urlscan.io logo urlscan.io
SecurityTrails logo

onboard.bankislami.com.pk Open in urlscan Pro
2606:4700::6812:1da2  Public Scan

Go To Rescan Add Verdict Report
URL: https://onboard.bankislami.com.pk/
Submission: On November 25 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2606:4700::6812:1da2, located in United States and belongs to CLOUDFLARENET, US. The main domain is onboard.bankislami.com.pk.
TLS certificate: Issued by WE1 on November 25th 2024. Valid for: 3 months.
This is the only time onboard.bankislami.com.pk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
20 7
13    2606:4700::6812:1da2 (United States)

ASN13335 (CLOUDFLARENET, US)
onboard.bankislami.com.pk
3    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
bilchat.braincrop.net
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
bilchat.braincrop.net
Apex Domain
Subdomains		 Transfer
13 bankislami.com.pk
onboard.bankislami.com.pk
1 MB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
990 B
2 braincrop.net
bilchat.braincrop.net
4 KB
1 gstatic.com
www.gstatic.com
218 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
20 5
Domain Requested by
13 onboard.bankislami.com.pk onboard.bankislami.com.pk
static.cloudflareinsights.com
3 www.google.com onboard.bankislami.com.pk
www.gstatic.com
2 bilchat.braincrop.net onboard.bankislami.com.pk
bilchat.braincrop.net
1 www.gstatic.com www.google.com
1 static.cloudflareinsights.com onboard.bankislami.com.pk
20 5

This site contains links to these domains. Also see Links.

Domain
bankislami.com.pk
braincrop.net
Subject Issuer Validity Valid
bankislami.com.pk
WE1		 2024-11-25 -
2025-02-23		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
braincrop.net
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://onboard.bankislami.com.pk/
Frame ID: 2A5FF639DBACFDAA7DE9A828FE237E6A
Requests: 18 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_88YcAAAAAB179MAic7n2N5tgDn6jHERoYKew&co=aHR0cHM6Ly9vbmJvYXJkLmJhbmtpc2xhbWkuY29tLnBrOjQ0Mw..&hl=en&type=image&v=pPK749sccDmVW_9DSeTMVvh2&theme=light&size=normal&badge=bottomright&cb=jsmesvb5i99
Frame ID: 49C468BD7E7CAE8669E9BA929DE09168
Requests: 1 HTTP requests in this frame

Frame: https://bilchat.braincrop.net/livechat
Frame ID: CFFCA090EAC1812937B4B2C2ED0A73C8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6Ld_88YcAAAAAB179MAic7n2N5tgDn6jHERoYKew
Frame ID: C01C91E3C63B6F84504EB94BF552B331
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BankIslami Digital Onboarding

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

20
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

7
IPs

2
Countries

2987 kB
Transfer

5896 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
onboard.bankislami.com.pk/ 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onboard.bankislami.com.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1da2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ea458a6e94e8217addaeccf03886757a055a63f72b35b8cec9ddfdfa2f7057e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e83bdc45be1d38e-FRA
content-encoding
br
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
content-type
text/html
date
Mon, 25 Nov 2024 18:35:55 GMT
last-modified
Fri, 11 Oct 2024 05:07:52 GMT
referrer-policy
no-referrer-when-downgrade
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
api.js
www.google.com/recaptcha/ 		1 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: onboard.bankislami.com.pk
URL: https://onboard.bankislami.com.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c21c68f0bda45afc74fea5bd7ef4405adca2856f3e03a56e7caf6dbb5425e4a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://onboard.bankislami.com.pk/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 18:35:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Mon, 25 Nov 2024 18:35:55 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
3.8c0e6b67.chunk.css
onboard.bankislami.com.pk/static/css/ 		164 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onboard.bankislami.com.pk/static/css/3.8c0e6b67.chunk.css
Requested by
Host: onboard.bankislami.com.pk
URL: https://onboard.bankislami.com.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1da2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cbf146b099d1db34f5e5b8884e4a95a24fb6c81b81181fa7ff8d5cb92335eef
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://onboard.bankislami.com.pk/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"1db1b9b8604c973"
age
5314
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 22:35:55 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 18:35:55 GMT
content-type
text/css
last-modified
Fri, 11 Oct 2024 05:07:52 GMT
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
cache-control
public, max-age=14400
referrer-policy
no-referrer-when-downgrade
cf-ray
8e83bdc6ec83d38e-FRA
x-xss-protection
1; mode=block
server
cloudflare
main.991ca0a5.chunk.css
onboard.bankislami.com.pk/static/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onboard.bankislami.com.pk/static/css/main.991ca0a5.chunk.css
Requested by
Host: onboard.bankislami.com.pk
URL: https://onboard.bankislami.com.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1da2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f932271a9217b6466c4cde559f84c080dac0a830b6373ac4403596eac9f849b5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://onboard.bankislami.com.pk/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"1db1b9b86067034"
age
5314
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 22:35:55 GMT
cf-polished
origSize=13364
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 18:35:55 GMT
content-type
text/css
last-modified
Fri, 11 Oct 2024 05:07:52 GMT
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
cache-control
public, max-age=14400
referrer-policy
no-referrer-when-downgrade
cf-ray
8e83bdc6ec89d38e-FRA
x-xss-protection
1; mode=block
server
cloudflare
opencv.js
onboard.bankislami.com.pk/scripts/ 		2 MB
607 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onboard.bankislami.com.pk/scripts/opencv.js
Requested by
Host: onboard.bankislami.com.pk
URL: https://onboard.bankislami.com.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1da2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
859c0b5aed88fe1e137a3ba8a79abedfd64081a05e87e8cc83eb05b51a78a74a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://onboard.bankislami.com.pk/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"1d808408c36bd40"
age
5314
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 22:35:55 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 18:35:55 GMT
content-type
application/javascript
last-modified
Thu, 13 Jan 2022 05:43:53 GMT
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
cache-control
public, max-age=14400
referrer-policy
no-referrer-when-downgrade
cf-ray
8e83bdc6ec8ad38e-FRA
x-xss-protection
1; mode=block
server
cloudflare
3.1754f26e.chunk.js
onboard.bankislami.com.pk/static/js/ 		1 MB
327 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onboard.bankislami.com.pk/static/js/3.1754f26e.chunk.js
Requested by
Host: onboard.bankislami.com.pk
URL: https://onboard.bankislami.com.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1da2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b63e6a0c66355d4ed1a11568c582ae834c0dfedadcfd8c6ddd80e083075983a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://onboard.bankislami.com.pk/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"1db1b9b86150246"
age
5314
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 22:35:55 GMT
cf-polished
origSize=1263174
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 18:35:55 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 05:07:52 GMT
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
cache-control
public, max-age=14400
referrer-policy
no-referrer-when-downgrade
cf-ray
8e83bdc6ec8ed38e-FRA
x-xss-protection
1; mode=block
server
cloudflare
main.c1471bb7.chunk.js
onboard.bankislami.com.pk/static/js/ 		149 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onboard.bankislami.com.pk/static/js/main.c1471bb7.chunk.js
Requested by
Host: onboard.bankislami.com.pk
URL: https://onboard.bankislami.com.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1da2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8d073d7254a6520b8ab9b156f7c761e8d7b60b3850fab16208d514f6dc09a40
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://onboard.bankislami.com.pk/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"1db1b9b86041153"
age
5314
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 22:35:55 GMT
cf-polished
origSize=152915
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 18:35:55 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 05:07:52 GMT
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
cache-control
public, max-age=14400
referrer-policy
no-referrer-when-downgrade
cf-ray
8e83bdc6ec91d38e-FRA
x-xss-protection
1; mode=block
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: onboard.bankislami.com.pk
URL: https://onboard.bankislami.com.pk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://onboard.bankislami.com.pk
Referer
https://onboard.bankislami.com.pk/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8e83bdc75b4471b9-FRA
access-control-allow-origin
*
date
Mon, 25 Nov 2024 18:35:55 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 		549 KB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://onboard.bankislami.com.pk
Referer
https://onboard.bankislami.com.pk/

Response headers

content-encoding
gzip
age
17460
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Tue, 25 Nov 2025 13:44:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:44:55 GMT
last-modified
Mon, 11 Nov 2024 05:00:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222835
x-xss-protection
0
server
sffe
truncated
/ 		1 MB
1 MB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53c36a446474fcee865f1f95fa696b1476a53130b11fc1d01c8f9e1b59026175

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
application/octet-stream
rocketchat-livechat.min.js
bilchat.braincrop.net/livechat/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bilchat.braincrop.net/livechat/rocketchat-livechat.min.js?_=201903270000
Requested by
Host: onboard.bankislami.com.pk
URL: https://onboard.bankislami.com.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c359b3666ae77b263fa8a888f5444a84735560289e1852f8a03fd80db9d91485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://onboard.bankislami.com.pk/

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
"1d6336fd146429affe1943c8351eec51ee3dee7b"
x-instance-id
mvHser6m5zpP8RvJ6
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3TbvWw563xd7iEbfOtnO6CiZzb8Zg4gbjdW%2F%2Ft%2BZ5MzPr40s0CI1OBC6zAmbQ%2FgRcdxpOyAwnHWcmWQ8N2PH6%2F0afZPTKXDyja85Tawh8%2FdySSLhy8Hi9Yl8jh%2BmMZmALNO65SYIdRi7pAm%2ByRIP2Joznzk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25296&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4151&recv_bytes=4343&delivery_rate=601&cwnd=12000&unsent_bytes=0&cid=87d55f07ee3be9f0&ts=367&x=1", cfHdrFlush;dur=0
date
Mon, 25 Nov 2024 18:35:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e83bdc98dea9759-FRA
x-xss-protection
1
server
cloudflare
AspiraMedium.b39fb34c.otf
onboard.bankislami.com.pk/static/media/ 		110 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://onboard.bankislami.com.pk/static/media/AspiraMedium.b39fb34c.otf
Requested by
Host: onboard.bankislami.com.pk
URL: https://onboard.bankislami.com.pk/static/css/main.991ca0a5.chunk.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1da2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47e3646fa4bbeed81e66f8e495379011b9dc2f653a8475262e3ee43c909c57cb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://onboard.bankislami.com.pk
Referer
https://onboard.bankislami.com.pk/static/css/main.991ca0a5.chunk.css

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"1db1b9b8607f3c4"
age
5312
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 22:35:55 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 18:35:55 GMT
content-type
font/otf
last-modified
Fri, 11 Oct 2024 05:07:52 GMT
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
cache-control
public, max-age=14400
referrer-policy
no-referrer-when-downgrade
cf-ray
8e83bdc9be63d38e-FRA
x-xss-protection
1; mode=block
server
cloudflare
GetProjectConfiguration
onboard.bankislami.com.pk/api/DigitalAccountApi/ 		174 B
776 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onboard.bankislami.com.pk/api/DigitalAccountApi/GetProjectConfiguration
Requested by
Host: onboard.bankislami.com.pk
URL: https://onboard.bankislami.com.pk/static/js/main.c1471bb7.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1da2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d4deeafc7897178a26f3065ee8ea1ccfabd768bcb4b1dc6a7222052c49df40
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://onboard.bankislami.com.pk/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
cf-ray
8e83bdc9ae21d38e-FRA
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 18:35:55 GMT
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
server
cloudflare
x-frame-options
deny
GetEnums
onboard.bankislami.com.pk/api/DigitalAccountApi/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onboard.bankislami.com.pk/api/DigitalAccountApi/GetEnums
Requested by
Host: onboard.bankislami.com.pk
URL: https://onboard.bankislami.com.pk/static/js/main.c1471bb7.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1da2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b732725babf1249776d9359994ff6057af7492e4c06d3c1213046b7cb6dafdba
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://onboard.bankislami.com.pk/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
cf-ray
8e83bdc9ae2bd38e-FRA
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 18:35:55 GMT
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
server
cloudflare
x-frame-options
deny
Logo-White.143817ed.png
onboard.bankislami.com.pk/static/media/ 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onboard.bankislami.com.pk/static/media/Logo-White.143817ed.png
Requested by
Host: onboard.bankislami.com.pk
URL: https://onboard.bankislami.com.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1da2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ddbf7596f14b76cbc7feff5e34c8dbb0cfb78ce52b66c716ecdf11404183b8b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://onboard.bankislami.com.pk/

Response headers

cf-cache-status
HIT
etag
"1db1b9b8607ffe9"
age
5312
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 22:35:55 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 18:35:55 GMT
content-type
image/png
last-modified
Fri, 11 Oct 2024 05:07:52 GMT
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
cache-control
public, max-age=14400
referrer-policy
no-referrer-when-downgrade
cf-ray
8e83bdc9ae3fd38e-FRA
accept-ranges
bytes
content-length
113641
x-xss-protection
1; mode=block
server
cloudflare
6.915a590e.chunk.js
onboard.bankislami.com.pk/static/js/ 		39 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onboard.bankislami.com.pk/static/js/6.915a590e.chunk.js
Requested by
Host: onboard.bankislami.com.pk
URL: https://onboard.bankislami.com.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1da2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b805d5559ee80e2207435b8d9b9114fd94dc91f328b1910e7dc542c99eb8bef
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://onboard.bankislami.com.pk/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"1db1b9b8606d82e"
age
5311
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 22:35:55 GMT
cf-polished
origSize=39982
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 18:35:55 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 05:07:52 GMT
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
cache-control
public, max-age=14400
referrer-policy
no-referrer-when-downgrade
cf-ray
8e83bdc9be61d38e-FRA
x-xss-protection
1; mode=block
server
cloudflare
anchor
www.google.com/recaptcha/api2/ Frame 49C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_88YcAAAAAB179MAic7n2N5tgDn6jHERoYKew&co=aHR0cHM6Ly9vbmJvYXJkLmJhbmtpc2xhbWkuY29tLnBrOjQ0Mw..&hl=en&type=image&v=pPK749sccDmVW_9DSeTMVvh2&theme=light&size=normal&badge=bottomright&cb=jsmesvb5i99
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4WagQN_SKWReOuWaa2B-Uw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onboard.bankislami.com.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4WagQN_SKWReOuWaa2B-Uw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 18:35:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
livechat
bilchat.braincrop.net/ Frame CFFC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bilchat.braincrop.net/livechat
Requested by
Host: bilchat.braincrop.net
URL: https://bilchat.braincrop.net/livechat/rocketchat-livechat.min.js?_=201903270000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://onboard.bankislami.com.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e83bdcc49fb9078-FRA
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Mon, 25 Nov 2024 18:35:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0x%2F3DCr9Xc9zJuqL0N8Gr7%2F54bqVINDft2GaXWbyD3Ra%2FNHwCbIZgYlcNmWZXPIwmihSJ9Irfg%2BZr4aWvYyCH79rD4i%2BW947xHIjiNDSq6Xd6kKWmeQHSy7zFCsXRh6innnmdDAmcudZixpG1obtV%2B%2BPOJM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=23718&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4145&recv_bytes=4451&delivery_rate=615&cwnd=12000&unsent_bytes=0&cid=2f2546aaa5792e77&ts=419&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff
x-instance-id
mvHser6m5zpP8RvJ6
x-xss-protection
1
bframe
www.google.com/recaptcha/api2/ Frame C01C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6Ld_88YcAAAAAB179MAic7n2N5tgDn6jHERoYKew
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kmUS0TXkn_x2dJl501_gxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onboard.bankislami.com.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-kmUS0TXkn_x2dJl501_gxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 18:35:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
rum
onboard.bankislami.com.pk/cdn-cgi/ 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onboard.bankislami.com.pk/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1da2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://onboard.bankislami.com.pk/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8e83bdd54aecd38e-FRA
access-control-allow-origin
https://onboard.bankislami.com.pk
date
Mon, 25 Nov 2024 18:35:57 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.png
onboard.bankislami.com.pk/ 		306 KB
307 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://onboard.bankislami.com.pk/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1da2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
855ec3a97bd9bb4881db9c4734e89c12815d1d1be891dff7cef190fef22e9f18
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://onboard.bankislami.com.pk/

Response headers

cf-cache-status
HIT
etag
"1d981235c8530b9"
age
5293
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 22:35:57 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 18:35:57 GMT
content-type
image/png
last-modified
Sun, 07 May 2023 20:34:46 GMT
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
cache-control
public, max-age=14400
referrer-policy
no-referrer-when-downgrade
cf-ray
8e83bdd54aeed38e-FRA
accept-ranges
bytes
content-length
313273
x-xss-protection
1; mode=block
server
cloudflare

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| Module object| cv function| RocketChat object| webpackJsonponboarding_bi number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime boolean| _pdfjsCompatibilityChecked object| __cfBeacon function| SVGPathSeg function| SVGPathSegClosePath function| SVGPathSegMovetoAbs function| SVGPathSegMovetoRel function| SVGPathSegLinetoAbs function| SVGPathSegLinetoRel function| SVGPathSegCurvetoCubicAbs function| SVGPathSegCurvetoCubicRel function| SVGPathSegCurvetoQuadraticAbs function| SVGPathSegCurvetoQuadraticRel function| SVGPathSegArcAbs function| SVGPathSegArcRel function| SVGPathSegLinetoHorizontalAbs function| SVGPathSegLinetoHorizontalRel function| SVGPathSegLinetoVerticalAbs function| SVGPathSegLinetoVerticalRel function| SVGPathSegCurvetoCubicSmoothAbs function| SVGPathSegCurvetoCubicSmoothRel function| SVGPathSegCurvetoQuadraticSmoothAbs function| SVGPathSegCurvetoQuadraticSmoothRel function| SVGPathSegList object| closure_lm_689808

3 Cookies

Domain/Path Name / Value
onboard.bankislami.com.pk/ Name: BIGipServerPool-DigitalOnboarding
Value: 1514719242.47873.0000
onboard.bankislami.com.pk/ Name: f5_cspm
Value: 1234
.onboard.bankislami.com.pk/ Name: TS01b72b4c
Value: 01ded4a418ac1b7aa5e2da001aefd7519366c81ce82e3389aa98513534ff283263b5e4616096d43d2d63d309174422dcae3807ee960c824c66a72c1d3208be5146e6ed67d7f0bd59fb562462ca9a9aad6e63eb2b93

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://bilchat.braincrop.net/livechat/ https://static.cloudflareinsights.com/; connect-src 'self' data:; img-src 'self' 'unsafe-inline' data:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://bilchat.braincrop.net/livechat/; base-uri 'self'; form-action 'self'; frame-src 'self' https://www.google.com https://bilchat.braincrop.net/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bilchat.braincrop.net
onboard.bankislami.com.pk
static.cloudflareinsights.com
www.google.com
www.gstatic.com
2606:4700::6810:5049
2606:4700::6812:1da2
2a00:1450:4001:803::2004
2a00:1450:4001:827::2003
2a06:98c1:3120::3
2a06:98c1:3121::3
0b63e6a0c66355d4ed1a11568c582ae834c0dfedadcfd8c6ddd80e083075983a
3b805d5559ee80e2207435b8d9b9114fd94dc91f328b1910e7dc542c99eb8bef
3cbf146b099d1db34f5e5b8884e4a95a24fb6c81b81181fa7ff8d5cb92335eef
47e3646fa4bbeed81e66f8e495379011b9dc2f653a8475262e3ee43c909c57cb
53c36a446474fcee865f1f95fa696b1476a53130b11fc1d01c8f9e1b59026175
54d4deeafc7897178a26f3065ee8ea1ccfabd768bcb4b1dc6a7222052c49df40
5ddbf7596f14b76cbc7feff5e34c8dbb0cfb78ce52b66c716ecdf11404183b8b
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
7ea458a6e94e8217addaeccf03886757a055a63f72b35b8cec9ddfdfa2f7057e
855ec3a97bd9bb4881db9c4734e89c12815d1d1be891dff7cef190fef22e9f18
859c0b5aed88fe1e137a3ba8a79abedfd64081a05e87e8cc83eb05b51a78a74a
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
a8d073d7254a6520b8ab9b156f7c761e8d7b60b3850fab16208d514f6dc09a40
b732725babf1249776d9359994ff6057af7492e4c06d3c1213046b7cb6dafdba
c21c68f0bda45afc74fea5bd7ef4405adca2856f3e03a56e7caf6dbb5425e4a0
c359b3666ae77b263fa8a888f5444a84735560289e1852f8a03fd80db9d91485
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f932271a9217b6466c4cde559f84c080dac0a830b6373ac4403596eac9f849b5