www.bankplus.net Open in urlscan Pro
2620:1ec:46::45 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bankplus.net/
Effective URL:
https://www.bankplus.net/
Submission Tags: tranco_l324
Submission: On April 26 via api (April 26th 2024, 10:53:30 am UTC) from DE — Scanned from DE

Summary HTTP 65 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 20 domains to perform 65 HTTP transactions. The main IP is 2620:1ec:46::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.bankplus.net. The Cisco Umbrella rank of the primary domain is 965802.
TLS certificate: Issued by Network Solutions RSA OV SSL CA 3 on November 6th 2023. Valid for: a year.

This is the only time www.bankplus.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.107.213.40 13.107.213.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
22	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4b21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.102.51 18.66.102.51	16509 (AMAZON-02) (AMAZON-02)
1	178.79.242.181 178.79.242.181	22822 (LLNW) (LLNW)
1	2600:1901:0:2... 2600:1901:0:22e6::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.219.60.11 18.219.60.11	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:303... 2606:4700:3030::ac43:8b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.80.149.126 99.80.149.126	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:2... 2600:1901:0:21ea::	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:8... 2600:1901:0:891c::	15169 (GOOGLE) (GOOGLE)
2	20.50.88.242 20.50.88.242	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
65	27

1 13.107.213.40 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bankplus.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.bankplus.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4b21 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.181 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:22e6:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

app-script.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.219.60.11 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-219-60-11.us-east-2.compute.amazonaws.com

collector-16014.us.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

10381388.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3030::ac43:8b77 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.149.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-149-126.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:21ea:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

pagecorrect.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:891c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

tracking.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.88.242 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.216.150 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (Riyadh, Saudi Arabia)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	bankplus.net 1 redirects bankplus.net — Cisco Umbrella Rank: 570714 www.bankplus.net — Cisco Umbrella Rank: 965802	2 MB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 maps.googleapis.com — Cisco Umbrella Rank: 362 ajax.googleapis.com — Cisco Umbrella Rank: 363	228 KB
4	monsido.com app-script.monsido.com — Cisco Umbrella Rank: 10007 pagecorrect.monsido.com — Cisco Umbrella Rank: 20876 tracking.monsido.com — Cisco Umbrella Rank: 6659	9 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1791 ka-f.fontawesome.com — Cisco Umbrella Rank: 4267	24 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	332 KB
3	sitescout.com 1 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 667 pixel.sitescout.com — Cisco Umbrella Rank: 5672	516 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31 region1.google-analytics.com — Cisco Umbrella Rank: 2404	21 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 730	200 B
2	doubleclick.net 1 redirects 10381388.fls.doubleclick.net	766 B
2	tvsquared.com collector-16014.us.tvsquared.com	9 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 737 script.hotjar.com — Cisco Umbrella Rank: 933	59 KB
2	gstatic.com fonts.gstatic.com	97 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
2	datatables.net cdn.datatables.net — Cisco Umbrella Rank: 4930	32 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6496	171 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	273 B
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 10361	2 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2797	22 KB
0	videoamp.com Failed b.videoamp.com Failed
0	rlcdn.com Failed di.rlcdn.com Failed
65	20

	Domain	Requested by
22	www.bankplus.net	www.bankplus.net
4	maps.googleapis.com	www.bankplus.net maps.googleapis.com
4	www.googletagmanager.com	www.bankplus.net www.googletagmanager.com
3	ka-f.fontawesome.com	kit.fontawesome.com
2	pixel-sync.sitescout.com	1 redirects www.bankplus.net
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	pagecorrect.monsido.com	app-script.monsido.com az416426.vo.msecnd.net
2	10381388.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	collector-16014.us.tvsquared.com	www.bankplus.net
2	www.google-analytics.com	www.googletagmanager.com az416426.vo.msecnd.net
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	www.bankplus.net connect.facebook.net
2	cdn.datatables.net	www.bankplus.net
2	fonts.googleapis.com	www.bankplus.net
1	pixel.sitescout.com
1	tracking.monsido.com
1	content.hotjar.io	az416426.vo.msecnd.net
1	script.hotjar.com	static.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.facebook.com	www.bankplus.net
1	app-script.monsido.com	www.googletagmanager.com
1	up.pixel.ad	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	az416426.vo.msecnd.net	www.bankplus.net
1	kit.fontawesome.com	www.bankplus.net
1	ajax.googleapis.com	www.bankplus.net
1	bankplus.net	1 redirects
0	b.videoamp.com Failed	www.bankplus.net
0	di.rlcdn.com Failed	www.bankplus.net
65	29

This site contains links to these domains. Also see Links.

Domain
apply.bankplus.net
www.e-bankplus.net
app.trustreporter.com
tpg.retirement.schwabrt.com
secure.newportgroup.com
www.go-retire.com
xpress.usremotedeposit.com
rps.allianceps.com
weblockbox.eremitt-pps.com
partners.clover.com
www.verisign.com
investor.bankplus.net
twitter.com
www.facebook.com
www.linkedin.com
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
www.bankplus.net Network Solutions RSA OV SSL CA 3	`2023-11-06` - `2024-10-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
datatables.net GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-03` - `2024-05-03`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-01-30` - `2025-01-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.pixel.ad GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh
app-script.monsido.com GTS CA 1D4	`2024-03-02` - `2024-05-31`	3 months	crt.sh
*.us.tvsquared.com Amazon RSA 2048 M02	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-03-05` - `2024-06-03`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
pagecorrect.monsido.com GTS CA 1D4	`2024-04-21` - `2024-07-20`	3 months	crt.sh
tracking.monsido.com GTS CA 1D4	`2024-03-15` - `2024-06-13`	3 months	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 04	`2024-04-10` - `2025-04-05`	a year	crt.sh
*.sitescout.com GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.bankplus.net/
Frame ID: 8AC179C1A3426BA5A8F21DA26499680B
Requests: 62 HTTP requests in this frame

Frame: https://10381388.fls.doubleclick.net/activityi;dc_pre=CJzdqbTb34UDFYFNHgIdaesP4A;src=10381388;type=count0;cat=sitev0;ord=1;num=6251889706243;npa=1;auiddc=973785830.1714128805;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44o0z871073013za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.bankplus.net%2F
Frame ID: CFD9FCF906418A50BC57AA0FB2C5D6A5
Requests: 1 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: 6884C894EC03047E8855C6F2ED0EECAC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Personal and Business Banking | BankPlus

Page URL History Show full URLs

http://bankplus.net/ HTTP 307
https://bankplus.net/ HTTP 301
https://www.bankplus.net/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

65
Requests

97 %
HTTPS

63 %
IPv6

20
Domains

29
Subdomains

27
IPs

5
Countries

2659 kB
Transfer

5232 kB
Size

24
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://apply.bankplus.net/apply.aspx?lenderref=Bankplus61217&list=xast
Title: Open an account

Search URL Search Domain Scan URL

URL: https://www.e-bankplus.net/tob/live/usp-core/app/initialLogin
Title: Personal Online Banking

Search URL Search Domain Scan URL

URL: https://app.trustreporter.com/TRv5/?bankabvr=BANKPLUS
Title: Wealth Management Client

Search URL Search Domain Scan URL

URL: https://tpg.retirement.schwabrt.com/participant/login?planCode=XBP
Title: FuturePlus Participant

Search URL Search Domain Scan URL

URL: https://secure.newportgroup.com/login/participant.aspx
Title: FuturePlus Newport

Search URL Search Domain Scan URL

URL: https://www.go-retire.com/bankplus
Title: FuturePlus EPIC

Search URL Search Domain Scan URL

URL: https://xpress.usremotedeposit.com/ct/?bid=098112115
Title: DepositPlus

Search URL Search Domain Scan URL

URL: https://rps.allianceps.com/login.aspx?cn=BankPlus
Title: Lockbox UnityFI

Search URL Search Domain Scan URL

URL: https://weblockbox.eremitt-pps.com/
Title: Lockbox eRemitt

Search URL Search Domain Scan URL

URL: https://www.e-bankplus.net/tob/live/usp-core/app/register
Title: Enroll

Search URL Search Domain Scan URL

URL: https://www.e-bankplus.net/tob/live/usp-core/app/authUpdate
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://www.e-bankplus.net/onlineserv/HB/HelpLogin.cgi?loginHelpId=forgotuseridhelp#forgotuseridhelp
Title: Forgot User ID?

Search URL Search Domain Scan URL

URL: https://partners.clover.com/cfi/home/?partner=bankplus&utm_source=partner-website&utm_medium=referral&utm_campaign=cfi_aem_microsite
Title: Learn More

Search URL Search Domain Scan URL

URL: https://partners.clover.com/cfi/home/?partner=bankplus&utm_source=partner-website&utm_medium=referral&utm_campaign=cfi_aem_microsite#ps-contact-form
Title: CONTACT US

Search URL Search Domain Scan URL

URL: https://www.verisign.com/
Title: Verisign

Search URL Search Domain Scan URL

URL: https://investor.bankplus.net/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://twitter.com/bankplus?lang=en

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bankplus/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bankplus

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/new-improved-personal-mobile/id638015758?mt=8%3Fexternal-link

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.ifs.mobilebanking.fiid5113&feature=search_result#?t=W251bGwsMSwyLDEsImNvbS5pZnMubW9iaWxlYmFua2luZy5maWlkNTExMyJd?external-link

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bankplus.net/ HTTP 307
https://bankplus.net/ HTTP 301
https://www.bankplus.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://10381388.fls.doubleclick.net/activityi;src=10381388;type=count0;cat=sitev0;ord=1;num=6251889706243;npa=1;auiddc=973785830.1714128805;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44o0z871073013za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.bankplus.net%2F HTTP 302
https://10381388.fls.doubleclick.net/activityi;dc_pre=CJzdqbTb34UDFYFNHgIdaesP4A;src=10381388;type=count0;cat=sitev0;ord=1;num=6251889706243;npa=1;auiddc=973785830.1714128805;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44o0z871073013za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.bankplus.net%2F

Request Chain 60

https://pixel-sync.sitescout.com/dmp/asyncPixelSync HTTP 302
https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bankplus.net/
Redirect Chain

http://bankplus.net/
https://bankplus.net/
https://www.bankplus.net/

48 KB
16 KB

488ms
410ms

Document
text/html

2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

1053fc942da0e0d5c5bbee5d88b2326e0c6aaac70b3cb7e196427a2d932ce0f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
content-length: 14023
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
content-type: text/html; charset=utf-8
date: Fri, 26 Apr 2024 10:53:24 GMT
expires: -1
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-azure-ref: 20240426T105323Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku3x
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-type: text/html
date: Fri, 26 Apr 2024 10:53:23 GMT
location: https://www.bankplus.net/
x-azure-ref: 20240426T105323Z-15ff45446448qv7ms80cryhvv400000000hg00000000353v
x-cache: CONFIG_NOCACHE

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 122 KB
48 KB 57ms
35ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=%20GTM-%20M7NZP7

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d8a5b0ae71cdd74a2b6231e3f17bfaf325a22d28ee12ebe770f11d6232b650a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48259
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Apr 2024 10:53:24 GMT

GET
H2 200 css
www.bankplus.net/Content/ 314 KB
72 KB 425ms
423ms Stylesheet
text/css 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankplus.net/Content/css?v=eETbv3rXb_NrZhhj291N8Nh7kicOr6uxzqkNNfEvm8U1

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

a037eaf4904488888e72b91a90680c2f52d4ff383a6866e040876e0667b7130c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-cache: CONFIG_NOCACHE
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 26 Apr 2024 10:53:24 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku4p
expires: Sat, 26 Apr 2025 10:53:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
2 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:400&display=swap

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

26a018fb00772f7257c42e59e36d86ee3d6000dabbea467fb2f13db7a6a61e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Apr 2024 10:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 10:53:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Apr 2024 10:53:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 57 KB
3 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:400&display=swap

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

377984edf07657d3b0f0d2f2cd321b2c485b4cf55ceb1d0403354cddeca3ae9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Apr 2024 10:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 10:53:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Apr 2024 10:53:24 GMT

GET
H2 200 ScriptResource.axd Show response
www.bankplus.net/ 87 KB
41 KB 392ms
390ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankplus.net/ScriptResource.axd?d=okuX3IVIBwfJlfEQK32K3gSg_pg8Qs_lSBG5RUf6xQuPgfjkegjqIaYsmviOx5FOLM8IesSNVq-glz4RP0NqPlHzwWTbJ1g5Rjx0TduNDUpuKiOKWnbzb6YXRDVkLJEEDifxmr98xBQoDm0L7BVzO3FTufN5rwc03sGUC_1GF7-Aq-vemVLoYO3L7puzbsMs0&t=ffffffffa0f4e70c

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-cache: CONFIG_NOCACHE
content-length: 39737
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Apr 2024 06:56:21 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku4q
accept-ranges: bytes
expires: Wed, 23 Apr 2025 06:56:21 GMT

GET
H2 200 ScriptResource.axd Show response
www.bankplus.net/ 8 KB
6 KB 105ms
104ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankplus.net/ScriptResource.axd?d=EydukmxBmDstn7gSYzQESIoIphIHo9x6cTOdIItoPtGMn8csJfRPFK3tv_9hZZnQiCsS_t93peKGXeM8fXY8Wh6N-FTubiqrSgOHmN3kl4foM-5nybOC5yGRmi1sisBG1fWFPQ5eYE2jtWLwVqdsifEgH3ikpk3EjiSCUUMThyhyACL9jmTRC3REdisBfTpP0&t=ffffffffa0f4e70c

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

7545b8823869f8c680bfe9c73f8d2d9295d98e891a58f26b186a7379cc6c7ead

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-cache: CONFIG_NOCACHE
content-length: 3836
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Mar 2024 16:03:39 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku4r
accept-ranges: bytes
expires: Fri, 28 Mar 2025 16:03:39 GMT

GET
H2 200 ScriptResource.axd Show response
www.bankplus.net/ 249 KB
92 KB 397ms
395ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankplus.net/ScriptResource.axd?d=2z9h4-hKx8Yk1hygmet7pnBH_Ij61oyKC7eG_fsFqch4lDzgOtY5bnix5_7TQyV1UjrQAk7N9VqD9pM-qEm3RDm_8d8-voopNcO-P9py6huFSipUHOB0YTQLzoslVyo_rTzhDbU5iFg2Mo6Oo47Knr_rBWMAkJT2ikSd5T99pQGuD_SBeqZAN78C2JXtdOb50&t=ffffffffa0f4e70c

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

83cab6462e99178db1ce81a14deb2b5da764de98c3c5a597c06e789ec1cf14a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-cache: CONFIG_NOCACHE
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 19 Apr 2024 18:40:12 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku4s
expires: Sat, 19 Apr 2025 18:40:12 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 246 KB
81 KB 64ms
43ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?libraries=places,geometry&key=AIzaSyCHIYZUBpk78GNW7bU0EAWw6wX2K8XTleo

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

66d766a40b9d0691e08c4e2da07fc5c924fe80c15ae0cc565a0947ef072a9069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82072
x-xss-protection: 0

GET
H2 200 logo@2x.png
www.bankplus.net/images/default-source/default-album/ 8 KB
10 KB 411ms
410ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankplus.net/images/default-source/default-album/logo@2x.png?sfvrsn=84a783e4_2

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

4efceed79943d83edd5c21f323b01c50e333c5703ed9ccc16ec77c8c4b75d48c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
content-disposition: inline; filename=logo@2x.png
content-length: 7988
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 06 Mar 2022 16:06:58 GMT
x-frame-options: SAMEORIGIN
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku4t
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 10:53:24 GMT

GET
H2 200 raf-2.png
www.bankplus.net/images/default-source/home/ 133 KB
136 KB 409ms
408ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankplus.net/images/default-source/home/raf-2.png?sfvrsn=3bfb92bc_0

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

b3123a6c8b985361cf4747ba85a4390c8c0baf4ccda06d374ba64bacebf6acb9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
content-disposition: inline; filename=raf-2.png
content-length: 136159
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Nov 2023 22:46:33 GMT
x-frame-options: SAMEORIGIN
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku4u
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 10:53:24 GMT

GET
H2 200 business-checking-large.png
www.bankplus.net/images/default-source/personal-section/ 8 KB
10 KB 125ms
125ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankplus.net/images/default-source/personal-section/business-checking-large.png?sfvrsn=3d7a9423_0

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

c4d2213a930f169b8d9b7f08f0a94cb0680a7643974767e965eaf475231e8c52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
content-disposition: inline; filename=business-checking-large.png
content-length: 7866
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Aug 2020 15:43:44 GMT
x-frame-options: SAMEORIGIN
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku5p
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 10:53:24 GMT

GET
H2 200 personal-loans-large.png
www.bankplus.net/images/default-source/personal-section/ 6 KB
8 KB 112ms
112ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankplus.net/images/default-source/personal-section/personal-loans-large.png?sfvrsn=167327cc_0

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

c581370f6dc0d44b20e2fa0fb7989674b50ce7d14c08bae55510b6a94bd745b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
content-disposition: inline; filename=personal-loans-large.png
content-length: 5969
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 May 2020 02:47:57 GMT
x-frame-options: SAMEORIGIN
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku62
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 10:53:24 GMT

GET
H2 200 business-liquidity-large.png
www.bankplus.net/images/default-source/business/business-icon/ 9 KB
11 KB 123ms
121ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankplus.net/images/default-source/business/business-icon/business-liquidity-large.png?sfvrsn=f6c33e63_2

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

5812dfed9d74fe20e65d6a2960801beb5b748ca836990af97049318baed91a7f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
content-disposition: inline; filename=business-liquidity-large.png
content-length: 9031
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Jul 2020 19:04:08 GMT
x-frame-options: SAMEORIGIN
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku6g
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 10:53:24 GMT

GET
H2 200 bankplus-logo-color-2x.png
www.bankplus.net/images/default-source/default-album/ 6 KB
9 KB 121ms
119ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankplus.net/images/default-source/default-album/bankplus-logo-color-2x.png?sfvrsn=36b5aef4_0

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

416d6c5fec69bae08bf341e86c8dc897214ae52d15f3691f04158140fecebe5d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
content-disposition: inline; filename=bankplus-logo-color-2x.png
content-length: 6349
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 04 Mar 2020 21:46:28 GMT
x-frame-options: SAMEORIGIN
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku6h
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 10:53:24 GMT

GET
H2 200 logo-copyrights@2x.png
www.bankplus.net/images/default-source/default-album/ 3 KB
5 KB 404ms
403ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankplus.net/images/default-source/default-album/logo-copyrights@2x.png?sfvrsn=49b1ee80_0

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

4ef6aa0e84a0f374c79ff43afe3c49871a945af717bc45143926f2a6fbf4917b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
content-disposition: inline; filename=logo-copyrights@2x.png
content-length: 3085
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Apr 2020 17:58:05 GMT
x-frame-options: SAMEORIGIN
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku6k
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 10:53:25 GMT

GET
H2 200 download_on_the_app_store_badge_us-uk_rgb_blk_092917.png
www.bankplus.net/images/default-source/default-album/ 20 KB
22 KB 414ms
413ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankplus.net/images/default-source/default-album/download_on_the_app_store_badge_us-uk_rgb_blk_092917.png?sfvrsn=7dd4a4df_6

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

5c839949700c64bdef4bf819f053e625f233a79ce70d1afbc577dc79841e8531

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
content-disposition: inline; filename=download_on_the_app_store_badge_us-uk_rgb_blk_092917.png
content-length: 20489
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Oct 2020 21:07:58 GMT
x-frame-options: SAMEORIGIN
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku6m
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 10:53:25 GMT

GET
H2 200 google-play-badge.png
www.bankplus.net/images/default-source/default-album/ 13 KB
16 KB 428ms
426ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankplus.net/images/default-source/default-album/google-play-badge.png?sfvrsn=e2af3b73_8

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

a6d366810b9c5d91263d955c6edd21e9d197d0a03a8c860380b592f41e687609

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
content-disposition: inline; filename=google-play-badge.png
content-length: 13535
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Oct 2020 21:08:45 GMT
x-frame-options: SAMEORIGIN
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku6n
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 10:53:25 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 14:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Apr 2025 14:42:37 GMT

GET
H2 200 bankplus Show response
www.bankplus.net/bundles/ 126 KB
49 KB 443ms
440ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankplus.net/bundles/bankplus?v=Fi3auZNBzcFCS9GzvIyNuK57sq87XtxjufDyQVynxFk1

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

cd60ff8e1758d34279c918a26bc3a033f0a2191e94a3855def4632e519f63e44

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-cache: CONFIG_NOCACHE
content-length: 48117
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 26 Apr 2024 10:53:25 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku6d
accept-ranges: bytes
expires: Sat, 26 Apr 2025 10:53:25 GMT

GET
H2 200 jquery.dataTables.min.js Show response
cdn.datatables.net/1.10.20/js/ 82 KB
27 KB 48ms
18ms Script
text/javascript 2606:4700:20::ac43:4b21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.20/js/jquery.dataTables.min.js

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f871fee6fdc802e757bb0453f141c299717af2cd28eeed56012892ce28f1ef4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 332859
last-modified: Fri, 19 Apr 2024 08:45:39 GMT
server: cloudflare
etag: W/"66222f33-14961"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TQ22x7rmyJn0i82PxzRhbiWEy2IccdR9cqYy6QROLkL5M6kg%2Bfuw2UmI0kdo%2BmK9P36PHZYdJPB%2Fz40faGC7dv%2BKKJmAK2jtKJ8IEvUmpK1tUE4EO1szFZTOC9jMsvrXZEkRRpHmnu%2BwMz0FCrpnWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
cf-ray: 87a60766b9949001-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dataTables.responsive.min.js Show response
cdn.datatables.net/responsive/2.2.3/js/ 13 KB
5 KB 47ms
17ms Script
text/javascript 2606:4700:20::ac43:4b21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/responsive/2.2.3/js/dataTables.responsive.min.js

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed36e2939292383b8688e2c83857e13f8ee9e542ba875c33c3c085488fd32a17

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 332863
last-modified: Fri, 19 Apr 2024 08:45:47 GMT
server: cloudflare
etag: W/"66222f3b-32e7"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F5TtjhzTWVtMtziGa1LxnPaBvNReV0WjW2bRHedZcm74thIU38ddsb7c59T0DvPqTGCjeZwnqe5Zvp8t5FKE5fJzlblq8qc5XCuGLjTi5I5lKM2pwFf2j0FdZqb4r5yt1ba4zqc8uyfEV4BiNaU2jw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
cf-ray: 87a60766b9909001-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adb8b6b108.js Show response
kit.fontawesome.com/ 12 KB
5 KB 166ms
138ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/adb8b6b108.js
Requested by: Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 510e0c5cc65de575025a30bbbcfe3ab1c57746b9f543fd69119617f47cec0a31

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Origin: https://www.bankplus.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 87a60766bcc88eb7-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F8mkQvKtIAFdZ-sCU5zi

GET
H2 200 Search-box.min.js Show response
www.bankplus.net/Frontend-Assembly/Telerik.Sitefinity.Frontend.Search/Mvc/Scripts/SearchBox/ 3 KB
4 KB 426ms
424ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankplus.net/Frontend-Assembly/Telerik.Sitefinity.Frontend.Search/Mvc/Scripts/SearchBox/Search-box.min.js?package=Bootstrap4&v=MTQuMS43ODI3LjA%3d

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

69a04c26013467c1c86cda9d63f19e14c492126a9e444d3dea601023f93b441d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-cache: CONFIG_NOCACHE
content-length: 1352
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 07:55:14 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku6e
accept-ranges: bytes
expires: Fri, 03 May 2024 10:53:25 GMT

GET
H2 200 WebResource.axd Show response
www.bankplus.net/ 9 KB
5 KB 115ms
113ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankplus.net/WebResource.axd?d=Oiw5o8i74rDb2VpVaCaMStWRpYNKJlg4mzKRTtILnRp7HvddV-tpN0JoLd2tz4VKYauBSYRWxEzyqQdDTLjsvxkoveDuSv8uESQ7_adrllUwsajf5X6ZYaGsmJooV4YU45tNuABqzla9gnE58OaUoB5cLHqlHZP2GbQN6ynLjsTkcDxC_195uX8J1FS4hyMuQSff9YNEpXGShMY86X4kGjWG-KVjEIaC07QlAADh8WE1&t=638308920840000000

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

70af2c1692797d05c8e4df12a63f1a1034600dfb1e303ebfc32750b7cd8e5630

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-cache: CONFIG_NOCACHE
content-length: 2535
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 07:55:16 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku6f
accept-ranges: bytes
expires: Tue, 08 Apr 2025 03:35:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 472 KB
112 KB 63ms
61ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M7NZP7

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9737c6d9615f31f1f1dc3a4c2bf1bc9ea592ee248328985150a62f55fc24064f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114231
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Apr 2024 10:53:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 28ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 Apr 2024 10:53:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: QcxSHOqJjbZXY1KlrB3948YRZpY0JXTbJOALTPpRt5ANgPNKVSt9CKoADGnTCM1+2IRgLfzMr0k4gKfnvath0Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 61ms
14ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/488D) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Apr 2024 10:53:24 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 729
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (ama/488D)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7dd043dd-001e-00a6-69c6-97a4e1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Fri, 26 Apr 2024 11:23:24 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 34ms
19ms XHR
application/json 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places,geometry&key=AIzaSyCHIYZUBpk78GNW7bU0EAWw6wX2K8XTleo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bankplus.net
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 fa.svg
www.bankplus.net/ResourcePackages/ST/library/img/ 606 KB
609 KB 173ms
172ms Other
image/svg+xml 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankplus.net/ResourcePackages/ST/library/img/fa.svg

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

e5606050dc568572439eaf433184ad7680e08fbad59cfda0745a8391992ca2db

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
content-length: 620118
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 19:06:26 GMT
etag: "0a5416a4f40d71:0"
x-frame-options: SAMEORIGIN
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku6v
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: max-age=2678400
accept-ranges: bytes

GET
H2 200 584957262878999 Show response
connect.facebook.net/signals/config/ 71 KB
16 KB 142ms
141ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/584957262878999?v=2.9.154&r=stable&domain=www.bankplus.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6004c3938596f726898a0b19a75f5bfdbc9b06f143ed6c31b5c4bae3255e40af

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 Apr 2024 10:53:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=63, mss=1326, tbw=63194, tp=-1, tpl=-1, uplat=134, ullat=0
pragma: public
x-fb-debug: 9BDJ7rQvcbuh14+DAgdjwTN8mgoTT//lJWUeqJH4Kh+vqHzjpklB+0bMd0khNcVpalgX07dSHTu+moeWpVqPcw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
48 KB 27ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.bankplus.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 10:42:03 GMT
x-content-type-options: nosniff
age: 519082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Apr 2025 10:42:03 GMT

GET
H2 200 fab036dbf2595af4c41a1fdcdda3138a346.svg
www.bankplus.net/images/default-source/svg-library/ 444 KB
447 KB 161ms
160ms Other
image/svg+xml 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankplus.net/images/default-source/svg-library/fab036dbf2595af4c41a1fdcdda3138a346.svg?sfvrsn=6616aa83_0

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

1dbd425b57e699aba852d320c2fcaf77394d6b1391fc92e23d622d8a6c26dc75

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
content-disposition: inline; filename=fab036dbf2595af4c41a1fdcdda3138a346.svg
content-length: 455092
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Apr 2020 17:36:24 GMT
x-frame-options: SAMEORIGIN
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku6w
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 10:53:25 GMT

GET
H2 200 clover.png
www.bankplus.net/images/default-source/home/ 104 KB
106 KB 154ms
154ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankplus.net/images/default-source/home/clover.png?sfvrsn=3fbbbf0e_0

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

c239758b318e92750b44b27788aa61eff1c5db04502cd6e7460d6f96e39d43f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
content-disposition: inline; filename=clover.png
content-length: 106263
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Jan 2023 17:42:42 GMT
x-frame-options: SAMEORIGIN
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku6x
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 10:53:25 GMT

GET
H2 200 money-manager.png
www.bankplus.net/images/default-source/home/ 65 KB
67 KB 454ms
453ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankplus.net/images/default-source/home/money-manager.png?sfvrsn=b9c31ee9_0

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

227ee94184eac4945aae60815e6e0f39be714911bf7922f9b5eed56abe5aec59

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
content-disposition: inline; filename=money-manager.png
content-length: 66364
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Jan 2023 17:44:56 GMT
x-frame-options: SAMEORIGIN
x-azure-ref: 20240426T105324Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku6y
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 10:53:25 GMT

GET
H2 200 1Ptsg8zYS_SKggPNyCg4TYFq.woff2
fonts.gstatic.com/s/raleway/v29/ 49 KB
49 KB 18ms
14ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4TYFq.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

039ddf14394e123b661886c7f7342ad63a40000003933122b7eb1ad0228e5077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.bankplus.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 00:08:04 GMT
x-content-type-options: nosniff
age: 557121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50400
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:55:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Apr 2025 00:08:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 314 KB
101 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-93RK6WT467&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7NZP7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b071ccb5246c1f55eb30926d68e7125cdd366fd25e037b0ae89320db7ccabdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103524
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Apr 2024 10:53:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 241ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7NZP7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 09:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3917
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 26 Apr 2024 11:48:08 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 197 KB
72 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-10381388&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7NZP7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

431a929250342b813f6206f3dd4447d72da6ac7172ecc916cb50435bb6e90f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73583
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Apr 2024 10:53:25 GMT

GET
H2 200 hotjar-3903699.js Show response
static.hotjar.com/c/ 9 KB
4 KB 279ms
38ms Script
application/javascript 18.66.102.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3903699.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7NZP7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-51.fra56.r.cloudfront.net

Software

Resource Hash

df4178bd53a1ca2b33a07022f3d98b23b26a6251a0edf10ed1b1d1ae3bda1207

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/c6f4becf7d64a133d92cbc6150822fd0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: cH37nDKJGpIWdsxzUNQxKvXRpbpiHsS2ITfMyhj5IvljB4OKmaXSrA==

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 4 KB
2 KB 246ms
7ms Script
application/javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7NZP7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: AC1.1 /
Resource Hash: 64f79d2b82f30e45a0f64e55d407500f68dd1de845dac688084e88cc4bfff4e4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
content-encoding: gzip
last-modified: Tue, 02 Apr 2024 15:41:58 GMT
server: AC1.1
age: 438611
vary: accept-encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1714
x-llid: 2ee28b4a61db97d88ba9679c9d8cedf8

GET
H2 200 monsido-script.js Show response
app-script.monsido.com/v2/ 8 KB
3 KB 247ms
8ms Script
text/javascript 2600:1901:0:22e6::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://app-script.monsido.com/v2/monsido-script.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7NZP7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:22e6:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 64e8ce58f2d8ee4332cc27fcb759c31013f418b6523586b6441fd2f097107b35

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:52:37 GMT
content-encoding: gzip
age: 48
x-guploader-uploadid: ABPtcPpwGwRr52Gdrzcw8XNzcnMjSMQq-R_Seos3U1ghWaV7lwfKkH2LS2NGjjUGbp1PcnGX6jplwPnE1w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2757
last-modified: Thu, 01 Jun 2023 11:12:59 GMT
server: UploadServer
etag: "fce0a6a1f924b9c6816bdc5bc679506e"
vary: Accept-Encoding
x-goog-generation: 1685617979609837
x-goog-hash: crc32c=dMVJbw==, md5=/OCmofkkucaBa9xbxnlQbg==
content-type: text/javascript
cache-control: public, max-age=300
x-goog-stored-content-length: 2757
accept-ranges: bytes
expires: Fri, 26 Apr 2024 10:57:37 GMT

GET
H/1.1 200
OK tv2track.js Show response
collector-16014.us.tvsquared.com/ 20 KB
9 KB 446ms
104ms Script
application/javascript 18.219.60.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-16014.us.tvsquared.com/tv2track.js
Requested by: Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.60.11 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-60-11.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 26 Apr 2024 10:53:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Feb 2024 15:46:47 GMT
Server: nginx
ETag: "65d377e7-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Fri, 26 Apr 2024 11:03:25 GMT

GET 406006.gif
di.rlcdn.com/ 0
0

GET impression
b.videoamp.com/d2/c8307792-98e2-40ea-99c3-3d1b9de42c52/7934/ 0
0

GET
H2

200

activityi;dc_pre=CJzdqbTb34UDFYFNHgIdaesP4A;src=10381388;type=count0;cat=sitev0;ord=1;num=6251889706243;npa=1;auiddc=973785830.1714128805;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520...
10381388.fls.doubleclick.net/ Frame CFD9
Redirect Chain

https://10381388.fls.doubleclick.net/activityi;src=10381388;type=count0;cat=sitev0;ord=1;num=6251889706243;npa=1;auiddc=973785830.1714128805;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2...
https://10381388.fls.doubleclick.net/activityi;dc_pre=CJzdqbTb34UDFYFNHgIdaesP4A;src=10381388;type=count0;cat=sitev0;ord=1;num=6251889706243;npa=1;auiddc=973785830.1714128805;uaa=x86;uab=64;uafvl=C...

0
0

44ms
44ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10381388.fls.doubleclick.net/activityi;dc_pre=CJzdqbTb34UDFYFNHgIdaesP4A;src=10381388;type=count0;cat=sitev0;ord=1;num=6251889706243;npa=1;auiddc=973785830.1714128805;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44o0z871073013za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.bankplus.net%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10381388&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bankplus.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 375
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Apr 2024 10:53:25 GMT
expires: Fri, 26 Apr 2024 10:53:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Apr 2024 10:53:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10381388.fls.doubleclick.net/activityi;dc_pre=CJzdqbTb34UDFYFNHgIdaesP4A;src=10381388;type=count0;cat=sitev0;ord=1;num=6251889706243;npa=1;auiddc=973785830.1714128805;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44o0z871073013za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.bankplus.net%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 149ms
6ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=584957262878999&ev=PageView&dl=https%3A%2F%2Fwww.bankplus.net&rl=&if=false&ts=1714128805120&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4124&fbp=fb.1.1714128805118.1411816703&cs_est=true&pm=1&hrl=f429d5&ler=empty&cdl=API_unavailable&it=1714128804965&coo=false&cs_cc=1&cas=7116379888491020%2C7559770024075082%2C5839072866162741&rqm=GET

Requested by

Host: www.bankplus.net
URL: https://www.bankplus.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 26 Apr 2024 10:53:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 126ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-93RK6WT467&gtm=45je44o0v880996822z871073013za200&_p=1714128804284&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1096433191.1714128805&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714128805&sct=1&seg=0&dl=https%3A%2F%2Fwww.bankplus.net%2F&dt=Personal%20and%20Business%20Banking%20%7C%20BankPlus&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1436
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-93RK6WT467&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 26 Apr 2024 10:53:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bankplus.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 16ms
14ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2138865893&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bankplus.net%2F&ul=de-de&de=UTF-8&dt=Personal%20and%20Business%20Banking%20%7C%20BankPlus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=903656972&gjid=1685176157&cid=1096433191.1714128805&tid=UA-7458601-1&_gid=1149324103.1714128805&_r=1&_slc=1&gtm=45He44o0n71M7NZP7v71073013za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=275434796

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Apr 2024 10:53:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bankplus.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.25f289cf2c430c5f1dfb.js Show response
script.hotjar.com/ 221 KB
55 KB 33ms
6ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.25f289cf2c430c5f1dfb.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3903699.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

bcce269fe4e329e6aac07bda59f9f10948f0ff09a492146306f16bfc24a99e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 13:00:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 78799
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55734
last-modified: Thu, 25 Apr 2024 12:59:19 GMT
etag: "3ff5bf469e0b33aaa48641e0415af35f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: CseZwlLdGdf9Nc5WF6Kiyu-SrWtApbVJYVflTAG75CBC2_fUiPIGdA==

GET
H/1.1 200
OK tv2track.php
collector-16014.us.tvsquared.com/ 42 B
276 B 104ms
104ms Image
image/gif 18.219.60.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-16014.us.tvsquared.com/tv2track.php?action_name=Personal%20and%20Business%20Banking%20%7C%20BankPlus&idsite=TV-8136908154-1&rec=1&r=075042&h=12&m=53&s=25&url=https%3A%2F%2Fwww.bankplus.net%2F&_id=9b45994a6a09e90a&_idts=1714128805&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=419
Requested by: Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.60.11 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-60-11.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Fri, 26 Apr 2024 10:53:25 GMT
Server: nginx
Connection: keep-alive
Request-Id: e813b8d5-5a3b-4dda-9b24-bfc9aa36dd20
Content-Length: 42
Content-Type: image/gif

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 46ms
33ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=adb8b6b108
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/adb8b6b108.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
via: 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2975996
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VP%2FUabkb5urjsi7aPSMFhw2n3CRkAq02GWPPM6TWS0hu%2BLLLM3CZaFEaMOI7CtEt9G%2F4UovB05HP6%2Ft7EAX7WYFv0o3V%2BgGFyR871GMZGs3FSTRucIqfA6NB4iLNzvBX48VNexjx8SGbsiXBHMe%2FQLd%2BBg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 87a6076aabc44db0-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 7DX02bh5eT8cgDHy9JGNA2me8XY24vbZe4zHF0ypL4pckYJhbrCOIA==

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 50ms
38ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=adb8b6b108
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/adb8b6b108.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2997089
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cOVdAPALJDEee5PSOHTsVtZAppiBo6BY7%2FAX5SG1ltrspN42M8T1AHaZzkc%2Bqkjvssm4YSqVfGlkRTIgDt8yjCAmKkuOP6e%2F9RNEwzPMcasNrPzeh9CqgjYBYPlJTOnjhqQQYzt2SCfk9797Qx6wSWP1Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 87a6076aabc14db0-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: FGMGIWPzsi5LasDCF4w86izBDIp4qtUdQj4m3P3bk1PXIwpahF13tw==

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 44ms
32ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=adb8b6b108
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/adb8b6b108.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2975996
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rBzq%2FiAJkNDvWUnw6uq0PbHX7SaYn%2B478%2B%2FBSnNLQvlL7TZubVNnPq63aMtPJ92lLjPsUH%2FF3UEpZkW4I%2BO5ww2zBQKNyHzHxGK%2FLPZFFXcEpqwurCKp1%2BthAvXl3HCZJ%2BJkXHQJN06LnU4nzgEfDTRArw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 87a6076aabc64db0-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: GOgPoNnKFcXrtMZmQK0vB-80ekdOSyzp7BWE4vYcKlemggI94F8nAQ==

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 147ms
62ms XHR
application/json 99.80.149.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=3903699&gzip=1
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.80.149.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-149-126.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 65b3f608b42917f2a6904d0a6a545e1b783439de30ad347fa0829cf4a3478083

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 26 Apr 2024 10:53:25 GMT
content-length: 56
access-control-max-age: 86400
content-type: application/json

GET
H2 200 page-correct.js Show response
pagecorrect.monsido.com/v1/ 15 KB
6 KB 72ms
8ms Script
text/javascript 2600:1901:0:21ea::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagecorrect.monsido.com/v1/page-correct.js
Requested by: Host: app-script.monsido.com
URL: https://app-script.monsido.com/v2/monsido-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:21ea:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d141769570c57f86e87777d2093d36608c97f30872dbc3ce9c918b35793c180f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:50:08 GMT
content-encoding: gzip
age: 197
x-guploader-uploadid: ABPtcPqNvRgIwzfATzLAAlrpKUY6S0GGOdJLPG-PWUwhrVzFYp62UXxieCEiI6r8NtUmTDnrI8A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5178
last-modified: Thu, 06 Oct 2022 07:44:18 GMT
server: UploadServer
etag: "462a91667ac49521f34a03a7abc942f5"
vary: Accept-Encoding
x-goog-generation: 1665042258321151
x-goog-hash: crc32c=hee7Lw==, md5=RiqRZnrElSHzSgOnq8lC9Q==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=300
x-goog-stored-content-length: 5178
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 26 Apr 2024 10:55:08 GMT

GET
H2 200 /
tracking.monsido.com/ 43 B
205 B 40ms
16ms Image
image/gif 2600:1901:0:891c::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.monsido.com/?a=22tHWIGuJCgNjqm6niDImA&b=https%3A%2F%2Fwww.bankplus.net%2F&c=41E1714128805607&f=51C1714128805607&h=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:891c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: 2024-04-26T10:53:25Z
date: Fri, 26 Apr 2024 10:53:25 GMT
cache-control: private, no-store, max-age=0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 favicon.ico
www.bankplus.net/ 4 KB
6 KB 104ms
104ms Other
image/x-icon 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankplus.net/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

e4fdf2026eedb6311286bf746080e663897c76d8073952ef82494b194170b84e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
content-length: 3638
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 19:06:26 GMT
etag: "0a5416a4f40d71:0"
x-frame-options: SAMEORIGIN
x-azure-ref: 20240426T105325Z-15ff4544644gm57ncba3q4pfd400000002z000000000ku8u
content-type: image/x-icon
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: max-age=2678400
accept-ranges: bytes

GET
H3 200 22tHWIGuJCgNjqm6niDImA.json Show response
pagecorrect.monsido.com/v1/settings/ 2 B
29 B 179ms
170ms XHR
application/json 2600:1901:0:21ea::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagecorrect.monsido.com/v1/settings/22tHWIGuJCgNjqm6niDImA.json
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:21ea:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 10:53:25 GMT
x-guploader-uploadid: ABPtcPqnAnZnGUPFoKDm1W-MOqgHPcsWSr_05NtjjpDGNCx_Sh_rmvkC8FIu82c7lgRgThu0fiWbvgk-WQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
last-modified: Sun, 21 Apr 2024 13:44:58 GMT
server: UploadServer
etag: "d751713988987e9331980363e24189ce"
x-goog-generation: 1713707098301690
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=dk29dg==, md5=11FxOYiYfpMxmANj4kGJzg==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300
x-goog-stored-content-length: 2
accept-ranges: bytes
expires: Fri, 26 Apr 2024 10:58:25 GMT

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ Frame 0
0 152ms
29ms Preflight 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://www.bankplus.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Fri, 26 Apr 2024 10:53:25 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
200 B 166ms
166ms XHR
application/json 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

4791ed4c8d4eb1b752feef386c0bbc9adc4a3ff01bee5422f4bd3ccedf189775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.bankplus.net/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Fri, 26 Apr 2024 10:53:25 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-type: application/json; charset=utf-8

GET
H2

200

asyncPixelSync
pixel-sync.sitescout.com/dmp/ Frame 6884
Redirect Chain

https://pixel-sync.sitescout.com/dmp/asyncPixelSync
https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1

0
0

16ms
15ms

Document
text/html

34.36.216.150
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by: Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.216.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 150.216.36.34.bc.googleusercontent.com
Software: A /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bankplus.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=0,no-cache,no-store
content-length: 1174
content-type: text/html;charset=UTF-8
date: Fri, 26 Apr 2024 10:53:25 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 26 Apr 2024 10:53:25 GMT
location: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
server: A
via: 1.1 google

GET
H2 200 520e72554873836b
pixel.sitescout.com/up/ 43 B
259 B 50ms
17ms Image
image/gif 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/520e72554873836b?cntr_url=https%3A%2F%2Fwww.bankplus.net%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.243 Riyadh, Saudi Arabia, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 26 Apr 2024 10:53:25 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/10/intl/de_ALL/ 256 KB
56 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/10/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places,geometry&key=AIzaSyCHIYZUBpk78GNW7bU0EAWw6wX2K8XTleo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf993e94737aa8fa06c105396e20959f5cde8045fa727ad278eb8e97149f8409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 18:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57118
x-xss-protection: 0
last-modified: Tue, 23 Apr 2024 20:46:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Apr 2025 18:31:32 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/10/intl/de_ALL/ 181 KB
56 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/10/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places,geometry&key=AIzaSyCHIYZUBpk78GNW7bU0EAWw6wX2K8XTleo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5ebaf79c892159613159f4273e2cb7cbd71deb726a7b68ce9035d140932f61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bankplus.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 13:27:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56811
x-xss-protection: 0
last-modified: Tue, 23 Apr 2024 20:46:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Apr 2025 13:27:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: di.rlcdn.com
URL: https://di.rlcdn.com/406006.gif?pdata=partner%3Dtap390014%2Cdata%3Dtype%3Asite%24audience%3ASS_BankPlus_ClientSite_Control

Domain: b.videoamp.com
URL: https://b.videoamp.com/d2/c8307792-98e2-40ea-99c3-3d1b9de42c52/7934/impression?bwb=35&vpxid=7934&dnt=false&cevt=SITEWIDE&us_privacy=

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.bankplus.net/	1969-12-31 23:59:59	Name: ARRAffinity Value: 49284257cffee83c4b23749c8e50dd96e806dbab784ff4225c62b8acdd007f7b
.www.bankplus.net/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 49284257cffee83c4b23749c8e50dd96e806dbab784ff4225c62b8acdd007f7b
www.bankplus.net/	1970-01-21 04:54:24	Name: ai_user Value: T3tiQ\|2024-04-26T10:53:24.994Z
.bankplus.net/	1970-01-20 22:18:24	Name: _gcl_au Value: 1.1.973785830.1714128805
.bankplus.net/	1970-01-20 22:18:24	Name: _fbp Value: fb.1.1714128805118.1411816703
.bankplus.net/	1970-01-21 05:44:48	Name: _ga_93RK6WT467 Value: GS1.1.1714128805.1.0.1714128805.0.0.0
.bankplus.net/	1970-01-21 05:44:48	Name: _ga Value: GA1.2.1096433191.1714128805
.bankplus.net/	1970-01-20 20:10:15	Name: _gid Value: GA1.2.1149324103.1714128805
.bankplus.net/	1970-01-20 20:08:48	Name: _gat_UA-7458601-1 Value: 1
www.bankplus.net/	1970-01-20 20:08:50	Name: ai_session Value: gogR3\|1714128805300.1\|1714128805300.1
.doubleclick.net/	1970-01-20 20:08:49	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-21 00:28:00	Name: receive-cookie-deprecation Value: 1
www.bankplus.net/	1970-01-21 05:44:48	Name: _tq_id.TV-8136908154-1.c031 Value: 9b45994a6a09e90a.1714128805.0.1714128805..
www.bankplus.net/	1969-12-31 23:59:59	Name: sf-prs-ss Value: 638497256055300000
www.bankplus.net/	1969-12-31 23:59:59	Name: sf-prs-lu Value: https://www.bankplus.net/
.bankplus.net/	1970-01-21 04:54:24	Name: _hjSessionUser_3903699 Value: eyJpZCI6ImZhM2ZkNjBmLTJhMWMtNTc4Zi05ZTQ0LWM0YTBiOTZjZjQ5NCIsImNyZWF0ZWQiOjE3MTQxMjg4MDU1MzIsImV4aXN0aW5nIjp0cnVlfQ==
.bankplus.net/	1970-01-20 20:08:50	Name: _hjSession_3903699 Value: eyJpZCI6IjkxNzJhOTZlLTFmMmQtNDFkMC1hYmY0LWNiZGJiMGUxYzlhMyIsImMiOjE3MTQxMjg4MDU1MzIsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.sitescout.com/	1970-01-21 04:54:24	Name: ssi Value: e4d683db-fc59-479b-97b1-baa5fec99ccc#1714128805824
.sitescout.com/	1970-01-20 20:52:00	Name: _ssuma Value: eyIyIjoxNzE0MTI4ODA1ODQwLCI0IjoxNzE0MTI4ODA1ODQwLCIzOSI6MTcxNDEyODgwNTg0MCwiNyI6MTcxNDEyODgwNTg0MCwiOCI6MTcxNDEyODgwNTg0MH0
.tapad.com/	1970-01-20 21:35:12	Name: TapAd_TS Value: 1714128806142
.tapad.com/	1970-01-20 21:35:12	Name: TapAd_DID Value: 6d6bf1fc-9828-406d-8509-67b17d129be9
.tapad.com/	1970-01-20 21:35:12	Name: TapAd_3WAY_SYNCS Value:
.demdex.net/	1970-01-21 00:28:00	Name: demdex Value: 28116528913488462311006656582618098183
.dpm.demdex.net/	1970-01-21 00:28:00	Name: dpm Value: 28116528913488462311006656582618098183

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.bankplus.net/ Message: Refused to load the image 'https://di.rlcdn.com/406006.gif?pdata=partner%3Dtap390014%2Cdata%3Dtype%3Asite%24audience%3ASS_BankPlus_ClientSite_Control' because it violates the following Content Security Policy directive: "img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com".
security	error	URL: https://www.bankplus.net/ Message: Refused to load the image 'https://b.videoamp.com/d2/c8307792-98e2-40ea-99c3-3d1b9de42c52/7934/impression?bwb=35&vpxid=7934&dnt=false&cevt=SITEWIDE&us_privacy=' because it violates the following Content Security Policy directive: "img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com".
other	warning	URL: https://connect.facebook.net/signals/config/584957262878999?v=2.9.154&r=stable&domain=www.bankplus.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 104) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.bankplus.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://script.hotjar.com/modules.25f289cf2c430c5f1dfb.js(Line 1) Message: Refused to connect to 'wss://ws.hotjar.com/api/v2/client/ws?v=7&site_id=3903699' because it violates the following Content Security Policy directive: "connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com .monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com".
other	warning	URL: https://www.bankplus.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bankplus.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bankplus.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bankplus.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bankplus.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bankplus.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bankplus.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bankplus.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bankplus.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bankplus.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bankplus.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bankplus.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bankplus.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bankplus.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bankplus.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com rlforms.referlive.com www.google.com .google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com .youtube.com .twitter.com https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org .googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com .vo.msecnd.net .us.tvsquared.com .monsido.com up.pixel.ad .doubleclick.net .hotjar.com .digindemo.com; style-src 'self' 'unsafe-inline' .googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' .gstatic.com .googleapis.com .google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com .tvsquared.com .monsido.com .sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' .doubleclick.net .hotjar.com .facebook.com .sitescout.com .bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://.insight.sitefinity.com .hotjar.com .hotjar.io https://.dec.sitefinity.com .mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com .google-analytics.com dc.services.visualstudio.com .visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10381388.fls.doubleclick.net
ajax.googleapis.com
app-script.monsido.com
az416426.vo.msecnd.net
b.videoamp.com
bankplus.net
cdn.datatables.net
collector-16014.us.tvsquared.com
connect.facebook.net
content.hotjar.io
dc.services.visualstudio.com
di.rlcdn.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
maps.googleapis.com
pagecorrect.monsido.com
pixel-sync.sitescout.com
pixel.sitescout.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
tracking.monsido.com
up.pixel.ad
www.bankplus.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
b.videoamp.com
di.rlcdn.com
13.107.213.40
13.32.27.54
142.250.184.198
178.79.242.181
18.219.60.11
18.66.102.51
20.50.88.242
2001:4860:4802:34::36
2600:1901:0:21ea::
2600:1901:0:22e6::
2600:1901:0:891c::
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:20::ac43:4b21
2606:4700:3030::ac43:8b77
2606:4700:4400::6812:2844
2620:1ec:46::45
2a00:1450:4001:803::200e
2a00:1450:4001:806::200a
2a00:1450:4001:810::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2008
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.36.216.150
98.98.134.243
99.80.149.126
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
039ddf14394e123b661886c7f7342ad63a40000003933122b7eb1ad0228e5077
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1053fc942da0e0d5c5bbee5d88b2326e0c6aaac70b3cb7e196427a2d932ce0f7
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1dbd425b57e699aba852d320c2fcaf77394d6b1391fc92e23d622d8a6c26dc75
227ee94184eac4945aae60815e6e0f39be714911bf7922f9b5eed56abe5aec59
26a018fb00772f7257c42e59e36d86ee3d6000dabbea467fb2f13db7a6a61e03
2f871fee6fdc802e757bb0453f141c299717af2cd28eeed56012892ce28f1ef4
377984edf07657d3b0f0d2f2cd321b2c485b4cf55ceb1d0403354cddeca3ae9a
416d6c5fec69bae08bf341e86c8dc897214ae52d15f3691f04158140fecebe5d
431a929250342b813f6206f3dd4447d72da6ac7172ecc916cb50435bb6e90f3a
4791ed4c8d4eb1b752feef386c0bbc9adc4a3ff01bee5422f4bd3ccedf189775
4ef6aa0e84a0f374c79ff43afe3c49871a945af717bc45143926f2a6fbf4917b
4efceed79943d83edd5c21f323b01c50e333c5703ed9ccc16ec77c8c4b75d48c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
510e0c5cc65de575025a30bbbcfe3ab1c57746b9f543fd69119617f47cec0a31
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5812dfed9d74fe20e65d6a2960801beb5b748ca836990af97049318baed91a7f
5c839949700c64bdef4bf819f053e625f233a79ce70d1afbc577dc79841e8531
5d8a5b0ae71cdd74a2b6231e3f17bfaf325a22d28ee12ebe770f11d6232b650a
6004c3938596f726898a0b19a75f5bfdbc9b06f143ed6c31b5c4bae3255e40af
64e8ce58f2d8ee4332cc27fcb759c31013f418b6523586b6441fd2f097107b35
64f79d2b82f30e45a0f64e55d407500f68dd1de845dac688084e88cc4bfff4e4
65b3f608b42917f2a6904d0a6a545e1b783439de30ad347fa0829cf4a3478083
66d766a40b9d0691e08c4e2da07fc5c924fe80c15ae0cc565a0947ef072a9069
69a04c26013467c1c86cda9d63f19e14c492126a9e444d3dea601023f93b441d
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
70af2c1692797d05c8e4df12a63f1a1034600dfb1e303ebfc32750b7cd8e5630
7545b8823869f8c680bfe9c73f8d2d9295d98e891a58f26b186a7379cc6c7ead
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
83cab6462e99178db1ce81a14deb2b5da764de98c3c5a597c06e789ec1cf14a1
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
9737c6d9615f31f1f1dc3a4c2bf1bc9ea592ee248328985150a62f55fc24064f
9b071ccb5246c1f55eb30926d68e7125cdd366fd25e037b0ae89320db7ccabdd
a037eaf4904488888e72b91a90680c2f52d4ff383a6866e040876e0667b7130c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a6d366810b9c5d91263d955c6edd21e9d197d0a03a8c860380b592f41e687609
b3123a6c8b985361cf4747ba85a4390c8c0baf4ccda06d374ba64bacebf6acb9
b5ebaf79c892159613159f4273e2cb7cbd71deb726a7b68ce9035d140932f61a
bcce269fe4e329e6aac07bda59f9f10948f0ff09a492146306f16bfc24a99e35
bf993e94737aa8fa06c105396e20959f5cde8045fa727ad278eb8e97149f8409
c239758b318e92750b44b27788aa61eff1c5db04502cd6e7460d6f96e39d43f2
c4d2213a930f169b8d9b7f08f0a94cb0680a7643974767e965eaf475231e8c52
c581370f6dc0d44b20e2fa0fb7989674b50ce7d14c08bae55510b6a94bd745b9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd60ff8e1758d34279c918a26bc3a033f0a2191e94a3855def4632e519f63e44
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d141769570c57f86e87777d2093d36608c97f30872dbc3ce9c918b35793c180f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df4178bd53a1ca2b33a07022f3d98b23b26a6251a0edf10ed1b1d1ae3bda1207
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fdf2026eedb6311286bf746080e663897c76d8073952ef82494b194170b84e
e5606050dc568572439eaf433184ad7680e08fbad59cfda0745a8391992ca2db
ed36e2939292383b8688e2c83857e13f8ee9e542ba875c33c3c085488fd32a17
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

www.bankplus.net Open in urlscan Pro 2620:1ec:46::45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

97 %HTTPS

63 %IPv6

20 Domains

29 Subdomains

27 IPs

5 Countries

2659 kBTransfer

5232 kBSize

24 Cookies

21 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bankplus.net Open in urlscan Pro
2620:1ec:46::45 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

97 %
HTTPS

63 %
IPv6

20
Domains

29
Subdomains

27
IPs

5
Countries

2659 kB
Transfer

5232 kB
Size

24
Cookies

65 HTTP transactions
0 data transactions