banking.postbank.de Open in urlscan Pro
34.149.53.217 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gramos265fe0.clickfunnels.com/optinc5hiif8y
Effective URL:
https://banking.postbank.de/
Submission: On February 26 via manual (February 26th 2023, 2:54:57 pm UTC) from US — Scanned from CA

Summary HTTP 56 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 12 domains to perform 56 HTTP transactions. The main IP is 34.149.53.217, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is banking.postbank.de. The Cisco Umbrella rank of the primary domain is 390133.
TLS certificate: Issued by DigiCert EV RSA CA G2 on October 21st 2022. Valid for: a year.

This is the only time banking.postbank.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 11	2606:4700::68... 2606:4700::6810:dc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2606:4700:440... 2606:4700:4400::6812:27b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:fc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1 1	2606:4700:303... 2606:4700:3036::6815:2499	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	2a0d:2407:8:4... 2a0d:2407:8:4a::144	62068 (SPECTRAIP...) (SPECTRAIP SpectraIP B.V.)
13	34.149.53.217 34.149.53.217	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:9000:251... 2600:9000:2512:1200:13:46b5:7d80:93a1	() ()
6	2600:1901:0:c... 2600:1901:0:c07c::	() ()
1	34.120.213.176 34.120.213.176	() ()
2	2600:1901:0:5... 2600:1901:0:5987::	() ()
56	13

11 2606:4700::6810:dc2 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

gramos265fe0.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
classic.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:27b5 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:fc2 (United States)

ASN13335 (CLOUDFLARENET, US)

app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Apex, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:2499 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

scambinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a0d:2407:8:4a::144 (Amsterdam, Netherlands) 4 redirects

ASN62068 (SPECTRAIP SpectraIP B.V., NL)

postbanprive.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.149.53.217 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 217.53.149.34.bc.googleusercontent.com

banking.postbank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2512:1200:13:46b5:7d80:93a1 (None, )

ASN- ()

www.deutsche-bank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1901:0:c07c:: (None, )

ASN- ()

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.213.176 (None, )

ASN- ()

api.olb.postbank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:5987:: (None, )

ASN- ()

app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	clickfunnels.com 4 redirects gramos265fe0.clickfunnels.com app.clickfunnels.com — Cisco Umbrella Rank: 39414 images.clickfunnels.com — Cisco Umbrella Rank: 78536 www.clickfunnels.com — Cisco Umbrella Rank: 71322 classic.clickfunnels.com — Cisco Umbrella Rank: 142718	772 KB
14	postbank.de banking.postbank.de — Cisco Umbrella Rank: 390133 api.olb.postbank.de Failed	638 KB
8	usercentrics.eu api.usercentrics.eu app.usercentrics.eu aggregator.service.usercentrics.eu Failed	14 KB
6	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 358	11 KB
4	postbanprive.nl 4 redirects postbanprive.nl	634 B
2	deutsche-bank.de www.deutsche-bank.de	27 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 856	17 KB
1	scambinance.com 1 redirects scambinance.com	468 B
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 231	522 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 927	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	3 KB
0	addevent.com Failed track.addevent.com Failed
56	12

	Domain	Requested by
13	banking.postbank.de	gramos265fe0.clickfunnels.com banking.postbank.de
9	app.clickfunnels.com	1 redirects gramos265fe0.clickfunnels.com app.clickfunnels.com
6	api.usercentrics.eu	banking.postbank.de
6	js-agent.newrelic.com	gramos265fe0.clickfunnels.com
4	postbanprive.nl	4 redirects
3	gramos265fe0.clickfunnels.com	1 redirects static.cloudflareinsights.com
2	app.usercentrics.eu	banking.postbank.de
2	www.deutsche-bank.de	client www.deutsche-bank.de
2	classic.clickfunnels.com	gramos265fe0.clickfunnels.com
2	www.clickfunnels.com	2 redirects
2	use.fontawesome.com	gramos265fe0.clickfunnels.com
1	api.olb.postbank.de	banking.postbank.de
1	scambinance.com	1 redirects
1	bam.nr-data.net	js-agent.newrelic.com
1	static.cloudflareinsights.com	gramos265fe0.clickfunnels.com
1	images.clickfunnels.com	gramos265fe0.clickfunnels.com
1	fonts.googleapis.com	gramos265fe0.clickfunnels.com
0	aggregator.service.usercentrics.eu Failed	banking.postbank.de
0	track.addevent.com Failed	gramos265fe0.clickfunnels.com
56	19

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-23` - `2023-07-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
banking.postbank.de DigiCert EV RSA CA G2	`2022-10-21` - `2023-10-24`	a year	crt.sh
www.deutsche-bank.de DigiCert EV RSA CA G2	`2022-11-15` - `2023-11-14`	a year	crt.sh
api.usercentrics.eu GTS CA 1D4	`2023-02-08` - `2023-05-09`	3 months	crt.sh
api.olb.postbank.de DigiCert EV RSA CA G2	`2022-06-02` - `2023-06-02`	a year	crt.sh
app.usercentrics.eu GTS CA 1D4	`2023-02-11` - `2023-05-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://banking.postbank.de/
Frame ID: A8C01A42767A66ACEC99DF304206B1B5
Requests: 51 HTTP requests in this frame

Frame: https://app.usercentrics.eu/browser-sdk/4.19.0/cross-domain-bridge.html
Frame ID: D9AF8B15E4F800D1157ADB335A547CFA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://gramos265fe0.clickfunnels.com/optinc5hiif8y HTTP 302
https://gramos265fe0.clickfunnels.com/optin1677266409142 Page URL
https://scambinance.com/go.php?url=https://postbanprive.nl/bestsign1 HTTP 302
https://postbanprive.nl/bestsign1 HTTP 301
https://postbanprive.nl/bestsign1/ HTTP 302
https://postbanprive.nl/bestsign1/web/index.php HTTP 302
https://postbanprive.nl/bestsign1/web/out.php HTTP 302
https://banking.postbank.de/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

56
Requests

82 %
HTTPS

73 %
IPv6

12
Domains

19
Subdomains

13
IPs

2
Countries

1486 kB
Transfer

5485 kB
Size

19
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gramos265fe0.clickfunnels.com/optinc5hiif8y HTTP 302
https://gramos265fe0.clickfunnels.com/optin1677266409142 Page URL
https://scambinance.com/go.php?url=https://postbanprive.nl/bestsign1 HTTP 302
https://postbanprive.nl/bestsign1 HTTP 301
https://postbanprive.nl/bestsign1/ HTTP 302
https://postbanprive.nl/bestsign1/web/index.php HTTP 302
https://postbanprive.nl/bestsign1/web/out.php HTTP 302
https://banking.postbank.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://gramos265fe0.clickfunnels.com/optinc5hiif8y HTTP 302
https://gramos265fe0.clickfunnels.com/optin1677266409142

Request Chain 11

https://app.clickfunnels.com/cf.js HTTP 301
https://www.clickfunnels.com/cf.js HTTP 301
https://classic.clickfunnels.com/cf.js

Request Chain 18

https://www.clickfunnels.com/images/closemodal.png HTTP 301
https://classic.clickfunnels.com/images/closemodal.png

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

optin1677266409142 Show response
gramos265fe0.clickfunnels.com/
Redirect Chain

https://gramos265fe0.clickfunnels.com/optinc5hiif8y
https://gramos265fe0.clickfunnels.com/optin1677266409142

70 KB
21 KB

710ms
709ms

Document
text/html

2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gramos265fe0.clickfunnels.com/optin1677266409142

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

fe6bf7c2d425099685ec948579a42c70ba966eaa2a9ae714030fcea13bf14c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
cf-cache-status: MISS
cf-ray: 79f984af9e2833ef-YUL
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 26 Feb 2023 14:54:51 GMT
last-modified: Fri, 24 Feb 2023 19:20:55 GMT
server: cloudflare
status: 200 OK
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-digest: 2673d9e314061006289022c8b43b03ca793704f8
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss, store
x-request-id: 2544219d5b0fd7cf2677031c0eea0fc7
x-runtime: 0.593523

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache
cf-cache-status: MISS
cf-ray: 79f984ae5b4a33ef-YUL
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=g7XbD9I.mZbAU3XVK6KFuFbOn7cM98rM99vTeKMX.lA-1677423290-0-AQBJS5VTFhWE1QFiJmTZ7J8YH-mbBjK2x53RZ2mkhkH5o5P2150VFtSvszLOndU_Eq_4PDygDBxPnEOgEaVBsLfplCPYWsYEoaSk-NUG8hLHDT7P-TpGyfSca1FwP3aCUK2v-O7gb-bmBiqwIubqFE4; report-to cf-csp-endpoint
content-type: text/html; charset=utf-8
date: Sun, 26 Feb 2023 14:54:50 GMT
location: https://gramos265fe0.clickfunnels.com/optin1677266409142
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=g7XbD9I.mZbAU3XVK6KFuFbOn7cM98rM99vTeKMX.lA-1677423290-0-AQBJS5VTFhWE1QFiJmTZ7J8YH-mbBjK2x53RZ2mkhkH5o5P2150VFtSvszLOndU_Eq_4PDygDBxPnEOgEaVBsLfplCPYWsYEoaSk-NUG8hLHDT7P-TpGyfSca1FwP3aCUK2v-O7gb-bmBiqwIubqFE4"}],"group":"cf-csp-endpoint","max_age":86400}
server: cloudflare
status: 302 Found
strict-transport-security: max-age=0
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 177dfa1382232fd3928d566b19bf3c4a
x-runtime: 0.108903

GET
H2 200 lander.css
app.clickfunnels.com/assets/ 425 KB
70 KB 108ms
91ms Stylesheet
text/css 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/assets/lander.css

Requested by

Host: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/optin1677266409142

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:54:51 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
age: 756
last-modified: Mon, 20 Feb 2023 15:51:38 GMT
server: cloudflare
etag: W/"63f3970a-6a514"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 79f984b4286733ef-YUL
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Sun, 26 Feb 2023 15:14:51 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
13 KB 76ms
26ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/optin1677266409142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:54:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1ZVBRXWH8VRSADVJ
age: 1515511
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 8T0h/VPp1+TH80ZV8Z2LmVA9eNrV/h6IhTiS94Ey5iw/++4Tt/d02bGLd2yLRJWr1d796IV3q9M=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCRmRJiFjDcAuircCpApDwhoBsLJ5zjKd%2BayYkFyYsJc%2FWtZjM1dIIwO5uOZez1cx3OhAH5pr5MNSKOGzPOYEnzZl1eA66apmPCB%2Bl1Frqob11v2BpJNEdZft4%2Fa0XYzL3TJlu3C5hKumB6M%2BegF32Jy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 79f984b46ca4c3eb-EWR

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
4 KB 78ms
28ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/optin1677266409142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:54:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1ZV6C6V8BEHKG5F8
age: 1515511
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Js5d/pRYy1WpA0P05S7UTh6Fhh+5wr1owCn1IcgD8N5tMcAQhgfVKdIue49bQN433DK1R4A0V2E=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"e140a7d32f343530f016095df3cc2ae4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQPXrnoowy3l4TQsFaOaNwYR2mB5pFncDccY6nxxePam0PZlv2sNUSHA1ZMUkXlP4k3z9abLEZXA1GdPtnvriuSP2mS63IkhyaJzjUYeGxyV%2F%2FDaEtLYDc00tVsOhEWZd2c%2FlyRbAQJmp2n6jYTQv0gY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 79f984b46ca8c3eb-EWR

GET
H2 200 css
fonts.googleapis.com/ 45 KB
3 KB 83ms
36ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Host: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/optin1677266409142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04b701caa790262bd1fca759ffac2fcade3ca980cf9d3993dca5f177c1a04a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Feb 2023 14:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 12:59:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Feb 2023 14:54:51 GMT

GET
H2 200 application.js Show response
app.clickfunnels.com/assets/userevents/ 5 KB
2 KB 44ms
44ms Script
application/x-javascript 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/assets/userevents/application.js

Requested by

Host: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/optin1677266409142

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:54:51 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
age: 539
last-modified: Mon, 20 Feb 2023 15:51:38 GMT
server: cloudflare
etag: W/"63f3970a-147c"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 79f984b4ea0333ef-YUL
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Sun, 26 Feb 2023 15:14:51 GMT

GET
H2 200 lander.js Show response
app.clickfunnels.com/assets/ 2 MB
661 KB 69ms
54ms Script
application/x-javascript 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/assets/lander.js

Requested by

Host: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/optin1677266409142

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d3e211109bf6b1d3f35e6c5ba44e4acaa60a8f3f90f9179bca2d534397c7054

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:54:51 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
age: 704
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=nXHR34LXcx96deyRLYUoT45.NVHIRVN5z9Pe683.zcw-1677423291-0-ATrdHE7VG371LTNGOI46oBjSbDDzJ02H83MXWb8XpyzB3uuAXXPm58HWf2CMCp6LneYS57t7tv1fT-fOfV9efEHR4Sgq4RPfr9-Mzz_x3QCXPECgYslPaWko_jz2tpCEYQ; report-to cf-csp-endpoint
last-modified: Mon, 20 Feb 2023 15:52:58 GMT
server: cloudflare
etag: W/"63f3975a-238498"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=nXHR34LXcx96deyRLYUoT45.NVHIRVN5z9Pe683.zcw-1677423291-0-ATrdHE7VG371LTNGOI46oBjSbDDzJ02H83MXWb8XpyzB3uuAXXPm58HWf2CMCp6LneYS57t7tv1fT-fOfV9efEHR4Sgq4RPfr9-Mzz_x3QCXPECgYslPaWko_jz2tpCEYQ"}],"group":"cf-csp-endpoint","max_age":86400}
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 79f984b4286b33ef-YUL
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Sun, 26 Feb 2023 15:14:51 GMT

GET
H2 200 ClickfunnelsTag.png
images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ 5 KB
6 KB 49ms
34ms Image
image/webp 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
Requested by: Host: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/optin1677266409142
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:54:51 GMT
cf-cache-status: HIT
x-amz-request-id: FVS5RTJE8DBY902M
age: 7052
cf-polished: origFmt=png, origSize=9030
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=gSEfuZGHO2iAc4gUgkExkYGQcF6EHkGhSe6V5yNRlCw-1677423291-0-AR6QcOUJDewLT4gsa8jUZ3B9YtJXgXNNCpiJ2ddTftnOIP66qUC42TFgLaZQX8dQ0UnS5aV7p3erCilJJCDeKkGEYD3pHfmvVUY9OnYWCX0l2Ak4HgCb6HsDZgv88XHKNQ; report-to cf-csp-endpoint
content-disposition: inline; filename="ClickfunnelsTag.webp"
content-length: 5276
x-amz-id-2: zWqRpFXsAyfTIWBO4jazUQaLqrkSx4oRWqL9IdI/ULH1J/uA5YBuWwAnSVjmEgT122qylL0mLY4=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Jan 2020 17:41:49 GMT
server: cloudflare
etag: "a633777156a5ffeb58c92d3d59fa4e34"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=gSEfuZGHO2iAc4gUgkExkYGQcF6EHkGhSe6V5yNRlCw-1677423291-0-AR6QcOUJDewLT4gsa8jUZ3B9YtJXgXNNCpiJ2ddTftnOIP66qUC42TFgLaZQX8dQ0UnS5aV7p3erCilJJCDeKkGEYD3pHfmvVUY9OnYWCX0l2Ak4HgCb6HsDZgv88XHKNQ"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/webp
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 79f984b50a7033ef-YUL
expires: Wed, 22 Mar 2023 14:54:51 GMT

GET
H2 200 pushcrew.js Show response
app.clickfunnels.com/assets/ 637 B
476 B 73ms
72ms Script
application/x-javascript 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/assets/pushcrew.js

Requested by

Host: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/optin1677266409142

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:54:51 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
age: 65
last-modified: Mon, 20 Feb 2023 15:51:37 GMT
server: cloudflare
etag: W/"63f39709-27d"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 79f984b4fa2d33ef-YUL
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Sun, 26 Feb 2023 15:14:51 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 101ms
75ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/optin1677266409142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://gramos265fe0.clickfunnels.com/
Origin: https://gramos265fe0.clickfunnels.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:54:51 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 79f984b51b8eca4f-YUL

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

cf.js Show response
classic.clickfunnels.com/
Redirect Chain

https://app.clickfunnels.com/cf.js
https://www.clickfunnels.com/cf.js
https://classic.clickfunnels.com/cf.js

18 KB
5 KB

89ms
67ms

Script
application/x-javascript

2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://classic.clickfunnels.com/cf.js

Requested by

Host: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/optin1677266409142

Protocol

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:54:52 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
age: 3370
last-modified: Mon, 20 Feb 2023 15:51:38 GMT
server: cloudflare
etag: W/"63f3970a-476a"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
access-control-max-age: 1728000
access-control-allow-credentials: true
cf-ray: 79f984b849f433ef-YUL
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

Redirect headers

date: Sun, 26 Feb 2023 14:54:52 GMT
server: cloudflare
vary: Accept-Encoding
location: https://classic.clickfunnels.com/cf.js
cache-control: max-age=3600
cf-ray: 79f984b7ebbb7150-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 26 Feb 2023 15:54:52 GMT

GET /
track.addevent.com/atc/ 0
0

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
307 B 151ms
122ms XHR
text/html 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=UlJUMnFuOHVCb0xBQ2hmdVZ1dE53UT09LS1yWVFkakordWNOL3cyWVRkQmhVcWlnPT0%3D--c9a7d403659ae713b10a44e700895d618a43f1a0&page_id=NW9hNGVYZk9vR005S3Y5Y0RGdWowQT09LS15TElQa0h4NW9Fcy93RmZKRTA4QzJnPT0%3D--2a40b1ac1bda5e5f0d190cd9fd8016a2a5e6f734&funnel_step_id=NFhtakdOcVpaZ01XWEdtZWFmbVo1UT09LS1NYzhxWml3MWlyUGVKN2tkd0JPTDBRPT0%3D--f8bc464aa0d43d54f1ed7f165e400ba095956ef6&user_id=bzlKb3lLWm11a0ZZRXBRR0pwRjh0dz09LS1uMmVxdnFxYXdlR3FWTFZCOTFkQTF3PT0%3D--2499896165375629b3fe32cc214a74dad6b85499&account_id=SDdkM0lSTXJSQWZNVUtLdUJ6NVEwdz09LS1KdTRqdU1yNnk0ZS9jVktiLzlXWUZBPT0%3D--e978b93b392e951f07391fd4f10d2ca15b844198&page_code=NTg0MTM3NTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=0068d1d4-77fc-431f-baec-a3212ea61052&url=https%3A%2F%2Fgramos265fe0.clickfunnels.com%2Foptin1677266409142

Requested by

Host: app.clickfunnels.com
URL: https://app.clickfunnels.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:54:52 GMT
strict-transport-security: max-age=0
access-control-request-method: *
cf-cache-status: BYPASS
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
x-request-id: c0cb8f9e89fae5199d3c575cf582aaf5
pragma: no-cache
x-runtime: 0.026392
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 79f984b71bb34bc5-YUL
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options: ALLOWALL
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
309 B 158ms
131ms XHR
text/html 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=UlJUMnFuOHVCb0xBQ2hmdVZ1dE53UT09LS1yWVFkakordWNOL3cyWVRkQmhVcWlnPT0%3D--c9a7d403659ae713b10a44e700895d618a43f1a0&page_id=NW9hNGVYZk9vR005S3Y5Y0RGdWowQT09LS15TElQa0h4NW9Fcy93RmZKRTA4QzJnPT0%3D--2a40b1ac1bda5e5f0d190cd9fd8016a2a5e6f734&funnel_step_id=NFhtakdOcVpaZ01XWEdtZWFmbVo1UT09LS1NYzhxWml3MWlyUGVKN2tkd0JPTDBRPT0%3D--f8bc464aa0d43d54f1ed7f165e400ba095956ef6&user_id=bzlKb3lLWm11a0ZZRXBRR0pwRjh0dz09LS1uMmVxdnFxYXdlR3FWTFZCOTFkQTF3PT0%3D--2499896165375629b3fe32cc214a74dad6b85499&account_id=SDdkM0lSTXJSQWZNVUtLdUJ6NVEwdz09LS1KdTRqdU1yNnk0ZS9jVktiLzlXWUZBPT0%3D--e978b93b392e951f07391fd4f10d2ca15b844198&page_code=NTg0MTM3NTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=fe2acd2b-a5ad-4442-9b15-462f95bfdfc6&url=https%3A%2F%2Fgramos265fe0.clickfunnels.com%2Foptin1677266409142

Requested by

Host: app.clickfunnels.com
URL: https://app.clickfunnels.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:54:52 GMT
strict-transport-security: max-age=0
access-control-request-method: *
cf-cache-status: BYPASS
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
x-request-id: 7a7c7598c3ecbacecf9b60a537e907fb
pragma: no-cache
x-runtime: 0.035762
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 79f984b71bb64bc5-YUL
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options: ALLOWALL
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
757 B 137ms
111ms XHR
text/html 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=UlJUMnFuOHVCb0xBQ2hmdVZ1dE53UT09LS1yWVFkakordWNOL3cyWVRkQmhVcWlnPT0%3D--c9a7d403659ae713b10a44e700895d618a43f1a0&page_id=NW9hNGVYZk9vR005S3Y5Y0RGdWowQT09LS15TElQa0h4NW9Fcy93RmZKRTA4QzJnPT0%3D--2a40b1ac1bda5e5f0d190cd9fd8016a2a5e6f734&funnel_step_id=NFhtakdOcVpaZ01XWEdtZWFmbVo1UT09LS1NYzhxWml3MWlyUGVKN2tkd0JPTDBRPT0%3D--f8bc464aa0d43d54f1ed7f165e400ba095956ef6&user_id=bzlKb3lLWm11a0ZZRXBRR0pwRjh0dz09LS1uMmVxdnFxYXdlR3FWTFZCOTFkQTF3PT0%3D--2499896165375629b3fe32cc214a74dad6b85499&account_id=SDdkM0lSTXJSQWZNVUtLdUJ6NVEwdz09LS1KdTRqdU1yNnk0ZS9jVktiLzlXWUZBPT0%3D--e978b93b392e951f07391fd4f10d2ca15b844198&page_code=NTg0MTM3NTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=ac921a36-4133-46e4-9d03-0d48bf7a60e1&url=https%3A%2F%2Fgramos265fe0.clickfunnels.com%2Foptin1677266409142

Requested by

Host: app.clickfunnels.com
URL: https://app.clickfunnels.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:54:52 GMT
strict-transport-security: max-age=0
access-control-request-method: *
cf-cache-status: BYPASS
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
x-request-id: e5d2d93e8d321d87bfbc322d7a94b519
pragma: no-cache
x-runtime: 0.024975
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 79f984b71bb84bc5-YUL
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options: ALLOWALL
x-rack-cache: miss

GET
H2 200 async-api.6bb277af-1225.min.js Show response
js-agent.newrelic.com/ 2 KB
2 KB 41ms
11ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/async-api.6bb277af-1225.min.js
Requested by: Host: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/optin1677266409142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: ccu4IA9M.iSFjMQAJQZ9WRC6vNK74xfk
content-encoding: gzip
via: 1.1 varnish
date: Sun, 26 Feb 2023 14:54:52 GMT
x-amz-request-id: H1NJ9VB8EY3PTGMW
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1094
x-amz-id-2: Iz6MlHyTEJaKQC8eYTuYUoyKAO6rEZHQa7DpkqLGSMl3x45yGff7ijhcne4gXRonY53Dcy1JMj8=
x-served-by: cache-yul12827-YUL
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677423292.306874,VS0,VE0
etag: "dd573d973dfb2a2559befdfb616d511d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 23022

GET
H2 200 lazy-loader.48127245-1225.min.js Show response
js-agent.newrelic.com/ 2 KB
723 B 40ms
11ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/lazy-loader.48127245-1225.min.js
Requested by: Host: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/optin1677266409142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: x72sIi24uKUpr9UhD5QY7PCKtNgMfeY4
content-encoding: gzip
via: 1.1 varnish
date: Sun, 26 Feb 2023 14:54:52 GMT
x-amz-request-id: Y4K5HGP30MBPE91Q
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 520
x-amz-id-2: dIYDGmEvgFx05edPNHExR7BogTfJ37JGDFmni/SWblpl3nJzuI4z3wkCcZ7mimwHSug7PWn0fNI=
x-served-by: cache-yul12827-YUL
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677423292.306844,VS0,VE0
etag: "a3759bbbd15fffd73531bda1e8166ae7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7936

GET
H2

200

closemodal.png
classic.clickfunnels.com/images/
Redirect Chain

https://www.clickfunnels.com/images/closemodal.png
https://classic.clickfunnels.com/images/closemodal.png

672 B
1 KB

51ms
50ms

Image
image/webp

2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://classic.clickfunnels.com/images/closemodal.png

Protocol

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:54:52 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
age: 221722
cf-polished: origFmt=png, origSize=788
content-disposition: inline; filename="closemodal.webp"
content-length: 672
last-modified: Mon, 20 Feb 2023 15:51:38 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "63f3970a-314"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
access-control-allow-credentials: true
access-control-max-age: 1728000
accept-ranges: bytes
cf-ray: 79f984b96c2b33ef-YUL
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Wed, 29 Mar 2023 14:54:52 GMT

Redirect headers

date: Sun, 26 Feb 2023 14:54:52 GMT
server: cloudflare
vary: Accept-Encoding
location: https://classic.clickfunnels.com/images/closemodal.png
cache-control: max-age=3600
cf-ray: 79f984b8cd627150-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 26 Feb 2023 15:54:52 GMT

GET
H2 200 track Show response
app.clickfunnels.com/v1/ 119 B
452 B 100ms
100ms XHR
text/javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/v1/track?_unique=0.4541448941834616&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//gramos265fe0.clickfunnels.com/optin1677266409142&_title=Postbank%20BestSign%20App&_key=33749mme&_page_key=ugxq3lf8b7voxnye&_fid=12821336&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://gramos265fe0.clickfunnels.com/optin1677266409142&_referrer=

Requested by

Host: app.clickfunnels.com
URL: https://app.clickfunnels.com/cf.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

6ef0e09337a96a66773c15256af91dfdf6de3d69df9c3e3803429c2bdc76a135

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:54:52 GMT
strict-transport-security: max-age=0
access-control-request-method: *
cf-cache-status: BYPASS
content-encoding: br
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
x-request-id: 3f363c5b69650d07b6bbfb026285504f
x-runtime: 0.019308
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 79f984b8ce634bc5-YUL
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options: ALLOWALL
x-rack-cache: miss

POST
H2 204 rum Show response
gramos265fe0.clickfunnels.com/cdn-cgi/ 0
129 B 18ms
16ms XHR
text/plain 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gramos265fe0.clickfunnels.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://gramos265fe0.clickfunnels.com/optin1677266409142
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Sun, 26 Feb 2023 14:54:52 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://gramos265fe0.clickfunnels.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 79f984b96c2933ef-YUL

GET
H2 200 118.d37755e4-1225.min.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 13ms
11ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/118.d37755e4-1225.min.js
Requested by: Host: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/optin1677266409142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 8iuwUwYODDWrlAN7lGJW4CKaVaPtd.FC
content-encoding: gzip
via: 1.1 varnish
date: Sun, 26 Feb 2023 14:54:52 GMT
x-amz-request-id: BCZTS6YS2GCGFKGX
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3412
x-amz-id-2: PmEwHoA9GlyukerPDhj6u8/WfbkJmAV3ORxQ31r5rW6FzuCQKh/G2gthW5Idi4B4SOLYF9DjBZM=
x-served-by: cache-yul12827-YUL
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677423293.599219,VS0,VE0
etag: "9c8a05b5703a1c30e0418f9ba42337df"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9070

GET
H2 200 page_view_event-aggregate.29613e65-1225.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 14ms
12ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_event-aggregate.29613e65-1225.min.js
Requested by: Host: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/optin1677266409142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: Q2wYJMaFVSMNo7QiSpnsS727o5X3kt_1
content-encoding: gzip
via: 1.1 varnish
date: Sun, 26 Feb 2023 14:54:52 GMT
x-amz-request-id: 7C73CG4ZQQ6M7083
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1682
x-amz-id-2: 4+uavw9wzTtO43WHAiBy7lrA53b5E+nK7BW6uVc4HdUfdNc9hVm03IB84bsrMFjIAKNfUc98CWg=
x-served-by: cache-yul12827-YUL
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677423293.599418,VS0,VE0
etag: "0743ee0ec30428f3654ee07d779efb64"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9090

GET
H2 200 page_view_timing-aggregate.e791ce32-1225.min.js Show response
js-agent.newrelic.com/ 5 KB
3 KB 15ms
13ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_timing-aggregate.e791ce32-1225.min.js
Requested by: Host: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/optin1677266409142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 5Hc0bLUe_lA8zF4035AV9Xl5FkevBdYq
content-encoding: gzip
via: 1.1 varnish
date: Sun, 26 Feb 2023 14:54:52 GMT
x-amz-request-id: H1NYMEJN4D7D2PWG
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2248
x-amz-id-2: fA0zbF/RTkXcouOU1YRg7lBwulBrPjAMXHhHNCZ2m1xhx1JGoRGtqUmoFGZVCQyn645xdyhTnBQ=
x-served-by: cache-yul12827-YUL
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677423293.599854,VS0,VE0
etag: "84ba19034cf0206a49ecf68893086bdd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9064

GET
H2 200 metrics-aggregate.b4a54ed9-1225.min.js Show response
js-agent.newrelic.com/ 1 KB
932 B 16ms
15ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/metrics-aggregate.b4a54ed9-1225.min.js
Requested by: Host: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/optin1677266409142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 0sI71h2BU2Q4FabSOYi.9wzegJNG1fuh
content-encoding: gzip
via: 1.1 varnish
date: Sun, 26 Feb 2023 14:54:52 GMT
x-amz-request-id: H1NPSPEMX5MRQXZT
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 730
x-amz-id-2: qt8vPmJpeW8JwAEIr8+31toa2alk2eY2QjPgAm0ZUWvUebQrVA0bW7w1F18h2FvsIHUexHlkVxk=
x-served-by: cache-yul12827-YUL
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677423293.599811,VS0,VE0
etag: "395608505dac1e4fbe08bd146e09f5c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9073

GET
H/1.1 200
OK NRJS-fc902efb332119fff33 Show response
bam.nr-data.net/1/ 49 B
522 B 179ms
86ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1225.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2063&ck=0&s=620ac0bc32c344b6&ref=https://gramos265fe0.clickfunnels.com/optin1677266409142&ap=599&be=993&fe=726&dc=434&perf=%7B%22timing%22:%7B%22of%22:1677423290551,%22n%22:0,%22r%22:0,%22re%22:256,%22f%22:256,%22dn%22:256,%22dne%22:256,%22c%22:256,%22ce%22:256,%22rq%22:256,%22rp%22:966,%22rpe%22:968,%22dl%22:969,%22di%22:1425,%22ds%22:1427,%22de%22:1482,%22dc%22:1718,%22l%22:1718,%22le%22:1826%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1133&fcp=1133&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.6bb277af-1225.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gramos265fe0.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 14:54:52 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 79f984bb7f6fa24d-YYZ

GET
H2

200

Primary Request / Show response
banking.postbank.de/
Redirect Chain

https://scambinance.com/go.php?url=https://postbanprive.nl/bestsign1
https://postbanprive.nl/bestsign1
https://postbanprive.nl/bestsign1/
https://postbanprive.nl/bestsign1/web/index.php
https://postbanprive.nl/bestsign1/web/out.php
https://banking.postbank.de/

8 KB
3 KB

164ms
101ms

Document
text/html

34.149.53.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.postbank.de/

Requested by

Host: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/optin1677266409142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.53.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.53.149.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

c3c0d4cf8bd7fc1d5075b56dd74b114cb42c7a96d3ace3dadc336197d6bea445

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src blob: .postbank.de .fyrst.de .deutsche-bank.de .db.com .usercentrics.eu .privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' .postbank.de .fyrst.de .deutsche-bank.de https://.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://.usercentrics.eu bam.eu01.nr-data.net .postbank.de .fyrst.de .deutsche-bank.de *.privatevault.ch ; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gramos265fe0.clickfunnels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
content-encoding: gzip
content-length: 2506
content-security-policy: default-src 'self'; frame-src blob: *.postbank.de *.fyrst.de *.deutsche-bank.de *.db.com *.usercentrics.eu *.privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' *.postbank.de *.fyrst.de *.deutsche-bank.de https://*.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://*.usercentrics.eu bam.eu01.nr-data.net *.postbank.de *.fyrst.de *.deutsche-bank.de *.privatevault.ch ; object-src 'none'
content-type: text/html
date: Sun, 26 Feb 2023 14:54:55 GMT
etag: "63fa22f3-9ca"
expires: Thu, 01 Jan 1970 00:00:01 GMT
last-modified: Sat, 25 Feb 2023 15:02:11 GMT
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(),payment=()
referrer-policy: strict-origin
server: Google Frontend
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google
x-cloud-trace-context: 75bdb669520b720f1b8f4c8a06b26902
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 26 Feb 2023 14:54:55 GMT
location: https://banking.postbank.de/#/login/reset
server: nginx
vary: User-Agent

POST NRJS-fc902efb332119fff33
bam.nr-data.net/jserrors/1/ 0
0

POST NRJS-fc902efb332119fff33
bam.nr-data.net/events/1/ 0
0

POST rum
gramos265fe0.clickfunnels.com/cdn-cgi/ 0
0

GET
H2 200 newrelic-loader-1216.js Show response
banking.postbank.de/assets/ 31 KB
11 KB 101ms
99ms Script
application/javascript 34.149.53.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.postbank.de/assets/newrelic-loader-1216.js?ts=20221206

Requested by

Host: banking.postbank.de
URL: https://banking.postbank.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.53.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.53.149.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

7140f31352daaa6f5ff736c28cd2420d213d03f975aac693075f480f7167badb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src blob: .postbank.de .fyrst.de .deutsche-bank.de .db.com .usercentrics.eu .privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' .postbank.de .fyrst.de .deutsche-bank.de https://.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://.usercentrics.eu bam.eu01.nr-data.net .postbank.de .fyrst.de .deutsche-bank.de *.privatevault.ch ; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://banking.postbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src 'self'; frame-src blob: *.postbank.de *.fyrst.de *.deutsche-bank.de *.db.com *.usercentrics.eu *.privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' *.postbank.de *.fyrst.de *.deutsche-bank.de https://*.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://*.usercentrics.eu bam.eu01.nr-data.net *.postbank.de *.fyrst.de *.deutsche-bank.de *.privatevault.ch ; object-src 'none'
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 14:54:55 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10955
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sat, 25 Feb 2023 15:02:10 GMT
server: Google Frontend
etag: "63fa22f2-2acb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-cloud-trace-context: 2b9254dfee5fea307fe8cdc1a5911bed
cache-control: max-age=315360000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(),payment=()
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 usercentrics-loader.js Show response
banking.postbank.de/ 335 B
364 B 103ms
102ms Script
application/javascript 34.149.53.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.postbank.de/usercentrics-loader.js?ts=20230117

Requested by

Host: banking.postbank.de
URL: https://banking.postbank.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.53.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.53.149.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

ecd791404c202b8e53c60ea90c5126d63dc5df08816571fdca5013d5a2f46e0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src blob: .postbank.de .fyrst.de .deutsche-bank.de .db.com .usercentrics.eu .privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' .postbank.de .fyrst.de .deutsche-bank.de https://.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://.usercentrics.eu bam.eu01.nr-data.net .postbank.de .fyrst.de .deutsche-bank.de *.privatevault.ch ; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://banking.postbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src 'self'; frame-src blob: *.postbank.de *.fyrst.de *.deutsche-bank.de *.db.com *.usercentrics.eu *.privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' *.postbank.de *.fyrst.de *.deutsche-bank.de https://*.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://*.usercentrics.eu bam.eu01.nr-data.net *.postbank.de *.fyrst.de *.deutsche-bank.de *.privatevault.ch ; object-src 'none'
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 14:54:55 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 228
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sat, 25 Feb 2023 15:02:14 GMT
server: Google Frontend
etag: "63fa22f6-e4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-cloud-trace-context: 13d3df06820eb99b0973875a95606798
cache-control: max-age=315360000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(),payment=()
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.12aa5479787b1fa2.js Show response
banking.postbank.de/ 5 KB
3 KB 104ms
103ms Script
application/javascript 34.149.53.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.postbank.de/runtime.12aa5479787b1fa2.js

Requested by

Host: banking.postbank.de
URL: https://banking.postbank.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.53.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.53.149.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

7c0fd548efb72cdc3f1e55d82cfdc8873433951fbe7df700c0f9e0b20ccd0817

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src blob: .postbank.de .fyrst.de .deutsche-bank.de .db.com .usercentrics.eu .privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' .postbank.de .fyrst.de .deutsche-bank.de https://.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://.usercentrics.eu bam.eu01.nr-data.net .postbank.de .fyrst.de .deutsche-bank.de *.privatevault.ch ; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://banking.postbank.de/
Origin: https://banking.postbank.de
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src 'self'; frame-src blob: *.postbank.de *.fyrst.de *.deutsche-bank.de *.db.com *.usercentrics.eu *.privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' *.postbank.de *.fyrst.de *.deutsche-bank.de https://*.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://*.usercentrics.eu bam.eu01.nr-data.net *.postbank.de *.fyrst.de *.deutsche-bank.de *.privatevault.ch ; object-src 'none'
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 14:54:55 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2953
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sat, 25 Feb 2023 15:02:14 GMT
server: Google Frontend
etag: "63fa22f6-b89"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-cloud-trace-context: fd4fe56932ddcafa12ca9df70c82afb4
cache-control: max-age=315360000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(),payment=()
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 polyfills.355997a7c40d2123.js Show response
banking.postbank.de/ 33 KB
12 KB 110ms
109ms Script
application/javascript 34.149.53.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.postbank.de/polyfills.355997a7c40d2123.js

Requested by

Host: banking.postbank.de
URL: https://banking.postbank.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.53.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.53.149.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

b958adbf03969cdce156b0505777931d85b392495f586962d3549f6cd15f9995

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src blob: .postbank.de .fyrst.de .deutsche-bank.de .db.com .usercentrics.eu .privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' .postbank.de .fyrst.de .deutsche-bank.de https://.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://.usercentrics.eu bam.eu01.nr-data.net .postbank.de .fyrst.de .deutsche-bank.de *.privatevault.ch ; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://banking.postbank.de/
Origin: https://banking.postbank.de
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src 'self'; frame-src blob: *.postbank.de *.fyrst.de *.deutsche-bank.de *.db.com *.usercentrics.eu *.privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' *.postbank.de *.fyrst.de *.deutsche-bank.de https://*.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://*.usercentrics.eu bam.eu01.nr-data.net *.postbank.de *.fyrst.de *.deutsche-bank.de *.privatevault.ch ; object-src 'none'
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 14:54:55 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12016
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sat, 25 Feb 2023 15:02:11 GMT
server: Google Frontend
etag: "63fa22f3-2ef0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-cloud-trace-context: b44a82a17bd18e8a4528d96570460bee
cache-control: max-age=315360000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(),payment=()
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 scripts.b3e2ad683d834c5c.js Show response
banking.postbank.de/ 528 B
306 B 99ms
98ms Script
application/javascript 34.149.53.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.postbank.de/scripts.b3e2ad683d834c5c.js

Requested by

Host: banking.postbank.de
URL: https://banking.postbank.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.53.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.53.149.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

097470e23f8d1c30d0084525fa8f32ec880f6b75d077f3ada9324d2e8a80ec80

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src blob: .postbank.de .fyrst.de .deutsche-bank.de .db.com .usercentrics.eu .privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' .postbank.de .fyrst.de .deutsche-bank.de https://.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://.usercentrics.eu bam.eu01.nr-data.net .postbank.de .fyrst.de .deutsche-bank.de *.privatevault.ch ; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://banking.postbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src 'self'; frame-src blob: *.postbank.de *.fyrst.de *.deutsche-bank.de *.db.com *.usercentrics.eu *.privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' *.postbank.de *.fyrst.de *.deutsche-bank.de https://*.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://*.usercentrics.eu bam.eu01.nr-data.net *.postbank.de *.fyrst.de *.deutsche-bank.de *.privatevault.ch ; object-src 'none'
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 14:54:56 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sat, 25 Feb 2023 15:02:14 GMT
server: Google Frontend
etag: "63fa22f6-116"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-cloud-trace-context: 6f1946b92fb5681a48f0961deb573e88
cache-control: max-age=315360000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(),payment=()
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.a876edea0de7567d.js Show response
banking.postbank.de/ 1 MB
342 KB 105ms
104ms Script
application/javascript 34.149.53.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.postbank.de/main.a876edea0de7567d.js

Requested by

Host: banking.postbank.de
URL: https://banking.postbank.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.53.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.53.149.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

c80c322be9e78777116c613e806586a47e5569b1f4a692e3383e8e4fec07527b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src blob: .postbank.de .fyrst.de .deutsche-bank.de .db.com .usercentrics.eu .privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' .postbank.de .fyrst.de .deutsche-bank.de https://.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://.usercentrics.eu bam.eu01.nr-data.net .postbank.de .fyrst.de .deutsche-bank.de *.privatevault.ch ; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://banking.postbank.de/
Origin: https://banking.postbank.de
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src 'self'; frame-src blob: *.postbank.de *.fyrst.de *.deutsche-bank.de *.db.com *.usercentrics.eu *.privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' *.postbank.de *.fyrst.de *.deutsche-bank.de https://*.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://*.usercentrics.eu bam.eu01.nr-data.net *.postbank.de *.fyrst.de *.deutsche-bank.de *.privatevault.ch ; object-src 'none'
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 14:54:55 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 349321
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sun, 26 Feb 2023 02:00:20 GMT
server: Google Frontend
etag: "63fabd34-55489"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-cloud-trace-context: f8f61a0b6cf9de4ead5fd9c7d2c3bae5
cache-control: max-age=315360000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(),payment=()
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fonts.css
www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/ 1 KB
857 B 488ms
411ms Stylesheet
text/css 2600:9000:2512:1200:13:46b5:7d80:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/fonts.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:1200:13:46b5:7d80:93a1 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

adc96b6efe5919552898681732312c97108a36e5d17d1bd20044c09f31b7e43b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.deutsche-bank.de
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, allow-from https://meine.deutsche-bank.de

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://banking.postbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:54:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 441f91af2fc013470161b54d14d10a44.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors https://*.deutsche-bank.de
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 226
last-modified: Wed, 24 Feb 2021 08:20:14 GMT
server: Apache
db-nickname: VTJGc2RHVmtYMTlra2lrbklrc29SQmJtdzI0bFhGL2xnOGt3bVdnTVdHRT0=
vary: Accept-Encoding,Origin
x-frame-options: SAMEORIGIN, allow-from https://meine.deutsche-bank.de
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: mBoss4G_etsNpkrBi7feJxUCzUGpZiws76UU9J39Oh5Gl9rr1Yh4Uw==
expires: Mon, 26 Feb 2024 14:54:56 GMT

GET
H3 200 styles.70d6ae8c7a953b81.css
banking.postbank.de/ 271 KB
41 KB 101ms
100ms Stylesheet
text/css 34.149.53.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.postbank.de/styles.70d6ae8c7a953b81.css

Requested by

Host: banking.postbank.de
URL: https://banking.postbank.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.53.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.53.149.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

3cb4ec283d959d8da35ce21bb1a2bbd68d407d70f75e7b3b70e9de3c97ad125d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src blob: .postbank.de .fyrst.de .deutsche-bank.de .db.com .usercentrics.eu .privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' .postbank.de .fyrst.de .deutsche-bank.de https://.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://.usercentrics.eu bam.eu01.nr-data.net .postbank.de .fyrst.de .deutsche-bank.de *.privatevault.ch ; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://banking.postbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src 'self'; frame-src blob: *.postbank.de *.fyrst.de *.deutsche-bank.de *.db.com *.usercentrics.eu *.privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' *.postbank.de *.fyrst.de *.deutsche-bank.de https://*.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://*.usercentrics.eu bam.eu01.nr-data.net *.postbank.de *.fyrst.de *.deutsche-bank.de *.privatevault.ch ; object-src 'none'
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 14:54:56 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41715
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sat, 25 Feb 2023 15:02:14 GMT
server: Google Frontend
etag: "63fa22f6-a2f3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-cloud-trace-context: 7c704155c927621d8a342cf6525e6600
cache-control: max-age=315360000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(),payment=()
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 usercentrics-3.13.0.js Show response
banking.postbank.de/assets/scripts/ 765 KB
223 KB 101ms
100ms Script
application/javascript 34.149.53.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.postbank.de/assets/scripts/usercentrics-3.13.0.js

Requested by

Host: banking.postbank.de
URL: https://banking.postbank.de/assets/newrelic-loader-1216.js?ts=20221206

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.53.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.53.149.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

99cca1d08a7b5464175b27358a5871271f387265cc5892c96a64035f23fa1063

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src blob: .postbank.de .fyrst.de .deutsche-bank.de .db.com .usercentrics.eu .privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' .postbank.de .fyrst.de .deutsche-bank.de https://.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://.usercentrics.eu bam.eu01.nr-data.net .postbank.de .fyrst.de .deutsche-bank.de *.privatevault.ch ; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://banking.postbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src 'self'; frame-src blob: *.postbank.de *.fyrst.de *.deutsche-bank.de *.db.com *.usercentrics.eu *.privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' *.postbank.de *.fyrst.de *.deutsche-bank.de https://*.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://*.usercentrics.eu bam.eu01.nr-data.net *.postbank.de *.fyrst.de *.deutsche-bank.de *.privatevault.ch ; object-src 'none'
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 14:54:56 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 227649
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sat, 25 Feb 2023 15:02:11 GMT
server: Google Frontend
etag: "63fa22f3-37941"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-cloud-trace-context: b36c567b345de719ff3f5e04ec7f41e6
cache-control: max-age=315360000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(),payment=()
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 pb-logo-splash.e83ae1f69ca2f23d.svg
banking.postbank.de/ 1 KB
660 B 100ms
100ms Image
image/svg+xml 34.149.53.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.postbank.de/pb-logo-splash.e83ae1f69ca2f23d.svg

Requested by

Host: banking.postbank.de
URL: https://banking.postbank.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.53.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.53.149.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

3ab65524380fa9267bbcf2d4df64def918baeeaf4df69a2d58026d2149b68d96

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src blob: .postbank.de .fyrst.de .deutsche-bank.de .db.com .usercentrics.eu .privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' .postbank.de .fyrst.de .deutsche-bank.de https://.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://.usercentrics.eu bam.eu01.nr-data.net .postbank.de .fyrst.de .deutsche-bank.de *.privatevault.ch ; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://banking.postbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src 'self'; frame-src blob: *.postbank.de *.fyrst.de *.deutsche-bank.de *.db.com *.usercentrics.eu *.privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' *.postbank.de *.fyrst.de *.deutsche-bank.de https://*.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://*.usercentrics.eu bam.eu01.nr-data.net *.postbank.de *.fyrst.de *.deutsche-bank.de *.privatevault.ch ; object-src 'none'
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 14:54:56 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 632
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sat, 25 Feb 2023 15:02:11 GMT
server: Google Frontend
etag: "63fa22f3-278"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-cloud-trace-context: 7e4178dbece1aedbd9a64356c130fb41
cache-control: max-age=900
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(),payment=()
expires: Sun, 26 Feb 2023 15:09:56 GMT

OPTIONS
H2 200 languages.json
api.usercentrics.eu/settings/xSrVHkQp_/latest/ Frame 0
0 190ms
100ms Preflight
text/html 2600:1901:0:c07c::

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/xSrVHkQp_/latest/languages.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: -, , ASN (),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://banking.postbank.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 26 Feb 2023 14:54:56 GMT
expires: Sun, 26 Feb 2023 14:54:56 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: CA,CAQC
x-guploader-uploadid: ADPycduFajQG_eeBQ8Raq0Y7A9jmO3g3tQpXsmaBIdgN1WUnQFGbmyq1XkNkUgzSt6tlx940FZ2sYZxudUs6F-gvFooeTA

GET
H2 200 languages.json Show response
api.usercentrics.eu/settings/xSrVHkQp_/latest/ 66 B
612 B 124ms
123ms Fetch
application/json 2600:1901:0:c07c::

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/xSrVHkQp_/latest/languages.json

Requested by

Host: banking.postbank.de
URL: https://banking.postbank.de/assets/newrelic-loader-1216.js?ts=20221206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: -, , ASN (),

Reverse DNS

Software

UploadServer /

Resource Hash

eb3f4cf387fca0337770c0919834536dca1fc6c95ec5d142c46537a0f20ec14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://banking.postbank.de/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Sun, 26 Feb 2023 14:54:56 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 0
x-client-geo-location: CA,CAQC
x-guploader-uploadid: ADPycduu3zj1fMEo5JkYpqv8MO9z7MGqzLdxRCS7oAhE3o04BOFr_eRPbBihIDwob9aeiMzKsBqQSRQ2DljmRKAZblWDKA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71
last-modified: Mon, 20 Feb 2023 15:13:48 GMT
server: UploadServer
etag: "645afc9e7aa2c884f8a470fd78671460"
vary: Accept-Encoding
x-goog-generation: 1676906028349299
x-goog-hash: crc32c=VEQXGw==, md5=ZFr8nnqiyIT4pHD9eGcUYA==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=60
x-goog-stored-content-length: 71
accept-ranges: bytes
content-type: application/json
expires: Sun, 26 Feb 2023 14:55:56 GMT

GET
H2 200 FrutigerLTW05-55Roman.woff2
www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/ 25 KB
26 KB 257ms
219ms Font
font/woff2 2600:9000:2512:1200:13:46b5:7d80:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/FrutigerLTW05-55Roman.woff2

Requested by

Host: www.deutsche-bank.de
URL: https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:1200:13:46b5:7d80:93a1 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

55cb206a77ff71092c309352fcb5927a389382ae678bab55f85ab13ed6239d31

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.deutsche-bank.de
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, allow-from https://meine.deutsche-bank.de

Request headers

Referer: https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/fonts.css
Origin: https://banking.postbank.de
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:54:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: frame-ancestors https://*.deutsche-bank.de
via: 1.1 33b70e58e860e3444a806072eb0401a6.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 25764
last-modified: Wed, 24 Feb 2021 08:20:14 GMT
server: Apache
db-nickname: VTJGc2RHVmtYMTlra2lrbklrc29SQmJtdzI0bFhGL2xnOGt3bVdnTVdHRT0=
vary: Origin
x-frame-options: SAMEORIGIN, allow-from https://meine.deutsche-bank.de
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 6KE5qcYYiV_GekBFLlmXTPyiN5TlntmCnM48774mHqRciflMjdo8ow==
expires: Mon, 26 Feb 2024 14:54:56 GMT

GET
H3 200 config.json Show response
banking.postbank.de/assets/ 6 KB
2 KB 107ms
106ms XHR
application/json 34.149.53.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.postbank.de/assets/config.json

Requested by

Host: banking.postbank.de
URL: https://banking.postbank.de/assets/newrelic-loader-1216.js?ts=20221206

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.53.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.53.149.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

4a54efbdee87c0c3d7bcee51a6f020551df2756f82e9d60ef0b361fbbd3a59f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src blob: .postbank.de .fyrst.de .deutsche-bank.de .db.com .usercentrics.eu .privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' .postbank.de .fyrst.de .deutsche-bank.de https://.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://.usercentrics.eu bam.eu01.nr-data.net .postbank.de .fyrst.de .deutsche-bank.de *.privatevault.ch ; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://banking.postbank.de/
tracestate: 2988442@nr=0-1-3497424-433704598-a227394c4a5d60d4----1677423296624
traceparent: 00-27811e51e79febf1630bb396e8aea537-a227394c4a5d60d4-01
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0OTc0MjQiLCJhcCI6IjQzMzcwNDU5OCIsImlkIjoiYTIyNzM5NGM0YTVkNjBkNCIsInRyIjoiMjc4MTFlNTFlNzlmZWJmMTYzMGJiMzk2ZThhZWE1MzciLCJ0aSI6MTY3NzQyMzI5NjYyNCwidGsiOiIyOTg4NDQyIn19

Response headers

content-security-policy: default-src 'self'; frame-src blob: *.postbank.de *.fyrst.de *.deutsche-bank.de *.db.com *.usercentrics.eu *.privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' *.postbank.de *.fyrst.de *.deutsche-bank.de https://*.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://*.usercentrics.eu bam.eu01.nr-data.net *.postbank.de *.fyrst.de *.deutsche-bank.de *.privatevault.ch ; object-src 'none'
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 14:54:56 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1696
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sun, 26 Feb 2023 02:00:19 GMT
server: Google Frontend
etag: "63fabd33-6a0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
x-cloud-trace-context: 27811e51e79febf1630bb396e8aea537;o=1
cache-control: max-age=300
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(),payment=()
expires: Sun, 26 Feb 2023 14:59:56 GMT

GET
H3 200 version.json Show response
banking.postbank.de/assets/ 72 B
115 B 105ms
105ms XHR
application/json 34.149.53.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.postbank.de/assets/version.json

Requested by

Host: banking.postbank.de
URL: https://banking.postbank.de/assets/newrelic-loader-1216.js?ts=20221206

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.53.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.53.149.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

245a7488a2fae6a166c6fb1ff9111b761771b71bb3a18ca4ec4bfe6159162847

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src blob: .postbank.de .fyrst.de .deutsche-bank.de .db.com .usercentrics.eu .privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' .postbank.de .fyrst.de .deutsche-bank.de https://.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://.usercentrics.eu bam.eu01.nr-data.net .postbank.de .fyrst.de .deutsche-bank.de *.privatevault.ch ; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://banking.postbank.de/
tracestate: 2988442@nr=0-1-3497424-433704598-6de053a159ddf8b0----1677423296626
traceparent: 00-51788b050285831108cec22a54854369-6de053a159ddf8b0-01
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0OTc0MjQiLCJhcCI6IjQzMzcwNDU5OCIsImlkIjoiNmRlMDUzYTE1OWRkZjhiMCIsInRyIjoiNTE3ODhiMDUwMjg1ODMxMTA4Y2VjMjJhNTQ4NTQzNjkiLCJ0aSI6MTY3NzQyMzI5NjYyNiwidGsiOiIyOTg4NDQyIn19

Response headers

content-security-policy: default-src 'self'; frame-src blob: *.postbank.de *.fyrst.de *.deutsche-bank.de *.db.com *.usercentrics.eu *.privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' *.postbank.de *.fyrst.de *.deutsche-bank.de https://*.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://*.usercentrics.eu bam.eu01.nr-data.net *.postbank.de *.fyrst.de *.deutsche-bank.de *.privatevault.ch ; object-src 'none'
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 14:54:56 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sat, 25 Feb 2023 15:02:11 GMT
server: Google Frontend
etag: "63fa22f3-57"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
x-cloud-trace-context: 51788b050285831108cec22a54854369;o=1
cache-control: max-age=300
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(),payment=()
expires: Sun, 26 Feb 2023 14:59:56 GMT

GET
H3 200 feature-flags.json Show response
banking.postbank.de/assets/ 289 B
216 B 109ms
108ms XHR
application/json 34.149.53.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.postbank.de/assets/feature-flags.json

Requested by

Host: banking.postbank.de
URL: https://banking.postbank.de/assets/newrelic-loader-1216.js?ts=20221206

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.53.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.53.149.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

33cbd31c2ea753dff07a281e496234b9003987438e062480ea26431b0f129d55

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src blob: .postbank.de .fyrst.de .deutsche-bank.de .db.com .usercentrics.eu .privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' .postbank.de .fyrst.de .deutsche-bank.de https://.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://.usercentrics.eu bam.eu01.nr-data.net .postbank.de .fyrst.de .deutsche-bank.de *.privatevault.ch ; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://banking.postbank.de/
tracestate: 2988442@nr=0-1-3497424-433704598-3c5f83f82c97266f----1677423296627
traceparent: 00-ba96d38ed59979c134feb69f1258e737-3c5f83f82c97266f-01
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0OTc0MjQiLCJhcCI6IjQzMzcwNDU5OCIsImlkIjoiM2M1ZjgzZjgyYzk3MjY2ZiIsInRyIjoiYmE5NmQzOGVkNTk5NzljMTM0ZmViNjlmMTI1OGU3MzciLCJ0aSI6MTY3NzQyMzI5NjYyNywidGsiOiIyOTg4NDQyIn19

Response headers

content-security-policy: default-src 'self'; frame-src blob: *.postbank.de *.fyrst.de *.deutsche-bank.de *.db.com *.usercentrics.eu *.privatevault.ch 'self'; font-src data: 'self' www.deutsche-bank.de www.postbank.de; img-src data: blob: 'self' *.postbank.de *.fyrst.de *.deutsche-bank.de https://*.usercentrics.eu; script-src 'unsafe-eval' 'unsafe-inline' 'self' bam.eu01.nr-data.net; worker-src data: blob:; style-src 'self' 'unsafe-inline' www.deutsche-bank.de www.postbank.de; connect-src 'self' https://*.usercentrics.eu bam.eu01.nr-data.net *.postbank.de *.fyrst.de *.deutsche-bank.de *.privatevault.ch ; object-src 'none'
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 14:54:56 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 188
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sun, 26 Feb 2023 02:00:19 GMT
server: Google Frontend
etag: "63fabd33-bc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
x-cloud-trace-context: ba96d38ed59979c134feb69f1258e737
cache-control: max-age=300
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(),payment=()
expires: Sun, 26 Feb 2023 14:59:56 GMT

OPTIONS
H3 200 de.json
api.usercentrics.eu/settings/xSrVHkQp_/latest/ Frame 0
0 100ms
100ms Preflight
text/html 2600:1901:0:c07c::

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/xSrVHkQp_/latest/de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: -, , ASN (),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://banking.postbank.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 26 Feb 2023 14:54:56 GMT
expires: Sun, 26 Feb 2023 14:54:56 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: CA,CAQC
x-guploader-uploadid: ADPycdvb6Dens6VWgYLd_NOte-QTC4WT-XJ2duAzOX2wjv9XNDQ29t_pCeWxr8hO_Co0yorxGzXC5IpkQF7YSuDO7ikmZQ

GET
H3 200 de.json Show response
api.usercentrics.eu/settings/xSrVHkQp_/latest/ 28 KB
8 KB 105ms
105ms Fetch
application/json 2600:1901:0:c07c::

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/xSrVHkQp_/latest/de.json

Requested by

Host: banking.postbank.de
URL: https://banking.postbank.de/assets/newrelic-loader-1216.js?ts=20221206

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: -, , ASN (),

Reverse DNS

Software

UploadServer /

Resource Hash

a2eaa3e89dc8f8f8388cd25f17acd89348679f4d9bba50d1bab9fea151a47ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://banking.postbank.de/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Sun, 26 Feb 2023 14:54:56 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 0
x-client-geo-location: CA,CAQC
x-guploader-uploadid: ADPycdtKEbnXKB08MdpEhOOID4QGxAgJe6e7D0eHSgDwBWcjLg7W8aMHoo7LGNVe6U0bbpIlxTbfAleYac21Qgb4_UBcqw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8644
last-modified: Mon, 20 Feb 2023 15:13:48 GMT
server: UploadServer
etag: "19c030c9bc9cfdaba3d61e313ad1ec1f"
vary: Accept-Encoding
x-goog-generation: 1676906028354539
x-goog-hash: crc32c=f5zqqg==, md5=GcAwybyc/auj1h4xOtHsHw==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=60
x-goog-stored-content-length: 8644
accept-ranges: bytes
content-type: application/json
expires: Sun, 26 Feb 2023 14:55:56 GMT

GET authorize
api.olb.postbank.de/oneid/am/oauth2/realms/root/realms/consumer/ 0
0

OPTIONS
H2 200 authorize
api.olb.postbank.de/oneid/am/oauth2/realms/root/realms/consumer/ Frame 0
0 156ms
111ms Preflight 34.120.213.176

General

Check archive.org

Show headers Download Go to

Full URL

https://api.olb.postbank.de/oneid/am/oauth2/realms/root/realms/consumer/authorize?client_id=163440-1_onlineBankingClient&redirect_uri=https%3A%2F%2Fapi.olb.postbank.de%2Foneid%2Fam%2FisAlive.jsp&response_type=code&scope=openid&state=MjA5MjAzMTQwMTU4MTQ4MTYxODYxMjE5MzEzNzI1Mjg1NjMyNzgzNA&code_challenge=FV5ITA814BtlGyerIK9j8ezyuDY_4sRgKR98IeDek94&code_challenge_method=S256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.213.176 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.postbank.de
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,deuba-client-brand,deuba-client-id,deuba-client-os,deuba-client-os-version,deuba-client-version,deuba-correlation-id,newrelic,traceparent,tracestate
Access-Control-Request-Method: GET
Origin: https://banking.postbank.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

accept: */*
accept-encoding: gzip, deflate, br
access-control-allow-credentials: true
access-control-allow-headers: origin, referer, x-requested-with, accept, content-type, authorization, newrelic, traceparent, tracestate, x-auth-cookie-path, deuba-client-id, deuba-client-version, deuba-client-os, deuba-client-os-version, x-jwt-authorization, x-deuba-gpp-ab-testing, deuba-ab-testing, deuba-client-brand, deuba-client-id, deuba-gvo, x-trx-signing-token, x-fe-request-id, x-request-id, x-fe-correlation-id, deuba-correlation-id, accept-api-version, x-openidm-username, x-openidm-nosession, x-openidm-password, x-openam-username, x-openam-nosession, x-openam-password, if-match, if-none-match, accept-version, x-deuba-subject, apikey, payment-type, deuba-ciam-context-id, deuba-ciam-session-id, deuba-ciam-subject, bvt
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH
access-control-allow-origin: https://banking.postbank.de
access-control-max-age: 3628800
access-control-request-headers: apikey,deuba-client-brand,deuba-client-id,deuba-client-os,deuba-client-os-version,deuba-client-version,deuba-correlation-id,newrelic,traceparent,tracestate
access-control-request-method: GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
content-length: 0
content-security-policy: frame-ancestors https://*.postbank.de
date: Sun, 26 Feb 2023 14:54:56 GMT
origin: https://banking.postbank.de
pragma: no-cache
referer: https://banking.postbank.de/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
strict-transport-security: max-age=31536000; includeSubDomains
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
via: 1.1 google, 1.1 google
x-apim-gateway-id: apigee-external
x-apim-org-id: db-prd-qe42-apigee-x-1
x-apim-region-id: europe-west1
x-b3-sampled: 0
x-b3-spanid: c264f33fd388cc0d
x-b3-traceid: 8167ea005cff646bc264f33fd388cc0d
x-client-geo-location: , FR,,
x-cloud-trace-context: 0f387f7ae48a425bb5f967b23b04c74a/1942763885604638978
x-forwarded-for: 149.56.153.180, 34.120.213.176,100.80.144.11
x-forwarded-proto: https
x-frame-options: DENY
x-request-id: f51c5525-53f2-499a-9378-9b316bfac026
x-sf-cors: true

GET
H2 200 cross-domain-bridge.html Show response
app.usercentrics.eu/browser-sdk/4.19.0/ Frame D9AF 5 KB
2 KB 39ms
13ms Document
text/html 2600:1901:0:5987::

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-sdk/4.19.0/cross-domain-bridge.html

Requested by

Host: banking.postbank.de
URL: https://banking.postbank.de/assets/newrelic-loader-1216.js?ts=20221206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: -, , ASN (),

Reverse DNS

Software

UploadServer /

Resource Hash

8563f915516318c564b1a4b4d4005778294178cfac736d0ed7dd5afa86d4cd50

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://banking.postbank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type Content-Length Transfer-Encoding
age: 495613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=2592000, no-transform
content-encoding: gzip
content-length: 1123
content-type: text/html
date: Mon, 20 Feb 2023 21:14:43 GMT
etag: "2977ec05195d0423dfda055af3288b9d"
expires: Wed, 22 Mar 2023 21:14:43 GMT
last-modified: Thu, 08 Dec 2022 14:42:47 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-goog-generation: 1670510567794287
x-goog-hash: crc32c=bXcD0Q== md5=KXfsBRldBCPf2gVa8yiLnQ==
x-goog-metageneration: 2
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1123
x-guploader-uploadid: ADPycdukqgkd6xTZCZadDrBjK2luAoetM1UcmQdGbt9o-Yx7wiLOkYpX8j0TkEU6xH43vtmrv0GkiFMdxj8LSD7zWOdH9g

GET
H2 200 1px.png
app.usercentrics.eu/session/ 489 B
854 B 13ms
12ms Image
image/png 2600:1901:0:5987::

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.usercentrics.eu/session/1px.png?settingsId=xSrVHkQp_

Requested by

Host: banking.postbank.de
URL: https://banking.postbank.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: -, , ASN (),

Reverse DNS

Software

UploadServer /

Resource Hash

009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://banking.postbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:37:11 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1065
x-guploader-uploadid: ADPycdtBQZjHbVJdY8XZu2JcTiU4PAfPLyFMY2TdVB4CwM0cva35Ny0S1dGCyIKUlrXclWqcf5v_gV4KT5sAnPn38nBzUQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 522
last-modified: Fri, 08 May 2020 09:06:13 GMT
server: UploadServer
etag: "3702ada73b8951017b8451cbd6a96523"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1588928773413784
x-goog-hash: crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type: image/png
cache-control: public,max-age=1800,no-transform
x-goog-stored-content-length: 522
accept-ranges: bytes
expires: Sun, 26 Feb 2023 15:07:11 GMT

GET
H3 200 translations-de.json Show response
api.usercentrics.eu/translations/ 8 KB
3 KB 15ms
14ms Fetch
application/json 2600:1901:0:c07c::

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-de.json

Requested by

Host: banking.postbank.de
URL: https://banking.postbank.de/assets/newrelic-loader-1216.js?ts=20221206

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: -, , ASN (),

Reverse DNS

Software

UploadServer /

Resource Hash

5726f479faf0b0e93fe5e114e4059e25908c7d4cebeef1805bb3531d1e2175ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://banking.postbank.de/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Sun, 26 Feb 2023 07:06:08 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 28129
x-client-geo-location: CA,CAQC
x-guploader-uploadid: ADPycduECvY77LFVaIyM8FJBsSjZLl7tVNfFpEOhbMw1KRubh5xF7Q7yLO-nZeL9lJeLf-pkiCjogvaKtNLhzEzYbV9HDQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2825
last-modified: Mon, 23 Jan 2023 13:18:45 GMT
server: UploadServer
etag: "39df8ef384e368a1b53b499b1d535249"
vary: Accept-Encoding
x-goog-generation: 1674479924944316
x-goog-hash: crc32c=3t2x1Q==, md5=Od+O84TjaKG1O0mbHVNSSQ==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400, s-maxage=86400
x-goog-stored-content-length: 2825
accept-ranges: bytes
content-type: application/json
expires: Mon, 27 Feb 2023 07:06:08 GMT

OPTIONS
H3 200 translations-de.json
api.usercentrics.eu/translations/ Frame 0
0 99ms
98ms Preflight
text/html 2600:1901:0:c07c::

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: -, , ASN (),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://banking.postbank.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 26 Feb 2023 14:54:57 GMT
expires: Sun, 26 Feb 2023 14:54:57 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: CA,CAQC
x-guploader-uploadid: ADPycdtyFgiwimf1LdPzm68lucdadS0MEiFUV5LRE-UcPMOdhHfTBM1PoCJ2UrlQ31-khwY8-KKUFR0f4I60J1vG7onNkg

GET newrelic-agent-1216.js
banking.postbank.de/assets/scripts/ 0
0

GET de
aggregator.service.usercentrics.eu/aggregate/ 0
0

OPTIONS de
aggregator.service.usercentrics.eu/aggregate/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.addevent.com
URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=201998f2-7a2f-4d8f-0870-b56497195786&url=https%3A%2F%2Fgramos265fe0.clickfunnels.com%2Foptin1677266409142&cache=1677423291970

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/jserrors/1/NRJS-fc902efb332119fff33?a=367981416&v=1225.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=5328&ck=0&s=620ac0bc32c344b6&ref=https://gramos265fe0.clickfunnels.com/optin1677266409142

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/events/1/NRJS-fc902efb332119fff33?a=367981416&v=1225.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=5330&ck=0&s=620ac0bc32c344b6&ref=https://gramos265fe0.clickfunnels.com/optin1677266409142

Domain: gramos265fe0.clickfunnels.com
URL: https://gramos265fe0.clickfunnels.com/cdn-cgi/rum?

Domain: api.olb.postbank.de
URL: https://api.olb.postbank.de/oneid/am/oauth2/realms/root/realms/consumer/authorize?client_id=163440-1_onlineBankingClient&redirect_uri=https%3A%2F%2Fapi.olb.postbank.de%2Foneid%2Fam%2FisAlive.jsp&response_type=code&scope=openid&state=MjA5MjAzMTQwMTU4MTQ4MTYxODYxMjE5MzEzNzI1Mjg1NjMyNzgzNA&code_challenge=FV5ITA814BtlGyerIK9j8ezyuDY_4sRgKR98IeDek94&code_challenge_method=S256

Domain: banking.postbank.de
URL: https://banking.postbank.de/assets/scripts/newrelic-agent-1216.js

Domain: aggregator.service.usercentrics.eu
URL: https://aggregator.service.usercentrics.eu/aggregate/de?templates=8Tzrh5crUMnin5@3.1.0,AllulnW6mjNqvN@12.6.10,Dq850tJ1K@3.1.0,N6Zc9nerb@2.1.0,RUGHfUkfM@3.1.0,SYz5hNpZs@4.0.0,dbWehKPK5@5.3.0,djkBIJeZNtJ8dw@5.1.0,kHdPijPQ6@9.8.2,s6hwQQuGlo5Gnh@6.4.0,tAkVxzS4C@3.0.0

Domain: aggregator.service.usercentrics.eu
URL: https://aggregator.service.usercentrics.eu/aggregate/de?templates=8Tzrh5crUMnin5@3.1.0,AllulnW6mjNqvN@12.6.10,Dq850tJ1K@3.1.0,N6Zc9nerb@2.1.0,RUGHfUkfM@3.1.0,SYz5hNpZs@4.0.0,dbWehKPK5@5.3.0,djkBIJeZNtJ8dw@5.1.0,kHdPijPQ6@9.8.2,s6hwQQuGlo5Gnh@6.4.0,tAkVxzS4C@3.0.0

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.clickfunnels.com/	1970-01-20 09:57:05	Name: __cf_bm Value: v4V7W_pedsNP0BfShCVAnYjThIQIumT6rfgsmbcydck-1677423290-0-AUod26LRsOM4fdjTLeGmbLhLQRJa3ldEvmoYwYNWyG0AbEjQ7G1afgZ3VaFsEQKaY2EYNhJm3OGFTP/j16DEqcnny+BFcIlIMLUs5kzarDSU
gramos265fe0.clickfunnels.com/	1970-01-20 18:42:39	Name: addevent_track_cookie Value: 201998f2-7a2f-4d8f-0870-b56497195786
gramos265fe0.clickfunnels.com/	1970-01-20 18:42:39	Name: cf:aff_sub2 Value:
gramos265fe0.clickfunnels.com/	1970-01-20 18:42:39	Name: cf:aff_sub3 Value:
gramos265fe0.clickfunnels.com/	1970-01-20 18:42:39	Name: cf:aff_sub Value:
gramos265fe0.clickfunnels.com/	1970-01-20 18:42:39	Name: cf:affiliate_id Value:
gramos265fe0.clickfunnels.com/	1970-01-20 18:42:39	Name: cf:cf_affiliate_id Value:
gramos265fe0.clickfunnels.com/	1970-01-20 18:42:39	Name: cf:content Value:
gramos265fe0.clickfunnels.com/	1970-01-20 18:42:39	Name: cf:medium Value:
gramos265fe0.clickfunnels.com/	1970-01-20 18:42:39	Name: cf:name Value:
gramos265fe0.clickfunnels.com/	1970-01-20 18:42:39	Name: cf:source Value:
gramos265fe0.clickfunnels.com/	1970-01-20 18:42:39	Name: cf:term Value:
gramos265fe0.clickfunnels.com/	1970-01-20 18:42:39	Name: cf:NTg0MTM3NTU Value: :visited=true
gramos265fe0.clickfunnels.com/	1970-01-20 18:42:39	Name: cf:visitor_id Value: 87c88651-3066-4abb-bc1f-e14a4043af1b
.www.clickfunnels.com/	1970-01-20 09:57:05	Name: __cf_bm Value: kVTbwPn1iU._mIE83tA4XENFjsFXuesHFIve1ry5P20-1677423292-0-AbHnukUkqC7Dko79xk/YRoy6oAhPIq6NpYf4aiNLloMDIUTsMz5YteXZ3ocOv80A3yCYGSNHqQRRUMq2qh5m07c=
gramos265fe0.clickfunnels.com/	1969-12-31 23:59:59	Name: is_eu Value: false
gramos265fe0.clickfunnels.com/	1970-01-20 18:42:39	Name: ugxq3lf8b7voxnye Value: true
gramos265fe0.clickfunnels.com/	1970-01-20 18:42:39	Name: 12821336_viewed_1 Value: 1
postbanprive.nl/	1969-12-31 23:59:59	Name: PHPSESSID Value: 373f8ifg5va065eknqql26o4oo

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=201998f2-7a2f-4d8f-0870-b56497195786&url=https%3A%2F%2Fgramos265fe0.clickfunnels.com%2Foptin1677266409142&cache=1677423291970 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aggregator.service.usercentrics.eu
api.olb.postbank.de
api.usercentrics.eu
app.clickfunnels.com
app.usercentrics.eu
bam.nr-data.net
banking.postbank.de
classic.clickfunnels.com
fonts.googleapis.com
gramos265fe0.clickfunnels.com
images.clickfunnels.com
js-agent.newrelic.com
postbanprive.nl
scambinance.com
static.cloudflareinsights.com
track.addevent.com
use.fontawesome.com
www.clickfunnels.com
www.deutsche-bank.de
aggregator.service.usercentrics.eu
api.olb.postbank.de
bam.nr-data.net
banking.postbank.de
gramos265fe0.clickfunnels.com
track.addevent.com
151.101.66.137
162.247.241.14
2600:1901:0:5987::
2600:1901:0:c07c::
2600:9000:2512:1200:13:46b5:7d80:93a1
2606:4700:3036::6815:2499
2606:4700:4400::6812:27b5
2606:4700::6810:3965
2606:4700::6810:dc2
2606:4700::6810:fc2
2606:4700:e2::ac40:850f
2607:f8b0:4006:81f::200a
2a0d:2407:8:4a::144
34.120.213.176
34.149.53.217
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
04b701caa790262bd1fca759ffac2fcade3ca980cf9d3993dca5f177c1a04a2a
097470e23f8d1c30d0084525fa8f32ec880f6b75d077f3ada9324d2e8a80ec80
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
245a7488a2fae6a166c6fb1ff9111b761771b71bb3a18ca4ec4bfe6159162847
33cbd31c2ea753dff07a281e496234b9003987438e062480ea26431b0f129d55
3ab65524380fa9267bbcf2d4df64def918baeeaf4df69a2d58026d2149b68d96
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cb4ec283d959d8da35ce21bb1a2bbd68d407d70f75e7b3b70e9de3c97ad125d
4a54efbdee87c0c3d7bcee51a6f020551df2756f82e9d60ef0b361fbbd3a59f8
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
55cb206a77ff71092c309352fcb5927a389382ae678bab55f85ab13ed6239d31
5726f479faf0b0e93fe5e114e4059e25908c7d4cebeef1805bb3531d1e2175ea
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474
6ef0e09337a96a66773c15256af91dfdf6de3d69df9c3e3803429c2bdc76a135
7140f31352daaa6f5ff736c28cd2420d213d03f975aac693075f480f7167badb
7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
7c0fd548efb72cdc3f1e55d82cfdc8873433951fbe7df700c0f9e0b20ccd0817
8563f915516318c564b1a4b4d4005778294178cfac736d0ed7dd5afa86d4cd50
99cca1d08a7b5464175b27358a5871271f387265cc5892c96a64035f23fa1063
9d3e211109bf6b1d3f35e6c5ba44e4acaa60a8f3f90f9179bca2d534397c7054
a2eaa3e89dc8f8f8388cd25f17acd89348679f4d9bba50d1bab9fea151a47ab9
a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b
a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3
adc96b6efe5919552898681732312c97108a36e5d17d1bd20044c09f31b7e43b
b958adbf03969cdce156b0505777931d85b392495f586962d3549f6cd15f9995
c3c0d4cf8bd7fc1d5075b56dd74b114cb42c7a96d3ace3dadc336197d6bea445
c80c322be9e78777116c613e806586a47e5569b1f4a692e3383e8e4fec07527b
c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb3f4cf387fca0337770c0919834536dca1fc6c95ec5d142c46537a0f20ec14b
ecd791404c202b8e53c60ea90c5126d63dc5df08816571fdca5013d5a2f46e0f
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321
fe6bf7c2d425099685ec948579a42c70ba966eaa2a9ae714030fcea13bf14c82

banking.postbank.de Open in urlscan Pro 34.149.53.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

82 %HTTPS

73 %IPv6

12 Domains

19 Subdomains

13 IPs

2 Countries

1486 kBTransfer

5485 kBSize

19 Cookies

0 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

banking.postbank.de Open in urlscan Pro
34.149.53.217 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

82 %
HTTPS

73 %
IPv6

12
Domains

19
Subdomains

13
IPs

2
Countries

1486 kB
Transfer

5485 kB
Size

19
Cookies

56 HTTP transactions
1 data transactions