www.ulstersavings.com Open in urlscan Pro
192.124.249.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ulstersavings.com/
Effective URL:
https://www.ulstersavings.com/
Submission Tags: falconsandbox
Submission: On May 22 via api (May 22nd 2022, 12:26:40 pm UTC) from US — Scanned from DE

Summary HTTP 88 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 23 domains to perform 88 HTTP transactions. The main IP is 192.124.249.11, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is www.ulstersavings.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 11th 2022. Valid for: a year.

This is the only time www.ulstersavings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 46	192.124.249.11 192.124.249.11	30148 (SUCURI-SEC) (SUCURI-SEC)
3	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a06:98c1:312... 2a06:98c1:3120::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	67.207.158.33 67.207.158.33	19994 (RACKSPACE) (RACKSPACE)
6	2600:9000:205... 2600:9000:2057:d400:f:6110:c080:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.205.224.241 23.205.224.241	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6811:925b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	108.128.243.153 108.128.243.153	16509 (AMAZON-02) (AMAZON-02)
1	54.93.205.167 54.93.205.167	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:440... 2606:4700:4400::6812:2a69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.216.82.136 52.216.82.136	16509 (AMAZON-02) (AMAZON-02)
1	35.171.118.96 35.171.118.96	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
88	25

46 192.124.249.11 (Menifee, United States) 2 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10011.sucuri.net

www.ulstersavings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::a (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.207.158.33 (United States)

ASN19994 (RACKSPACE, US)

www.cgiappcontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2057:d400:f:6110:c080:93a1 (United States)

ASN16509 (AMAZON-02, US)

amplify.review-alerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::a (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.224.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-224-241.deploy.static.akamaitechnologies.com

s.btstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:925b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.243.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-243-153.eu-west-1.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.205.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-205-167.eu-central-1.compute.amazonaws.com

81180.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2a69 (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.82.136 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

rtx-source-icons.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.118.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-118-96.compute-1.amazonaws.com

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	ulstersavings.com 2 redirects www.ulstersavings.com	1 MB
6	review-alerts.com amplify.review-alerts.com — Cisco Umbrella Rank: 131321	278 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	587 B
3	gstatic.com fonts.gstatic.com	51 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	124 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 882	151 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 714	49 KB
2	amazonaws.com rtx-source-icons.s3.amazonaws.com — Cisco Umbrella Rank: 211188	28 KB
2	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1605	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5483	612 B
2	google.com www.google.com — Cisco Umbrella Rank: 7	612 B
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 8451 prism.app-us1.com — Cisco Umbrella Rank: 8518	6 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	3 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 ajax.googleapis.com — Cisco Umbrella Rank: 295	35 KB
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 625	261 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	43 KB
1	callrail.com cdn.callrail.com — Cisco Umbrella Rank: 8717	312 B
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 8124	362 B
1	siteimproveanalytics.io 81180.global.siteimproveanalytics.io	620 B
1	btstatic.com s.btstatic.com — Cisco Umbrella Rank: 7971	13 KB
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3745	9 KB
1	cgiappcontrol.com www.cgiappcontrol.com	6 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 110	17 KB
88	23

	Domain	Requested by
46	www.ulstersavings.com	2 redirects www.ulstersavings.com
6	amplify.review-alerts.com	www.ulstersavings.com amplify.review-alerts.com
3	www.facebook.com	www.ulstersavings.com
3	fonts.gstatic.com	fonts.googleapis.com
3	connect.facebook.net	www.ulstersavings.com connect.facebook.net
3	use.fontawesome.com	www.ulstersavings.com use.fontawesome.com
3	maxcdn.bootstrapcdn.com	www.ulstersavings.com maxcdn.bootstrapcdn.com
2	rtx-source-icons.s3.amazonaws.com	www.ulstersavings.com
2	s.thebrighttag.com	s.btstatic.com
2	www.google.de	www.ulstersavings.com
2	www.google.com	www.ulstersavings.com
2	googleads.g.doubleclick.net	www.googleadservices.com
1	insight.adsrvr.org
1	www.googletagmanager.com	www.ulstersavings.com
1	cdn.callrail.com	s.btstatic.com
1	trackcmp.net	diffuser-cdn.app-us1.com
1	81180.global.siteimproveanalytics.io	www.ulstersavings.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	diffuser-cdn.app-us1.com	www.ulstersavings.com
1	s.btstatic.com	www.ulstersavings.com
1	siteimproveanalytics.com	www.ulstersavings.com
1	www.cgiappcontrol.com	www.ulstersavings.com
1	ajax.googleapis.com	www.ulstersavings.com
1	www.googleadservices.com	www.ulstersavings.com
1	fonts.googleapis.com	www.ulstersavings.com
88	25

This site contains links to these domains. Also see Links.

Domain
es.ulstersavings.com
ulstersavings.onlinebank.com
www.onlinebanktours.com
forms.fivision.com
ulstersavingsbank.mortgagewebcenter.com
www.mastercard.us
ulster.everfi-next.net
www.youtube.com
www.google.com
www.zillow.com
maps.google.com
paybill.com
www.facebook.com
www.linkedin.com
www.twitter.com
www.instagram.com
app.nextadagency.com

Subject Issuer	Validity	Valid
www.ulstersavings.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-11` - `2023-05-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
elocallink.tv DigiCert TLS RSA SHA256 2020 CA1	`2022-03-10` - `2023-04-10`	a year	crt.sh
review-alerts.com Amazon	`2021-07-22` - `2022-08-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-28` - `2022-05-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
s.btstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-15` - `2023-02-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
signal.co Entrust Certification Authority - L1K	`2022-02-24` - `2023-02-24`	a year	crt.sh
*.global.r1.siteimproveanalytics.io Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
cdn.callrail.com Amazon	`2022-02-24` - `2023-03-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.ulstersavings.com/
Frame ID: 4AC98D13D64423B0E64394D15439D7D7
Requests: 89 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Award Winning Bank | Mortgages | Commercial Loans | Full Service Banking - Ulster Savings Bank

Page URL History Show full URLs

http://www.ulstersavings.com/ HTTP 301
https://www.ulstersavings.com/ Page URL

Detected technologies

Kentico CMS (CMS) Expand

Overall confidence: 100%
Detected patterns

/CMSPages/GetResource\.ashx

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Lightbox (JavaScript Libraries) Expand

Signal (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

//s\.btstatic\.com/tag\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

88
Requests

99 %
HTTPS

63 %
IPv6

23
Domains

25
Subdomains

25
IPs

3
Countries

2184 kB
Transfer

3532 kB
Size

9
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://es.ulstersavings.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://ulstersavings.onlinebank.com/RegistrationDisclosure.aspx
Title: Sign Up!

Search URL Search Domain Scan URL

URL: https://ulstersavings.onlinebank.com/ForgotPassword.aspx
Title: Forgot password?

Search URL Search Domain Scan URL

URL: https://www.onlinebanktours.com/mobile/index.php?b=3546
Title: Online Banking Videos

Search URL Search Domain Scan URL

URL: https://ulstersavings.onlinebank.com/SupportedBrowsers.aspx
Title: Supported Browsers

Search URL Search Domain Scan URL

URL: https://ulstersavings.onlinebank.com/SignIn.aspx?language=es-MX
Title: Ingresar en Español

Search URL Search Domain Scan URL

URL: https://ulstersavings.onlinebank.com/Disclaimer.aspx
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://ulstersavings.onlinebank.com/FAQs.aspx
Title: Sign In Problems FAQ

Search URL Search Domain Scan URL

URL: https://forms.fivision.com/ulstersavings/oa/
Title: Open an Account

Search URL Search Domain Scan URL

URL: https://ulstersavingsbank.mortgagewebcenter.com/Account/Login?ReturnUrl=/ApplyNow
Title: Apply for a Mortgage

Search URL Search Domain Scan URL

URL: https://www.mastercard.us/en-us/personal/offers-and-promotions/priceless-surprises-2022.html
Title: Learn More

Search URL Search Domain Scan URL

URL: https://ulster.everfi-next.net/student/dashboard/customer/financial-foundations/1675#preventing-overdraft-fees/getting-started/page-1
Title: Find Out More

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=VErybTObL1I
Title: Watch Now

Search URL Search Domain Scan URL

URL: https://ulster.everfi-next.net/student/dashboard/business/small-business-essentials
Title: Get Started

Search URL Search Domain Scan URL

URL: https://www.google.com/maps?cid=2700287317894521853

Search URL Search Domain Scan URL

URL: https://www.zillow.com/lender-profile/susanboersema/

Search URL Search Domain Scan URL

URL: https://maps.google.com/?cid=3026453933024011522

Search URL Search Domain Scan URL

URL: https://paybill.com/consumer/?clientid=ulster_reg
Title: Pay Loan

Search URL Search Domain Scan URL

URL: https://ulster.everfi-next.net/welcome/customer
Title: Money Smart

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UlsterSavings
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/ulster-savings-bank
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.twitter.com/UlsterSavings
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ulstersavings/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/usbmarketing
Title: YouTube

Search URL Search Domain Scan URL

URL: https://app.nextadagency.com/rl/5536

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ulstersavings.com/ HTTP 301
https://www.ulstersavings.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.ulstersavings.com/personal/mortgages/priceless-surprises.jpg?width=600&height=600&ext=.jpg HTTP 301
https://www.ulstersavings.com/ulster/files/1e/1e04946f-f93e-43ee-b682-65c67e987c1e.jpg

88 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ulstersavings.com/
Redirect Chain

http://www.ulstersavings.com/
https://www.ulstersavings.com/

53 KB
17 KB

450ms
430ms

Document
text/html

192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

ee90f2f9fe6f07c2fa7a3c0a3efa069b3f7f3c8f9bad5871d0b7b4f8114699b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-encoding: deflate
content-length: 17296
content-type: text/html; charset=utf-8
date: Sun, 22 May 2022 12:26:32 GMT
expires: -1
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-sucuri-cache: MISS
x-sucuri-id: 15011
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 153
Content-Type: text/html; charset=UTF-8
Date: Sun, 22 May 2022 12:26:32 GMT
Location: https://www.ulstersavings.com/
Server: Sucuri/Cloudproxy
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Sucuri-Cache: EXPIRED
X-Sucuri-ID: 15011
X-Xss-Protection: 1; mode=block

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 50ms
25ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ulstersavings.com/
Origin: https://www.ulstersavings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 860
age: 1906
cdn-cachedat: 05/21/2022 01:30:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c6ab3de49d4748f80ec538987638cab4
cf-ray: 70f58a75797d9b77-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 44ms
19ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,800

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f1b520781ce5d8573511707e27c6b9af9c085bca5e885008540f08b8785aec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 12:26:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 12:26:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 12:26:33 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.4.2/css/ 49 KB
12 KB 502ms
447ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.4.2/css/all.css
Requested by: Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3db3a07cd01a325326de52822be97f34e9977ea6d2d3b90ae318f87c3daf374

Request headers

Referer: https://www.ulstersavings.com/
Origin: https://www.ulstersavings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:33 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EW370KHTJG2D76XK
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: I4bbdXCF68yl15/9b/YnKubBMHHW/ZK5QFpFW/aDMcVq/jv5+efBpL2QQS/cEui06qAMDVwaxcQ=
last-modified: Wed, 30 Jun 2021 15:43:13 GMT
server: cloudflare
etag: W/"b4d08b13c5d88326fe4bea239e050253"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcZib0ufz26JKFf8pHteV1FqRoua6fvCy3JwxhuvU8OCKKTebQsTTqXeuyPK4hivrtW6PgdTY2p7FN1xjQhyI0WITAEExnklZvOU%2FeKQyX%2FEla2EmC3lN5sqArpWFG4a6kDe%2FHCmnk6%2FEPJsRbWgq6Cy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 70f58a75bb94d779-MRS

GET
H2 200 getresource.ashx
www.ulstersavings.com/cmspages/ 25 KB
3 KB 9ms
6ms Stylesheet
text/css 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ulstersavings.com/cmspages/getresource.ashx?stylesheetname=Aos.min

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
content-encoding: deflate
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: attachment; filename="Aos.min.css"
content-length: 2218
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Nov 2018 16:50:24 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "cssstylesheet|d50da13f-4ef3-4945-aba1-3325688fef56"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, must-revalidate
x-sucuri-id: 15011
expires: Sat, 21 May 2022 23:50:37 GMT

GET
H2 200 getresource.ashx
www.ulstersavings.com/cmspages/ 59 KB
5 KB 18ms
15ms Stylesheet
text/css 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ulstersavings.com/cmspages/getresource.ashx?stylesheetname=Animate

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

4a780b9cd9949ca424b48af95871e9223a87354e10f49996fd265818bc0d4a6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
content-encoding: deflate
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: attachment; filename="Animate.css"
content-length: 4294
x-xss-protection: 1; mode=block
last-modified: Mon, 17 Dec 2018 19:26:10 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "cssstylesheet|c76edb7c-f37c-4226-8732-c1261813ce07"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, must-revalidate
x-sucuri-id: 15011
expires: Sat, 21 May 2022 23:50:37 GMT

GET
H2 200 getresource.ashx
www.ulstersavings.com/cmspages/ 2 KB
1 KB 18ms
16ms Stylesheet
text/css 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ulstersavings.com/cmspages/getresource.ashx?stylesheetname=Ekko-lightbox

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

5dc8b7ffe7af7746d8f106a048d736dc7965e4eca3085181c8e723b8a15c05f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
content-encoding: deflate
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: attachment; filename="Ekko-lightbox.css"
content-length: 616
x-xss-protection: 1; mode=block
last-modified: Fri, 18 Jan 2019 18:30:05 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "cssstylesheet|cf1d52ac-a6b6-4c52-a698-7168e33800ad"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, must-revalidate
x-sucuri-id: 15011
expires: Sat, 21 May 2022 23:50:37 GMT

GET
H2 200 getresource.ashx
www.ulstersavings.com/cmspages/ 3 KB
1 KB 18ms
16ms Stylesheet
text/css 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ulstersavings.com/cmspages/getresource.ashx?stylesheetname=Smartbanner.css.min

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

285960e47f30b8cc9350469773b3d1c62a2f983d3506438d33ceebc957d45a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
content-encoding: deflate
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: attachment; filename="Smartbanner.css.min.css"
content-length: 1057
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Jan 2019 18:37:56 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "cssstylesheet|78558ddc-5166-4094-802c-b04963d9400e"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, must-revalidate
x-sucuri-id: 15011
expires: Sat, 21 May 2022 23:50:37 GMT

GET
H2 200 getresource.ashx
www.ulstersavings.com/cmspages/ 44 KB
10 KB 18ms
16ms Stylesheet
text/css 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ulstersavings.com/cmspages/getresource.ashx?stylesheetname=Ulster-temp&version=53150dc1-6330-4836-aa69-49f30b7584a3

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

ef833763374629be2800c183e7a26a35eb2236790c648d95ebc29a43b93402a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
content-encoding: deflate
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: attachment; filename="Ulster-temp.css"
content-length: 9477
x-xss-protection: 1; mode=block
last-modified: Thu, 19 May 2022 13:42:59 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "cssstylesheet|53150dc1-6330-4836-aa69-49f30b7584a3"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, must-revalidate
x-sucuri-id: 15011
expires: Sat, 21 May 2022 23:50:37 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 43 KB
17 KB 80ms
28ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

895f492be4e7fcbe0f12090af4097a95d96b07157baacd9d8011c0a24e4dc947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16860
x-xss-protection: 0
server: cafe
etag: 9538313714109913383
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 22 May 2022 12:26:33 GMT

GET
H2 200 WebResource.axd Show response
www.ulstersavings.com/ 23 KB
6 KB 18ms
17ms Script
application/x-javascript 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ulstersavings.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZJ6ACJJ9-SUae5RqAlTRwXAvA2L0Z8-7nbqYAUJi_uLtWSgl_es8voRJV3Y1E2elDw2&t=637750614580544600

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 14 Dec 2021 11:50:58 GMT
server: nginx
x-aspnet-version
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/x-javascript
x-sucuri-cache: HIT
cache-control: public
x-sucuri-id: 15011
vary: Accept-Encoding
content-length: 6007
x-xss-protection: 1; mode=block
expires: Sat, 20 May 2023 20:30:58 GMT

GET
H2 200 ScriptResource.axd Show response
www.ulstersavings.com/ 100 KB
25 KB 18ms
17ms Script
application/x-javascript 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ulstersavings.com/ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvp_lA-I0GKDHQCktLEjiJHt3oV4158VyuCiHoA55SAXr03HEu0JE8quTuPOmzXVSGZKwvPRxVx-i5F1MsFxXL7uZsl5WwDrzJqcFy0IJdJyWdXQHjXCD3wsrzOgKVlbojty49lrSyDojXNcFRZ5sHg81&t=ffffffff8333b97c

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 21:14:46 GMT
server: nginx
x-aspnet-version
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/x-javascript
x-sucuri-cache: HIT
cache-control: public
x-sucuri-id: 15011
content-length: 25609
x-xss-protection: 1; mode=block
expires: Sat, 20 May 2023 21:14:46 GMT

GET
H2 200 ScriptResource.axd Show response
www.ulstersavings.com/ 39 KB
10 KB 24ms
23ms Script
application/x-javascript 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ulstersavings.com/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8ONMZWRP08Q2Z6eKVHjOAm_bWP7G3_aPjQMwxcWdVE_I5Hm5JVNAK2gwh6ZW--mmyUmhX0l96hIbEKX-lpR4xuHUy76IWVZ8JPVzfNr0uoY4NAPMVwI8tcMWUUUgXcc2G_SD8JKWtd4gHX7DXP-bzwYE1&t=ffffffff8333b97c

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 20:30:58 GMT
server: nginx
x-aspnet-version
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/x-javascript
x-sucuri-cache: HIT
cache-control: public
x-sucuri-id: 15011
content-length: 9984
x-xss-protection: 1; mode=block
expires: Sat, 20 May 2023 20:30:58 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 03:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 03:31:27 GMT

GET
H2 200 usb-logo-community.png
www.ulstersavings.com/getmedia/9a1df712-75df-43ad-a96b-aef77f271714/ 24 KB
25 KB 22ms
6ms Image
image/png 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/9a1df712-75df-43ad-a96b-aef77f271714/usb-logo-community.png

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

5d270804dd677e25580af2d9815c3e273105129516cb22d27f553457d522c30f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="usb-logo-community.png"
content-length: 24790
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Mar 2022 13:12:59 GMT
server: nginx
etag: "3/24/2022 1:12:59 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5-stars.png
www.ulstersavings.com/getmedia/7b3c3406-0f2d-4fa9-8873-876ba57270da/ 983 B
1 KB 27ms
10ms Image
image/png 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/7b3c3406-0f2d-4fa9-8873-876ba57270da/5-stars.png

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

88908dd0dca02007aa2b8fa808741c89397f51047da5b67da225460b4d225ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="5-stars.png"
content-length: 983
x-xss-protection: 1; mode=block
last-modified: Mon, 17 May 2021 15:41:14 GMT
server: nginx
etag: "5/17/2021 3:41:14 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Deals-Mobile-Screen.png
www.ulstersavings.com/getmedia/f0d66152-1fc6-4581-b899-a7d9653cf9d9/ 25 KB
25 KB 28ms
11ms Image
image/png 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/f0d66152-1fc6-4581-b899-a7d9653cf9d9/Deals-Mobile-Screen.png?width=127&height=250

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

cafdf9d8d6b49c959f53911e53d65fd9d89bb0ce349a9e3b804559f644014fed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="Deals-Mobile-Screen.png"
content-length: 25239
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Apr 2022 17:53:55 GMT
server: nginx
etag: "4/20/2022 5:53:55 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ico-check.svg
www.ulstersavings.com/ulster/media/images/icons/ 2 KB
2 KB 28ms
11ms Image
image/svg+xml 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/ulster/media/images/icons/ico-check.svg

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

cb9957bbad4817731096ccbb0dcdb57f5d6136f7717ed0f4dd6399e35f44af31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Nov 2018 18:30:21 GMT
server: nginx
etag: "b23e32961188d41:0"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/svg+xml
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
content-length: 1591
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ico-ATM-likesvg.png
www.ulstersavings.com/getmedia/35b8b1c5-6d82-455c-9726-5945c787683d/ 11 KB
11 KB 33ms
16ms Image
image/png 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/35b8b1c5-6d82-455c-9726-5945c787683d/ico-ATM-likesvg.png?width=880&height=880&ext=.png

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

3e7e1077af43eb636db3415442c10e3d720d928611409450cf91a50c82d7e361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="ico-ATM-likesvg.png"
content-length: 11140
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 18:07:22 GMT
server: nginx
etag: "8/30/2021 6:07:22 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ico-Check-Rates.svg
www.ulstersavings.com/getmedia/d5d44f73-be9c-47ee-b149-ed56b9dd44da/ 1 KB
1 KB 33ms
17ms Image
image/svg+xml 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/d5d44f73-be9c-47ee-b149-ed56b9dd44da/ico-Check-Rates.svg?ext=.svg

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

bb9b7e6d72e1a7b652c5f7507e9335ce41ea9c622c894fb6c0c139f8d8b41eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: attachment; filename="ico-Check-Rates.svg"
content-length: 1127
x-xss-protection: 1; mode=block
last-modified: Wed, 08 May 2019 19:35:43 GMT
server: nginx
etag: "5/8/2019 7:35:43 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Ico-Apply-for-a-Mortgage.svg
www.ulstersavings.com/getmedia/b6d7919d-0bd1-41f3-a6a5-35bf8f47dbe7/ 2 KB
2 KB 33ms
17ms Image
image/svg+xml 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/b6d7919d-0bd1-41f3-a6a5-35bf8f47dbe7/Ico-Apply-for-a-Mortgage.svg?ext=.svg

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

8c0a1e06d440d3c85340223eb5a7267672cb5ce7eee77fb9f0d030f1b286e15f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: attachment; filename="Ico-Apply-for-a-Mortgage.svg"
content-length: 1627
x-xss-protection: 1; mode=block
last-modified: Wed, 08 May 2019 19:04:59 GMT
server: nginx
etag: "5/8/2019 7:04:59 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ICO-Loan-Pay-b.svg
www.ulstersavings.com/getmedia/61c941d5-3764-436c-b3ff-cab23a1c183a/ 3 KB
4 KB 33ms
17ms Image
image/svg+xml 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/61c941d5-3764-436c-b3ff-cab23a1c183a/ICO-Loan-Pay-b.svg?ext=.svg

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

2f2947a9eeaa574276a90553b8e2d68cb55652b293f94e833bd9b0ef22da1713

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: attachment; filename="ICO-Loan-Pay-b.svg"
content-length: 3377
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 18:09:06 GMT
server: nginx
etag: "8/30/2021 6:09:06 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ico-heart-and-hands-likesvg.png
www.ulstersavings.com/getmedia/745a9794-b4ba-4c15-ab97-142cb231489a/ 18 KB
19 KB 34ms
18ms Image
image/png 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/745a9794-b4ba-4c15-ab97-142cb231489a/ico-heart-and-hands-likesvg.png?width=880&height=880&ext=.png

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

f07087377ac3047e060a063525009035b75cd3473ac59aa32155056932a24c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="ico-heart-and-hands-likesvg.png"
content-length: 18569
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 18:00:32 GMT
server: nginx
etag: "8/30/2021 6:00:32 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ico-mobile.svg
www.ulstersavings.com/getmedia/4c3b447a-f6a8-4931-8469-52d578eab472/ 4 KB
4 KB 38ms
22ms Image
image/svg+xml 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/4c3b447a-f6a8-4931-8469-52d578eab472/ico-mobile.svg?ext=.svg

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

d1522cfe23e7a8aee14addbcdc3aa1dc0b1f518a45ac213cfcf7ec23d0dce1f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: attachment; filename="ico-mobile.svg"
content-length: 3596
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 18:05:38 GMT
server: nginx
etag: "8/30/2021 6:05:38 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ico-careers.svg
www.ulstersavings.com/ulster/media/images/icons/ 2 KB
2 KB 38ms
22ms Image
image/svg+xml 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/ulster/media/images/icons/ico-careers.svg

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

253f7bfffeb61b782010a54b3a253fc7d929698b6da0c8867ed2f59ee006d93a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Nov 2018 18:36:14 GMT
server: nginx
etag: "33b363681288d41:0"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/svg+xml
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
content-length: 1731
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ico-news.svg
www.ulstersavings.com/getmedia/27a2e22d-56e6-46df-bf20-27ecdb4faccb/ 2 KB
2 KB 38ms
22ms Image
image/svg+xml 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/27a2e22d-56e6-46df-bf20-27ecdb4faccb/ico-news.svg?ext=.svg

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

4c353e2e1c11c20b546e76f0ed28e691f5cc68ad50423bfe405cfda1c4366a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: attachment; filename="ico-news.svg"
content-length: 1684
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Nov 2018 18:37:07 GMT
server: nginx
etag: "11/29/2018 6:37:07 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ico-Online-safety-likesvg.png
www.ulstersavings.com/getmedia/8da8ccc2-3676-498d-b8ac-185ffcc69583/ 12 KB
13 KB 38ms
23ms Image
image/png 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/8da8ccc2-3676-498d-b8ac-185ffcc69583/ico-Online-safety-likesvg.png?width=880&height=880&ext=.png

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

53f8cee96c98f609b04c43b4890779bc64182103651aef10ef1b29f8cfaa1e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="ico-Online-safety-likesvg.png"
content-length: 12421
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 18:10:40 GMT
server: nginx
etag: "8/30/2021 6:10:40 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Open_Door.jpg
www.ulstersavings.com/getmedia/c4809408-062b-4eb0-851f-1a6f01e672b5/ 80 KB
81 KB 39ms
23ms Image
image/jpeg 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/c4809408-062b-4eb0-851f-1a6f01e672b5/Open_Door.jpg?width=600&height=600&ext=.jpg

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

e25c3fe8275a8ce6140882bfd823d5433ebceae6eeba5629d18ba148cc79723e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="Open_Door.jpg"
content-length: 82098
x-xss-protection: 1; mode=block
last-modified: Fri, 11 Mar 2022 20:38:10 GMT
server: nginx
etag: "3/11/2022 8:38:10 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Woman-with-curly-hair-looking-at-cell-phone.jpg
www.ulstersavings.com/getmedia/7f91d8a7-a5f7-4d8d-af3b-b3ca9e8e77cc/ 59 KB
59 KB 39ms
24ms Image
image/jpeg 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/7f91d8a7-a5f7-4d8d-af3b-b3ca9e8e77cc/Woman-with-curly-hair-looking-at-cell-phone.jpg?width=600&height=600&ext=.jpg

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

4d8eebc4bd577f31a4be0fe24d3791efc02ad6749c60d549114387e6feb32f76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="Woman-with-curly-hair-looking-at-cell-phone.jpg"
content-length: 60333
x-xss-protection: 1; mode=block
last-modified: Mon, 14 Feb 2022 20:47:07 GMT
server: nginx
etag: "2/14/2022 8:47:07 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Payroll-2.jpg
www.ulstersavings.com/getmedia/b3de25fd-c8de-4f4a-a549-1397dbc8e3a4/ 102 KB
102 KB 39ms
24ms Image
image/jpeg 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/b3de25fd-c8de-4f4a-a549-1397dbc8e3a4/Payroll-2.jpg?width=800&height=800&ext=.jpg

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

94ebd1fb05ebdeccd6219f02866b8be1777155648cadeb5e760323191ba94d62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="Payroll-2.jpg"
content-length: 104036
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Apr 2022 18:46:29 GMT
server: nginx
etag: "4/28/2022 6:46:29 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

1e04946f-f93e-43ee-b682-65c67e987c1e.jpg
www.ulstersavings.com/ulster/files/1e/
Redirect Chain

https://www.ulstersavings.com/personal/mortgages/priceless-surprises.jpg?width=600&height=600&ext=.jpg
https://www.ulstersavings.com/ulster/files/1e/1e04946f-f93e-43ee-b682-65c67e987c1e.jpg

53 KB
54 KB

31ms
31ms

Image
image/jpeg

192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/ulster/files/1e/1e04946f-f93e-43ee-b682-65c67e987c1e.jpg

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

5f021dfdb58c09f075d43b3b09761b6961aab0c065e3b06771e2e3f1f422e7c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Apr 2022 14:53:42 GMT
server: nginx
etag: "b98a7099d850d81:0"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
content-length: 54540
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
server: nginx
x-aspnet-version
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/html; charset=utf-8
location: /ulster/files/1e/1e04946f-f93e-43ee-b682-65c67e987c1e.jpg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15011
content-length: 174
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 man-wiht-card-and-tablet.jpg
www.ulstersavings.com/getmedia/0e6b06f9-0d98-451c-99a4-744e2851841c/ 40 KB
40 KB 39ms
24ms Image
image/jpeg 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/0e6b06f9-0d98-451c-99a4-744e2851841c/man-wiht-card-and-tablet.jpg?width=600&height=600&ext=.jpg

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

e094e6e895c1b243ce91aece57c1fd817aef9acdbfc1a6225c8096f8864ba07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="man-wiht-card-and-tablet.jpg"
content-length: 41010
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Feb 2022 21:20:52 GMT
server: nginx
etag: "2/22/2022 9:20:52 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Online-Tour_1.jpg
www.ulstersavings.com/getmedia/bcdebe02-bfd1-4758-b312-a3fbc03ed298/ 52 KB
52 KB 39ms
24ms Image
image/jpeg 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/bcdebe02-bfd1-4758-b312-a3fbc03ed298/Online-Tour_1.jpg?width=1201&height=883&ext=.jpg

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

958fb796b66a6f13e1009bd4d772c4507257a2aee312f99940d767330829f99d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="Online-Tour_1.jpg"
content-length: 53149
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Jun 2021 15:08:24 GMT
server: nginx
etag: "6/7/2021 3:08:24 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Community-Matters-Card.jpg
www.ulstersavings.com/getmedia/4603756c-e00d-4cfc-8b25-c16e76d9841d/ 32 KB
33 KB 39ms
24ms Image
image/jpeg 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/4603756c-e00d-4cfc-8b25-c16e76d9841d/Community-Matters-Card.jpg?width=600&height=435&ext=.jpg

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

06d4046adc3390231abfdb7dbcc06661f213c5be297da06e8ee0387125182c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="Community-Matters-Card.jpg"
content-length: 33085
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 18:35:50 GMT
server: nginx
etag: "3/23/2022 6:35:50 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Biz-eLearning.jpg
www.ulstersavings.com/getmedia/b95d632d-e0bf-486c-ab3c-4375fe38403d/ 54 KB
54 KB 39ms
25ms Image
image/jpeg 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/b95d632d-e0bf-486c-ab3c-4375fe38403d/Biz-eLearning.jpg?width=600&height=435&ext=.jpg

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

38c09533c1f920dab9d6ac9e1e294d6a2ff4fd88cf33cfd5e4f8c576219e4e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="Biz-eLearning.jpg"
content-length: 55310
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 17:53:10 GMT
server: nginx
etag: "3/23/2022 5:53:10 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ehl.svg
www.ulstersavings.com/ulster/media/images/templates/ 663 B
982 B 40ms
25ms Image
image/svg+xml 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/ulster/media/images/templates/ehl.svg

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

83255bd1236449ace78985cf9a37eb2172eb40cd380906f476fdf8b5b279b9ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Nov 2018 17:21:33 GMT
server: nginx
etag: "369c6ef9788d41:0"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/svg+xml
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
content-length: 663
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK rate22_140x100.png
www.cgiappcontrol.com/nx/rateus_buttons/s2/ 6 KB
6 KB 465ms
104ms Image
image/png 67.207.158.33
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cgiappcontrol.com/nx/rateus_buttons/s2/rate22_140x100.png
Requested by: Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 67.207.158.33 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1ed54258209e2d809a064fddc79091d10ea7de0816d20e25c403ed0a19237d6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 12:32:20 GMT
Last-Modified: Tue, 13 Feb 2018 14:30:28 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "2a4060-189d-56518d607a900"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 6301

GET
H2 200 Chronogrammies-2021-Badge-1ST.png
www.ulstersavings.com/getmedia/a5e2cf81-bd8a-42c2-8a0b-7a38d66fc114/ 14 KB
14 KB 40ms
25ms Image
image/png 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/a5e2cf81-bd8a-42c2-8a0b-7a38d66fc114/Chronogrammies-2021-Badge-1ST.png

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

1ab7c2a847a600cc7e8275926fd0e2d1f18c4c2339ef29beb5b16a3d83289adc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="Chronogrammies-2021-Badge-1ST.png"
content-length: 14041
x-xss-protection: 1; mode=block
last-modified: Tue, 06 Jul 2021 15:28:42 GMT
server: nginx
etag: "7/6/2021 3:28:42 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 BankyAward-Logo.png
www.ulstersavings.com/getmedia/f927ac70-bb7a-48ef-a15d-c3e182100995/ 15 KB
15 KB 40ms
25ms Image
image/png 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/f927ac70-bb7a-48ef-a15d-c3e182100995/BankyAward-Logo.png

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

cede917658f799db254e0af6ad5a677f32a79041351f1591abab5233dfe8cd51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="BankyAward-Logo.png"
content-length: 14919
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Oct 2019 15:48:36 GMT
server: nginx
etag: "10/7/2019 3:48:36 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 BankGiving-Logo.png
www.ulstersavings.com/getmedia/07beab28-9bcd-4e68-985a-b744d4b1c86d/ 8 KB
8 KB 40ms
26ms Image
image/png 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/07beab28-9bcd-4e68-985a-b744d4b1c86d/BankGiving-Logo.png

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

2ccb4a02cc986812cce433dfba76513f04fec996f68eb096d710af8541c47a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="BankGiving-Logo.png"
content-length: 7688
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Oct 2019 15:48:37 GMT
server: nginx
etag: "10/7/2019 3:48:37 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 BestBankToWorkFor-Logo.png
www.ulstersavings.com/getmedia/123ac784-308c-4fa5-9a81-a7f5a7ba87fb/ 7 KB
7 KB 40ms
26ms Image
image/png 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/123ac784-308c-4fa5-9a81-a7f5a7ba87fb/BestBankToWorkFor-Logo.png

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

7361d712ab6fa5d7f7dab429d559764c70534d0e789ca5356345851848b04226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="BestBankToWorkFor-Logo.png"
content-length: 7212
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Oct 2019 15:48:38 GMT
server: nginx
etag: "10/7/2019 3:48:38 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Bauer-Logo.png
www.ulstersavings.com/getmedia/413d798b-f6d9-420c-819d-82de7e7f9993/ 21 KB
22 KB 40ms
26ms Image
image/png 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/413d798b-f6d9-420c-819d-82de7e7f9993/Bauer-Logo.png

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

0bed5f9d339c67c0527fb4a11fb451618ca33a285c94be909b30606651f7e4b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="Bauer-Logo.png"
content-length: 21819
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Oct 2019 15:48:40 GMT
server: nginx
etag: "10/7/2019 3:48:40 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Banking-Northeast-Community-Champions.png
www.ulstersavings.com/ulster/media/images/logos/ 16 KB
16 KB 41ms
26ms Image
image/png 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/ulster/media/images/logos/Banking-Northeast-Community-Champions.png

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

a90d15b8273a2c5a6bacdacd1005ab115c0c06178ef0ee45ea57e44ee36667e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Mar 2022 14:30:34 GMT
server: nginx
etag: "9cffd4b88b3fd81:0"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
content-length: 15959
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 59ms
39ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ulstersavings.com/
Origin: https://www.ulstersavings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 863
access-control-allow-origin: *
cdn-cachedat: 05/12/2022 03:05:27
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"5869c96cc8f19086aee625d670d741f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6dece1ffb507d099e33517dcf0c1606c
cf-ray: 70f58a75797f9b77-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 aos.js Show response
www.ulstersavings.com/CMSScripts/Custom/ 14 KB
6 KB 22ms
5ms Script
application/javascript 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ulstersavings.com/CMSScripts/Custom/aos.js

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 5561
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Nov 2018 16:49:19 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "a670ac78388d41:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ekko-lightbox.min.js Show response
www.ulstersavings.com/CMSScripts/Custom/ 15 KB
6 KB 22ms
6ms Script
application/javascript 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ulstersavings.com/CMSScripts/Custom/ekko-lightbox.min.js

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

e1f755183b0eb9b4198db2acf5d2c1039097385bffcac4a8fe16dff8962d6ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 5537
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Jan 2019 21:26:52 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "618ab932e2add41:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 smartbanner.min.js Show response
www.ulstersavings.com/CMSScripts/Custom/ 12 KB
4 KB 22ms
6ms Script
application/javascript 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ulstersavings.com/CMSScripts/Custom/smartbanner.min.js

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

5eed9af48af108e3c88f8e5d97c1fe8d877e472795c702fbcb5ced92a13f1a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 3762
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Jan 2019 18:36:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "8c7a72fb8b1d41:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js.cookie.js Show response
www.ulstersavings.com/CMSScripts/Custom/ 4 KB
2 KB 22ms
6ms Script
application/javascript 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ulstersavings.com/CMSScripts/Custom/js.cookie.js

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

088bfbdd4a9de1675989a23eec734b4c416760c6a2be754d19bb86fe26a04055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 1841
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Jan 2019 19:38:06 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "e0dfaed4c0b1d41:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ulster.js Show response
www.ulstersavings.com/CMSScripts/Custom/ 8 KB
3 KB 22ms
6ms Script
application/javascript 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ulstersavings.com/CMSScripts/Custom/ulster.js?v=2

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

c69c6655d615b3f61a89de50f9b836eb7ab5021c62427285d6f85d6ff1ccdb40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 2949
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Mar 2022 17:47:02 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "64673ac4b3dd81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 widget-init.js Show response
amplify.review-alerts.com/ 433 KB
208 KB 98ms
8ms Script
application/javascript 2600:9000:2057:d400:f:6110:c080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.review-alerts.com/widget-init.js
Requested by: Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d400:f:6110:c080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 9261d0c8f2efcf0f1f314ed01c5151362c6060d9147e9075ca59491eeca320ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 11:45:55 GMT
via: 1.1 vegur, 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified: Thu, 28 Apr 2022 15:08:27 GMT
server: Cowboy
age: 2458
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
content-encoding: gzip
x-amz-cf-id: 9spgrenQ3b8tHkKNb515jpOIVyIWzAmO-tqD20DpIqCtt01i51olXg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 115ms
10ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: 1M3xjDtAIDVQq28arR0GI5bIV7px2YHn06/y0RS6UABG73crfeWeDVGfhxLtgnRYOCljOqHVFsDrbFMngNGLrg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sun, 22 May 2022 12:26:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/933413008/ 2 KB
2 KB 121ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/933413008/?random=1653222393682&cv=9&fst=1653222393682&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ulstersavings.com%2F&tiba=Award%20Winning%20Bank%20%7C%20Mortgages%20%7C%20Commercial%20Loans%20%7C%20Full%20Service%20Banking%20-%20Ulster%20Savings%20Bank&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44692ab9b1618ad8d229527620bf07eeae839633fc2e83cdc8955bba870364f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 12:26:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1047
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 109ms
19ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ulstersavings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:45:05 GMT
x-content-type-options: nosniff
age: 502888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17324
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 16:45:05 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 100ms
11ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ulstersavings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 21:51:18 GMT
x-content-type-options: nosniff
age: 484515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17156
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 21:51:18 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.4.2/webfonts/ 70 KB
71 KB 424ms
423ms Font
font/woff2 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.4.2/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.4.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac1a655367b02648fe8217ee11d1b272786605b78989ff614cb0beab5f6f547c

Request headers

Referer: https://use.fontawesome.com/releases/v5.4.2/css/all.css
Origin: https://www.ulstersavings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:34 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EW31P9GDGYBH2NTQ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71952
x-amz-id-2: I/BZVZgUrvygc7444hfNn8Gvz+eUbdKJ5CRamMByzdzQfD2kVz1Bmei3kGVyOx6OJ0u0PbIRTDs=
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
server: cloudflare
etag: "fd531d212b567d6049f400165473589f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdxenLd7w9nFP7IMK6L9mIEVYzcqLu1g1ZB3A4M0zwcaUXS2aL4qlqkfGrcuI2upEFyyj3A%2BwS0ALmrduxKCU7e%2FzJ4gGr485CN81wDldEN5YGJ39jTgiNDWTCOK%2BNHrfaNqueGYxQJApBH%2B9FNcVOfw"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 70f58a78ae9fd779-MRS

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 102ms
12ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ulstersavings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 15:01:52 GMT
x-content-type-options: nosniff
age: 509081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16980
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 15:01:52 GMT

GET
H2 200 siteanalyze_81180.js Show response
siteimproveanalytics.com/js/ 24 KB
9 KB 201ms
115ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_81180.js
Requested by: Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 974868fd7e74662bac62a87d2696c8593ce76f8f9eebfcc1764ef64a310f10e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:33 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EW3AK0X6DPXRGYC0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8410
x-amz-id-2: 6t/hGzQFDFFFeQMgexoYH/nqIfjKOmZO3OqGRiRKujlPJ2eRLnSiXQaUro2Y1d2ki/rHyDmaSws=
last-modified: Mon, 16 May 2022 09:26:12 GMT
server: cloudflare
etag: "6ee3980a7b9fde6b5bd6e1c9e34b6f2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMsBqfSgffdM%2FeM3rnq1JpK2CtZiSOrcldDxbsnufxaWQ5o7J%2BRLAdWDC44mZ7k8Vy99zvHEX4V%2B%2FT71Ifi0cagkXZnlk3jODluHO70kBxuPt%2Bx4PiQv3f1Hwa0%2BpxzD3r2KXUEb8hPbw88%2Bmsrpoz9J98P7MPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 70f58a795e7641cb-MRS

GET
H/1.1 200
OK tag.js Show response
s.btstatic.com/ 34 KB
13 KB 89ms
20ms Script
application/javascript 23.205.224.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/tag.js
Requested by: Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.224.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-224-241.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 12:26:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 May 2021 16:29:53 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 12525

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 24 KB
6 KB 88ms
27ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 270
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
server: cloudflare
etag: W/"4d482a43613d3966f353ec9d97452e0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: DUS51-P1
cf-ray: 70f58a7928fb5b9e-FRA
x-amz-cf-id: sxRyrcf6vavHTd9TaMSPhzVVZdvXB8u8DZFUcPDcf_nNh1og-3ZlqA==

GET
H2 200 vendors~aggregate_rating~full_page~teaser.js Show response
amplify.review-alerts.com/ 125 KB
40 KB 13ms
12ms Script
application/javascript 2600:9000:2057:d400:f:6110:c080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.review-alerts.com/vendors~aggregate_rating~full_page~teaser.js
Requested by: Host: amplify.review-alerts.com
URL: https://amplify.review-alerts.com/widget-init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d400:f:6110:c080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 041d3f134a5cd92ea6193a354125c4cc065e91771fc5ccd5d110974e414699b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:33 GMT
via: 1.1 vegur, 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified: Thu, 28 Apr 2022 15:08:27 GMT
server: Cowboy
age: 396
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
content-encoding: gzip
x-amz-cf-id: B73FHDUHh2cGXBiESxsHIuloNI8mWQp9JZRvGQG1mBQMUJXRquYjMQ==

GET
H2 200 vendors~teaser.js Show response
amplify.review-alerts.com/ 67 KB
23 KB 9ms
8ms Script
application/javascript 2600:9000:2057:d400:f:6110:c080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.review-alerts.com/vendors~teaser.js
Requested by: Host: amplify.review-alerts.com
URL: https://amplify.review-alerts.com/widget-init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d400:f:6110:c080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 9a5b3e6450477d6af030c9c9771510f4f13c39a2c1685bebbbbe413710615250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 11:59:10 GMT
via: 1.1 vegur, 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified: Thu, 28 Apr 2022 15:08:27 GMT
server: Cowboy
age: 2309
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
content-encoding: gzip
x-amz-cf-id: 1quFg2qd0KqqgTb824mCAfi64ZTZYbJxS6_quugXSmhrNHhzOhaHqw==

GET
H2 200 teaser.js Show response
amplify.review-alerts.com/ 8 KB
3 KB 13ms
12ms Script
application/javascript 2600:9000:2057:d400:f:6110:c080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.review-alerts.com/teaser.js
Requested by: Host: amplify.review-alerts.com
URL: https://amplify.review-alerts.com/widget-init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d400:f:6110:c080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 54db58defa8fe2014e349c0d65936bce94d35ec2b67784e92e6f7c53a4420838

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:33 GMT
via: 1.1 vegur, 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified: Thu, 28 Apr 2022 15:08:27 GMT
server: Cowboy
age: 396
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
content-encoding: gzip
x-amz-cf-id: Lc4XrwXLnWfeEiFjp0fKlPquS9IirYvO5TMJ77Z2qUCWxnCmqSbcGQ==

GET
H2 200 EV-Charging-Station.jpg
www.ulstersavings.com/getmedia/57908655-3407-4e1b-bb75-1776979baec4/ 338 KB
339 KB 8ms
7ms Image
image/jpeg 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/57908655-3407-4e1b-bb75-1776979baec4/EV-Charging-Station.jpg?width=1920&height=1080&ext=.jpg

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

85f6b9a4699846d05ccd9c777fa70177ef4276b045ba125ca393acac52a19c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:33 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="EV-Charging-Station.jpg"
content-length: 346606
x-xss-protection: 1; mode=block
last-modified: Wed, 18 May 2022 14:34:44 GMT
server: nginx
etag: "5/18/2022 2:34:44 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.4.2/webfonts/ 67 KB
68 KB 288ms
287ms Font
font/woff2 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.4.2/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.4.2/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67ca1abd107c1c587489a06adc41ed3221a1b77048be449a076a5e93c93d2b98

Request headers

Referer: https://use.fontawesome.com/releases/v5.4.2/css/all.css
Origin: https://www.ulstersavings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:34 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EW3EGDPTTBWF1X82
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 69020
x-amz-id-2: h6z6HxtDqljKdkRfLZ56aEFuWZRThjnQnHX3sIP23YIX3gU4vnG26BmaqILI79BuAm+Q6HrF8J8=
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
server: cloudflare
etag: "e4a6cecbe2bb89b0722b5dc85090af7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7g0Q1BlnJ340wBf8ztwRdKShEMDtcalMobkKScPEqOORzEHY0JZQOgZL3mjloFbxL4VvXmM%2BUUSaFjmxbxDPBlpMsyhiKsog30m6FD6VfUJmgcwszg18PdxIPDafNruzfBs1hcJIu8v6YFs6WEj0nzrS"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 70f58a79ed5241e5-MRS

GET
H3 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ 18 KB
18 KB 79ms
59ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Origin: https://www.ulstersavings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 755
access-control-allow-origin: *
cdn-proxyver: 1.02
cdn-cachedat: 03/08/2022 20:44:28
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18028
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "448c34a56d699c29117adc64c43affeb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5c4913455a62b01391e4b64ca1f73b3f
accept-ranges: bytes
cf-ray: 70f58a79c870cc5a-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 1082234411807748 Show response
connect.facebook.net/signals/config/ 39 KB
10 KB 121ms
111ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1082234411807748?v=2.9.60&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b89c7fca521054bfc5ce079912ee7c0e52c9ad55b9bb1c676b3083f32dcadac2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: rN1nsBQB8ygJGMBLo+I8+wCIKju8Ta9ngBX2aN+tTfbnYghJtjny1VN2Gh2CUTbmM46+6d4tgYx2spemQV5kzQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 22 May 2022 12:26:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653222394059
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/933413008/ 42 B
548 B 47ms
19ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/933413008/?random=1653222393682&cv=9&fst=1653220800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.ulstersavings.com%2F&tiba=Award%20Winning%20Bank%20%7C%20Mortgages%20%7C%20Commercial%20Loans%20%7C%20Full%20Service%20Banking%20-%20Ulster%20Savings%20Bank&fmt=3&is_vtc=1&random=1512496695&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 12:26:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/933413008/ 42 B
548 B 51ms
22ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/933413008/?random=1653222393682&cv=9&fst=1653220800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.ulstersavings.com%2F&tiba=Award%20Winning%20Bank%20%7C%20Mortgages%20%7C%20Commercial%20Loans%20%7C%20Full%20Service%20Banking%20-%20Ulster%20Savings%20Bank&fmt=3&is_vtc=1&random=1512496695&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 12:26:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tag Show response
s.thebrighttag.com/ 3 KB
2 KB 108ms
34ms Script
text/javascript 108.128.243.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag?site=9O7NXzt&H=zhcxkp
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 108.128.243.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-243-153.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 57d1704d7a37b6eaa04c94523f43ea2a574be1ab7435d0182a587cdc4625d6ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 May 2022 12:26:34 GMT
Content-Encoding: gzip
Server: nginx
ETag: 8d3108da23b3f6d1cfb64b91871732a5
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: private, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript
X-BT-RequestId: 6ad6b580-d9ca-11ec-95d7-0000ac150a4b
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 testimonials Show response
amplify.review-alerts.com/public/api/ 10 KB
4 KB 311ms
311ms XHR
application/json 2600:9000:2057:d400:f:6110:c080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://amplify.review-alerts.com/public/api/testimonials?nonce=165322239405200

Requested by

Host: amplify.review-alerts.com
URL: https://amplify.review-alerts.com/vendors~aggregate_rating~full_page~teaser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:d400:f:6110:c080:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

8a9e4f2156ac31d3c8b748846ae2cda2e6089c96b25834c486efa7414d5dc959

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

authorization: Basic NjYzNjpzNnlLNkpEeG1ZcGlfT2IxM1ZpYTlrSEZDNVk=
Referer: https://www.ulstersavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Cowboy
x-amz-cf-pop: FRA6-C1
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
x-cache: Miss from cloudfront
vary: Origin,Accept-Encoding
x-amz-cf-id: kW0ypqk9CHsdjaALM0IJnJz16C2trfjtn_7ig4vQdwRzMlJkBXmUbw==
via: 1.1 vegur, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)

OPTIONS
H2 200 testimonials
amplify.review-alerts.com/public/api/ 0
0 321ms
287ms Preflight
text/plain 2600:9000:2057:d400:f:6110:c080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.review-alerts.com/public/api/testimonials?nonce=165322239405200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d400:f:6110:c080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.ulstersavings.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 1728000
content-encoding: gzip
content-type: text/plain
date: Sun, 22 May 2022 12:26:34 GMT
server: Cowboy
vary: Accept-Encoding
via: 1.1 vegur, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: RJU1v2fwWaHJAuEvOA4rOi2GobKAXyMLlcumY3yhbqj7aCh381n85w==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront

GET
H2 200 / Show response
prism.app-us1.com/ 250 B
417 B 461ms
443ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=1000934278&u=https%3A%2F%2Fwww.ulstersavings.com%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: c119564f5783394a6ae9feec8e7e8bbcb55c0af87f7fd9bd4c902ad595fb9b6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.28
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 44
cf-ray: 70f58a7afb145b9e-FRA

GET
H/1.1 200
OK image.aspx
81180.global.siteimproveanalytics.io/ 34 B
620 B 343ms
7ms Image
image/gif 54.93.205.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://81180.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.ulstersavings.com%2F&title=Award%20Winning%20Bank%20%7C%20Mortgages%20%7C%20Commercial%20Loans%20%7C%20Full%20Service%20Banking%20-%20Ulster%20Savings%20Bank&res=1600x1200&accountid=81180&rt=1746&prev=90731507-2e9c-1d90-5b88-774fc97ad6c6&luid=24b4cd15-fb94-a0dc-c092-5bf8ca1b9e23&rnd=30707
Requested by: Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.205.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-205-167.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 12:26:34 GMT
Cache-Control: max-age=0, no-cache="set-cookie"
Expires: Sun, 22 May 2022 12:26:34 UTC
Connection: keep-alive
Content-Length: 34
Content-Type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 23ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1082234411807748&ev=PageView&dl=https%3A%2F%2Fwww.ulstersavings.com%2F&rl=&if=false&ts=1653222394078&sw=1600&sh=1200&v=2.9.60&r=stable&ec=0&o=28&fbp=fb.1.1653222394077.596339973&it=1653222393940&coo=false&rqm=GET

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 22 May 2022 12:26:34 GMT

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
362 B 188ms
152ms Script
text/javascript 2606:4700:4400::6812:2a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=1000934278&prismid=0ad2cfc5-7d5a-4be0-9cc2-a2960a3e8e74&url=https%3A%2F%2Fwww.ulstersavings.com%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.1.33
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 70f58a7e0958cc62-ZRH
content-length: 0

GET
H/1.1 200
OK google.png
rtx-source-icons.s3.amazonaws.com/logos/ 21 KB
21 KB 424ms
113ms Image
image/png 52.216.82.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtx-source-icons.s3.amazonaws.com/logos/google.png
Requested by: Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.82.136 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe2359b285b3ce2da5d357bb4a7dcc0605e40e9e240f49f8818fad654b80f489

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 12:26:36 GMT
Last-Modified: Tue, 01 Mar 2022 22:04:58 GMT
Server: AmazonS3
x-amz-request-id: 7P58NZ42YR72VE89
ETag: "5f674840a25c44dc0a9dec115bc52b95"
Content-Type: image/png
x-amz-version-id: 3eXpND63Ys.Rm.gyCCisHGipUmf8hVpR
Accept-Ranges: bytes
Content-Length: 21427
x-amz-id-2: mcG7Eu7mSBv7izyiDWMbzcGVMo+yxTj7DzzgAEV3ToqHIATwJrN9Axr5x4h5r+VedvCfD0lmmlg=

GET
H/1.1 200
OK zillow.png
rtx-source-icons.s3.amazonaws.com/logos/ 6 KB
7 KB 443ms
116ms Image
image/png 52.216.82.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtx-source-icons.s3.amazonaws.com/logos/zillow.png
Requested by: Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.82.136 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 96d859e3e09478549b4055865befe2a63f269f00f243d0a91b5cff937d891820

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 12:26:36 GMT
Last-Modified: Tue, 01 Mar 2022 22:05:01 GMT
Server: AmazonS3
x-amz-request-id: 7P55Q71969E9YG49
ETag: "cd9a507bdd53dd9301fe1267a4d66b75"
Content-Type: image/png
x-amz-version-id: gy8UV1klqiOdGpk.zcCdRajHxayIUEud
Accept-Ranges: bytes
Content-Length: 6257
x-amz-id-2: Gqk1Ua8pYujoMNjNtZ621OWf5o2dwYD7j3huxcUHfDRpAIl0AvDzP6N6/z9hlagEQZApoNeIRF8=

GET
DATA 200
OK truncated
/ 12 KB
12 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47fd5651dc9ad05065b09e675c8a08b699a47b5edfec8b9cd0f3f1481871d5b1

Request headers

Referer
Origin: https://www.ulstersavings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0348a45a588870b5cbd837640910aa8eba75ceadc8a169bc173b2343536cd20f

Request headers

Referer
Origin: https://www.ulstersavings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/624293532/5d0de3a38acdf87a1ec1/12/ 32 B
312 B 302ms
103ms Script
text/javascript 35.171.118.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.callrail.com/companies/624293532/5d0de3a38acdf87a1ec1/12/swap.js
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.118.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-118-96.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-runtime: 0.008000
date: Sun, 22 May 2022 12:26:35 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
etag: W/"d18beba8a6db32dd84b24258cf6542ac"
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=3600, public
timing-allow-origin: *
x-request-id: 3d286fd6-cad9-402c-84e4-f1f52c1b6ed9

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
43 KB 54ms
25ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJJ3NMX

Requested by

Host: www.ulstersavings.com
URL: https://www.ulstersavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df35f235ecd8b0b89fb3666d91bfe2d8e734cbf5b47aacf981804abc844151d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43719
x-xss-protection: 0
last-modified: Sun, 22 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 22 May 2022 12:26:35 GMT

GET
H/1.1 200
OK tag Show response
s.thebrighttag.com/ 677 B
861 B 33ms
33ms Script
text/javascript 108.128.243.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag?site=9O7NXzt&H=zhcxkp&referrer=https%3A%2F%2Fwww.ulstersavings.com%2F&mode=v2&cf=6353484
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 108.128.243.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-243-153.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 274b10d44646e907d4dafc7d04b6699f6590f681e0ead70309d5e07b5b1d6f08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 May 2022 12:26:35 GMT
Content-Encoding: gzip
Server: nginx
ETag: a1f3cd31e5a8acbff19de3430217f45e
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: private, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript
X-BT-RequestId: 6b8f0900-d9ca-11ec-8e6e-0000ac150ab5
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
261 B 124ms
40ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=4z5yjh0&ct=0:03jnpei&fmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 12:26:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849852292/ 2 KB
1 KB 39ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849852292/?random=1653222395267&cv=9&fst=1653222393682&num=2&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ulstersavings.com%2F&tiba=Award%20Winning%20Bank%20%7C%20Mortgages%20%7C%20Commercial%20Loans%20%7C%20Full%20Service%20Banking%20-%20Ulster%20Savings%20Bank&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fae6866c32961e92374fb4d9a5e93f95f44c8393ce67e8e8bec62404ae8ba595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 12:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1051
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 168693370511101 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 68ms
68ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/168693370511101?v=2.9.60&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f44b8da0b86079969cb1915a4e498f79898e83063a7da2e34e4d7025dc1f2252

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: SUMZvVZqAcACj0fjv7nqWtFR3Fd34YoTdQ57cCdmXR6sH4OeDy5x88g81zNe1QjIO9nZLgLXsXsQ4KvJP2NRLw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 22 May 2022 12:26:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653222395356
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/849852292/ 42 B
64 B 42ms
23ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849852292/?random=1653222395267&cv=9&fst=1653220800000&num=2&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.ulstersavings.com%2F&tiba=Award%20Winning%20Bank%20%7C%20Mortgages%20%7C%20Commercial%20Loans%20%7C%20Full%20Service%20Banking%20-%20Ulster%20Savings%20Bank&fmt=3&is_vtc=1&random=4272046017&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 12:26:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/849852292/ 42 B
64 B 62ms
30ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/849852292/?random=1653222395267&cv=9&fst=1653220800000&num=2&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.ulstersavings.com%2F&tiba=Award%20Winning%20Bank%20%7C%20Mortgages%20%7C%20Commercial%20Loans%20%7C%20Full%20Service%20Banking%20-%20Ulster%20Savings%20Bank&fmt=3&is_vtc=1&random=4272046017&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 12:26:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 56ms
28ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=168693370511101&ev=PageView&dl=https%3A%2F%2Fwww.ulstersavings.com%2F&rl=&if=false&ts=1653222395414&sw=1600&sh=1200&v=2.9.60&r=stable&ec=0&o=30&fbp=fb.1.1653222394077.596339973&it=1653222393940&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 22 May 2022 12:26:35 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 10ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=168693370511101&ev=Microdata&dl=https%3A%2F%2Fwww.ulstersavings.com%2F&rl=&if=false&ts=1653222395917&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtAward%20Winning%20Bank%20%7C%20Mortgages%20%7C%20Commercial%20Loans%20%20%20%7C%20Full%20Service%20Banking%20-%20Ulster%20Savings%20Bank%5Cn%22%2C%22meta%3Adescription%22%3A%22Ulster%20Savings%20is%20a%20full%20service%2C%20local%20bank%20offering%20loans%2C%20insurance%2C%20investment%20services%2C%20payroll%2C%20tax%20and%20business%20solutions%20in%20the%20Hudson%20Valley.%22%2C%22meta%3Akeywords%22%3A%22Local%20Bank%2C%20Mortgages%2C%20Business%2C%20Banking%2C%20Loans%2C%20Checking%2C%20Savings%2C%20Auto%20Insurance%2C%20Home%20Insurance%2C%20Business%20Insurance%20%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A5728%2C%22w%22%3A1600%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22https%3A%2F%2Fschema.org%2FBankOrCreditUnion%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.60&r=stable&ec=1&o=30&fbp=fb.1.1653222394077.596339973&it=1653222393940&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 22 May 2022 12:26:35 GMT

GET
H2 200 Sunset-on-Field.jpg
www.ulstersavings.com/getmedia/b2484575-9c1e-4512-bb84-bbd26fd073cc/ 236 KB
236 KB 8ms
7ms Image
image/jpeg 192.124.249.11
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ulstersavings.com/getmedia/b2484575-9c1e-4512-bb84-bbd26fd073cc/Sunset-on-Field.jpg?width=1919&height=666&ext=.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.11 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10011.sucuri.net

Software

nginx /

Resource Hash

d5ae076fff6baf77a552c3d26bb755740220834b61538fd2cb37df77156d63f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ulstersavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:26:40 GMT
x-content-type-options: nosniff
x-aspnet-version
x-sucuri-cache: HIT
content-disposition: inline; filename="Sunset-on-Field.jpg"
content-length: 241206
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Jun 2021 19:08:22 GMT
server: nginx
etag: "6/7/2021 7:08:22 PM"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15011
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ulstersavings.com/	1970-01-20 11:59:18	Name: CMSPreferredCulture Value: en-US
www.ulstersavings.com/	1969-12-31 23:59:59	Name: CMSCsrfCookie Value: kHAbJwhBxleAhHR8HH7B2AW6bL11JrFq2NSBLr9F
.ulstersavings.com/	1970-01-21 03:13:42	Name: nmstat Value: 90731507-2e9c-1d90-5b88-774fc97ad6c6
.ulstersavings.com/	1970-01-20 05:23:18	Name: _fbp Value: fb.1.1653222394077.596339973
.facebook.com/	1970-01-20 05:23:18	Name: fr Value: 0glifdThplH7xoRic..Biiiv6...1.0.Biiiv6.
81180.global.siteimproveanalytics.io/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 1BF185CB12C799AC7E8F30E4356ECAB670474BBE58234E1749C0C8D9A92211750FA6F721F8E2D3F69F3A551DB2BAFD6CE8195FE27542029CF1A24ECE2DEC01625DB7FC442F
prism.app-us1.com/	1970-01-20 03:56:54	Name: prism_1000934278 Value: 0ad2cfc5-7d5a-4be0-9cc2-a2960a3e8e74
.ulstersavings.com/	1970-01-20 03:56:54	Name: prism_1000934278 Value: 0ad2cfc5-7d5a-4be0-9cc2-a2960a3e8e74
.doubleclick.net/	1970-01-20 12:35:18	Name: IDE Value: AHWqTUkH4_zU6JzLo8bE6XAxxIi6mhtfejhC8LpSuY-1XCXQd6F2_yWzSek7iFW9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

81180.global.siteimproveanalytics.io
ajax.googleapis.com
amplify.review-alerts.com
cdn.callrail.com
connect.facebook.net
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
maxcdn.bootstrapcdn.com
prism.app-us1.com
rtx-source-icons.s3.amazonaws.com
s.btstatic.com
s.thebrighttag.com
siteimproveanalytics.com
trackcmp.net
use.fontawesome.com
www.cgiappcontrol.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.ulstersavings.com
108.128.243.153
142.250.184.194
192.124.249.11
23.205.224.241
2600:9000:2057:d400:f:6110:c080:93a1
2606:4700:4400::6812:2a69
2606:4700::6811:925b
2606:4700::6812:acf
2a00:1450:4001:809::2004
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:831::2008
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3120::a
2a06:98c1:3121::a
35.171.118.96
52.216.82.136
52.223.40.198
54.93.205.167
67.207.158.33
0348a45a588870b5cbd837640910aa8eba75ceadc8a169bc173b2343536cd20f
041d3f134a5cd92ea6193a354125c4cc065e91771fc5ccd5d110974e414699b7
06d4046adc3390231abfdb7dbcc06661f213c5be297da06e8ee0387125182c42
088bfbdd4a9de1675989a23eec734b4c416760c6a2be754d19bb86fe26a04055
0bed5f9d339c67c0527fb4a11fb451618ca33a285c94be909b30606651f7e4b6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1ab7c2a847a600cc7e8275926fd0e2d1f18c4c2339ef29beb5b16a3d83289adc
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ed54258209e2d809a064fddc79091d10ea7de0816d20e25c403ed0a19237d6c
253f7bfffeb61b782010a54b3a253fc7d929698b6da0c8867ed2f59ee006d93a
274b10d44646e907d4dafc7d04b6699f6590f681e0ead70309d5e07b5b1d6f08
285960e47f30b8cc9350469773b3d1c62a2f983d3506438d33ceebc957d45a76
2ccb4a02cc986812cce433dfba76513f04fec996f68eb096d710af8541c47a00
2f2947a9eeaa574276a90553b8e2d68cb55652b293f94e833bd9b0ef22da1713
38c09533c1f920dab9d6ac9e1e294d6a2ff4fd88cf33cfd5e4f8c576219e4e2d
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3e7e1077af43eb636db3415442c10e3d720d928611409450cf91a50c82d7e361
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03
44692ab9b1618ad8d229527620bf07eeae839633fc2e83cdc8955bba870364f0
47fd5651dc9ad05065b09e675c8a08b699a47b5edfec8b9cd0f3f1481871d5b1
4a780b9cd9949ca424b48af95871e9223a87354e10f49996fd265818bc0d4a6f
4c353e2e1c11c20b546e76f0ed28e691f5cc68ad50423bfe405cfda1c4366a88
4d8eebc4bd577f31a4be0fe24d3791efc02ad6749c60d549114387e6feb32f76
4f1b520781ce5d8573511707e27c6b9af9c085bca5e885008540f08b8785aec4
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53f8cee96c98f609b04c43b4890779bc64182103651aef10ef1b29f8cfaa1e52
54db58defa8fe2014e349c0d65936bce94d35ec2b67784e92e6f7c53a4420838
57d1704d7a37b6eaa04c94523f43ea2a574be1ab7435d0182a587cdc4625d6ce
5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8
5d270804dd677e25580af2d9815c3e273105129516cb22d27f553457d522c30f
5dc8b7ffe7af7746d8f106a048d736dc7965e4eca3085181c8e723b8a15c05f7
5eed9af48af108e3c88f8e5d97c1fe8d877e472795c702fbcb5ced92a13f1a0d
5f021dfdb58c09f075d43b3b09761b6961aab0c065e3b06771e2e3f1f422e7c0
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
67ca1abd107c1c587489a06adc41ed3221a1b77048be449a076a5e93c93d2b98
6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3
7361d712ab6fa5d7f7dab429d559764c70534d0e789ca5356345851848b04226
83255bd1236449ace78985cf9a37eb2172eb40cd380906f476fdf8b5b279b9ab
85f6b9a4699846d05ccd9c777fa70177ef4276b045ba125ca393acac52a19c0d
88908dd0dca02007aa2b8fa808741c89397f51047da5b67da225460b4d225ece
895f492be4e7fcbe0f12090af4097a95d96b07157baacd9d8011c0a24e4dc947
8a9e4f2156ac31d3c8b748846ae2cda2e6089c96b25834c486efa7414d5dc959
8c0a1e06d440d3c85340223eb5a7267672cb5ce7eee77fb9f0d030f1b286e15f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9261d0c8f2efcf0f1f314ed01c5151362c6060d9147e9075ca59491eeca320ce
94ebd1fb05ebdeccd6219f02866b8be1777155648cadeb5e760323191ba94d62
958fb796b66a6f13e1009bd4d772c4507257a2aee312f99940d767330829f99d
96d859e3e09478549b4055865befe2a63f269f00f243d0a91b5cff937d891820
974868fd7e74662bac62a87d2696c8593ce76f8f9eebfcc1764ef64a310f10e2
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
9a5b3e6450477d6af030c9c9771510f4f13c39a2c1685bebbbbe413710615250
a90d15b8273a2c5a6bacdacd1005ab115c0c06178ef0ee45ea57e44ee36667e6
ac1a655367b02648fe8217ee11d1b272786605b78989ff614cb0beab5f6f547c
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
b89c7fca521054bfc5ce079912ee7c0e52c9ad55b9bb1c676b3083f32dcadac2
bb9b7e6d72e1a7b652c5f7507e9335ce41ea9c622c894fb6c0c139f8d8b41eab
c119564f5783394a6ae9feec8e7e8bbcb55c0af87f7fd9bd4c902ad595fb9b6b
c69c6655d615b3f61a89de50f9b836eb7ab5021c62427285d6f85d6ff1ccdb40
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
cafdf9d8d6b49c959f53911e53d65fd9d89bb0ce349a9e3b804559f644014fed
cb9957bbad4817731096ccbb0dcdb57f5d6136f7717ed0f4dd6399e35f44af31
cede917658f799db254e0af6ad5a677f32a79041351f1591abab5233dfe8cd51
d1522cfe23e7a8aee14addbcdc3aa1dc0b1f518a45ac213cfcf7ec23d0dce1f9
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d3db3a07cd01a325326de52822be97f34e9977ea6d2d3b90ae318f87c3daf374
d5ae076fff6baf77a552c3d26bb755740220834b61538fd2cb37df77156d63f1
df35f235ecd8b0b89fb3666d91bfe2d8e734cbf5b47aacf981804abc844151d2
e094e6e895c1b243ce91aece57c1fd817aef9acdbfc1a6225c8096f8864ba07c
e1f755183b0eb9b4198db2acf5d2c1039097385bffcac4a8fe16dff8962d6ee8
e25c3fe8275a8ce6140882bfd823d5433ebceae6eeba5629d18ba148cc79723e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee90f2f9fe6f07c2fa7a3c0a3efa069b3f7f3c8f9bad5871d0b7b4f8114699b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef833763374629be2800c183e7a26a35eb2236790c648d95ebc29a43b93402a5
f07087377ac3047e060a063525009035b75cd3473ac59aa32155056932a24c94
f44b8da0b86079969cb1915a4e498f79898e83063a7da2e34e4d7025dc1f2252
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fae6866c32961e92374fb4d9a5e93f95f44c8393ce67e8e8bec62404ae8ba595
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe2359b285b3ce2da5d357bb4a7dcc0605e40e9e240f49f8818fad654b80f489

www.ulstersavings.com Open in urlscan Pro 192.124.249.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

99 %HTTPS

63 %IPv6

23 Domains

25 Subdomains

25 IPs

3 Countries

2184 kBTransfer

3532 kBSize

9 Cookies

25 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ulstersavings.com Open in urlscan Pro
192.124.249.11 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

99 %
HTTPS

63 %
IPv6

23
Domains

25
Subdomains

25
IPs

3
Countries

2184 kB
Transfer

3532 kB
Size

9
Cookies

88 HTTP transactions
2 data transactions