hc-cmd2020.screen-viewer.de Open in urlscan Pro
83.138.84.139 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://digimaine.com/matt/dc//
Effective URL:
https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html
Submission: On October 18 via manual (October 18th 2022, 5:25:35 pm UTC) from US — Scanned from DE

Summary HTTP 51 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 51 HTTP transactions. The main IP is 83.138.84.139, located in Germany and belongs to HOSTNET-DE-AS, DE. The main domain is hc-cmd2020.screen-viewer.de.
TLS certificate: Issued by R3 on October 10th 2022. Valid for: 3 months.

This is the only time hc-cmd2020.screen-viewer.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	192.254.251.158 192.254.251.158	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	83.138.84.139 83.138.84.139	34895 (HOSTNET-D...) (HOSTNET-DE-AS)
13	23.205.230.68 23.205.230.68	16625 (AKAMAI-AS) (AKAMAI-AS)
1	45.60.243.223 45.60.243.223	19551 (INCAPSULA) (INCAPSULA)
13	91.235.133.67 91.235.133.67	30286 (THM) (THM)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
51	9

1 192.254.251.158 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-251-158.unifiedlayer.com

digimaine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.138.84.139 (Germany)

ASN34895 (HOSTNET-DE-AS, DE)
PTR: nemire.han-solo.net

hc-cmd2020.screen-viewer.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.205.230.68 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-230-68.deploy.static.akamaitechnologies.com

firstbankpr.ebanking-services.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.243.223 (United States)

ASN19551 (INCAPSULA, US)

www.1firstbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 91.235.133.67 (United States)

ASN30286 (THM, US)

content.ebanking-services.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ois.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

qn4omaj3h7izwtremalbfgv3454xsby6yosizaggc524cd051ebfe3d8am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	ebanking-services.com firstbankpr.ebanking-services.com content.ebanking-services.com — Cisco Umbrella Rank: 49191	208 KB
3	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 3363 qn4omaj3h7izwtremalbfgv3454xsby6yosizaggc524cd051ebfe3d8am1.e.aa.online-metrix.net	16 KB
1	ois.is ois.is — Cisco Umbrella Rank: 348968 Failed
1	1firstbank.com www.1firstbank.com
1	screen-viewer.de hc-cmd2020.screen-viewer.de	2 KB
1	digimaine.com digimaine.com	299 B
51	6

	Domain	Requested by
13	content.ebanking-services.com	hc-cmd2020.screen-viewer.de content.ebanking-services.com
13	firstbankpr.ebanking-services.com	hc-cmd2020.screen-viewer.de
2	h.online-metrix.net	content.ebanking-services.com
1	qn4omaj3h7izwtremalbfgv3454xsby6yosizaggc524cd051ebfe3d8am1.e.aa.online-metrix.net
1	ois.is
1	www.1firstbank.com	hc-cmd2020.screen-viewer.de
1	hc-cmd2020.screen-viewer.de	digimaine.com
1	digimaine.com
51	8

This site contains links to these domains. Also see Links.

Domain
www.firstbankpr.com

Subject Issuer	Validity	Valid
www.22bling.digimaine.com R3	`2022-09-16` - `2022-12-15`	3 months	crt.sh
hc-cmd2020.screen-viewer.de R3	`2022-10-10` - `2023-01-08`	3 months	crt.sh
*.ebanking-services.com Sectigo RSA Organization Validation Secure Server CA	`2021-11-22` - `2022-11-22`	a year	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-08-17` - `2023-02-13`	6 months	crt.sh
content.fisglobal.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-21` - `2023-04-21`	a year	crt.sh
*.ois.is E1	`2022-08-31` - `2022-11-29`	3 months	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-12-28` - `2023-01-23`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2022-06-08` - `2023-07-10`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html
Frame ID: DF1131801A164B1841CB73D6DE849B5D
Requests: 45 HTTP requests in this frame

Frame: https://content.ebanking-services.com/fp/ls_fp.html;CIS3SID=3F844CD705E4A0E9443DDAB16743C78A?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1
Frame ID: A121EBF7F08CD88E2E6587F02CBBFAC5
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=3F844CD705E4A0E9443DDAB16743C78A?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1
Frame ID: B8E96E721926CCFEEBCBB99C4E18E22C
Requests: 2 HTTP requests in this frame

Frame: https://content.ebanking-services.com/fp/top_fp.html;CIS3SID=3F844CD705E4A0E9443DDAB16743C78A?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1
Frame ID: 3A1CE191C223127B464A4D5764DDE347
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FirstBank Puerto Rico |

Page URL History Show full URLs

https://digimaine.com/matt/dc// Page URL
https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

65 %
HTTPS

13 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

227 kB
Transfer

1138 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.firstbankpr.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://digimaine.com/matt/dc// Page URL
https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://hc-cmd2020.screen-viewer.de/eam/Branding/SmartBanner?appId=beb HTTP 302
https://ois.is/images/logo.png

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
digimaine.com/matt/dc// 235 B
299 B 614ms
196ms Document
text/html 192.254.251.158
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://digimaine.com/matt/dc//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.251.158 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-251-158.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 183
content-type: text/html
date: Tue, 18 Oct 2022 17:25:28 GMT
last-modified: Tue, 18 Oct 2022 14:29:29 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 Primary Request digit.html Show response
hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/ 6 KB
2 KB 820ms
28ms Document
text/html 83.138.84.139
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html

Requested by

Host: digimaine.com
URL: https://digimaine.com/matt/dc//

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.84.139 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

nemire.han-solo.net

Software

Apache /

Resource Hash

c331371c86243d70bccf684a70a215b8da9027035ebdb158b4f2b84afe846d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://digimaine.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0,private,no-store,no-cache,must-revalidate
content-encoding: gzip
content-length: 2001
content-type: text/html
date: Tue, 18 Oct 2022 17:25:31 GMT
last-modified: Tue, 18 Oct 2022 10:28:24 GMT
server: Apache
strict-transport-security: max-age=15768000
vary: Accept-Encoding,User-Agent

GET
H2 200 bootstrap.min.css
firstbankpr.ebanking-services.com/eam/content/ 160 KB
27 KB 169ms
27ms Stylesheet
text/css 23.205.230.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://firstbankpr.ebanking-services.com/eam/content/bootstrap.min.css?ver=63.3.7.2

Requested by

Host: hc-cmd2020.screen-viewer.de
URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.230.68 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-230-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 17:25:29 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 27093
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cteonnt-length: 163873
pragma: no-cache
last-modified: Thu, 06 Oct 2022 11:17:06 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex
expires: Tue, 18 Oct 2022 17:25:29 GMT

GET
H2 200 eam.css
firstbankpr.ebanking-services.com/eam/content/ 8 KB
3 KB 188ms
46ms Stylesheet
text/css 23.205.230.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://firstbankpr.ebanking-services.com/eam/content/eam.css?ver=63.3.7.2

Requested by

Host: hc-cmd2020.screen-viewer.de
URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.230.68 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-230-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

9dd6af02f945ed7765bfc88e04b16aff75a8620fd5fd364641de64eb75ef6ca3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 17:25:29 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 2245
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cteonnt-length: 7978
pragma: no-cache
last-modified: Thu, 06 Oct 2022 11:17:06 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex
expires: Tue, 18 Oct 2022 17:25:29 GMT

GET
H2 200 fis-icon-font.css
firstbankpr.ebanking-services.com/eam/content/ 7 KB
2 KB 189ms
48ms Stylesheet
text/css 23.205.230.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://firstbankpr.ebanking-services.com/eam/content/fis-icon-font.css?ver=63.3.7.2

Requested by

Host: hc-cmd2020.screen-viewer.de
URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.230.68 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-230-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3790f7c4529b36b898a0ec7942cf3cb9837b76b5622fa97fe1d108d8ad1fb51

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 17:25:29 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 1713
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cteonnt-length: 7219
pragma: no-cache
last-modified: Thu, 06 Oct 2022 11:17:06 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex
expires: Tue, 18 Oct 2022 17:25:29 GMT

GET
H2 200 BankStyles.css
firstbankpr.ebanking-services.com/Eam/styles/beb_app/firstbankpr/ 163 B
530 B 197ms
55ms Stylesheet
text/css 23.205.230.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://firstbankpr.ebanking-services.com/Eam/styles/beb_app/firstbankpr/BankStyles.css?151154

Requested by

Host: hc-cmd2020.screen-viewer.de
URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.230.68 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-230-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

b24c20afb93085fa1db0eacd4ec00150b1d0699e056525bd61e241209bfcaba3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 17:25:29 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
ntcoent-length: 163
content-length: 109
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Mon, 14 Oct 2013 19:11:54 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex
expires: Tue, 18 Oct 2022 17:25:29 GMT

GET
H2 200 popper.min.js Show response
firstbankpr.ebanking-services.com/eam/Scripts/umd/ 21 KB
8 KB 219ms
77ms Script
application/javascript 23.205.230.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://firstbankpr.ebanking-services.com/eam/Scripts/umd/popper.min.js?ver=63.3.7.2

Requested by

Host: hc-cmd2020.screen-viewer.de
URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.230.68 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-230-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 17:25:29 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 7503
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Thu, 06 Oct 2022 11:17:08 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex
expires: Tue, 18 Oct 2022 17:25:29 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
firstbankpr.ebanking-services.com/eam/Scripts/ 87 KB
31 KB 248ms
107ms Script
application/javascript 23.205.230.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://firstbankpr.ebanking-services.com/eam/Scripts/jquery-3.6.0.min.js?ver=63.3.7.2

Requested by

Host: hc-cmd2020.screen-viewer.de
URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.230.68 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-230-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 17:25:29 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 30902
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Thu, 06 Oct 2022 11:17:06 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex
expires: Tue, 18 Oct 2022 17:25:29 GMT

GET
H2 200 bootstrap.min.js Show response
firstbankpr.ebanking-services.com/eam/Scripts/ 58 KB
16 KB 244ms
103ms Script
application/javascript 23.205.230.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://firstbankpr.ebanking-services.com/eam/Scripts/bootstrap.min.js?ver=63.3.7.2

Requested by

Host: hc-cmd2020.screen-viewer.de
URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.230.68 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-230-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 17:25:29 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 16361
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Thu, 06 Oct 2022 11:17:06 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex
expires: Tue, 18 Oct 2022 17:25:29 GMT

GET
H2 200 eam.js Show response
firstbankpr.ebanking-services.com/eam/Scripts/ 8 KB
3 KB 227ms
86ms Script
application/javascript 23.205.230.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://firstbankpr.ebanking-services.com/eam/Scripts/eam.js?ver=63.3.7.2

Requested by

Host: hc-cmd2020.screen-viewer.de
URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.230.68 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-230-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

65ebfd9959e1da50a30d75000d2750acad85763db4edf0d7638cfe91946d81f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 17:25:29 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 2585
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Thu, 06 Oct 2022 11:17:06 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex
expires: Tue, 18 Oct 2022 17:25:29 GMT

GET
H2 200 eam-visual-validator.js Show response
firstbankpr.ebanking-services.com/eam/Scripts/ 15 KB
3 KB 278ms
138ms Script
application/javascript 23.205.230.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://firstbankpr.ebanking-services.com/eam/Scripts/eam-visual-validator.js?ver=63.3.7.2

Requested by

Host: hc-cmd2020.screen-viewer.de
URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.230.68 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-230-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

e2da9dbaa6aa40064db752185aa519baab214e8744d25c7e54ca81e6e74a156f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 17:25:29 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 2733
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Thu, 06 Oct 2022 11:17:06 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex
expires: Tue, 18 Oct 2022 17:25:29 GMT

GET
H2 200 jquery.smartbanner.min.css
firstbankpr.ebanking-services.com/eam/content/ 4 KB
2 KB 207ms
67ms Stylesheet
text/css 23.205.230.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://firstbankpr.ebanking-services.com/eam/content/jquery.smartbanner.min.css?ver=63.3.7.2

Requested by

Host: hc-cmd2020.screen-viewer.de
URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.230.68 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-230-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

dc185842b05b2ecafcf8a1b69c250d8713d9a7b4ea8568191a3707d0ce5a91e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 17:25:29 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 1238
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cteonnt-length: 4580
pragma: no-cache
last-modified: Thu, 06 Oct 2022 11:17:06 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex
expires: Tue, 18 Oct 2022 17:25:29 GMT

GET
H2 200 jquery.smartbanner.min.js Show response
firstbankpr.ebanking-services.com/eam/scripts/ 6 KB
3 KB 270ms
129ms Script
application/javascript 23.205.230.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://firstbankpr.ebanking-services.com/eam/scripts/jquery.smartbanner.min.js?ver=63.3.7.2

Requested by

Host: hc-cmd2020.screen-viewer.de
URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.230.68 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-230-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

27104fbc23ca3de74dad61de167bb91debb6533bedb5dc5148838f8f9e565d04

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 17:25:29 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 2152
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Thu, 06 Oct 2022 11:17:06 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex
expires: Tue, 18 Oct 2022 17:25:29 GMT

GET
H2 200 threat-metrix-config.js Show response
firstbankpr.ebanking-services.com/Eam/Scripts/ 1 KB
806 B 259ms
119ms Script
application/javascript 23.205.230.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://firstbankpr.ebanking-services.com/Eam/Scripts/threat-metrix-config.js

Requested by

Host: hc-cmd2020.screen-viewer.de
URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.230.68 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-230-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

fafc1c6627bf0a4048f2f921a71b7c7967c9f28bad2ce831d13f5a4a1818b9f4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 17:25:29 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 390
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Thu, 06 Oct 2022 11:17:08 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex
expires: Tue, 18 Oct 2022 17:25:29 GMT

GET
H2 200 header.css
www.1firstbank.com/oss/css/ 0
0 947ms
632ms Stylesheet
text/html 45.60.243.223
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1firstbank.com/oss/css/header.css
Requested by: Host: hc-cmd2020.screen-viewer.de
URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.243.223 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 FB_FrstBnk_NT_2CP_new.gif
firstbankpr.ebanking-services.com/Eam/Styles/beb_App/firstbankpr/ 1 KB
1 KB 91ms
90ms Image
image/gif 23.205.230.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://firstbankpr.ebanking-services.com/Eam/Styles/beb_App/firstbankpr/FB_FrstBnk_NT_2CP_new.gif

Requested by

Host: hc-cmd2020.screen-viewer.de
URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.230.68 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-230-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

cd711199b3a924ebb72acb5ac1f7aa05ebe3a0699bc2539970de82fbc3a5c8b6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ua-compatible: IE=edge
pragma: no-cache
content-security-policy: frame-ancestors 'self'
date: Tue, 18 Oct 2022 17:25:29 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Thu, 09 Jan 2014 16:31:10 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex
content-length: 1110
x-xss-protection: 1; mode=block
expires: Tue, 18 Oct 2022 17:25:29 GMT

GET
H/1.1 200
OK clear.png
content.ebanking-services.com/fp/ 81 B
475 B 116ms
27ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.ebanking-services.com/fp/clear.png?org_id=qn4omaj3&session_id=BF9070387C5A43EE916271059EEB91D9&m=2

Requested by

Host: hc-cmd2020.screen-viewer.de
URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Oct 2022 17:25:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js Show response
content.ebanking-services.com/fp/ 444 KB
78 KB 124ms
35ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.ebanking-services.com/fp/check.js?org_id=qn4omaj3&session_id=BF9070387C5A43EE916271059EEB91D9&pageid=1

Requested by

Host: hc-cmd2020.screen-viewer.de
URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

11dd4540a701c84241bd540d5361bdcb105a766ad134093aa140a47439d792d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Oct 2022 17:25:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
content.ebanking-services.com/fp/ 81 B
474 B 26ms
26ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.ebanking-services.com/fp/clear.png?org_id=qn4omaj3&session_id=BF9070387C5A43EE916271059EEB91D9&m=1

Requested by

Host: hc-cmd2020.screen-viewer.de
URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Oct 2022 17:25:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

logo.png
ois.is/images/
Redirect Chain

https://hc-cmd2020.screen-viewer.de/eam/Branding/SmartBanner?appId=beb
https://ois.is/images/logo.png

0
0

OPTIONS
H2 200 logo.png
ois.is/images/ Frame 0
0 173ms
95ms Preflight
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ois.is/images/logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://hc-cmd2020.screen-viewer.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75c2f93fdb209131-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 17:25:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fou3ngjD%2B2fAuzOzxE56rCoEeX4BCevfpIOoCy7npaaP%2FeWlgfVQZNqdLOB%2BBcsUKSIBxTuV%2BAjvzu926B6n8%2BD639GIe%2FTkdL%2FFuIthGKxK5WXdCeFL%2FX%2BmV5gGtIC3ycytl9k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H/1.1 200
OK clear.png Show response
content.ebanking-services.com/fp/ 81 B
543 B 78ms
26ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.ebanking-services.com/fp/clear.png

Requested by

Host: content.ebanking-services.com
URL: https://content.ebanking-services.com/fp/check.js?org_id=qn4omaj3&session_id=BF9070387C5A43EE916271059EEB91D9&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, qn4omaj3/c524cd051ebfe3d8bf9070387c5a43ee916271059eeb91d9
Referer: https://hc-cmd2020.screen-viewer.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 17:25:30 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 18 Oct 2022 17:25:30 GMT
Server: Apache
Etag: 60656cce51c641a29912da1b657e7994
Content-Type: image/png
Access-Control-Allow-Origin: https://hc-cmd2020.screen-viewer.de
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sun, 17 Oct 2027 17:25:30 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=3F844CD705E4A0E9443DDAB16743C78A Show response
content.ebanking-services.com/fp/ Frame A121 90 KB
13 KB 30ms
29ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.ebanking-services.com/fp/ls_fp.html;CIS3SID=3F844CD705E4A0E9443DDAB16743C78A?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1

Requested by

Host: content.ebanking-services.com
URL: https://content.ebanking-services.com/fp/check.js?org_id=qn4omaj3&session_id=BF9070387C5A43EE916271059EEB91D9&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

65970415fbacd91bf37477ab242d091ecab5672b6b2b4c99a59ebaf9a12def22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hc-cmd2020.screen-viewer.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 18 Oct 2022 17:25:30 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
content.ebanking-services.com/fp/ 0
387 B 28ms
28ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.ebanking-services.com/fp/clear.png?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1&jb=31342e6c71613f3864326530356130373f313436613639396a31363b6c34646c36373f3660623b

Requested by

Host: content.ebanking-services.com
URL: https://content.ebanking-services.com/fp/check.js?org_id=qn4omaj3&session_id=BF9070387C5A43EE916271059EEB91D9&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Oct 2022 17:25:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=3F844CD705E4A0E9443DDAB16743C78A Show response
h.online-metrix.net/fp/ Frame B8E9 104 KB
15 KB 95ms
31ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=3F844CD705E4A0E9443DDAB16743C78A?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1

Requested by

Host: content.ebanking-services.com
URL: https://content.ebanking-services.com/fp/check.js?org_id=qn4omaj3&session_id=BF9070387C5A43EE916271059EEB91D9&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

df092208a96e4ba8663cbdc79fa88a12f470b4639c80516ed6515a85741efab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hc-cmd2020.screen-viewer.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 18 Oct 2022 17:25:30 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
content.ebanking-services.com/fp/ 0
387 B 26ms
26ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.ebanking-services.com/fp/clear.png?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1&jd=37372e2668666c3531246a66683f39393e313533646266393f3337673b36376a63353d346062313160613432633a266a6e746c3f323a37333233

Requested by

Host: content.ebanking-services.com
URL: https://content.ebanking-services.com/fp/check.js?org_id=qn4omaj3&session_id=BF9070387C5A43EE916271059EEB91D9&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Oct 2022 17:25:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK top_fp.html;CIS3SID=3F844CD705E4A0E9443DDAB16743C78A Show response
content.ebanking-services.com/fp/ Frame 3A1C 90 KB
14 KB 30ms
29ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.ebanking-services.com/fp/top_fp.html;CIS3SID=3F844CD705E4A0E9443DDAB16743C78A?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1

Requested by

Host: content.ebanking-services.com
URL: https://content.ebanking-services.com/fp/check.js?org_id=qn4omaj3&session_id=BF9070387C5A43EE916271059EEB91D9&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

b0b38445c13c0060028559d3099f7061854e409e2603d0ef5d9c1b99b0dc8271

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hc-cmd2020.screen-viewer.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 18 Oct 2022 17:25:30 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
content.ebanking-services.com/fp/ 0
218 B 29ms
29ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.ebanking-services.com/fp/clear.png?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1&ja=333a3c372426613532247a3d3024663d393632327a3132303826616435313638327a39323230247b7a7b3d307832266478723f332e313630382c313038302c393432382c333232382e333630302e313238302e333430302c3932303224302c38246f7c3d63383a3a63606364633537646c6666643b6561383c3131363f30366a3b633f61246d6c3536247363643f32342e6c6a3f6a7474707b2533432d32462d304460632f636f6c303232302e7163726d656c2f746965776d722e666d25324e757225696c636e7d666773253244536965706e67526965253a464e677c25324e616661726625304e666b6769742c6874656c2466703d68747c7073273b41253a44273a46666965616f63696e652c636f6525304424706c3d3b26706a3537386e303a69613462616e606731313360373330376367326433626c6232663c2668603f36383666303a3e37353533623766393c37673b37306662313938673d656439662462736d3d55616c666f77732732303930246871623d4360726f6f6d25323833323e2668736d7d3f55696e646d77732e6a7160773d43687a6f6d672e6e686b3f362e6e666d3f3024767a643d4774632d3244576c6b6e6f7f6e266f6974687a3f3638303164336b30606563303065366b63373432303832696431373d34303964663c353a38333c33663665616332346c633b36636662643f3233333b31393e6324783d726c776f6b6c5f666c6373682d354764636c736529706c776f696e57756b66646d7771576f676469615d706c6979677027354566696c736729706c7d656b665f63646d6a675d6163726d62617c25374764616c736d21706e7d6769665d737d69616b76616f6725354564616c7b6523726e756769665f736a67636b7f63746d25374564696e716521706e7567616e5d7067616c70646179677a25354d64636473672172647765696e5f746c6357706e637b6572253d45666364736529726e7d676b6e5d6c6774616c767025354d66636e716521706475676b665f737e655d7e696777677a27374566616e736529706e7765696e5f626176632d35456e636e7b6524676e57613f776562656c576d62454e273230312630253038284f78676c4f4c2732324d51273230322c30253a30416a706f6d697d6d29556d624744273038474e534e2d30324553253030312630273032284f706d6e474e2d32304d51273a30454c51442730304553273230392e3227303043687a6f6d6b7d6d295f676043697657676a496b7425323257656a474e434c474c4557696e717c616e6b6766576170726371712733422530304550545d606e656e64576d696c6561782d31402d3232455a5c5d616f6c6f705f627d666467705f686164665f64646f617c27314a2530304750565d666c6f63745f6a6c676c662533422d32304750545f6e70636f5f6665727c6a2733422530304550545d716a6164657a5f74677074757a675d646f6625314a2730304558565f746d78767770655f63676d70706d7373616d6c57627274612d31402532304758545774677a7675726557636f6f7872657b716b676e5d72657c612733422530304550545d76677874757a655f64616c746d705d696e6b736d7c706d7069632733422d3232475a545f735a4742273b42253a324d4d535d656e6d6f676e745f6b6e646d785d776b6e74253b422530384f455b5d646a6f5d7267666667725f6d6b706d69702731402532304745535d7b74616666637a645d64677a6b746174697465732d33402730304f455b5f74677074757a675d6e6c6d61762d31402532304d45535774677a7675726557666c6d69745f646b6c6d617025314a2730304f45515f746d78767770655f68696c665d6e6c6f6976273b422732324747515f74657a74757a655d6a636c665f6e6c6f637c5f6c616c6769722733402d30324f45535d76657a74677a5d61727269795f6d6a6a656b76273b422732325f4740474c5f616f6c67725d60776666657a5f666e6761742d31402d323257474a454e5f636f6f70726d737167665f7465707475706d5f617b76612d3340253038554742474c5d636f65707067717365645774657a7c75726d5d677c632733402d3032574542454c5f6b6f6f72706573736d645f766d78747d706757657663332d31402532305545424f4c5d616d6d70726d7373676c5f746d7a767d72675f713b76612533422732305f4540454e5f636f657072677b73656c5d766d787675706d5d713374635d73726f622731402532305f454245445f646d60776f5f70656c6c677065725f6b6e6667253140273230574d42474e57646578766a57746778767d70672533422732305f4540454e5f647269775f607d66666d70712d3340253038554742474c5d6c6f7b655d616d6e7465707425314a25323855474a474e5f6f7d6e76695f64706177393624656e5f683d3b6666376c66663c353638646663363835673632626730653f34663037353436393034663c32353124756f6c743d4b6676676c253232496e6b2e2475656c723d416e7467642532384b7061732732324772676e474c2732304d6e656b6c6526636b643d33&jb=33373d266e713f456d78696c6c6325324e352c32273230285f696e666777732d3032465427323239322c30253340253238576b6c343425334a253232703634212730384172706e6d5567624b697625324e3531352c3336253a30284940544d4427304b2530306e616967253230456563636f2b27303043687a6f6d672d324639323426302c35303c3b2c3131392732305b616463706925324e353335263336

Requested by

Host: content.ebanking-services.com
URL: https://content.ebanking-services.com/fp/check.js?org_id=qn4omaj3&session_id=BF9070387C5A43EE916271059EEB91D9&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 17:25:30 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
qn4omaj3h7izwtremalbfgv3454xsby6yosizaggc524cd051ebfe3d8am1.e.aa.online-metrix.net/fp/ 81 B
438 B 97ms
27ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qn4omaj3h7izwtremalbfgv3454xsby6yosizaggc524cd051ebfe3d8am1.e.aa.online-metrix.net/fp/clear.png?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Oct 2022 17:25:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK 0a08ccb0-d5ac-4980-a54b-d6f4493c5609
https://hc-cmd2020.screen-viewer.de/ 0
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hc-cmd2020.screen-viewer.de/0a08ccb0-d5ac-4980-a54b-d6f4493c5609
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 0
Content-Type: application/javascript

GET
BLOB 200
OK c98cb5a7-2c9b-4ffb-a971-dc8cfd558b9e
https://hc-cmd2020.screen-viewer.de/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hc-cmd2020.screen-viewer.de/c98cb5a7-2c9b-4ffb-a971-dc8cfd558b9e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9fb735f988f2be0e21574064cce4b5dd36b00ab1a713706bd07e55dcd56ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 9a815701-2f15-4c2b-8f49-6f2187eb6d06
https://hc-cmd2020.screen-viewer.de/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hc-cmd2020.screen-viewer.de/9a815701-2f15-4c2b-8f49-6f2187eb6d06
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9fb735f988f2be0e21574064cce4b5dd36b00ab1a713706bd07e55dcd56ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 0109708c-9f42-4425-a67d-144f8922d707
https://hc-cmd2020.screen-viewer.de/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hc-cmd2020.screen-viewer.de/0109708c-9f42-4425-a67d-144f8922d707
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9fb735f988f2be0e21574064cce4b5dd36b00ab1a713706bd07e55dcd56ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 0105f5b7-51c5-4ec8-8e9c-e4a316a3a87f
https://hc-cmd2020.screen-viewer.de/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hc-cmd2020.screen-viewer.de/0105f5b7-51c5-4ec8-8e9c-e4a316a3a87f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9fb735f988f2be0e21574064cce4b5dd36b00ab1a713706bd07e55dcd56ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 05463ce2-bded-41b9-9980-d0682b032ed6
https://hc-cmd2020.screen-viewer.de/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hc-cmd2020.screen-viewer.de/05463ce2-bded-41b9-9980-d0682b032ed6
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9fb735f988f2be0e21574064cce4b5dd36b00ab1a713706bd07e55dcd56ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 320f51ac-24bc-4a6a-a76b-4b6d3728a9a6
https://hc-cmd2020.screen-viewer.de/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hc-cmd2020.screen-viewer.de/320f51ac-24bc-4a6a-a76b-4b6d3728a9a6
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9fb735f988f2be0e21574064cce4b5dd36b00ab1a713706bd07e55dcd56ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK f5f65b43-f2f5-4866-a882-619ded144675
https://hc-cmd2020.screen-viewer.de/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hc-cmd2020.screen-viewer.de/f5f65b43-f2f5-4866-a882-619ded144675
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9fb735f988f2be0e21574064cce4b5dd36b00ab1a713706bd07e55dcd56ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 296d4a0c-160d-4b63-99cf-18fc861f0f32
https://hc-cmd2020.screen-viewer.de/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hc-cmd2020.screen-viewer.de/296d4a0c-160d-4b63-99cf-18fc861f0f32
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9fb735f988f2be0e21574064cce4b5dd36b00ab1a713706bd07e55dcd56ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 8c4e4ed2-02a1-429b-ab10-d1c86898107f
https://hc-cmd2020.screen-viewer.de/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hc-cmd2020.screen-viewer.de/8c4e4ed2-02a1-429b-ab10-d1c86898107f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9fb735f988f2be0e21574064cce4b5dd36b00ab1a713706bd07e55dcd56ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 4c92ed04-f42f-40a2-95ef-5b7e88156fca
https://hc-cmd2020.screen-viewer.de/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hc-cmd2020.screen-viewer.de/4c92ed04-f42f-40a2-95ef-5b7e88156fca
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9fb735f988f2be0e21574064cce4b5dd36b00ab1a713706bd07e55dcd56ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK aca093c1-f1e7-4f86-b0ec-cb387675e4f9
https://hc-cmd2020.screen-viewer.de/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hc-cmd2020.screen-viewer.de/aca093c1-f1e7-4f86-b0ec-cb387675e4f9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9fb735f988f2be0e21574064cce4b5dd36b00ab1a713706bd07e55dcd56ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 677cfca5-0ec6-4f88-9a0b-f613df439666
https://hc-cmd2020.screen-viewer.de/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hc-cmd2020.screen-viewer.de/677cfca5-0ec6-4f88-9a0b-f613df439666
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9fb735f988f2be0e21574064cce4b5dd36b00ab1a713706bd07e55dcd56ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK c39a4a28-00ee-45a2-a34b-3c146a1b8608
https://hc-cmd2020.screen-viewer.de/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hc-cmd2020.screen-viewer.de/c39a4a28-00ee-45a2-a34b-3c146a1b8608
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9fb735f988f2be0e21574064cce4b5dd36b00ab1a713706bd07e55dcd56ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 2a796397-e4a4-4c18-979a-4b07129768ef
https://hc-cmd2020.screen-viewer.de/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hc-cmd2020.screen-viewer.de/2a796397-e4a4-4c18-979a-4b07129768ef
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9fb735f988f2be0e21574064cce4b5dd36b00ab1a713706bd07e55dcd56ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 5fbf2729-107b-404e-a5f3-2f558cc78cbd
https://hc-cmd2020.screen-viewer.de/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hc-cmd2020.screen-viewer.de/5fbf2729-107b-404e-a5f3-2f558cc78cbd
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9fb735f988f2be0e21574064cce4b5dd36b00ab1a713706bd07e55dcd56ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 84f3db92-95d6-4c25-bd56-2fab7fdd1299
https://hc-cmd2020.screen-viewer.de/ 1 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hc-cmd2020.screen-viewer.de/84f3db92-95d6-4c25-bd56-2fab7fdd1299
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f5da3b1b3dc64ddbf2da11b1f1ab995f52a90e154645a5a73c1c7561034a213

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 1357
Content-Type: application/javascript

GET
H/1.1 204
No Content clear.png Show response
content.ebanking-services.com/fp/ Frame A121 0
387 B 26ms
26ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.ebanking-services.com/fp/clear.png?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1&jf=31342e6c71623f393a3a3634353131373d313236646234386c3430353036363f3b643f34353936

Requested by

Host: content.ebanking-services.com
URL: https://content.ebanking-services.com/fp/ls_fp.html;CIS3SID=3F844CD705E4A0E9443DDAB16743C78A?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.ebanking-services.com/fp/ls_fp.html;CIS3SID=3F844CD705E4A0E9443DDAB16743C78A?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Oct 2022 17:25:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=3F844CD705E4A0E9443DDAB16743C78A
content.ebanking-services.com/fp/ 0
400 B 30ms
30ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.ebanking-services.com/fp/clear1.png;CIS3SID=3F844CD705E4A0E9443DDAB16743C78A?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1&jf=3633302671696657706c643d7466725f526f72486a6330655e48733a6a437164247161645d64637c673f3136363431313b39313224736964577479726d3d776d60386d636673632e716b645f6b67793d3b30373b31303133383630353a61383e363a6b653164323a32333036303a32613036363a61653364383330333837303b363038303234333a63366231656032613f333461666635366b6634343e31393d64366c383539366e3b646235333364346b393037376634363f3066313835356b613b6a353738633864313534653166613b643230366133313836636669633330376131363266663d67303637373235303a393a633b6163623f6466633c30366e3b333b623466247b6b665f7369653d333834343230323130386237323d35333e32316b6435663b6b303066373931616138373b36376132353f3263373c65633f323a31363a37316e33663961353430313f63366736623438693032303930306c3b613f313639663f3a616436383139343e306430303162383e6332633b32326b32373a383566366d613b6464316338303c326336303962373962323b6c33342e716b6e723f30

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Oct 2022 17:25:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=CCB3EAB3E50DE84852A64008E29B7EA4
h.online-metrix.net/fp/ Frame B8E9 0
400 B 37ms
30ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=CCB3EAB3E50DE84852A64008E29B7EA4?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1&jf=36333e2671696657706c643d7466725f7c456c3a68425747415632646a4f5146247161645d64637c673f3136363431313b39313224736964577479726d3d776d60386d636673632e716b645f6b67793d3b30373b31303133383630353a61383e363a6b653164323a32333036303a32613036363a61653364383330333837303b363038303234303960646161623233353c38643b306430636c3263373164333037643c6637376438363b3863623439356931603b606663363d3439603064636d323439363b35666e31353036633466336c396334343831323e3066373b36623d32606b303065303b3a303130353462623d3537373b6235656e6261663f37366e60606d383361247b6b665f7369653d3338343732303230373f3535336b38353c6061313235336469353b6433383362366e37646366653236383234636931633d66333c663061326c35313630633736346d353461326238303a3231323863633a34323e343733613b3a3a3736356731643e64666433323630383931663f36356a35666a6531393230346034343363383030653534663266646d3662373126736164703531

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=3F844CD705E4A0E9443DDAB16743C78A?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Oct 2022 17:25:31 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content.ebanking-services.com/fp/ 0
387 B 33ms
26ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.ebanking-services.com/fp/clear.png?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1&jac=1&je=30323a26247767613f3a342e313b2e313f352c333a342670653d6e6d2e62617c717635253542273a306e6576656e25323a253143332e30302d3243273a32737c63767d732732302d31432532326168617a676b6c652532322d374424697564603f6169376039673e67343831636161633e663063356331393a3933343b34366a37613b313539346a36663864643638363830313a64653466383366616c38343d3b246d78313d603f333234623130393330396636353633336b6334373e31383e67313a666763346a643b34313767

Requested by

Host: content.ebanking-services.com
URL: https://content.ebanking-services.com/fp/check.js?org_id=qn4omaj3&session_id=BF9070387C5A43EE916271059EEB91D9&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Oct 2022 17:25:31 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear3.png;CIS3SID=3F844CD705E4A0E9443DDAB16743C78A Show response
content.ebanking-services.com/fp/ 0
218 B 27ms
27ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.ebanking-services.com/fp/clear3.png;CIS3SID=3F844CD705E4A0E9443DDAB16743C78A?org_id=qn4omaj3&session_id=bf9070387c5a43ee916271059eeb91d9&nonce=c524cd051ebfe3d8&pageid=1&je=3337302670643f2e7066743d363133333b2d333732302c353130302f393530382e373130332d333d32322c353932322d393532322e3539303b2d313738302c3b313a312d333532382e373935302f313538302e373b33312d393530322435393b3b2f393532302e3e3231392d3137303024353b36362d313538302c3438343025333738302e35303f3b2f313530322c373837322f33353030243231333a2d313d3232

Requested by

Host: content.ebanking-services.com
URL: https://content.ebanking-services.com/fp/check.js?org_id=qn4omaj3&session_id=BF9070387C5A43EE916271059EEB91D9&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hc-cmd2020.screen-viewer.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 17:25:32 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=92
Content-Type: text/javascript;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ois.is
URL: https://ois.is/images/logo.png

Verdicts & Comments Add Verdict or Comment

259 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			content.ebanking-services.com/	1970-01-20 16:24:33	Name: thx_guid Value: aebf6528f0ec49a69ed4804fbc0faacc

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://hc-cmd2020.screen-viewer.de/wp-includes/SimplePie/Net/cdird/digit.html Message: Access to XMLHttpRequest at 'https://ois.is/images/logo.png' (redirected from 'https://hc-cmd2020.screen-viewer.de/eam/Branding/SmartBanner?appId=beb') from origin 'https://hc-cmd2020.screen-viewer.de' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ois.is/images/logo.png Message: Failed to load resource: net::ERR_FAILED
worker	warning	URL: blob:https://hc-cmd2020.screen-viewer.de/c39a4a28-00ee-45a2-a34b-3c146a1b8608(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5279/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://hc-cmd2020.screen-viewer.de/2a796397-e4a4-4c18-979a-4b07129768ef(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:7070/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://hc-cmd2020.screen-viewer.de/aca093c1-f1e7-4f86-b0ec-cb387675e4f9(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5944/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://hc-cmd2020.screen-viewer.de/296d4a0c-160d-4b63-99cf-18fc861f0f32(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5931/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://hc-cmd2020.screen-viewer.de/9a815701-2f15-4c2b-8f49-6f2187eb6d06(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5900/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://hc-cmd2020.screen-viewer.de/c98cb5a7-2c9b-4ffb-a971-dc8cfd558b9e(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:63333/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://hc-cmd2020.screen-viewer.de/0109708c-9f42-4425-a67d-144f8922d707(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5901/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://hc-cmd2020.screen-viewer.de/05463ce2-bded-41b9-9980-d0682b032ed6(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5903/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://hc-cmd2020.screen-viewer.de/0105f5b7-51c5-4ec8-8e9c-e4a316a3a87f(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5902/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://hc-cmd2020.screen-viewer.de/320f51ac-24bc-4a6a-a76b-4b6d3728a9a6(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:3389/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://hc-cmd2020.screen-viewer.de/f5f65b43-f2f5-4866-a882-619ded144675(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5950/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://hc-cmd2020.screen-viewer.de/5fbf2729-107b-404e-a5f3-2f558cc78cbd(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:2112/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://hc-cmd2020.screen-viewer.de/8c4e4ed2-02a1-429b-ab10-d1c86898107f(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5939/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://hc-cmd2020.screen-viewer.de/677cfca5-0ec6-4f88-9a0b-f613df439666(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:6040/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://hc-cmd2020.screen-viewer.de/4c92ed04-f42f-40a2-95ef-5b7e88156fca(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:6039/' failed: WebSocket is closed before the connection is established.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content.ebanking-services.com
digimaine.com
firstbankpr.ebanking-services.com
h.online-metrix.net
hc-cmd2020.screen-viewer.de
ois.is
qn4omaj3h7izwtremalbfgv3454xsby6yosizaggc524cd051ebfe3d8am1.e.aa.online-metrix.net
www.1firstbank.com
ois.is
192.254.251.158
23.205.230.68
2a06:98c1:3120::3
45.60.243.223
83.138.84.139
91.235.132.130
91.235.133.67
91.235.134.131
11dd4540a701c84241bd540d5361bdcb105a766ad134093aa140a47439d792d6
1f5da3b1b3dc64ddbf2da11b1f1ab995f52a90e154645a5a73c1c7561034a213
27104fbc23ca3de74dad61de167bb91debb6533bedb5dc5148838f8f9e565d04
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
65970415fbacd91bf37477ab242d091ecab5672b6b2b4c99a59ebaf9a12def22
65ebfd9959e1da50a30d75000d2750acad85763db4edf0d7638cfe91946d81f5
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
99a9fb735f988f2be0e21574064cce4b5dd36b00ab1a713706bd07e55dcd56ab
9dd6af02f945ed7765bfc88e04b16aff75a8620fd5fd364641de64eb75ef6ca3
b0b38445c13c0060028559d3099f7061854e409e2603d0ef5d9c1b99b0dc8271
b24c20afb93085fa1db0eacd4ec00150b1d0699e056525bd61e241209bfcaba3
c331371c86243d70bccf684a70a215b8da9027035ebdb158b4f2b84afe846d24
cd711199b3a924ebb72acb5ac1f7aa05ebe3a0699bc2539970de82fbc3a5c8b6
dc185842b05b2ecafcf8a1b69c250d8713d9a7b4ea8568191a3707d0ce5a91e6
df092208a96e4ba8663cbdc79fa88a12f470b4639c80516ed6515a85741efab6
e2da9dbaa6aa40064db752185aa519baab214e8744d25c7e54ca81e6e74a156f
e3790f7c4529b36b898a0ec7942cf3cb9837b76b5622fa97fe1d108d8ad1fb51
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fafc1c6627bf0a4048f2f921a71b7c7967c9f28bad2ce831d13f5a4a1818b9f4
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

hc-cmd2020.screen-viewer.de Open in urlscan Pro 83.138.84.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

65 %HTTPS

13 %IPv6

6 Domains

8 Subdomains

9 IPs

2 Countries

227 kBTransfer

1138 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hc-cmd2020.screen-viewer.de Open in urlscan Pro
83.138.84.139 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

65 %
HTTPS

13 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

227 kB
Transfer

1138 kB
Size

1
Cookies

51 HTTP transactions
0 data transactions