www.qwertybank.com Open in urlscan Pro
2606:4700:3031::ac43:9c12 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.qwertybank.com/
Submission: On May 02 via automatic, source certstream-suspicious (May 2nd 2023, 1:10:44 pm UTC) — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3031::ac43:9c12, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.qwertybank.com.
TLS certificate: Issued by GTS CA 1P5 on April 29th 2023. Valid for: 3 months.

This is the only time www.qwertybank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3031::ac43:9c12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.251.157.207 34.251.157.207	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:249... 2600:9000:2490:9800:d:ada1:a280:93a1	16509 (AMAZON-02) (AMAZON-02)
3	13.32.99.20 13.32.99.20	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223e:6400:d:6b42:4ec0:93a1	16509 (AMAZON-02) (AMAZON-02)
14	6

1 2606:4700:3031::ac43:9c12 (United States)

ASN13335 (CLOUDFLARENET, US)

www.qwertybank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.157.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-157-207.eu-west-1.compute.amazonaws.com

blue-role-472133.framer.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2490:9800:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)

framerusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-20.fra60.r.cloudfront.net

events.framer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:6400:d:6b42:4ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.framerstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	framerusercontent.com framerusercontent.com — Cisco Umbrella Rank: 176842	178 KB
3	framer.com events.framer.com — Cisco Umbrella Rank: 233491	9 KB
1	framerstatic.com app.framerstatic.com — Cisco Umbrella Rank: 288563	20 KB
1	gstatic.com fonts.gstatic.com	32 KB
1	framer.app blue-role-472133.framer.app	7 KB
1	qwertybank.com www.qwertybank.com	657 B
14	6

	Domain	Requested by
7	framerusercontent.com	blue-role-472133.framer.app
3	events.framer.com	blue-role-472133.framer.app events.framer.com
1	app.framerstatic.com	blue-role-472133.framer.app
1	fonts.gstatic.com	blue-role-472133.framer.app
1	blue-role-472133.framer.app	www.qwertybank.com
1	www.qwertybank.com
14	6

This site contains no links.

Subject Issuer	Validity	Valid
qwertybank.com GTS CA 1P5	`2023-04-29` - `2023-07-28`	3 months	crt.sh
*.framer.app Amazon RSA 2048 M02	`2023-02-10` - `2023-10-22`	8 months	crt.sh
framerusercontent.com Amazon RSA 2048 M02	`2023-02-23` - `2024-02-15`	a year	crt.sh
events.framer.com Amazon RSA 2048 M01	`2023-04-26` - `2024-05-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
framerstatic.com Amazon RSA 2048 M01	`2023-02-23` - `2023-12-21`	10 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.qwertybank.com/
Frame ID: 223F95B0F3E26E91029D2F58D9D88C84
Requests: 1 HTTP requests in this frame

Frame: https://blue-role-472133.framer.app/
Frame ID: 3DFA768D959D432CE98E36A0AB83090A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

QWERTY Bank - Digital Excellence

Page Statistics

14
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

247 kB
Transfer

647 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.qwertybank.com/ 282 B
657 B 114ms
47ms Document
text/html 2606:4700:3031::ac43:9c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qwertybank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9c12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8698d989fdccd284a3561e891eb018ed46519daddce39ec605f2cca917669e64

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c108170184d3653-FRA
content-encoding: br
content-type: text/html
date: Tue, 02 May 2023 13:10:39 GMT
last-modified: Tue, 02 May 2023 12:15:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0e7UpRge0oYIWvnV0EGXmXoM68IdPjWq0jzUiONc2BNajohvccJCzmuh4u9e%2FRYG2bb48yFt4dU%2BCf6gs5Vvs%2B1pasGaYYjbD4Dy%2FvzOI7jhm2xtIi37jLknz3iqjQDNezVJKmWzVLGpIvIEkxWBsY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 / Show response
blue-role-472133.framer.app/ Frame 3DFA 70 KB
7 KB 345ms
51ms Document
text/html 34.251.157.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blue-role-472133.framer.app/

Requested by

Host: www.qwertybank.com
URL: https://www.qwertybank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.251.157.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-157-207.eu-west-1.compute.amazonaws.com

Software

Framer/1da0abb /

Resource Hash

11479ef6c2e8820851d5b8384b415f5eac6cc3aa84d188f34f03eed194a77281

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.qwertybank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-length: 7251
content-type: text/html
date: Tue, 02 May 2023 13:10:39 GMT
etag: "57885e88edf8b3c55168f55a2e165d48"
last-modified: Tue, 02 May 2023 12:32:34 GMT
link: <https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server: Framer/1da0abb
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: Cached
x-fallback: No Fallback
x-region: eu-west-1

GET
H2 200 chunk-YYRVEXEU.mjs Show response
framerusercontent.com/sites/1tQlGu12WNxXl2tKTLqpyg/ Frame 3DFA 343 KB
102 KB 95ms
26ms Script
text/javascript 2600:9000:2490:9800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1tQlGu12WNxXl2tKTLqpyg/chunk-YYRVEXEU.mjs

Requested by

Host: blue-role-472133.framer.app
URL: https://blue-role-472133.framer.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:9800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6d2a61075e369fb3fccf4a0cee4cd456ceda22cccf0cc8013ab66a7c36d22635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blue-role-472133.framer.app/
Origin: https://blue-role-472133.framer.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 13:09:18 GMT
x-amz-version-id: 1bRUbtb6rzaQw3_4e.10IOim51SMFzgt
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
age: 82
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 May 2023 12:32:34 GMT
server: CloudFront
etag: W/"96ace4373b781a02fb07167cb4d0dcdd"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
x-amz-cf-id: Mip_Ny2u6chZYjbs2MJJ_PfaVKX7eciqEXs-ABflScmhF5JDWxpIhA==

GET
H2 200 chunk-ELYU6EKT.mjs Show response
framerusercontent.com/sites/1tQlGu12WNxXl2tKTLqpyg/ Frame 3DFA 447 B
1 KB 131ms
62ms Script
text/javascript 2600:9000:2490:9800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1tQlGu12WNxXl2tKTLqpyg/chunk-ELYU6EKT.mjs

Requested by

Host: blue-role-472133.framer.app
URL: https://blue-role-472133.framer.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:9800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blue-role-472133.framer.app/
Origin: https://blue-role-472133.framer.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 13:09:18 GMT
x-amz-version-id: kO8Ple2jrraaCLl0_Klbr.UH3dlMeLgK
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 82
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 447
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 May 2023 12:32:34 GMT
server: CloudFront
etag: "bac0d5b5f6a61029b51079932ccda746"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
x-amz-cf-id: hnSKFhr0CKyg47f4xnnNi9DZi40OzmVoNVICbrOtqSB0-zcl9NnR-Q==

GET
H2 200 gSnl4aEYeBzrVFSh-J4V6qwNJkgyGuLmEb3bd_nPhkU.2YL6CGZB.mjs Show response
framerusercontent.com/sites/1tQlGu12WNxXl2tKTLqpyg/ Frame 3DFA 13 KB
4 KB 98ms
29ms Script
text/javascript 2600:9000:2490:9800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1tQlGu12WNxXl2tKTLqpyg/gSnl4aEYeBzrVFSh-J4V6qwNJkgyGuLmEb3bd_nPhkU.2YL6CGZB.mjs

Requested by

Host: blue-role-472133.framer.app
URL: https://blue-role-472133.framer.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:9800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6e121e924a0a730adb4d691464871b333b7ea2f7eff5fded349918f3a4b07641

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blue-role-472133.framer.app/
Origin: https://blue-role-472133.framer.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 13:09:18 GMT
x-amz-version-id: nYHa6TZ.pkfYftYnrjMUQXjOSlB7i_Oc
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
age: 81
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 May 2023 12:32:34 GMT
server: CloudFront
etag: W/"e7d5b7b4c46c0751b49c98122ee2b1fa"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
x-amz-cf-id: skMXTGKhu4mPfOLsdRaOhz1eIY13mitrJdgghhEAY8hkXZ7nI--UYg==

GET
H2 200 chunk-VG6OLKLP.mjs Show response
framerusercontent.com/sites/1tQlGu12WNxXl2tKTLqpyg/ Frame 3DFA 710 B
1 KB 132ms
63ms Script
text/javascript 2600:9000:2490:9800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1tQlGu12WNxXl2tKTLqpyg/chunk-VG6OLKLP.mjs

Requested by

Host: blue-role-472133.framer.app
URL: https://blue-role-472133.framer.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:9800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

399a44f9f682de51fe0b37ebedf8558ae0c788ce5404731d15689b5152be98c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blue-role-472133.framer.app/
Origin: https://blue-role-472133.framer.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 13:09:19 GMT
x-amz-version-id: FyMlijn1.w2X6tBiIz0fWItLnE5r82IN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 81
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 710
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 May 2023 12:32:34 GMT
server: CloudFront
etag: "a9d797029662910bb82210251ba3735d"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
x-amz-cf-id: wD9KUByEHDi1do3M-nwtX7KJNT07Zrx85RAQiGFwVDyJIBPzztJ4UA==

GET
H2 200 chunk-BWK2KCWL.mjs Show response
framerusercontent.com/sites/1tQlGu12WNxXl2tKTLqpyg/ Frame 3DFA 736 B
1 KB 139ms
70ms Script
text/javascript 2600:9000:2490:9800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1tQlGu12WNxXl2tKTLqpyg/chunk-BWK2KCWL.mjs

Requested by

Host: blue-role-472133.framer.app
URL: https://blue-role-472133.framer.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:9800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ee68ddb1e5dab24fa6647997510118a9dac7b27da2cfb1b954cc6916edd91eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blue-role-472133.framer.app/
Origin: https://blue-role-472133.framer.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 13:09:19 GMT
x-amz-version-id: dbGY.Ryt.z_GgU8jCz2Dlgn7Y5XU8snh
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 81
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 736
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 May 2023 12:32:34 GMT
server: CloudFront
etag: "cd57ebc2564badfe26ae494014957711"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
x-amz-cf-id: ngBjm8u0VvmFl88ryuG3Cfh6OvX94acZSGDgHjqWrMmVK2ctGYFGbQ==

GET
H2 200 script Show response
events.framer.com/ Frame 3DFA 9 KB
9 KB 433ms
376ms Script
text/javascript 13.32.99.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/script
Requested by: Host: blue-role-472133.framer.app
URL: https://blue-role-472133.framer.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-20.fra60.r.cloudfront.net
Software: /
Resource Hash: 40084e97f37857069f4feadda6040773f2a60a2710fd05ee4fe341420dbdc9f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blue-role-472133.framer.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 13:10:40 GMT
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 8970
x-amz-cf-pop: FRA60-P3
x-amzn-trace-id: Root=1-64510bd0-3ee1ec8106e6bca854b67bf2
x-amzn-requestid: c38c7eb9-a47a-402d-82d7-76ae51d37029
x-cache: Miss from cloudfront
content-type: text/javascript
timestamp: Tue, 02 May 2023 13:09:04 GMT
x-amz-apigw-id: ES7IjEnHIAMF-FQ=
content-length: 8970
x-amz-cf-id: 9znjXpS9MwfEDaKq1Ys4tBwUkcGxtJxc6Olo25y1_l4SwbWcoWSmyA==

GET
H2 200 JTTdZra5wxa5h66fJ6xcdSrhck.jpg
framerusercontent.com/images/ Frame 3DFA 25 KB
25 KB 69ms
24ms Image
image/webp 2600:9000:2490:9800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://framerusercontent.com/images/JTTdZra5wxa5h66fJ6xcdSrhck.jpg?scale-down-to=2048
Requested by: Host: blue-role-472133.framer.app
URL: https://blue-role-472133.framer.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:9800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ede386752d5535ec7a58b81ac76f955bb827fff7ad611efdf991a3e0f76e09cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blue-role-472133.framer.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:06:59 GMT
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 18939820
x-amzn-requestid: c21ff3d2-7fbb-46fe-a42e-5ec6a9ee8979
x-amzn-trace-id: root=1-63300c22-049f11a5179e71a773e93a12;sampled=1
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
alt-svc: h3=":443"; ma=86400
content-length: 25586
x-amz-cf-id: DiUecpLLfKPNGR_ZxxnzJogp_ht2o5WvFUE3gic_IEXC6Y9zNsXUaA==

GET
H2 200 _script0.ZQ7XXSH7.mjs Show response
framerusercontent.com/sites/1tQlGu12WNxXl2tKTLqpyg/ Frame 3DFA 134 KB
42 KB 130ms
65ms Script
text/javascript 2600:9000:2490:9800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1tQlGu12WNxXl2tKTLqpyg/_script0.ZQ7XXSH7.mjs

Requested by

Host: blue-role-472133.framer.app
URL: https://blue-role-472133.framer.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:9800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

69ea5b7522ba09b7360052cc704038965af9429fbd72c647ed02d0cdc93a57cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blue-role-472133.framer.app/
Origin: https://blue-role-472133.framer.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 13:09:17 GMT
x-amz-version-id: YJgo56c8CX8DA0yz8KekJ6V4NoqgBlqj
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
age: 83
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 May 2023 12:32:33 GMT
server: CloudFront
etag: W/"685aaa71f096713a8138bc84486b9fcc"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
x-amz-cf-id: tmbUy-9DBPl0oxeREb2eoPKz9AKJ5cxEtO57GOhggSSksqzOUmTc1A==

GET
H2 200 QGYvz_MVcBeNP4NJtEtq.woff2
fonts.gstatic.com/s/outfit/v11/ Frame 3DFA 32 KB
32 KB 73ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/outfit/v11/QGYvz_MVcBeNP4NJtEtq.woff2

Requested by

Host: blue-role-472133.framer.app
URL: https://blue-role-472133.framer.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45447a2b45991ea4e67ff0866444ca07fcf62c28dbfd5fa072ab76d3d0c46390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blue-role-472133.framer.app/
Origin: https://blue-role-472133.framer.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 19:30:18 GMT
x-content-type-options: nosniff
age: 409221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32272
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 23:30:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Apr 2024 19:30:18 GMT

GET
H2 200 Inter-Bold.latin-UCM45LQF.woff2
app.framerstatic.com/ Frame 3DFA 20 KB
20 KB 96ms
24ms Font
font/woff2 2600:9000:223e:6400:d:6b42:4ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.framerstatic.com/Inter-Bold.latin-UCM45LQF.woff2

Requested by

Host: blue-role-472133.framer.app
URL: https://blue-role-472133.framer.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:6400:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e7c0f0baf495ababe3f877837b419d6e3386ea06f7f39e66c34b1d639e55a5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blue-role-472133.framer.app/
Origin: https://blue-role-472133.framer.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 10:20:55 GMT
x-amz-version-id: null
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 4243785
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20000
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 14 Mar 2023 10:19:13 GMT
server: CloudFront
etag: "463f0c722a07aa2be781488e9fc88aca"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: CZecgZecKFxQdmzleNWFAFzAVg5nmrsqMQ2rdEzNpEK_KdLvzMedEg==

POST
H2 200 anonymous
events.framer.com/ Frame 3DFA 0
0 384ms
383ms Fetch
application/json 13.32.99.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: events.framer.com
URL: https://events.framer.com/script
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-20.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://blue-role-472133.framer.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 02 May 2023 13:10:40 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amzn-trace-id: Root=1-64510bd0-2d4655c53e5131495d1010c0;Sampled=1;lineage=c457ad49:0
x-amzn-requestid: 5f1c7a21-c44e-4d07-a426-66009dcfad90
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: ES7IrEsKoAMFoiQ=
content-length: 0
x-amz-cf-id: cTp46zaLXlloy-gmxjEWFj9BXHpQvyNHqMgTZnRLr2EXXVkGNT-yUA==

OPTIONS
H2 200 anonymous
events.framer.com/ Frame 0
0 338ms
297ms Preflight
application/json 13.32.99.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-20.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://blue-role-472133.framer.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 02 May 2023 13:10:40 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-apigw-id: ES7IoHyfoAMFSLg=
x-amz-cf-id: q1AggNT4eVhDDUQgfPgQn-Y6liAnk6aPppMmuJn6xxDVW9M_f_ODTw==
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: 30492cba-10ee-4156-995c-6d6da5ad66b8
x-cache: Miss from cloudfront

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.framerstatic.com
blue-role-472133.framer.app
events.framer.com
fonts.gstatic.com
framerusercontent.com
www.qwertybank.com
13.32.99.20
2600:9000:223e:6400:d:6b42:4ec0:93a1
2600:9000:2490:9800:d:ada1:a280:93a1
2606:4700:3031::ac43:9c12
2a00:1450:4001:831::2003
34.251.157.207
11479ef6c2e8820851d5b8384b415f5eac6cc3aa84d188f34f03eed194a77281
399a44f9f682de51fe0b37ebedf8558ae0c788ce5404731d15689b5152be98c9
40084e97f37857069f4feadda6040773f2a60a2710fd05ee4fe341420dbdc9f0
45447a2b45991ea4e67ff0866444ca07fcf62c28dbfd5fa072ab76d3d0c46390
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
69ea5b7522ba09b7360052cc704038965af9429fbd72c647ed02d0cdc93a57cc
6d2a61075e369fb3fccf4a0cee4cd456ceda22cccf0cc8013ab66a7c36d22635
6e121e924a0a730adb4d691464871b333b7ea2f7eff5fded349918f3a4b07641
8698d989fdccd284a3561e891eb018ed46519daddce39ec605f2cca917669e64
e7c0f0baf495ababe3f877837b419d6e3386ea06f7f39e66c34b1d639e55a5d5
ede386752d5535ec7a58b81ac76f955bb827fff7ad611efdf991a3e0f76e09cc
ee68ddb1e5dab24fa6647997510118a9dac7b27da2cfb1b954cc6916edd91eec

www.qwertybank.com Open in urlscan Pro 2606:4700:3031::ac43:9c12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

14 Requests

100 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

247 kBTransfer

647 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

www.qwertybank.com Open in urlscan Pro
2606:4700:3031::ac43:9c12 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

247 kB
Transfer

647 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions