zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io Open in urlscan Pro
2a00:fb01:400:200:5000:5aff:fef2:9428 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
Submission: On October 05 via api (October 5th 2023, 8:43:00 am UTC) from US — Scanned from FR

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 11 HTTP transactions. The main IP is 2a00:fb01:400:200:5000:5aff:fef2:9428, located in Switzerland and belongs to EVERYWARE-NET, CH. The main domain is zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io.
TLS certificate: Issued by R3 on August 30th 2023. Valid for: 3 months.

This is the only time zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2a00:fb01:400... 2a00:fb01:400:200:5000:5aff:fef2:9428	24951 (EVERYWARE...) (EVERYWARE-NET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	104.18.35.95 104.18.35.95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.30.217 34.120.30.217	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
11	5

6 2a00:fb01:400:200:5000:5aff:fef2:9428 (Switzerland)

ASN24951 (EVERYWARE-NET, CH)

zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.95 (None, )

ASN13335 (CLOUDFLARENET, US)

www.trumarkonlinebanking.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.30.217 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 217.30.120.34.bc.googleusercontent.com

prd.dbk.ncr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	icp0.io zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io	96 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
1	gstatic.com fonts.gstatic.com	225 KB
1	ncr.com prd.dbk.ncr.com — Cisco Umbrella Rank: 39686	3 MB
1	trumarkonlinebanking.org www.trumarkonlinebanking.org — Cisco Umbrella Rank: 623222	587 B
11	5

	Domain	Requested by
6	zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io	zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io
2	fonts.googleapis.com	zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io
1	fonts.gstatic.com	fonts.googleapis.com
1	prd.dbk.ncr.com	zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io
1	www.trumarkonlinebanking.org	zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io
11	5

This site contains no links.

Subject Issuer	Validity	Valid
boundary.dfinity.network R3	`2023-08-30` - `2023-11-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.trumarkonlinebanking.org DigiCert EV RSA CA G2	`2023-08-10` - `2024-09-09`	a year	crt.sh
prd.dbk.ncr.com GTS CA 1D4	`2023-08-28` - `2023-11-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
Frame ID: 519E34129BCEFFC2F857D7637B00DCBA
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TRUMARK FINANCIAL CREDIT UNION | Login

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

3276 kB
Transfer

3582 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/ 84 KB
15 KB 520ms
401ms Document
text/html 2a00:fb01:400:200:5000:5aff:fef2:9428
EVERYWARE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:fb01:400:200:5000:5aff:fef2:9428 , Switzerland, ASN24951 (EVERYWARE-NET, CH),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: ee24d32f1dffa19bdc71e1ce1c4a869808c359a7b96de3254b5e0529bb52e0f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-None-Match,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie
access-control-allow-methods: HEAD, GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges,Content-Length,Content-Range,X-Request-Id
access-control-max-age: 600
content-encoding: gzip
content-type: text/html
date: Thu, 05 Oct 2023 08:42:54 GMT
ic-certificate: certificate=:2dn3o2R0cmVlgwGDAYMBgwJIY2FuaXN0ZXKDAYIEWCDj2qiUxIaKDUHdcMUHLJFhfjNZOQFERAvDJNGiIqmzNoMBggRYILi7/2cQQ8RwKRKPQdpUAT0enZZT2WZCA+3EmAh9SbG0gwGDAYIEWCDu9ViA9BWJjj1xiNz64mdZrimG+iAxxg2FGyZTR4YSr4MBggRYIC34pmmaaBVomw6FFZ8KHSd2doOvlggAvX6fMnHNvS3TgwGCBFggrsBW6NOC+8AuwichjrF5bwCxZbP0rp0znQNb5Yecgn+DAYMBggRYIB3Sv64uwH6St2RN1yWJZDkGWcECCNKsAU46uXE44WmCgwGCBFgguuoQKV8cVqAmZ6Ms+aU5+OteC901VtQz4TRAfN7qQteDAYIEWCBZP+Y9chpVRmvvjk3CX7vAfYkqL/rbt6ZtHGSMOAZe3YMCSgAAAAAAcC2LAQGDAYMBgwJOY2VydGlmaWVkX2RhdGGCA1ggtdpexRUqoogoik1/ksptUEZG9ghtJxZzyBkW4Y8qdbCCBFgg+k3LTMt6nrDVkoFLyoQGbHVQYSJQwGFCByw2mT6lQvaCBFgghRIZEuCkjWKLmBvxtxGAx07lW7hQvAmgDwtWjYnPX4qCBFggi48NfYSXZLbMirfxlLbd4VKns9Qrhn2dFJYqp60GDkeCBFggg55yg5Jj9QAAvAo/I8C5fd43qsnq/zhrgZPuTNDYfXKCBFggCF/37qVw1+X2CsqJWlkzN/Ux5XfDXaNhj/mRUkWfkc+CBFggxa48gFsaw9EL/iHUfy8lKtlJaJ08h1V1HuWPaa/kWJSDAYIEWCCFXEk/ONyKsQW022SIFoCI7QTh3/eLCZxJ8UMdfdtTf4MCRHRpbWWCA0mSn5Pq17HKxRdpc2lnbmF0dXJlWDCXP+oxOq2K61f/2/asjCcqn7qVBNZeGEwnhJFMXeeQS//scbNsBkux/sahUHbyC3VqZGVsZWdhdGlvbqJpc3VibmV0X2lkWB1FF4tmpAek1ZwKTWczvaLOPzfBEbQlfsQZCPT4AmtjZXJ0aWZpY2F0ZVkCV9nZ96JkdHJlZYMBggRYIIsoqSNn6QNMNL8UdgQNXPSc0srLyLnK89v1wyLM0nxugwGDAkZzdWJuZXSDAYMBgwGCBFggJn/lURG1bjw5dVMuozc/e3Lp+CBy/o5gftNEhkeKWzmDAYIEWCBGanAobPms6YAcpT4ir27gWaCU/WBJhgbUhLaFQFgwfYMBggRYIL5ypMZtyOflVmphzKP//ptJOs49TABxqsbEkhbHZEKagwGDAlgdRReLZqQHpNWcCk1nM72izj83wRG0JX7EGQj0+AKDAYMCT2NhbmlzdGVyX3Jhbmdlc4IDWBvZ2feBgkoAAAAAAHAAAAEBSgAAAAAAf///AQGDAkpwdWJsaWNfa2V5ggNYhTCBgjAdBg0rBgEEAYLcfAUDAQIBBgwrBgEEAYLcfAUDAgEDYQCVX1L3PC3sWaY3spTlC5NNtdbeKec7vPhOfYakrEG617U5+YF63okWlh2d1r+SVwENWFcVbo/mqvz2/QaHlecL0zmbNBEwDJzMjroNBowQ5M+29OJ9GVserXhdYY6zk7mCBFggTLlmfCAjkvHDQa1HY5CA4acGMqdh0rKVUbLEJk33q3GCBFggp/JRlR7tcmgRRgRJOIIUdzyUFTx1iv46qlT5tRcEJoaCBFgg25JVxhCUNwZlYMJW5oVkWFCzYSxB7HELdh2f13N5nxSDAkR0aW1lggNJgeuvs9HCtcUXaXNpZ25hdHVyZVgwlrNOrBkkxSYETzDCnT+NeKO7TuMNJ33saciFq6hpQqhsmqcvBBpgKGaDVOXCjc+V:, tree=:2dn3gwJLaHR0cF9hc3NldHODAYMBgwJYGi9jc3MvNTkuNWYwMzQ3ZjkuY2h1bmsuY3NzggRYILp1gmMkRrVygQgGQT9bqLOVKD7CAfS20odfxF4EIVIvggRYIEcSK4u8til1EDCUkw3xbqZfUvx15nyPnGTnQEr7Tl90gwGCBFgg4swcabipswxJ9CBOZeX5v5JgiXNRYn0Ch/Wy7K/ReYeDAYIEWCBR1/NdohjE+QtvjZvQreZ0jm99A6GVsAkztaYf37HTwoMBgwJLL2luZGV4Lmh0bWyCA1gg7iTTLx3/oZvcceHOHEqGmAjDWae5beMlS14FKbtS4PGCBFggxo8et4qiRvXBRpgxgnHblCpIVvHfoFBuMk/QSUjcSWY=:
server: nginx/1.21.3
x-ic-streaming-response: false
x-request-id: c6e008e5-02f3-537a-dc29-a124e942b393

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 96ms
35ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Requested by

Host: zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io
URL: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 08:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 07:42:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 08:42:54 GMT

GET
H2 200 css2
fonts.googleapis.com/ 696 B
538 B 96ms
36ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@24,400,0,0

Requested by

Host: zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io
URL: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6def134d81f94fbe3d1f9b4f1d556c533faa3aaae2859edf7a5a3b879f385829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 08:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 08:42:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 08:42:54 GMT

GET
H2 200 main.2ec975ed.chunk.css
zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/css/ 288 KB
60 KB 947ms
946ms Stylesheet
text/css 2a00:fb01:400:200:5000:5aff:fef2:9428
EVERYWARE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/css/main.2ec975ed.chunk.css
Requested by: Host: zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io
URL: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:fb01:400:200:5000:5aff:fef2:9428 , Switzerland, ASN24951 (EVERYWARE-NET, CH),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 35f012d999a606347a17e1b9930fa14b1ec13a5b6f70cffa866b078e49aa23d3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ic-streaming-response: false
date: Thu, 05 Oct 2023 08:42:55 GMT
content-encoding: gzip
server: nginx/1.21.3
ic-certificate: certificate=:2dn3o2R0cmVlgwGDAYMBgwJIY2FuaXN0ZXKDAYIEWCDj2qiUxIaKDUHdcMUHLJFhfjNZOQFERAvDJNGiIqmzNoMBggRYILi7/2cQQ8RwKRKPQdpUAT0enZZT2WZCA+3EmAh9SbG0gwGDAYIEWCDu9ViA9BWJjj1xiNz64mdZrimG+iAxxg2FGyZTR4YSr4MBggRYIC34pmmaaBVomw6FFZ8KHSd2doOvlggAvX6fMnHNvS3TgwGCBFggrsBW6NOC+8AuwichjrF5bwCxZbP0rp0znQNb5Yecgn+DAYMBggRYIB3Sv64uwH6St2RN1yWJZDkGWcECCNKsAU46uXE44WmCgwGCBFgguuoQKV8cVqAmZ6Ms+aU5+OteC901VtQz4TRAfN7qQteDAYIEWCBZP+Y9chpVRmvvjk3CX7vAfYkqL/rbt6ZtHGSMOAZe3YMCSgAAAAAAcC2LAQGDAYMBgwJOY2VydGlmaWVkX2RhdGGCA1ggtdpexRUqoogoik1/ksptUEZG9ghtJxZzyBkW4Y8qdbCCBFgg+k3LTMt6nrDVkoFLyoQGbHVQYSJQwGFCByw2mT6lQvaCBFgghRIZEuCkjWKLmBvxtxGAx07lW7hQvAmgDwtWjYnPX4qCBFggi48NfYSXZLbMirfxlLbd4VKns9Qrhn2dFJYqp60GDkeCBFggg55yg5Jj9QAAvAo/I8C5fd43qsnq/zhrgZPuTNDYfXKCBFgg4hSvmEAprH1oU1b5L3u5Yps55IQvO9I4gznGdHzl6gmCBFgga2uJmJmaSdznTU8JWj3QK9bceltPX4ptcomCuhgdlD6DAYIEWCCVW+lDtXGNNP/dyLGrmqdUKGUIKm9Pl6YmY5vJQuCYcoMCRHRpbWWCA0nn8fTh27HKxRdpc2lnbmF0dXJlWDCqtsmniM2KDQwyzw/KuaYBdiRZxXjki2/5S1DSpEY8FAOn4i1vXZeyWIp5vS2yuQpqZGVsZWdhdGlvbqJpc3VibmV0X2lkWB1FF4tmpAek1ZwKTWczvaLOPzfBEbQlfsQZCPT4AmtjZXJ0aWZpY2F0ZVkCV9nZ96JkdHJlZYMBggRYIOtN98+/ZV4dws50cXK0wfkgqJ+MlCwjWqou90i5q3DSgwGDAkZzdWJuZXSDAYMBgwGCBFggJn/lURG1bjw5dVMuozc/e3Lp+CBy/o5gftNEhkeKWzmDAYIEWCBGanAobPms6YAcpT4ir27gWaCU/WBJhgbUhLaFQFgwfYMBggRYIL5ypMZtyOflVmphzKP//ptJOs49TABxqsbEkhbHZEKagwGDAlgdRReLZqQHpNWcCk1nM72izj83wRG0JX7EGQj0+AKDAYMCT2NhbmlzdGVyX3Jhbmdlc4IDWBvZ2feBgkoAAAAAAHAAAAEBSgAAAAAAf///AQGDAkpwdWJsaWNfa2V5ggNYhTCBgjAdBg0rBgEEAYLcfAUDAQIBBgwrBgEEAYLcfAUDAgEDYQCVX1L3PC3sWaY3spTlC5NNtdbeKec7vPhOfYakrEG617U5+YF63okWlh2d1r+SVwENWFcVbo/mqvz2/QaHlecL0zmbNBEwDJzMjroNBowQ5M+29OJ9GVserXhdYY6zk7mCBFggTLlmfCAjkvHDQa1HY5CA4acGMqdh0rKVUbLEJk33q3GCBFggp/JRlR7tcmgRRgRJOIIUdzyUFTx1iv46qlT5tRcEJoaCBFggIk5oxJYK5NzlLfqZfytnP9aUeqkiVk+eS6FNMQxICXKDAkR0aW1lggNJyv633YTDtcUXaXNpZ25hdHVyZVgwlmXr4wdV4Nf2UpqRzg2WKTsDjkeyCGHG2QizrBOrC/vbXRhXNT78b0UagYxBvM3C:, tree=:2dn3gwJLaHR0cF9hc3NldHODAYMBggRYIIfXx23PF8G2hDQyA//loIq4ODrPHAVVBXZ1fWAJCuCDgwGCBFggNmB289sHuUsiic08dY1ghsk/XilpQcTi7kRycQDMoDCDAlgcL2Nzcy9tYWluLjJlYzk3NWVkLmNodW5rLmNzc4IDWCA18BLZmaYGNHoX4bmTD6FLHsE6W29wz/qGaweOSaoj04IEWCAPHstGmuUVB2rD0gtxNmBZhxw5rJ8nNIkZDl1ONZ38kw==:
access-control-max-age: 600
access-control-allow-methods: HEAD, GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges,Content-Length,Content-Range,X-Request-Id
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-None-Match,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie
content-length: 59194
x-request-id: 6246890f-3ed7-0831-3173-5c2844ee2f50

GET
H2 200 59.5f0347f9.chunk.css
zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/css/ 2 KB
3 KB 239ms
239ms Stylesheet
text/css 2a00:fb01:400:200:5000:5aff:fef2:9428
EVERYWARE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/css/59.5f0347f9.chunk.css
Requested by: Host: zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io
URL: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:fb01:400:200:5000:5aff:fef2:9428 , Switzerland, ASN24951 (EVERYWARE-NET, CH),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 0825f217d7d8ab9171d4dbe6b67275b5ee15ecef3c4aa7d277c96f1692d10bd1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ic-streaming-response: false
date: Thu, 05 Oct 2023 08:42:54 GMT
content-encoding: gzip
server: nginx/1.21.3
ic-certificate: certificate=:2dn3o2R0cmVlgwGDAYMBgwJIY2FuaXN0ZXKDAYIEWCDj2qiUxIaKDUHdcMUHLJFhfjNZOQFERAvDJNGiIqmzNoMBggRYILi7/2cQQ8RwKRKPQdpUAT0enZZT2WZCA+3EmAh9SbG0gwGDAYIEWCDu9ViA9BWJjj1xiNz64mdZrimG+iAxxg2FGyZTR4YSr4MBggRYIC34pmmaaBVomw6FFZ8KHSd2doOvlggAvX6fMnHNvS3TgwGCBFggrsBW6NOC+8AuwichjrF5bwCxZbP0rp0znQNb5Yecgn+DAYMBggRYIB3Sv64uwH6St2RN1yWJZDkGWcECCNKsAU46uXE44WmCgwGCBFgguuoQKV8cVqAmZ6Ms+aU5+OteC901VtQz4TRAfN7qQteDAYIEWCBZP+Y9chpVRmvvjk3CX7vAfYkqL/rbt6ZtHGSMOAZe3YMCSgAAAAAAcC2LAQGDAYMBgwJOY2VydGlmaWVkX2RhdGGCA1ggtdpexRUqoogoik1/ksptUEZG9ghtJxZzyBkW4Y8qdbCCBFgg+k3LTMt6nrDVkoFLyoQGbHVQYSJQwGFCByw2mT6lQvaCBFgghRIZEuCkjWKLmBvxtxGAx07lW7hQvAmgDwtWjYnPX4qCBFggi48NfYSXZLbMirfxlLbd4VKns9Qrhn2dFJYqp60GDkeCBFggg55yg5Jj9QAAvAo/I8C5fd43qsnq/zhrgZPuTNDYfXKCBFggCF/37qVw1+X2CsqJWlkzN/Ux5XfDXaNhj/mRUkWfkc+CBFggxa48gFsaw9EL/iHUfy8lKtlJaJ08h1V1HuWPaa/kWJSDAYIEWCCFXEk/ONyKsQW022SIFoCI7QTh3/eLCZxJ8UMdfdtTf4MCRHRpbWWCA0mSn5Pq17HKxRdpc2lnbmF0dXJlWDCXP+oxOq2K61f/2/asjCcqn7qVBNZeGEwnhJFMXeeQS//scbNsBkux/sahUHbyC3VqZGVsZWdhdGlvbqJpc3VibmV0X2lkWB1FF4tmpAek1ZwKTWczvaLOPzfBEbQlfsQZCPT4AmtjZXJ0aWZpY2F0ZVkCV9nZ96JkdHJlZYMBggRYIGHZui2JVDjpu+d1/KquxpR30PPv8BRKVzY+AclGNLkugwGDAkZzdWJuZXSDAYMBgwGCBFggJn/lURG1bjw5dVMuozc/e3Lp+CBy/o5gftNEhkeKWzmDAYIEWCBGanAobPms6YAcpT4ir27gWaCU/WBJhgbUhLaFQFgwfYMBggRYIL5ypMZtyOflVmphzKP//ptJOs49TABxqsbEkhbHZEKagwGDAlgdRReLZqQHpNWcCk1nM72izj83wRG0JX7EGQj0+AKDAYMCT2NhbmlzdGVyX3Jhbmdlc4IDWBvZ2feBgkoAAAAAAHAAAAEBSgAAAAAAf///AQGDAkpwdWJsaWNfa2V5ggNYhTCBgjAdBg0rBgEEAYLcfAUDAQIBBgwrBgEEAYLcfAUDAgEDYQCVX1L3PC3sWaY3spTlC5NNtdbeKec7vPhOfYakrEG617U5+YF63okWlh2d1r+SVwENWFcVbo/mqvz2/QaHlecL0zmbNBEwDJzMjroNBowQ5M+29OJ9GVserXhdYY6zk7mCBFggTLlmfCAjkvHDQa1HY5CA4acGMqdh0rKVUbLEJk33q3GCBFggp/JRlR7tcmgRRgRJOIIUdzyUFTx1iv46qlT5tRcEJoaCBFggvEk2oFiqganFNU3iyiGft1Ayi5nROvSta8ZY6OkDDGuDAkR0aW1lggNJ67fe+cvCtcUXaXNpZ25hdHVyZVgwspQAEeThoszQvF3/aauvx5OWtMKLm6Yeabh//onQZ1j4pZ8xRoNfQn7IQI7Rc5BK:, tree=:2dn3gwJLaHR0cF9hc3NldHODAYMBgwJYGi9jc3MvNTkuNWYwMzQ3ZjkuY2h1bmsuY3NzggNYIAgl8hfX2KuRcdTb5rZydbXuFezvPEqn0nfJbxaS0QvRggRYIEcSK4u8til1EDCUkw3xbqZfUvx15nyPnGTnQEr7Tl90ggRYIA8ey0aa5RUHasPSC3E2YFmHHDmsnyc0iRkOXU41nfyT:
access-control-max-age: 600
access-control-allow-methods: HEAD, GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges,Content-Length,Content-Range,X-Request-Id
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-None-Match,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie
content-length: 601
x-request-id: e3fc0a5c-70d2-c5b1-be12-31069ddfcae7

GET
H2 200 LoginWidget.css
zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/css/ 14 KB
5 KB 174ms
173ms Stylesheet
text/css 2a00:fb01:400:200:5000:5aff:fef2:9428
EVERYWARE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/css/LoginWidget.css
Requested by: Host: zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io
URL: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:fb01:400:200:5000:5aff:fef2:9428 , Switzerland, ASN24951 (EVERYWARE-NET, CH),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 4a8641b7c024ee55ee564cab75ec5c1c4b2dca91d72c319ec350b864eb68d6fe

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ic-streaming-response: false
date: Thu, 05 Oct 2023 08:42:54 GMT
content-encoding: gzip
server: nginx/1.21.3
ic-certificate: certificate=:2dn3o2R0cmVlgwGDAYMBgwJIY2FuaXN0ZXKDAYIEWCDj2qiUxIaKDUHdcMUHLJFhfjNZOQFERAvDJNGiIqmzNoMBggRYILi7/2cQQ8RwKRKPQdpUAT0enZZT2WZCA+3EmAh9SbG0gwGDAYIEWCDu9ViA9BWJjj1xiNz64mdZrimG+iAxxg2FGyZTR4YSr4MBggRYIC34pmmaaBVomw6FFZ8KHSd2doOvlggAvX6fMnHNvS3TgwGCBFggrsBW6NOC+8AuwichjrF5bwCxZbP0rp0znQNb5Yecgn+DAYMBggRYIB3Sv64uwH6St2RN1yWJZDkGWcECCNKsAU46uXE44WmCgwGCBFgguuoQKV8cVqAmZ6Ms+aU5+OteC901VtQz4TRAfN7qQteDAYIEWCBZP+Y9chpVRmvvjk3CX7vAfYkqL/rbt6ZtHGSMOAZe3YMCSgAAAAAAcC2LAQGDAYMBgwJOY2VydGlmaWVkX2RhdGGCA1ggtdpexRUqoogoik1/ksptUEZG9ghtJxZzyBkW4Y8qdbCCBFgg+k3LTMt6nrDVkoFLyoQGbHVQYSJQwGFCByw2mT6lQvaCBFgghRIZEuCkjWKLmBvxtxGAx07lW7hQvAmgDwtWjYnPX4qCBFggi48NfYSXZLbMirfxlLbd4VKns9Qrhn2dFJYqp60GDkeCBFggg55yg5Jj9QAAvAo/I8C5fd43qsnq/zhrgZPuTNDYfXKCBFggCF/37qVw1+X2CsqJWlkzN/Ux5XfDXaNhj/mRUkWfkc+CBFggxa48gFsaw9EL/iHUfy8lKtlJaJ08h1V1HuWPaa/kWJSDAYIEWCCFXEk/ONyKsQW022SIFoCI7QTh3/eLCZxJ8UMdfdtTf4MCRHRpbWWCA0mSn5Pq17HKxRdpc2lnbmF0dXJlWDCXP+oxOq2K61f/2/asjCcqn7qVBNZeGEwnhJFMXeeQS//scbNsBkux/sahUHbyC3VqZGVsZWdhdGlvbqJpc3VibmV0X2lkWB1FF4tmpAek1ZwKTWczvaLOPzfBEbQlfsQZCPT4AmtjZXJ0aWZpY2F0ZVkCV9nZ96JkdHJlZYMBggRYIKtykG68dB5bckHUBn1l5XcqzZ1i9KHWBgq6r69pl9FhgwGDAkZzdWJuZXSDAYMBgwGCBFggJn/lURG1bjw5dVMuozc/e3Lp+CBy/o5gftNEhkeKWzmDAYIEWCBGanAobPms6YAcpT4ir27gWaCU/WBJhgbUhLaFQFgwfYMBggRYIL5ypMZtyOflVmphzKP//ptJOs49TABxqsbEkhbHZEKagwGDAlgdRReLZqQHpNWcCk1nM72izj83wRG0JX7EGQj0+AKDAYMCT2NhbmlzdGVyX3Jhbmdlc4IDWBvZ2feBgkoAAAAAAHAAAAEBSgAAAAAAf///AQGDAkpwdWJsaWNfa2V5ggNYhTCBgjAdBg0rBgEEAYLcfAUDAQIBBgwrBgEEAYLcfAUDAgEDYQCVX1L3PC3sWaY3spTlC5NNtdbeKec7vPhOfYakrEG617U5+YF63okWlh2d1r+SVwENWFcVbo/mqvz2/QaHlecL0zmbNBEwDJzMjroNBowQ5M+29OJ9GVserXhdYY6zk7mCBFggTLlmfCAjkvHDQa1HY5CA4acGMqdh0rKVUbLEJk33q3GCBFggp/JRlR7tcmgRRgRJOIIUdzyUFTx1iv46qlT5tRcEJoaCBFggfA/V14S1BVzFaC+aNUcWuIe1Zki45feTI//acTNLIMyDAkR0aW1lggNJ9ufrltbCtcUXaXNpZ25hdHVyZVgwgQ0I8Hpwzkk+/jO9RBE75/9aWGgLitYkcLGTPSO9X7YgWZCSB9WkxisC8kNbI0YW:, tree=:2dn3gwJLaHR0cF9hc3NldHODAYMBggRYIIfXx23PF8G2hDQyA//loIq4ODrPHAVVBXZ1fWAJCuCDgwGDAlQvY3NzL0xvZ2luV2lkZ2V0LmNzc4IDWCBKhkG3wCTuVe5WTKt17FwcSy3KkdcsMZ7DULhk62jW/oIEWCBE5Nlh+/JkvVWJcYLwUeZD4iXleVCioxAhOruOzAMlH4IEWCAPHstGmuUVB2rD0gtxNmBZhxw5rJ8nNIkZDl1ONZ38kw==:
access-control-max-age: 600
access-control-allow-methods: HEAD, GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges,Content-Length,Content-Range,X-Request-Id
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-None-Match,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie
content-length: 3248
x-request-id: 8d8e5bf6-30c2-b825-352a-41080fd68d7d

GET
H2 200 logo200x75-YJ7ht.png
zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/img/ 8 KB
10 KB 187ms
186ms Image
image/png 2a00:fb01:400:200:5000:5aff:fef2:9428
EVERYWARE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/img/logo200x75-YJ7ht.png
Requested by: Host: zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io
URL: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:fb01:400:200:5000:5aff:fef2:9428 , Switzerland, ASN24951 (EVERYWARE-NET, CH),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: c779c7605a14d5f3f28cf7968b64fcb70e65984563cfc6e05608f3f95ac2442a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ic-streaming-response: false
date: Thu, 05 Oct 2023 08:42:54 GMT
server: nginx/1.21.3
ic-certificate: certificate=:2dn3o2R0cmVlgwGDAYMBgwJIY2FuaXN0ZXKDAYIEWCDj2qiUxIaKDUHdcMUHLJFhfjNZOQFERAvDJNGiIqmzNoMBggRYILi7/2cQQ8RwKRKPQdpUAT0enZZT2WZCA+3EmAh9SbG0gwGDAYIEWCDu9ViA9BWJjj1xiNz64mdZrimG+iAxxg2FGyZTR4YSr4MBggRYIC34pmmaaBVomw6FFZ8KHSd2doOvlggAvX6fMnHNvS3TgwGCBFggrsBW6NOC+8AuwichjrF5bwCxZbP0rp0znQNb5Yecgn+DAYMBggRYIB3Sv64uwH6St2RN1yWJZDkGWcECCNKsAU46uXE44WmCgwGCBFgguuoQKV8cVqAmZ6Ms+aU5+OteC901VtQz4TRAfN7qQteDAYIEWCBZP+Y9chpVRmvvjk3CX7vAfYkqL/rbt6ZtHGSMOAZe3YMCSgAAAAAAcC2LAQGDAYMBgwJOY2VydGlmaWVkX2RhdGGCA1ggtdpexRUqoogoik1/ksptUEZG9ghtJxZzyBkW4Y8qdbCCBFgg+k3LTMt6nrDVkoFLyoQGbHVQYSJQwGFCByw2mT6lQvaCBFgghRIZEuCkjWKLmBvxtxGAx07lW7hQvAmgDwtWjYnPX4qCBFggi48NfYSXZLbMirfxlLbd4VKns9Qrhn2dFJYqp60GDkeCBFggg55yg5Jj9QAAvAo/I8C5fd43qsnq/zhrgZPuTNDYfXKCBFggCF/37qVw1+X2CsqJWlkzN/Ux5XfDXaNhj/mRUkWfkc+CBFggxa48gFsaw9EL/iHUfy8lKtlJaJ08h1V1HuWPaa/kWJSDAYIEWCCFXEk/ONyKsQW022SIFoCI7QTh3/eLCZxJ8UMdfdtTf4MCRHRpbWWCA0mSn5Pq17HKxRdpc2lnbmF0dXJlWDCXP+oxOq2K61f/2/asjCcqn7qVBNZeGEwnhJFMXeeQS//scbNsBkux/sahUHbyC3VqZGVsZWdhdGlvbqJpc3VibmV0X2lkWB1FF4tmpAek1ZwKTWczvaLOPzfBEbQlfsQZCPT4AmtjZXJ0aWZpY2F0ZVkCV9nZ96JkdHJlZYMBggRYIKtykG68dB5bckHUBn1l5XcqzZ1i9KHWBgq6r69pl9FhgwGDAkZzdWJuZXSDAYMBgwGCBFggJn/lURG1bjw5dVMuozc/e3Lp+CBy/o5gftNEhkeKWzmDAYIEWCBGanAobPms6YAcpT4ir27gWaCU/WBJhgbUhLaFQFgwfYMBggRYIL5ypMZtyOflVmphzKP//ptJOs49TABxqsbEkhbHZEKagwGDAlgdRReLZqQHpNWcCk1nM72izj83wRG0JX7EGQj0+AKDAYMCT2NhbmlzdGVyX3Jhbmdlc4IDWBvZ2feBgkoAAAAAAHAAAAEBSgAAAAAAf///AQGDAkpwdWJsaWNfa2V5ggNYhTCBgjAdBg0rBgEEAYLcfAUDAQIBBgwrBgEEAYLcfAUDAgEDYQCVX1L3PC3sWaY3spTlC5NNtdbeKec7vPhOfYakrEG617U5+YF63okWlh2d1r+SVwENWFcVbo/mqvz2/QaHlecL0zmbNBEwDJzMjroNBowQ5M+29OJ9GVserXhdYY6zk7mCBFggTLlmfCAjkvHDQa1HY5CA4acGMqdh0rKVUbLEJk33q3GCBFggp/JRlR7tcmgRRgRJOIIUdzyUFTx1iv46qlT5tRcEJoaCBFggfA/V14S1BVzFaC+aNUcWuIe1Zki45feTI//acTNLIMyDAkR0aW1lggNJ9ufrltbCtcUXaXNpZ25hdHVyZVgwgQ0I8Hpwzkk+/jO9RBE75/9aWGgLitYkcLGTPSO9X7YgWZCSB9WkxisC8kNbI0YW:, tree=:2dn3gwJLaHR0cF9hc3NldHODAYIEWCD8j5mo0NrNwp3EP4EaglTjg6D+3koG/sT2QowutS2NCYMBggRYIOLMHGm4qbMMSfQgTmXl+b+SYIlzUWJ9Aof1suyv0XmHgwGDAlgZL2ltZy9sb2dvMjAweDc1LVlKN2h0LnBuZ4IDWCDHecdgWhTV8/KM95aLZPy3DmWYRWPPxuBWCPP5WsJEKoIEWCB24uuNsm3SD4d/xPlqWWon/2y0423HhIRmJInN+9WgCw==:
access-control-max-age: 600
access-control-allow-methods: HEAD, GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges,Content-Length,Content-Range,X-Request-Id
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-None-Match,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie
content-length: 7778
x-request-id: ea23a622-a2a5-5afe-4310-4ec0c88edf8d

GET
H2 200 di-logo.svg
www.trumarkonlinebanking.org/dbank/live//static/images/ 81 B
587 B 1109ms
1027ms Image
image/svg+xml 104.18.35.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trumarkonlinebanking.org/dbank/live//static/images/di-logo.svg

Requested by

Host: zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io
URL: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80f4838e0fb7e8685f3708a89f76e118a8bcac5ee5e5215bbb03ae15629c4714

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-debug-epoxy: 1
date: Thu, 05 Oct 2023 08:42:55 GMT
strict-transport-security: max-age=600; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Sep 2023 04:02:03 GMT
server: cloudflare
content-encoding: gzip
etag: W/"651257bb-51"
vary: Accept-Encoding
content-type: image/svg+xml
servedfrom: Epoxy-GCP
cf-ray: 81145fbbdc060348-CDG

GET
H2 200 main.js Show response
zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/js/ 2 KB
3 KB 323ms
323ms Script
application/javascript 2a00:fb01:400:200:5000:5aff:fef2:9428
EVERYWARE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/js/main.js
Requested by: Host: zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io
URL: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:fb01:400:200:5000:5aff:fef2:9428 , Switzerland, ASN24951 (EVERYWARE-NET, CH),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: ce603160aaa4b7826ea42c31a11976819868f542bc02fef0fb343590330340d1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ic-streaming-response: false
date: Thu, 05 Oct 2023 08:42:54 GMT
content-encoding: gzip
server: nginx/1.21.3
ic-certificate: certificate=:2dn3o2R0cmVlgwGDAYMBgwJIY2FuaXN0ZXKDAYIEWCDj2qiUxIaKDUHdcMUHLJFhfjNZOQFERAvDJNGiIqmzNoMBggRYILi7/2cQQ8RwKRKPQdpUAT0enZZT2WZCA+3EmAh9SbG0gwGDAYIEWCDu9ViA9BWJjj1xiNz64mdZrimG+iAxxg2FGyZTR4YSr4MBggRYIC34pmmaaBVomw6FFZ8KHSd2doOvlggAvX6fMnHNvS3TgwGCBFggrsBW6NOC+8AuwichjrF5bwCxZbP0rp0znQNb5Yecgn+DAYMBggRYIB3Sv64uwH6St2RN1yWJZDkGWcECCNKsAU46uXE44WmCgwGCBFgguuoQKV8cVqAmZ6Ms+aU5+OteC901VtQz4TRAfN7qQteDAYIEWCBZP+Y9chpVRmvvjk3CX7vAfYkqL/rbt6ZtHGSMOAZe3YMCSgAAAAAAcC2LAQGDAYMBgwJOY2VydGlmaWVkX2RhdGGCA1ggtdpexRUqoogoik1/ksptUEZG9ghtJxZzyBkW4Y8qdbCCBFgg+k3LTMt6nrDVkoFLyoQGbHVQYSJQwGFCByw2mT6lQvaCBFgghRIZEuCkjWKLmBvxtxGAx07lW7hQvAmgDwtWjYnPX4qCBFggi48NfYSXZLbMirfxlLbd4VKns9Qrhn2dFJYqp60GDkeCBFggg55yg5Jj9QAAvAo/I8C5fd43qsnq/zhrgZPuTNDYfXKCBFgg4hSvmEAprH1oU1b5L3u5Yps55IQvO9I4gznGdHzl6gmCBFgga2uJmJmaSdznTU8JWj3QK9bceltPX4ptcomCuhgdlD6DAYIEWCCVW+lDtXGNNP/dyLGrmqdUKGUIKm9Pl6YmY5vJQuCYcoMCRHRpbWWCA0nn8fTh27HKxRdpc2lnbmF0dXJlWDCqtsmniM2KDQwyzw/KuaYBdiRZxXjki2/5S1DSpEY8FAOn4i1vXZeyWIp5vS2yuQpqZGVsZWdhdGlvbqJpc3VibmV0X2lkWB1FF4tmpAek1ZwKTWczvaLOPzfBEbQlfsQZCPT4AmtjZXJ0aWZpY2F0ZVkCV9nZ96JkdHJlZYMBggRYIGHZui2JVDjpu+d1/KquxpR30PPv8BRKVzY+AclGNLkugwGDAkZzdWJuZXSDAYMBgwGCBFggJn/lURG1bjw5dVMuozc/e3Lp+CBy/o5gftNEhkeKWzmDAYIEWCBGanAobPms6YAcpT4ir27gWaCU/WBJhgbUhLaFQFgwfYMBggRYIL5ypMZtyOflVmphzKP//ptJOs49TABxqsbEkhbHZEKagwGDAlgdRReLZqQHpNWcCk1nM72izj83wRG0JX7EGQj0+AKDAYMCT2NhbmlzdGVyX3Jhbmdlc4IDWBvZ2feBgkoAAAAAAHAAAAEBSgAAAAAAf///AQGDAkpwdWJsaWNfa2V5ggNYhTCBgjAdBg0rBgEEAYLcfAUDAQIBBgwrBgEEAYLcfAUDAgEDYQCVX1L3PC3sWaY3spTlC5NNtdbeKec7vPhOfYakrEG617U5+YF63okWlh2d1r+SVwENWFcVbo/mqvz2/QaHlecL0zmbNBEwDJzMjroNBowQ5M+29OJ9GVserXhdYY6zk7mCBFggTLlmfCAjkvHDQa1HY5CA4acGMqdh0rKVUbLEJk33q3GCBFggp/JRlR7tcmgRRgRJOIIUdzyUFTx1iv46qlT5tRcEJoaCBFggvEk2oFiqganFNU3iyiGft1Ayi5nROvSta8ZY6OkDDGuDAkR0aW1lggNJ67fe+cvCtcUXaXNpZ25hdHVyZVgwspQAEeThoszQvF3/aauvx5OWtMKLm6Yeabh//onQZ1j4pZ8xRoNfQn7IQI7Rc5BK:, tree=:2dn3gwJLaHR0cF9hc3NldHODAYIEWCD8j5mo0NrNwp3EP4EaglTjg6D+3koG/sT2QowutS2NCYMBggRYIOLMHGm4qbMMSfQgTmXl+b+SYIlzUWJ9Aof1suyv0XmHgwGCBFggUdfzXaIYxPkLb42b0K3mdI5vfQOhlbAJM7WmH9+x08KDAYIEWCDQUuRhp/UQ8XeQCV+UhU9Vx4ENjSFhU4Q7bJDMO1VA/YMCSy9qcy9tYWluLmpzggNYIM5gMWCqpLeCbqQsMaEZdoGYaPVCvAL+8Ps0NZAzA0DR:
access-control-max-age: 600
access-control-allow-methods: HEAD, GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges,Content-Length,Content-Range,X-Request-Id
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-None-Match,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie
content-length: 1074
x-request-id: 768767ee-78a7-5c03-7681-a2c266fbc951

GET
H2 200 apploginscreen-VReky.png
prd.dbk.ncr.com/images/01736/media/ 3 MB
3 MB 306ms
123ms Image
image/png 34.120.30.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.dbk.ncr.com/images/01736/media/apploginscreen-VReky.png
Requested by: Host: zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io
URL: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.30.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.30.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4d648ace6eb1426e99ac0a164d54c5e7a0497b31d0d350f02ef1f07971c3c028

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:42:55 GMT
age: 0
x-guploader-uploadid: ADPycdtt3-0RR73J-yWJBnQ-1T9bwerC7rvtn9itJKBTJMOPVPAGnAfb6yqtNLr8XyAW7Pj6U-0KWpjGfcRw_PGrFSTHRpIgKVX-
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="apploginscreen-VReky.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020947
last-modified: Wed, 16 Mar 2022 15:13:17 GMT
server: UploadServer
etag: "8300c6dc0b8928949a017f2179051a91"
x-goog-generation: 1647443597189309
x-goog-hash: crc32c=BQ7K3g==, md5=gwDG3AuJKJSaAX8heQUakQ==
access-control-allow-origin: *
access-control-expose-headers: images.prd.dbk.ncr.com, *
cache-control: public, max-age=3600
x-goog-stored-content-length: 3020947
accept-ranges: bytes
content-type: image/png
expires: Thu, 05 Oct 2023 09:42:55 GMT

GET
H2 200 kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p_4MrImHCIJIZrDCvHOej.woff2
fonts.gstatic.com/s/materialsymbolsoutlined/v138/ 224 KB
225 KB 90ms
28ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialsymbolsoutlined/v138/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p_4MrImHCIJIZrDCvHOej.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@24,400,0,0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70a3d6783a60ee728dc14c9f02315d563b0f6026f69ee5394ca5c8b30ccb3b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 03:33:17 GMT
x-content-type-options: nosniff
age: 18578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229404
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 23:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 03:33:17 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.trumarkonlinebanking.org/	1970-01-20 15:14:57	Name: __cf_bm Value: TZVwJ71NSpeh6uemEMfrX6WO7v0joPNRZ6atu4ugh9A-1696495375-0-AVbdS9zjCjeFdn3jEk/PsNsNNufak4KZWTD/YRielpgS5dcSAR+ZGCaMNv/VSQ3N8oDvkWWTKIXfqBhqx3XVmvn7pcsi3hzLMmkD2n/sxHxL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
prd.dbk.ncr.com
www.trumarkonlinebanking.org
zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io
104.18.35.95
2a00:1450:4001:80b::2003
2a00:1450:4001:831::200a
2a00:fb01:400:200:5000:5aff:fef2:9428
34.120.30.217
0825f217d7d8ab9171d4dbe6b67275b5ee15ecef3c4aa7d277c96f1692d10bd1
35f012d999a606347a17e1b9930fa14b1ec13a5b6f70cffa866b078e49aa23d3
4a8641b7c024ee55ee564cab75ec5c1c4b2dca91d72c319ec350b864eb68d6fe
4d648ace6eb1426e99ac0a164d54c5e7a0497b31d0d350f02ef1f07971c3c028
6def134d81f94fbe3d1f9b4f1d556c533faa3aaae2859edf7a5a3b879f385829
80f4838e0fb7e8685f3708a89f76e118a8bcac5ee5e5215bbb03ae15629c4714
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
b70a3d6783a60ee728dc14c9f02315d563b0f6026f69ee5394ca5c8b30ccb3b4
c779c7605a14d5f3f28cf7968b64fcb70e65984563cfc6e05608f3f95ac2442a
ce603160aaa4b7826ea42c31a11976819868f542bc02fef0fb343590330340d1
ee24d32f1dffa19bdc71e1ce1c4a869808c359a7b96de3254b5e0529bb52e0f1

zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io Open in urlscan Pro 2a00:fb01:400:200:5000:5aff:fef2:9428 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

4 Countries

3276 kBTransfer

3582 kBSize

1 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Indicators

zn6av-3aaaa-aaaad-qfwfq-cai.raw.icp0.io Open in urlscan Pro
2a00:fb01:400:200:5000:5aff:fef2:9428 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

3276 kB
Transfer

3582 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions