825e07370bcfa59777c364e5d85039689e3c9dbc93f5e63277b2004bd38
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8d15deb2b11b198645003645b73d793952750a2c6d3aa92a997bcda7d4e1d3bb
96422a1099ab76b3082abe7407f7b2d2f0e71501be555d9a07848de348e71cb4
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9dbd685c2ac53ecffb6b1907f3325a060df0d5208a1d3a89fd0c6dc70ab923b8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3a896e1f596a54176d4f60c46851c25bd9667e0b13c56c9f7b8b9bfa156fb18
a79f00e0930c3c99dbebf0a0f79384a8ab93dc88bb87e04b572f51a3b4b8367e
af6245de37ebb8c3b8313e06d9fc45ac00e8b62ab5815649b64c15d969a39e1b
b17191bc58e24625d71febf0c2503d0065b406f14aafd18a7f3af6e72c4af32c
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bfc74007a5da34364b70616b6ffadd05fa20152073a517793c9bc10634a92e8a
c6b4a87a7ed4b3f3bd0ab5c949da6974a4833c9d2e62c66d10285eaa008ae64b
c873718c2f520f4568851388561dc337aa6af0063b6d5b3bc94e7680fa7b7e61
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbec7579d8c2963f13b8ef90847bef861b534371bfd2dab99ebb09ff1528b0e9
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d28a575c57591aa6256f31f4982e8f37132bef8525060bae2b2bfee3df42ba95
d33684975b2b9ec8d2fbc0422ee3c9591bc2cf6e54ee5457ca6b586025424354
da69969c70516de778f359d8bb64761155e7c29a69d281058573de1991fe0a60
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd6622300d2454b8cca34802b8e39b34906c08474bfe7154031f98cb8e333a97
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec576270583c7a0d8fc1f6595e8e33be91d3dcfc05d1aa3091f76be165f36a46
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a1f064b24a5282320120498daef478ae281ff6e25f65a50eb3b572c95b162a
f53211a4dbff6bcc04a6a82694c956e4bf5fe28286dc5c87592054ca4d3cfa36
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505