urlscan.io logo urlscan.io
SecurityTrails logo

sso.qsibanking.com Open in urlscan Pro
74.208.172.144  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sso.qsibanking.com/
Effective URL: https://sso.qsibanking.com/login
Submission: On August 24 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 42 HTTP transactions. The main IP is 74.208.172.144, located in United States and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is sso.qsibanking.com.
TLS certificate: Issued by R10 on August 24th 2024. Valid for: 3 months.
This is the only time sso.qsibanking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 74.208.172.144 8560 (IONOS-AS ...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 104.17.24.14 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
2 142.250.186.132 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.252.149.51 8739 (ICDSOFT)
42 12
20    74.208.172.144 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ip74-208-172-144.pbiaas.com
sso.qsibanking.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
pro.fontawesome.com
3    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    192.252.149.51 (Waltham, United States)

ASN8739 (ICDSOFT, BG)
celarenet.com
Apex Domain
Subdomains		 Transfer
20 qsibanking.com
sso.qsibanking.com
1 MB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
275 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
55 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
12 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 10
989 B
2 fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 13950
191 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
fonts.googleapis.com — Cisco Umbrella Rank: 110
7 KB
1 celarenet.com
celarenet.com
11 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
30 KB
0 githubusercontent.com Failed
raw.githubusercontent.com Failed
42 10
Domain Requested by
20 sso.qsibanking.com 1 redirects sso.qsibanking.com
6 fonts.gstatic.com fonts.googleapis.com
4 cdn.jsdelivr.net sso.qsibanking.com
3 cdnjs.cloudflare.com sso.qsibanking.com
2 www.google.com sso.qsibanking.com
www.gstatic.com
2 pro.fontawesome.com sso.qsibanking.com
pro.fontawesome.com
1 celarenet.com sso.qsibanking.com
1 www.gstatic.com www.google.com
1 fonts.googleapis.com ajax.googleapis.com
1 code.jquery.com sso.qsibanking.com
1 ajax.googleapis.com sso.qsibanking.com
0 raw.githubusercontent.com Failed sso.qsibanking.com
42 12

This site contains links to these domains. Also see Links.

Domain
www.magner.com
fencobankequipment.com
www.gardall.com
www.fortissecurity.com
www.ncr.com
Subject Issuer Validity Valid
sso.qsibanking.com
R10		 2024-08-24 -
2024-11-22		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-27		 6 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.celarenet.com
R11		 2024-07-18 -
2024-10-16		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://sso.qsibanking.com/login
Frame ID: 9F6DBC98CB6E1B856A802D4ED6A343F3
Requests: 41 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdO5ucUAAAAAGo71FeyLWtV6K83JH6CgQuGO8_b&co=aHR0cHM6Ly9zc28ucXNpYmFua2luZy5jb206NDQz&hl=de&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=invisible&cb=yri3p1ueeupx
Frame ID: 00FB4755D6EB7F3826460A0C4D31F62B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

QSI SSO

Page URL History Show full URLs

  1. https://sso.qsibanking.com/ HTTP 302
    https://sso.qsibanking.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

42
Requests

98 %
HTTPS

64 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

2065 kB
Transfer

2797 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sso.qsibanking.com/ HTTP 302
    https://sso.qsibanking.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
sso.qsibanking.com/
Redirect Chain
  • https://sso.qsibanking.com/
  • https://sso.qsibanking.com/login
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.qsibanking.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
2388d57f2f0abf0b03cfc9a366e0a3a2d959473d3c56955de3931054bf00cee7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Aug 2024 14:33:36 GMT
Server
nginx
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Sat, 24 Aug 2024 14:33:36 GMT
Location
https://sso.qsibanking.com/login
Server
nginx
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.16/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sso.qsibanking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:46:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5480
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Aug 2025 12:46:14 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/ 		158 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sso.qsibanking.com/
Origin
https://sso.qsibanking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 14:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14166037
x-jsd-version
4.6.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
24176
x-served-by
cache-fra-eddf8230063-FRA, cache-lga21931-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=elfrMaxL6EpWvZbC%2FcMSMP84FXy8CgOEGbopCWkShHvEfo15Mw0W4XV8y9NjVMQJoDx9fO8tVrTFEAI4gucrSKr3bywQbvkIYRQjzXQ4F4EinCE6VJx0EbYGEjZeXfk5IZtRnIpzvd9iriPPj8k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b840ef7fa333681-FRA
all.css
pro.fontawesome.com/releases/v5.10.0/css/ 		153 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec

Request headers

Referer
https://sso.qsibanking.com/
Origin
https://sso.qsibanking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 14:33:37 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 28 Jun 2021 16:54:32 GMT
server
cloudflare
x-amz-request-id
C1DA4FSMY8KSPMM9
etag
W/"aa1272633e7e552395d147a499bad186"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
text/css
cache-control
max-age=31556926
cf-ray
8b840ef7fcb09214-FRA
x-amz-id-2
M704yyqzWGPW8EuMHb1KvvTYiv25uN7PoCVGArDhOxs2w2GfvPUaPWE7xoqRwnhH9o2wBaM3vIqL3FgGjnKbTMdBz08KmE/lX2kkrucIExY=
splide.min.css
cdn.jsdelivr.net/npm/@splidejs/splide@latest/dist/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@splidejs/splide@latest/dist/css/splide.min.css
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6e2a25c4c1b69087d720776ff9569e9698c9ec52bdd5659c346bcaca9ce28d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sso.qsibanking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 14:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24680
x-jsd-version
4.1.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1316
x-served-by
cache-fra-etou8220087-FRA, cache-lga21948-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"138a-nCVqx5aWVkM0NV+MS4SFkGd/1YM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3dEEPnOC1xUkfw1FVg9ygUA0nJ9ZZ29eLqzZrafbnt%2Fw14uox90PRNP8sAMLjIBKkdaqGtE2Mib7SdrpEbVT9%2Bg8dcHlpm%2B5R7yCVJcxgCGa3ZFdczqqw%2BU6koPTGpquWIVdnH382Dwog71jZ6M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b840ef7fd183666-FRA
toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.css
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://sso.qsibanking.com/
Origin
https://sso.qsibanking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 14:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
146645
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2640
last-modified
Sat, 06 Jan 2024 13:26:30 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"659946f6-a50"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E2i21Za5kIfUykthuzOPC1OUkMOGYNVNjvW5iocSeX6HY%2B5NwLaG51i1RV1mEdYbWWxpnwj3xGiQtZgHOo%2FPnGSZ8o57XgR4nETxXndB1zx%2BihfdFYiWRugAcr2K2XLN%2BprIi%2BSA"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b840ef67fd29159-FRA
expires
Thu, 14 Aug 2025 14:33:37 GMT
qr-code.css
sso.qsibanking.com/css/ 		959 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.qsibanking.com/css/qr-code.css?v=1.1
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
82657f81412166708c53e85bb4111ffd7bacb342fc8ab48094980c41d9bd2c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:44:19 GMT
Server
nginx
ETag
"66bcdee3-3bf"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
959
X-XSS-Protection
1; mode=block
bootstrap-pincode-input.css
sso.qsibanking.com/css/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.qsibanking.com/css/bootstrap-pincode-input.css
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
20e39dfd0f3ef6433fa4351f313fe77ed384694950d18db4559c4702d06348fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:42:03 GMT
Server
nginx
ETag
"66bcde5b-183a"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6202
X-XSS-Protection
1; mode=block
main.css
sso.qsibanking.com/css/ 		11 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.qsibanking.com/css/main.css
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
d6e9210c8cedb0998d3432478d4f69cd12f516a945552faaea1af22a5007ad9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:44:19 GMT
Server
nginx
ETag
"66bcdee3-2dc9"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11721
X-XSS-Protection
1; mode=block
splide.min.js
cdn.jsdelivr.net/npm/@splidejs/splide@latest/dist/js/ 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@splidejs/splide@latest/dist/js/splide.min.js
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159b16ec7d95e57f531a29d28e3c18278d7d5e46b6ec8f173c3996af21a55adc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sso.qsibanking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 14:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
32706
x-jsd-version
4.1.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12933
x-served-by
cache-fra-eddf8230099-FRA, cache-lga21950-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"746b-2972YX1vt/FBmWw6HVrvIC6t+Gc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wu%2FoSLMlHgNZzGkEf38EneHbFK2Kec6GUXi%2BhxELZoj1i3QyXf4shRbj5s2PIdfh96GQfANW8fsawF4nm2NVb%2FUl%2FbPCW7jHSSszovIbaqDk0Liiw7K4Nsxf%2FMq9YciwWBjnEk24TKm07I2arjI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b840ef7fd1c3666-FRA
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://sso.qsibanking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 14:33:37 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2346726
x-cache
HIT, HIT
content-length
30879
x-served-by
cache-lga21981-LGA, cache-fra-etou8220052-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1724510017.316021,VS0,VE0
etag
W/"28feccc0-15d84"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
9, 78288
toastr.min.js
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/js/toastr.min.js
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://sso.qsibanking.com/
Origin
https://sso.qsibanking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 14:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
106054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1884
last-modified
Sat, 06 Jan 2024 13:26:29 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"659946f5-75c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NRkvfUA2lHRwcYiES6KWvpfMq58MMi8wjka17Eif%2BszqhnqiuIPfo4%2BhdMlRiScbXs1Gg8%2Fr97FeVGjN0vjkYLTodn2OhRl24flx8l0lAbF3u8bwjiJnSo7G0pW69P4F1HSU84ex"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b840ef67fd89159-FRA
expires
Thu, 14 Aug 2025 14:33:37 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://sso.qsibanking.com/
Origin
https://sso.qsibanking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 14:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
106056
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6157
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4af4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6pYRTlJDj0nIAwsls0tueefSu01BvWoFhKL4sEW3PyHwYrvUtOaKWzCWC9Ybxg2KiXhMMv4Lz9Z8tJ%2Fm1rCs4S5h4fOWZ4O5DhcQrvmzz0Gok7431W%2BDfspFHMX5mC%2FXPt6%2BhJ6O"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b840ef67fda9159-FRA
expires
Thu, 14 Aug 2025 14:33:37 GMT
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/ 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.min.js
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sso.qsibanking.com/
Origin
https://sso.qsibanking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 14:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14157211
x-jsd-version
4.6.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15306
x-served-by
cache-fra-etou8220082-FRA, cache-lga21927-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"f463-4yQGPI9GxrKUJ98VQvECatIw9gQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=512GIoJpwX2k0rXbTC6SDmwaVVLOHT1Mnq2QenVpaYHjdMXxoHr28t3NSQktw4NAeJlukch9aDWYwwWnsfEkFYID0Y173SX7YOMCYiKlTsyZHZr%2BRPdYxdJTTw6DyV7bPEzaENMY6%2Bsqboqs9SY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b840ef7fa373681-FRA
bootstrap-pincode-input.js
sso.qsibanking.com/js/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.qsibanking.com/js/bootstrap-pincode-input.js
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
f032407f81499ca8f58487ef10d1e8e8141960925acca67ebdb1d285b6e43b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:42:03 GMT
Server
nginx
ETag
"66bcde5b-34e0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13536
X-XSS-Protection
1; mode=block
html5-qrcode.js
sso.qsibanking.com/js/ 		72 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.qsibanking.com/js/html5-qrcode.js
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
78969c323df2bb0af8c5fb0e04717d0eef2e571afdb70fec04c18aa9c7ec9e6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:42:03 GMT
Server
nginx
ETag
"66bcde5b-11ee9"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73449
X-XSS-Protection
1; mode=block
login-script.js
sso.qsibanking.com/js/ 		30 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.qsibanking.com/js/login-script.js?v=1.10
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
9f443276396607af5b556c55f30afa767403d0eef8ccfdb62607e5a865989b77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:44:19 GMT
Server
nginx
ETag
"66bcdee3-79b1"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31153
X-XSS-Protection
1; mode=block
logo_couple.png
sso.qsibanking.com/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.qsibanking.com/images/logo_couple.png
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
1a8e0e211ad02fb877e807677ba10a94a97041de6e4bf357152f60a2540e81c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:44:19 GMT
Server
nginx
ETag
"66bcdee3-39b4"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14772
X-XSS-Protection
1; mode=block
api.js
www.google.com/recaptcha/ 		1 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=&render=6LdO5ucUAAAAAGo71FeyLWtV6K83JH6CgQuGO8_b
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
bb4189cbaaf8cd311f12136301f538037673dee1d364c6d59cd9ea0e5fde06cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 14:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 24 Aug 2024 14:33:37 GMT
magner.jpg
sso.qsibanking.com/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.qsibanking.com/images/magner.jpg
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
8673f64cfe3ccfdffbb26da849a2ca98b633a1a0053e7739ff03bc5b29f50e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:42:03 GMT
Server
nginx
ETag
"66bcde5b-413b"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16699
X-XSS-Protection
1; mode=block
fenco.png
sso.qsibanking.com/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.qsibanking.com/images/fenco.png
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
1dc138ca4978bf1e216a01f4844ff9dee0a8a2826c25e7d441c2ed698ebb74f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:42:03 GMT
Server
nginx
ETag
"66bcde5b-1f75"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8053
X-XSS-Protection
1; mode=block
gardall.jpg
sso.qsibanking.com/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.qsibanking.com/images/gardall.jpg
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
31b3a5a06a30eba82d6ad426e77c3287a7f71946b5b2d4c366fbfe393c63220a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:42:03 GMT
Server
nginx
ETag
"66bcde5b-34a8"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13480
X-XSS-Protection
1; mode=block
fortis.png
sso.qsibanking.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.qsibanking.com/images/fortis.png
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
937957a3a0bfdab81c9e3fecbe732f3f37a8beb5c4fbca600da94171bdd10032
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:42:03 GMT
Server
nginx
ETag
"66bcde5b-1102"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4354
X-XSS-Protection
1; mode=block
ncr.jpg
sso.qsibanking.com/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.qsibanking.com/images/ncr.jpg
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
4f50926ee990ebb795a9e5ceb44d606c179e310b8f5f6d08f0b7c2dcb0c5090d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:42:03 GMT
Server
nginx
ETag
"66bcde5b-4758"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18264
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		5 KB
1019 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CAsap+Condensed:500
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8bfc19c85ff4b05b4b95aff756b0b99e5999d4916bbd54c21596df1fc5521604
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sso.qsibanking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Aug 2024 14:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 24 Aug 2024 14:33:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Aug 2024 14:33:37 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CAsap+Condensed:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sso.qsibanking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 07:58:24 GMT
x-content-type-options
nosniff
age
369313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7840
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:02:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 07:58:24 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CAsap+Condensed:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sso.qsibanking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:27:21 GMT
x-content-type-options
nosniff
age
345976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:27:21 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CAsap+Condensed:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sso.qsibanking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:07:09 GMT
x-content-type-options
nosniff
age
347188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:07:09 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CAsap+Condensed:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sso.qsibanking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 13:59:12 GMT
x-content-type-options
nosniff
age
347665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 13:59:12 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CAsap+Condensed:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sso.qsibanking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 07:58:24 GMT
x-content-type-options
nosniff
age
369313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 07:58:24 GMT
pxieypY1o9NHyXh3WvSbGSggdO9_S1lDims.woff2
fonts.gstatic.com/s/asapcondensed/v17/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/asapcondensed/v17/pxieypY1o9NHyXh3WvSbGSggdO9_S1lDims.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CAsap+Condensed:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
313fd9d24cb57f0ce7025317eac48d7c8eef5d10f51946be7871222d8b31b5b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sso.qsibanking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:46:59 GMT
x-content-type-options
nosniff
age
344798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21304
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:45:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:46:59 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/ 		539 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=&render=6LdO5ucUAAAAAGo71FeyLWtV6K83JH6CgQuGO8_b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13e3852d2c9f4f4bd3125764fa931927e2b6901960c971c3e28ba3911262a78f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sso.qsibanking.com/
Origin
https://sso.qsibanking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 17:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
219509
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 04:00:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Aug 2025 17:12:56 GMT
login.png
sso.qsibanking.com/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.qsibanking.com/images/login.png
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
c658d6a8c29d272a7196465574d991b4ed6b9b39148d98d8113a6d02c9d42083
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/css/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:44:19 GMT
Server
nginx
ETag
"66bcdee3-10bfec"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1097708
X-XSS-Protection
1; mode=block
Figtree-ExtraBold.ttf
sso.qsibanking.com/fonts/figtree/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso.qsibanking.com/fonts/figtree/Figtree-ExtraBold.ttf
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
55f6bc1487e5ddfd466580141924b462bb764443e95ad00b9460cf772da27fad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/css/main.css
Origin
https://sso.qsibanking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:44:19 GMT
Server
nginx
ETag
"66bcdee3-9f98"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40856
X-XSS-Protection
1; mode=block
Figtree-Regular.ttf
sso.qsibanking.com/fonts/figtree/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso.qsibanking.com/fonts/figtree/Figtree-Regular.ttf
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
ccf1ccc32671c6f48e027f43a5150042c74c5bfa655510b9cc7d0d5dfa38b849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/css/main.css
Origin
https://sso.qsibanking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:44:19 GMT
Server
nginx
ETag
"66bcdee3-9e88"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40584
X-XSS-Protection
1; mode=block
fa-light-300.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/ 		161 KB
161 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.10.0/webfonts/fa-light-300.woff2
Requested by
Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e70557097056f79b4ea3a512b1844cac97f5dacc9054b05aa49c295e236c460

Request headers

Referer
https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Origin
https://sso.qsibanking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 14:33:38 GMT
cf-cache-status
MISS
x-amz-request-id
8HY7F12YECAX5EBG
content-length
164936
x-amz-id-2
fmea8A6KrMj5giGjz7yuba4SazwCT+wjhMnNidg49KtnRzDKOT4CD1bJrFAGCx0zIv/vQ8wwsQra/faGX6N2VQWQFTXiAOr54IT5JMyaqQE=
last-modified
Mon, 28 Jun 2021 16:56:06 GMT
server
cloudflare
etag
"a8f2809e740a8962adab81b7171f4160"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8b840efbc8599214-FRA
Figtree-Bold.ttf
sso.qsibanking.com/fonts/figtree/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso.qsibanking.com/fonts/figtree/Figtree-Bold.ttf
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
d314fdded709f4d2267545c9e59be2b6b00d1545cd8c732d66f617d7e016c78c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/css/main.css
Origin
https://sso.qsibanking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:44:19 GMT
Server
nginx
ETag
"66bcdee3-9f74"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40820
X-XSS-Protection
1; mode=block
spinner.gif
celarenet.com/wp-content/plugins/contact-form-maker/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celarenet.com/wp-content/plugins/contact-form-maker/images/spinner.gif
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.252.149.51 Waltham, United States, ASN8739 (ICDSOFT, BG),
Reverse DNS
Software
Apache /
Resource Hash
108ef71d25a923dc62ea8bde44d5bab305db7158b02b54fcc871e7b4a7b4349b

Request headers

Referer
https://sso.qsibanking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 14:33:38 GMT
last-modified
Wed, 22 Jun 2022 15:12:31 GMT
server
Apache
accept-ranges
bytes
etag
"2d7f-5e20ac41fd54c"
content-length
11647
content-type
image/gif
loader.gif
sso.qsibanking.com/images/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.qsibanking.com/images/loader.gif
Requested by
Host: sso.qsibanking.com
URL: https://sso.qsibanking.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
d276a3491f23aabb1f2da02f77c7700ed709b6aa1b0d4ca17990628a48dd8636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:38 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:44:19 GMT
Server
nginx
ETag
"66bcdee3-122b9"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
74425
X-XSS-Protection
1; mode=block
camera-scan.gif
raw.githubusercontent.com/mebjas/html5-qrcode/master/assets/ 		0
0
anchor
www.google.com/recaptcha/api2/ Frame 00FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdO5ucUAAAAAGo71FeyLWtV6K83JH6CgQuGO8_b&co=aHR0cHM6Ly9zc28ucXNpYmFua2luZy5jb206NDQz&hl=de&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=invisible&cb=yri3p1ueeupx
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Gy007M_zqsp8QlVNa8qeBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Gy007M_zqsp8QlVNa8qeBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Aug 2024 14:33:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
favicon.ico
sso.qsibanking.com/ 		0
325 B 		Other
General
Check archive.org
Download Go to
Full URL
https://sso.qsibanking.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.208.172.144 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip74-208-172-144.pbiaas.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.qsibanking.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 24 Aug 2024 14:33:39 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Aug 2024 16:42:03 GMT
Server
nginx
ETag
"66bcde5b-0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
X-XSS-Protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
raw.githubusercontent.com
URL
https://raw.githubusercontent.com/mebjas/html5-qrcode/master/assets/camera-scan.gif

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| WebFont function| r function| Jt object| n function| t function| Splide function| $ function| jQuery object| toastr function| Popper object| bootstrap function| getLazarSoftScanner function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| _defineProperty function| Html5Qrcode function| Html5QrcodeScanner object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_95705

2 Cookies

Domain/Path Name / Value
sso.qsibanking.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Ikp3b1ZnejJLaUx1dEJvQm84NDVrZkE9PSIsInZhbHVlIjoiNjdpVmQ2Q1NnbjMxVkt0RkViZm5oZ21NTE9xS3dNejArbUg1TUNuZzlkMENoc2tlNnlIbTQ0NWM3czdEd0NJbmZiZzJ4UTI5U0tHVUtsdjMxYU1GWnpJdVRPeUIwQnFKc2xONy9sTjNLWEtGT1pYZ3Z0Y3RqdVc0Y3hIZEFuVVoiLCJtYWMiOiJiODY3N2FlODBkNTg3MmYwMDRkZGYyZTQ3ZDM0OTI4MGE4ODZlYmEwODU0YTgyMTRiYWMxN2Q2MmY0NDY5ZDE4IiwidGFnIjoiIn0%3D
sso.qsibanking.com/ Name: qsi_sso_session
Value: eyJpdiI6IkJWNndIQjkyd2ZYMW9oRGE0b2xzZGc9PSIsInZhbHVlIjoiaDZ4bUlsOENwSEV2WXNqQlJhMVIrQ3ptL3NESkk0UzlQRzBGZ0R4YUtURUMySjFUUXN6S2R1MCtzVGlybUVXci9UNjhlZlZKUVMyVUJsazF2cEl6ekhQQWJEMUZGWFIzdjc1dE1SM01FNmFZTnRBRllNVUFWZGhadTlRdk55dUoiLCJtYWMiOiIwZjU3NDgzNWRiYTU3M2Q2ZGIxYjY3NGI0ZGVjOGNhZjlhNTQ3YWVlYmI1ZmUyMTIyZmQ3NzhiYjE2NzM5NWM0IiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
celarenet.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
pro.fontawesome.com
raw.githubusercontent.com
sso.qsibanking.com
www.google.com
www.gstatic.com
raw.githubusercontent.com
104.17.24.14
142.250.186.132
192.252.149.51
2606:4700:4400::ac40:93bc
2606:4700::6812:bb1f
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:831::200a
2a04:4e42:600::649
74.208.172.144
108ef71d25a923dc62ea8bde44d5bab305db7158b02b54fcc871e7b4a7b4349b
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
13e3852d2c9f4f4bd3125764fa931927e2b6901960c971c3e28ba3911262a78f
159b16ec7d95e57f531a29d28e3c18278d7d5e46b6ec8f173c3996af21a55adc
1a8e0e211ad02fb877e807677ba10a94a97041de6e4bf357152f60a2540e81c5
1dc138ca4978bf1e216a01f4844ff9dee0a8a2826c25e7d441c2ed698ebb74f3
20e39dfd0f3ef6433fa4351f313fe77ed384694950d18db4559c4702d06348fe
2388d57f2f0abf0b03cfc9a366e0a3a2d959473d3c56955de3931054bf00cee7
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
313fd9d24cb57f0ce7025317eac48d7c8eef5d10f51946be7871222d8b31b5b1
31b3a5a06a30eba82d6ad426e77c3287a7f71946b5b2d4c366fbfe393c63220a
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
4f50926ee990ebb795a9e5ceb44d606c179e310b8f5f6d08f0b7c2dcb0c5090d
55f6bc1487e5ddfd466580141924b462bb764443e95ad00b9460cf772da27fad
78969c323df2bb0af8c5fb0e04717d0eef2e571afdb70fec04c18aa9c7ec9e6f
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
82657f81412166708c53e85bb4111ffd7bacb342fc8ab48094980c41d9bd2c1f
8673f64cfe3ccfdffbb26da849a2ca98b633a1a0053e7739ff03bc5b29f50e1b
8bfc19c85ff4b05b4b95aff756b0b99e5999d4916bbd54c21596df1fc5521604
8e70557097056f79b4ea3a512b1844cac97f5dacc9054b05aa49c295e236c460
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
937957a3a0bfdab81c9e3fecbe732f3f37a8beb5c4fbca600da94171bdd10032
9f443276396607af5b556c55f30afa767403d0eef8ccfdb62607e5a865989b77
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
bb4189cbaaf8cd311f12136301f538037673dee1d364c6d59cd9ea0e5fde06cf
c658d6a8c29d272a7196465574d991b4ed6b9b39148d98d8113a6d02c9d42083
ccf1ccc32671c6f48e027f43a5150042c74c5bfa655510b9cc7d0d5dfa38b849
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d276a3491f23aabb1f2da02f77c7700ed709b6aa1b0d4ca17990628a48dd8636
d314fdded709f4d2267545c9e59be2b6b00d1545cd8c732d66f617d7e016c78c
d6e9210c8cedb0998d3432478d4f69cd12f516a945552faaea1af22a5007ad9d
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e2a25c4c1b69087d720776ff9569e9698c9ec52bdd5659c346bcaca9ce28d5
f032407f81499ca8f58487ef10d1e8e8141960925acca67ebdb1d285b6e43b90
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72