urlscan.io logo urlscan.io
SecurityTrails logo

verify.bankaletihad.com Open in urlscan Pro
18.171.69.213  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://verify.bankaletihad.com/
Effective URL: https://verify.bankaletihad.com/
Submission: On October 29 via manual from IN — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 18.171.69.213, located in London, United Kingdom and belongs to AMAZON-02, US. The main domain is verify.bankaletihad.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on September 2nd 2024. Valid for: a year.
This is the only time verify.bankaletihad.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 18.171.69.213 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
21 4
Apex Domain
Subdomains		 Transfer
16 bankaletihad.com
verify.bankaletihad.com
2 MB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
22 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
173 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
29 KB
21 4
Domain Requested by
16 verify.bankaletihad.com verify.bankaletihad.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com ajax.googleapis.com
www.googletagmanager.com
1 ajax.googleapis.com verify.bankaletihad.com
21 4

This site contains links to these domains. Also see Links.

Domain
cronica.io
www.cronica.io
Subject Issuer Validity Valid
verify.bankaletihad.com
Amazon RSA 2048 M03		 2024-09-02 -
2025-10-02		 a year crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://verify.bankaletihad.com/
Frame ID: 81F8FC986788200EDBE9327FB62E2A5D
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cronica

Page URL History Show full URLs

  1. http://verify.bankaletihad.com/ HTTP 307
    https://verify.bankaletihad.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2277 kB
Transfer

2660 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://verify.bankaletihad.com/ HTTP 307
    https://verify.bankaletihad.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
verify.bankaletihad.com/
Redirect Chain
  • http://verify.bankaletihad.com/
  • https://verify.bankaletihad.com/
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://verify.bankaletihad.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.171.69.213 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-69-213.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
288af6b18f5a4fe923191c05b393da4d907bdcd4c34ce591f69e7b0092f026fa
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
2887
content-security-policy
default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
content-type
text/html
date
Tue, 29 Oct 2024 00:21:43 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Location
https://verify.bankaletihad.com/
Non-Authoritative-Reason
HttpsUpgrades
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js
Requested by
Host: verify.bankaletihad.com
URL: https://verify.bankaletihad.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

content-encoding
gzip
age
545489
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:50:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:50:14 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
29440
x-xss-protection
0
server
sffe
main.46c695c7.chunk.css
verify.bankaletihad.com/static/css/ 		17 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://verify.bankaletihad.com/static/css/main.46c695c7.chunk.css
Requested by
Host: verify.bankaletihad.com
URL: https://verify.bankaletihad.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.171.69.213 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-69-213.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
6510c51d297dd10657128dfe0c66ad004d00345a5b128547acd4d5691fb5bf19
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
x-content-type-options
nosniff
referrer-policy
strict-origin
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
17626
date
Tue, 29 Oct 2024 00:21:43 GMT
x-xss-protection
1; mode=block
content-type
text/css
x-frame-options
SAMEORIGIN
2.34c46eab.chunk.js
verify.bankaletihad.com/static/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://verify.bankaletihad.com/static/js/2.34c46eab.chunk.js
Requested by
Host: verify.bankaletihad.com
URL: https://verify.bankaletihad.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.171.69.213 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-69-213.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
cd911a0de0ec2c996e8817b6a183fa79068db5775bcb217634724c2072d6e9d2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
x-content-type-options
nosniff
referrer-policy
strict-origin
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
1366273
date
Tue, 29 Oct 2024 00:21:43 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
x-frame-options
SAMEORIGIN
main.87b55b34.chunk.js
verify.bankaletihad.com/static/js/ 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://verify.bankaletihad.com/static/js/main.87b55b34.chunk.js
Requested by
Host: verify.bankaletihad.com
URL: https://verify.bankaletihad.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.171.69.213 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-69-213.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
38d4d1bbc1819c4085d5c47a520f643e05200b383276b67aac917cb06192b54d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
x-content-type-options
nosniff
referrer-policy
strict-origin
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
26579
date
Tue, 29 Oct 2024 00:21:43 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/ 		221 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-157016207-3&_=1730161303869
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5e307a13fc9a69dc43a8e5eb5f8131720014d745320a71d941c693aa1205287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 29 Oct 2024 00:21:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 00:21:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 29 Oct 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80710
x-xss-protection
0
server
Google Tag Manager
logo.a78de070.svg
verify.bankaletihad.com/static/media/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verify.bankaletihad.com/static/media/logo.a78de070.svg
Requested by
Host: verify.bankaletihad.com
URL: https://verify.bankaletihad.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.171.69.213 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-69-213.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
2b2892dee7b9b969b603beaf662acd843f71533cfa4e45b827ac160f06fd3cad
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
x-content-type-options
nosniff
referrer-policy
strict-origin
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
3479
date
Tue, 29 Oct 2024 00:21:44 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
Quorum-Blockchain.5857182e.svg
verify.bankaletihad.com/static/media/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verify.bankaletihad.com/static/media/Quorum-Blockchain.5857182e.svg
Requested by
Host: verify.bankaletihad.com
URL: https://verify.bankaletihad.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.171.69.213 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-69-213.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
5b691429eedff2045e3775de02aef6a424eade9b918638e43b43e1d7f526e0e4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
x-content-type-options
nosniff
referrer-policy
strict-origin
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
10757
date
Tue, 29 Oct 2024 00:21:44 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
Programable-Documents.ae064dbd.svg
verify.bankaletihad.com/static/media/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verify.bankaletihad.com/static/media/Programable-Documents.ae064dbd.svg
Requested by
Host: verify.bankaletihad.com
URL: https://verify.bankaletihad.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.171.69.213 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-69-213.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
3b1502bcd99c0d3d83a3eb7677ce183861c66a3629ed84fa1961296e575ce7bb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
x-content-type-options
nosniff
referrer-policy
strict-origin
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
17980
date
Tue, 29 Oct 2024 00:21:44 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
Smart-Contract.0d621721.svg
verify.bankaletihad.com/static/media/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verify.bankaletihad.com/static/media/Smart-Contract.0d621721.svg
Requested by
Host: verify.bankaletihad.com
URL: https://verify.bankaletihad.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.171.69.213 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-69-213.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
d53943aeb9d3997a0b7b0f5a77699bc7eec42f5e50197778f93cab4bfe6754b4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
x-content-type-options
nosniff
referrer-policy
strict-origin
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
17668
date
Tue, 29 Oct 2024 00:21:44 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
Security.632193f2.svg
verify.bankaletihad.com/static/media/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verify.bankaletihad.com/static/media/Security.632193f2.svg
Requested by
Host: verify.bankaletihad.com
URL: https://verify.bankaletihad.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.171.69.213 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-69-213.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
3d65f237da28cc78df2546f3a92cf2e851eda7a5495f8a96d9fcb6cd86fcd3c1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
x-content-type-options
nosniff
referrer-policy
strict-origin
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
25959
date
Tue, 29 Oct 2024 00:21:44 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
Privacy.7ee2eb2f.svg
verify.bankaletihad.com/static/media/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verify.bankaletihad.com/static/media/Privacy.7ee2eb2f.svg
Requested by
Host: verify.bankaletihad.com
URL: https://verify.bankaletihad.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.171.69.213 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-69-213.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
ff424719ebbf571929767463251d5b394c4dba709e99d984443ce98551b7669e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
x-content-type-options
nosniff
referrer-policy
strict-origin
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
9200
date
Tue, 29 Oct 2024 00:21:44 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
API.0d045f34.svg
verify.bankaletihad.com/static/media/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verify.bankaletihad.com/static/media/API.0d045f34.svg
Requested by
Host: verify.bankaletihad.com
URL: https://verify.bankaletihad.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.171.69.213 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-69-213.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
a708f34f50c25d1a56702892939b51c38b384868ee78603eb4dfb8ef0c3e4b32
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
x-content-type-options
nosniff
referrer-policy
strict-origin
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
21295
date
Tue, 29 Oct 2024 00:21:44 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
Phone@2x.c36d51d8.png
verify.bankaletihad.com/static/media/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verify.bankaletihad.com/static/media/Phone@2x.c36d51d8.png
Requested by
Host: verify.bankaletihad.com
URL: https://verify.bankaletihad.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.171.69.213 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-69-213.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
45c834889d5e5fa4c27ff4378ec06773f04c929845c7e0bd773cff434622d1eb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
x-content-type-options
nosniff
referrer-policy
strict-origin
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
105285
date
Tue, 29 Oct 2024 00:21:44 GMT
x-xss-protection
1; mode=block
content-type
image/png
x-frame-options
SAMEORIGIN
Image_28@3x.76d0d29c.png
verify.bankaletihad.com/static/media/ 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verify.bankaletihad.com/static/media/Image_28@3x.76d0d29c.png
Requested by
Host: verify.bankaletihad.com
URL: https://verify.bankaletihad.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.171.69.213 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-69-213.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
22152476335c4484b1c8e95a70caa38d82f3e9f5d3a679fef3351e343aaedad7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
x-content-type-options
nosniff
referrer-policy
strict-origin
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
165868
date
Tue, 29 Oct 2024 00:21:44 GMT
x-xss-protection
1; mode=block
content-type
image/png
x-frame-options
SAMEORIGIN
verify-header-bg.4c47bcd9.svg
verify.bankaletihad.com/static/media/ 		181 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verify.bankaletihad.com/static/media/verify-header-bg.4c47bcd9.svg
Requested by
Host: verify.bankaletihad.com
URL: https://verify.bankaletihad.com/static/css/main.46c695c7.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.171.69.213 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-69-213.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
bd8ab15782513afbb65fb5b39ed39cb04d3e919cc2d8e13ffbc4c13681147822
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
x-content-type-options
nosniff
referrer-policy
strict-origin
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
184922
date
Tue, 29 Oct 2024 00:21:44 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
Verify-scroll-down.3cb24f20.svg
verify.bankaletihad.com/static/media/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verify.bankaletihad.com/static/media/Verify-scroll-down.3cb24f20.svg
Requested by
Host: verify.bankaletihad.com
URL: https://verify.bankaletihad.com/static/css/main.46c695c7.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.171.69.213 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-69-213.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
72338c52150aa822dce985795f9c50db08cfe0a15ab682192d1865c8275562cf
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
x-content-type-options
nosniff
referrer-policy
strict-origin
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
1344
date
Tue, 29 Oct 2024 00:21:44 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/ 		265 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-974T1YVG57&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-157016207-3&_=1730161303869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d600adb6f1b2c4f02947b4d17075d4f11afd06c7c3a35497d515fedbb6c5f2f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 29 Oct 2024 00:21:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 00:21:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
95545
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-157016207-3&_=1730161303869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

content-encoding
gzip
age
3329
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 01:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 23:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google-analytics.com/j/ 		1 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1206879130&t=pageview&_s=1&dl=https%3A%2F%2Fverify.bankaletihad.com%2F&ul=en-gb&de=UTF-8&dt=Cronica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=547045731&gjid=465790457&cid=1553449683.1730161304&tid=UA-157016207-3&_gid=1413498995.1730161304&_r=1&gtm=457e4ao0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101823848~101925629&jsscut=1&z=2117392297
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://verify.bankaletihad.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 00:21:44 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://verify.bankaletihad.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
favicon.ico
verify.bankaletihad.com/ 		110 KB
111 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://verify.bankaletihad.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.171.69.213 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-69-213.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
c1c3b4501405b72b94eb6991e34f931437a844bb1c239c53f92dd61a05a8cd5f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://verify.bankaletihad.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
x-content-type-options
nosniff
referrer-policy
strict-origin
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
112492
date
Tue, 29 Oct 2024 00:21:44 GMT
x-xss-protection
1; mode=block
content-type
image/x-icon
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| urlCheck object| webpackJsonp object| __core-js_shared__ object| PDFJS function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ object| google_tag_manager object| google_tag_data object| dataLayer string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

4 Cookies

Domain/Path Name / Value
.bankaletihad.com/ Name: _ga_974T1YVG57
Value: GS1.1.1730161304.1.0.1730161304.0.0.0
.bankaletihad.com/ Name: _ga
Value: GA1.2.1553449683.1730161304
.bankaletihad.com/ Name: _gid
Value: GA1.2.1413498995.1730161304
.bankaletihad.com/ Name: _gat_gtag_UA_157016207_3
Value: 1

4 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtag/js?id=G-974T1YVG57&l=dataLayer&cx=c(Line 155)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-974T1YVG57&gtm=45je4ao0v9107135618za200&_p=1730161304132&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101925629&cid=1553449683.1730161304&ul=en-gb&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1730161304&sct=1&seg=0&dl=https%3A%2F%2Fverify.bankaletihad.com%2F&dt=Cronica&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=763' because it violates the following Content Security Policy directive: "connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-974T1YVG57&l=dataLayer&cx=c(Line 155)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-974T1YVG57&gtm=45je4ao0v9107135618za200&_p=1730161304132&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101925629&cid=1553449683.1730161304&ul=en-gb&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1730161304&sct=1&seg=0&dl=https%3A%2F%2Fverify.bankaletihad.com%2F&dt=Cronica&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=763' because it violates the document's Content Security Policy.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-974T1YVG57&l=dataLayer&cx=c(Line 155)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-974T1YVG57&gtm=45je4ao0v9107135618za200&_p=1730161304132&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101925629&cid=1553449683.1730161304&ul=en-gb&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=2&sid=1730161304&sct=1&seg=0&dl=https%3A%2F%2Fverify.bankaletihad.com%2F&dt=Cronica&en=user_engagement&_et=4509&tfd=5274' because it violates the following Content Security Policy directive: "connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-974T1YVG57&l=dataLayer&cx=c(Line 155)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-974T1YVG57&gtm=45je4ao0v9107135618za200&_p=1730161304132&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101925629&cid=1553449683.1730161304&ul=en-gb&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=2&sid=1730161304&sct=1&seg=0&dl=https%3A%2F%2Fverify.bankaletihad.com%2F&dt=Cronica&en=user_engagement&_et=4509&tfd=5274' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.bankaletihad.com; font-src *; img-src 'self' https://www.google-analytics.com blob: data:; script-src 'self' https://*.bankaletihad.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.bankaletihad.com https://www.google-analytics.com; style-src 'self' https://*.bankaletihad.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
verify.bankaletihad.com
www.google-analytics.com
www.googletagmanager.com
18.171.69.213
2a00:1450:4001:81d::200e
2a00:1450:4001:827::2008
2a00:1450:4001:82b::200a
22152476335c4484b1c8e95a70caa38d82f3e9f5d3a679fef3351e343aaedad7
288af6b18f5a4fe923191c05b393da4d907bdcd4c34ce591f69e7b0092f026fa
2b2892dee7b9b969b603beaf662acd843f71533cfa4e45b827ac160f06fd3cad
38d4d1bbc1819c4085d5c47a520f643e05200b383276b67aac917cb06192b54d
3b1502bcd99c0d3d83a3eb7677ce183861c66a3629ed84fa1961296e575ce7bb
3d65f237da28cc78df2546f3a92cf2e851eda7a5495f8a96d9fcb6cd86fcd3c1
45c834889d5e5fa4c27ff4378ec06773f04c929845c7e0bd773cff434622d1eb
5b691429eedff2045e3775de02aef6a424eade9b918638e43b43e1d7f526e0e4
6510c51d297dd10657128dfe0c66ad004d00345a5b128547acd4d5691fb5bf19
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72338c52150aa822dce985795f9c50db08cfe0a15ab682192d1865c8275562cf
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a5e307a13fc9a69dc43a8e5eb5f8131720014d745320a71d941c693aa1205287
a708f34f50c25d1a56702892939b51c38b384868ee78603eb4dfb8ef0c3e4b32
bd8ab15782513afbb65fb5b39ed39cb04d3e919cc2d8e13ffbc4c13681147822
c1c3b4501405b72b94eb6991e34f931437a844bb1c239c53f92dd61a05a8cd5f
cd911a0de0ec2c996e8817b6a183fa79068db5775bcb217634724c2072d6e9d2
d53943aeb9d3997a0b7b0f5a77699bc7eec42f5e50197778f93cab4bfe6754b4
d600adb6f1b2c4f02947b4d17075d4f11afd06c7c3a35497d515fedbb6c5f2f8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ff424719ebbf571929767463251d5b394c4dba709e99d984443ce98551b7669e