urlscan.io logo urlscan.io
SecurityTrails logo

185.79.245.215 Open in urlscan Pro
185.79.245.215  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://185.79.245.215/
Effective URL: https://185.79.245.215/en/login
Submission: On December 18 via manual from LT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 20 HTTP transactions. The main IP is 185.79.245.215, located in Lithuania and belongs to RACKRAY UAB Rakrejus, LT. The main domain is 185.79.245.215.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 13th 2024. Valid for: a year.
This is the only time 185.79.245.215 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    185.79.245.215 (Lithuania)

ASN62282 (RACKRAY UAB Rakrejus, LT)
PTR: pmail.mano.bank
185.79.245.215
3    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
3 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4108
971 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
338 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
213 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
75 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 10745
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
553 B
1 gstatic.com
www.gstatic.com
218 KB
20 7
Domain Requested by
3 www.googletagmanager.com 185.79.245.215
www.googletagmanager.com
2 www.facebook.com 185.79.245.215
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 www.google.com 185.79.245.215
www.googletagmanager.com
1 www.google.de 185.79.245.215
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.gstatic.com www.google.com
20 8

This site contains no links.

Subject Issuer Validity Valid
*.mano.bank
Sectigo RSA Domain Validation Secure Server CA		 2024-06-13 -
2025-07-13		 a year crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google.de
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-26 -
2024-12-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://185.79.245.215/en/login
Frame ID: 084E9A2C6BDBE169AB21EA35E8E23727
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

mano.bank

Page URL History Show full URLs

  1. https://185.79.245.215/ HTTP 302
    https://185.79.245.215/en HTTP 302
    https://185.79.245.215/en/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

20
Requests

65 %
HTTPS

89 %
IPv6

7
Domains

8
Subdomains

9
IPs

4
Countries

1268 kB
Transfer

3284 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://185.79.245.215/ HTTP 302
    https://185.79.245.215/en HTTP 302
    https://185.79.245.215/en/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
185.79.245.215/en/
Redirect Chain
  • https://185.79.245.215/
  • https://185.79.245.215/en
  • https://185.79.245.215/en/login
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://185.79.245.215/en/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.79.245.215 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
pmail.mano.bank
Software
Apache /
Resource Hash
3c2fd00f75d0d87c5d9d2f068479e0d651749466c26e381310a52d626a343bf6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 18 Dec 2024 07:44:34 GMT
Keep-Alive
timeout=5, max=98
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, private
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 18 Dec 2024 07:44:34 GMT
Keep-Alive
timeout=5, max=99
Location
https://185.79.245.215/en/login
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
js
www.googletagmanager.com/gtag/ 		391 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D6DL1NHZEQ
Requested by
Host: 185.79.245.215
URL: https://185.79.245.215/en/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b77ab7c97bc418f6f79605073ace07b18dba01ebb2cce17dace1ca6e8b49743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://185.79.245.215/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 07:44:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 07:44:12 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
131151
x-xss-protection
0
server
Google Tag Manager
api.js
www.google.com/recaptcha/ 		1 KB
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: 185.79.245.215
URL: https://185.79.245.215/en/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ddd002a43630b73f45b3f612a05ee51e089845da5a3ea8730c5269bd41472e68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://185.79.245.215/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 07:44:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Wed, 18 Dec 2024 07:44:12 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
app.js
185.79.245.215/js/ 		702 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://185.79.245.215/js/app.js?id=a79d33618a75687febbc4eec817ccd46
Requested by
Host: 185.79.245.215
URL: https://185.79.245.215/en/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.79.245.215 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
pmail.mano.bank
Software
Apache /
Resource Hash
44ad4afd0651c9c3f1f408a39f18f878ca45ed214fe64834ffcdd41c851e8ee0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://185.79.245.215/en/login

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Encoding
gzip
ETag
"af921-622607d1836c3-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Date
Wed, 18 Dec 2024 07:44:34 GMT
Last-Modified
Wed, 18 Sep 2024 08:21:11 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
text/javascript
app.css
185.79.245.215/css/ 		296 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://185.79.245.215/css/app.css?id=4eb12bc550f320590811ad52c7fef099
Requested by
Host: 185.79.245.215
URL: https://185.79.245.215/en/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.79.245.215 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
pmail.mano.bank
Software
Apache /
Resource Hash
df2338b6ed2a10ec503bdf967ae246df4a0ae185975b5202c350a8f3a180f679
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://185.79.245.215/en/login

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Encoding
gzip
ETag
"49efe-6185b73e3c14e-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
55530
Keep-Alive
timeout=5, max=100
Date
Wed, 18 Dec 2024 07:44:34 GMT
Last-Modified
Mon, 13 May 2024 20:08:45 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
text/css
logo.svg
185.79.245.215/storage/assets/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.79.245.215/storage/assets/images/logo.svg
Requested by
Host: 185.79.245.215
URL: https://185.79.245.215/en/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.79.245.215 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
pmail.mano.bank
Software
Apache /
Resource Hash
e1c4a0dcc57b9d39ece4a378fda1164f3600d0c760e1e4879c929d00858601ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://185.79.245.215/en/login

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains
ETag
"16e6-5a16f0c99de03"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5862
Keep-Alive
timeout=5, max=100
Date
Wed, 18 Dec 2024 07:44:34 GMT
Last-Modified
Sun, 22 Mar 2020 10:33:28 GMT
Content-Type
image/svg+xml
Server
Apache
person.png
185.79.245.215/storage/assets/images/ 		252 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.79.245.215/storage/assets/images/person.png
Requested by
Host: 185.79.245.215
URL: https://185.79.245.215/en/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.79.245.215 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
pmail.mano.bank
Software
Apache /
Resource Hash
f3a1b9962ece3b4d61dac4a0c3105f56e9473b5e32b48c215a0ed5e167acce0a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://185.79.245.215/en/login

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains
ETag
"3f17b-5a16f0c9ad803"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
258427
Keep-Alive
timeout=5, max=100
Date
Wed, 18 Dec 2024 07:44:34 GMT
Last-Modified
Sun, 22 Mar 2020 10:33:28 GMT
Content-Type
image/png
Server
Apache
gtm.js
www.googletagmanager.com/ 		360 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TVDMLC4
Requested by
Host: 185.79.245.215
URL: https://185.79.245.215/en/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1a7ec6d01a2276862c7479e35639903e85b6edb56e6d8d23c7d7116132d2c505
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://185.79.245.215/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 18 Dec 2024 07:44:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 07:44:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
114049
x-xss-protection
0
server
Google Tag Manager
recaptcha__de.js
www.gstatic.com/recaptcha/releases/nhamhfA6n_hKMa_Y7UpFyA37/ 		549 KB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/nhamhfA6n_hKMa_Y7UpFyA37/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8001e254ead6ecd735e0e6fb4fa2a48118d681350da71f9db0d5baea5026f99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://185.79.245.215
Referer
https://185.79.245.215/

Response headers

content-encoding
gzip
age
42165
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 20:01:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 20:01:28 GMT
last-modified
Mon, 16 Dec 2024 03:01:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
223060
x-xss-protection
0
server
sffe
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-D6DL1NHZEQ&gtm=45je4cc1v9118030178za200&_p=1734507852791&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1170585490.1734507853&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734507852&sct=1&seg=0&dl=https%3A%2F%2F185.79.245.215%2Fen%2Flogin&dt=mano.bank&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=379
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D6DL1NHZEQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://185.79.245.215/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://185.79.245.215
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 07:44:12 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
553 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D6DL1NHZEQ&cid=1170585490.1734507853&gtm=45je4cc1v9118030178za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D6DL1NHZEQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://185.79.245.215/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://185.79.245.215
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 07:44:12 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D6DL1NHZEQ&cid=1170585490.1734507853&gtm=45je4cc1v9118030178za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=593654172
Requested by
Host: 185.79.245.215
URL: https://185.79.245.215/en/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://185.79.245.215/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 18 Dec 2024 07:44:13 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
XRXV3I6Li01BKofINeaB.woff2
185.79.245.215/storage/assets/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://185.79.245.215/storage/assets/fonts/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: 185.79.245.215
URL: https://185.79.245.215/css/app.css?id=4eb12bc550f320590811ad52c7fef099
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.79.245.215 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
pmail.mano.bank
Software
Apache /
Resource Hash
0a84dd9a4e72ab9b862e3a58023261e20437402fe86c2dd581977e92100ff2ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://185.79.245.215
Referer
https://185.79.245.215/css/app.css?id=4eb12bc550f320590811ad52c7fef099

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains
ETag
"4fe0-5a16f0c963486"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
20448
Keep-Alive
timeout=5, max=96
Date
Wed, 18 Dec 2024 07:44:34 GMT
Last-Modified
Sun, 22 Mar 2020 10:33:28 GMT
Content-Type
font/woff2
Server
Apache
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2F185.79.245.215%2Fen%2Flogin&scrsrc=www.googletagmanager.com&frm=0&rnd=35355378.1734507853&dt=mano.bank&auid=839581647.1734507853&navt=n&npa=1&gtm=45He4cc1v813112991za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101899378~101925629~102067555~102067808~102081485~102198178&tft=1734507853176&tfd=663&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVDMLC4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://185.79.245.215/

Response headers
destination
www.googletagmanager.com/gtag/ 		284 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-718436554&l=dataLayer&cx=c&gtm=45He4cc1v813112991za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVDMLC4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac27c149af9aa549dcb65f4694d944dd6687c75d5627e03b5fae8773cf314815
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://185.79.245.215/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Wed, 18 Dec 2024 07:44:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 07:44:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100162
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVDMLC4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9d476ce7d441875c1ae5a3ea08ab0a65652e3c386c2918add8ffe867461213bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Rtpo2TQq' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://185.79.245.215/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 07:44:13 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Rtpo2TQq' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4528, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
pW52m8iEFnekB6lbCYVRPN9FSOYxoR8iQwgn0glOtLrvmTOCJ8W8gGgNZq2HcnABoOgirIHfn0np1BMGVLj5Gg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62287
x-xss-protection
0
origin-agent-cluster
?1
1630032541152153
connect.facebook.net/signals/config/ 		67 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1630032541152153?v=2.9.179&r=stable&domain=185.79.245.215&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2f033f6b29a3edde56f7d6c529833b5041e6959b92d4b18f00789cf3abfe3ce8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Y62Aszvo' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://185.79.245.215/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 07:44:13 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Y62Aszvo' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=77, mss=1232, tbw=70606, tp=66, tpl=0, uplat=150, ullat=0
pragma
public
x-fb-debug
r86p4kYfbapP9Le7Qlc12JsjcWLkERr+Us3J8W/AiDvHiphgeJj0+YcYhMoJ7a9649sdiPXfhNmnO5LnWpgRHQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1630032541152153&ev=PageView&dl=https%3A%2F%2F185.79.245.215&rl=&if=false&ts=1734507853406&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.3.1734507853405.278916185398584631&pm=1&hrl=ba2529&ler=empty&cdl=API_unavailable&it=1734507853221&coo=false&tm=1&cs_cc=1&cas=7848281281891169%2C8805679329476520%2C25561262110154633&rqm=GET
Requested by
Host: 185.79.245.215
URL: https://185.79.245.215/en/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://185.79.245.215/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4578, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 07:44:13 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1630032541152153&ev=PageView&dl=https%3A%2F%2F185.79.245.215&rl=&if=false&ts=1734507853406&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.3.1734507853405.278916185398584631&pm=1&hrl=ba2529&ler=empty&cdl=API_unavailable&it=1734507853221&coo=false&tm=1&cs_cc=1&cas=7848281281891169%2C8805679329476520%2C25561262110154633&rqm=FGET
Requested by
Host: 185.79.245.215
URL: https://185.79.245.215/en/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://185.79.245.215/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449654504273547333"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 07:44:13 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
PP/fkGnKYg0hOjd08JdnrMDpj+GLo6hSLufH7laHxh731QwGySKYVkfrqA7qX+JuWrjniL5nlicPtJpxn9HlmQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449654504273547333", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4946, tp=13, tpl=0, uplat=108, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
180x180.ico
185.79.245.215/storage/assets/images/ 		107 KB
108 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://185.79.245.215/storage/assets/images/180x180.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.79.245.215 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
pmail.mano.bank
Software
Apache /
Resource Hash
21821d7545eea911768239417aeac72d2f3a5d15887ffe5ff2095b5fd06e61e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://185.79.245.215/en/login

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains
ETag
"1adee-5a16f0c996104"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
110062
Keep-Alive
timeout=5, max=95
Date
Wed, 18 Dec 2024 07:44:35 GMT
Last-Modified
Sun, 22 Mar 2020 10:33:28 GMT
Content-Type
image/vnd.microsoft.icon
Server
Apache

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunk object| intlTelInputGlobals object| intlTelInputUtils function| flatpickr function| $ function| Inputmask function| fbq function| _fbq object| _fbq_gtm_ids object| recaptcha

6 Cookies

Domain/Path Name / Value
185.79.245.215/ Name: XSRF-TOKEN
Value: eyJpdiI6IkpxVXBpUDVjNktkZXc2ejFMZk1mWGc9PSIsInZhbHVlIjoiazZnZ0J6dFhTVHd0clwvaWxPZ1dyRXZHZXk2bzZiSmM0OXkyVyt4aW9IK3pTN045clpiZHkwMERpSkNTXC9Rcmk3dTdFZkRpanc5WTlqRzlSRXFHWklcL2huS0taRWFnODhrR3VLY2F1bGVUTWxFT3pSTGpERCtBSWdXdWI2dHVCZE4iLCJtYWMiOiI5ODRjYzIwMzE4ZGJkYmE2MjBkYjJhNTM3NWM0YjBjZjQxMjRjZTdhYjUyNjRiYTY5ZjI0MTkzYjA1NWEyNTNhIn0%3D
185.79.245.215/ Name: manobank_session
Value: eyJpdiI6InZYKzJDTWVwRDEzaVY0U2ozOGMwU2c9PSIsInZhbHVlIjoiMStBbE1RZjh2VENPWmltZHZMK3kzUlY0c3FSeDFrVFIrNWZBNDZEUFBSOEFJV3N0aStFb3g5d2VyTW92OVkxeGwwUmlPNzdvem5heHN5M0Z6b3VHaUpqXC9PQ2dVeW8zRHhWbEEzZE42UUUwSXM1aWRVZzd2ek0zNnhFOXVoN2h3IiwibWFjIjoiMmI4NzQ1ZDg5ODkwMGRmYzYyZDhkYTk1MGY4ZWJiYzk3MjE1Y2IwODU5YmJmNDM3NTQyMWU4YjNmMDdlMGFiYyJ9
185.79.245.215/ Name: _ga
Value: GA1.1.1170585490.1734507853
185.79.245.215/ Name: _ga_D6DL1NHZEQ
Value: GS1.1.1734507852.1.0.1734507852.60.0.0
185.79.245.215/ Name: _gcl_au
Value: 1.1.839581647.1734507853
185.79.245.215/ Name: _fbp
Value: fb.3.1734507853405.278916185398584631

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://185.79.245.215/en/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
region1.analytics.google.com
stats.g.doubleclick.net
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
185.79.245.215
2001:4860:4802:32::36
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2004
2a00:1450:4001:81c::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c09::9a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
0a84dd9a4e72ab9b862e3a58023261e20437402fe86c2dd581977e92100ff2ef
1a7ec6d01a2276862c7479e35639903e85b6edb56e6d8d23c7d7116132d2c505
21821d7545eea911768239417aeac72d2f3a5d15887ffe5ff2095b5fd06e61e3
2f033f6b29a3edde56f7d6c529833b5041e6959b92d4b18f00789cf3abfe3ce8
3c2fd00f75d0d87c5d9d2f068479e0d651749466c26e381310a52d626a343bf6
44ad4afd0651c9c3f1f408a39f18f878ca45ed214fe64834ffcdd41c851e8ee0
8001e254ead6ecd735e0e6fb4fa2a48118d681350da71f9db0d5baea5026f99b
8b77ab7c97bc418f6f79605073ace07b18dba01ebb2cce17dace1ca6e8b49743
9d476ce7d441875c1ae5a3ea08ab0a65652e3c386c2918add8ffe867461213bd
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac27c149af9aa549dcb65f4694d944dd6687c75d5627e03b5fae8773cf314815
ddd002a43630b73f45b3f612a05ee51e089845da5a3ea8730c5269bd41472e68
df2338b6ed2a10ec503bdf967ae246df4a0ae185975b5202c350a8f3a180f679
e1c4a0dcc57b9d39ece4a378fda1164f3600d0c760e1e4879c929d00858601ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a1b9962ece3b4d61dac4a0c3105f56e9473b5e32b48c215a0ed5e167acce0a