urlscan.io logo urlscan.io
SecurityTrails logo

www.bankplus.net Open in urlscan Pro
13.107.213.38  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bankplus.net/
Effective URL: https://www.bankplus.net/
Submission: On December 05 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 19 domains to perform 60 HTTP transactions. The main IP is 13.107.213.38, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.bankplus.net.
TLS certificate: Issued by Network Solutions RSA OV SSL CA 3 on November 6th 2023. Valid for: a year.
This is the only time www.bankplus.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.107.213.40 8075 (MICROSOFT...)
1 1 13.107.246.40 8075 (MICROSOFT...)
21 13.107.213.38 8075 (MICROSOFT...)
3 172.253.63.97 15169 (GOOGLE)
2 142.251.163.95 15169 (GOOGLE)
4 172.253.62.95 15169 (GOOGLE)
1 172.253.122.95 15169 (GOOGLE)
2 172.67.14.139 13335 (CLOUDFLAR...)
1 104.18.40.68 13335 (CLOUDFLAR...)
2 157.240.244.1 32934 (FACEBOOK)
1 72.21.81.200 15133 (EDGECAST)
2 172.253.122.94 15169 (GOOGLE)
3 172.64.205.20 13335 (CLOUDFLAR...)
3 172.253.62.101 15169 (GOOGLE)
1 2 142.251.163.149 15169 (GOOGLE)
1 69.28.157.216 22822 (LLNW)
1 34.98.105.146 396982 (GOOGLE-CL...)
2 142.251.16.156 15169 (GOOGLE)
1 157.240.244.35 32934 (FACEBOOK)
2 35.190.52.95 15169 (GOOGLE)
1 35.190.93.146 15169 (GOOGLE)
2 20.42.73.140 8075 (MICROSOFT...)
2 207.198.113.230 13768 (COGECO-PEER1)
60 22
1    13.107.213.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bankplus.net
1    13.107.246.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bankplus.net
21    13.107.213.38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.bankplus.net
3    172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
www.googletagmanager.com
2    142.251.163.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f95.1e100.net
fonts.googleapis.com
4    172.253.62.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f95.1e100.net
maps.googleapis.com
1    172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net
ajax.googleapis.com
2    172.67.14.139 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.datatables.net
1    104.18.40.68 (None, )

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
2    157.240.244.1 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-mty2.fbcdn.net
connect.facebook.net
1    72.21.81.200 (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
2    172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net
fonts.gstatic.com
3    172.64.205.20 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
3    172.253.62.101 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f101.1e100.net
www.google-analytics.com
2    142.251.163.149 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f149.1e100.net
10381388.fls.doubleclick.net
1    69.28.157.216 (Ashburn, United States)

ASN22822 (LLNW, US)
PTR: https-69-28-157-216.iad.llnw.net
up.pixel.ad
1    34.98.105.146 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 146.105.98.34.bc.googleusercontent.com
app-script.monsido.com
2    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
adservice.google.com
adservice.google.ca
1    157.240.244.35 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-mty2.facebook.com
www.facebook.com
2    35.190.52.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.52.190.35.bc.googleusercontent.com
pagecorrect.monsido.com
1    35.190.93.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.93.190.35.bc.googleusercontent.com
tracking.monsido.com
2    20.42.73.140 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
2    207.198.113.230 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
Apex Domain
Subdomains		 Transfer
23 bankplus.net
bankplus.net — Cisco Umbrella Rank: 608245
www.bankplus.net
1 MB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
maps.googleapis.com — Cisco Umbrella Rank: 357
ajax.googleapis.com — Cisco Umbrella Rank: 340
210 KB
4 monsido.com
app-script.monsido.com — Cisco Umbrella Rank: 10760
pagecorrect.monsido.com — Cisco Umbrella Rank: 24628
tracking.monsido.com — Cisco Umbrella Rank: 9854
9 KB
4 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1544
ka-f.fontawesome.com — Cisco Umbrella Rank: 3137
24 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
239 KB
2 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3501
267 B
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 786
280 B
2 doubleclick.net
10381388.fls.doubleclick.net
1 KB
2 gstatic.com
fonts.gstatic.com
97 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
91 KB
2 datatables.net
cdn.datatables.net — Cisco Umbrella Rank: 5068
33 KB
1 google.ca
adservice.google.ca — Cisco Umbrella Rank: 20468
303 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 google.com
adservice.google.com — Cisco Umbrella Rank: 93
695 B
1 pixel.ad
up.pixel.ad — Cisco Umbrella Rank: 11062
2 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2370
22 KB
0 videoamp.com Failed
b.videoamp.com Failed
0 rlcdn.com Failed
di.rlcdn.com Failed
60 19
Domain Requested by
21 www.bankplus.net www.bankplus.net
4 maps.googleapis.com www.bankplus.net
maps.googleapis.com
3 www.google-analytics.com www.googletagmanager.com
az416426.vo.msecnd.net
3 ka-f.fontawesome.com kit.fontawesome.com
3 www.googletagmanager.com www.bankplus.net
www.googletagmanager.com
2 pixel.sitescout.com www.bankplus.net
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 pagecorrect.monsido.com app-script.monsido.com
az416426.vo.msecnd.net
2 10381388.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net www.bankplus.net
connect.facebook.net
2 cdn.datatables.net www.bankplus.net
2 fonts.googleapis.com www.bankplus.net
2 bankplus.net 2 redirects
1 tracking.monsido.com
1 adservice.google.ca adservice.google.com
1 www.facebook.com www.bankplus.net
1 adservice.google.com 10381388.fls.doubleclick.net
1 app-script.monsido.com www.googletagmanager.com
1 up.pixel.ad www.googletagmanager.com
1 az416426.vo.msecnd.net www.bankplus.net
1 kit.fontawesome.com www.bankplus.net
1 ajax.googleapis.com www.bankplus.net
0 b.videoamp.com Failed www.bankplus.net
0 di.rlcdn.com Failed www.bankplus.net
60 25
Subject Issuer Validity Valid
www.bankplus.net
Network Solutions RSA OV SSL CA 3		 2023-11-06 -
2024-10-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-28 -
2024-04-27		 a year crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-13 -
2023-12-12		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2023-11-08 -
2024-02-06		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.pixel.ad
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-24 -
2024-02-02		 a year crt.sh
app-script.monsido.com
GTS CA 1D4		 2023-11-06 -
2024-02-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
pagecorrect.monsido.com
GTS CA 1D4		 2023-11-03 -
2024-02-01		 3 months crt.sh
tracking.monsido.com
GTS CA 1D4		 2023-11-23 -
2024-02-21		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft Azure RSA TLS Issuing CA 07		 2023-09-03 -
2024-08-28		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.bankplus.net/
Frame ID: 80C4DF8B42EDA80E89FBD69A6BBBD2EA
Requests: 55 HTTP requests in this frame

Frame: https://10381388.fls.doubleclick.net/activityi;dc_pre=CIrL1Oqu-IIDFX7yKAUdmi0O8A;src=10381388;type=count0;cat=sitev0;ord=1;num=9638981718410;auiddc=68186350.1701781693;gtm=45He3bt0v71073013;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bankplus.net%2F
Frame ID: A0D4B3CF5988D22774719053A6142A00
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIrL1Oqu-IIDFX7yKAUdmi0O8A;src=10381388;type=count0;cat=sitev0;ord=1;num=9638981718410;auiddc=68186350.1701781693;gtm=45He3bt0v71073013;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bankplus.net%2F
Frame ID: D4DA369854C92518B5EC9245A0D9668C
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.ca/ddm/fls/i/dc_pre=CIrL1Oqu-IIDFX7yKAUdmi0O8A;src=10381388;type=count0;cat=sitev0;ord=1;num=9638981718410;auiddc=68186350.1701781693;gtm=45He3bt0v71073013;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bankplus.net%2F
Frame ID: D8068BC89D31353A0D2DDE8800218384
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 2DA5AE7EBF7BA05163F3029157087E26
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Personal and Business Banking | BankPlus

Page URL History Show full URLs

  1. http://bankplus.net/ HTTP 307
    https://bankplus.net/ HTTP 301
    https://www.bankplus.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

97 %
HTTPS

0 %
IPv6

19
Domains

25
Subdomains

22
IPs

3
Countries

2074 kB
Transfer

4689 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bankplus.net/ HTTP 307
    https://bankplus.net/ HTTP 301
    https://www.bankplus.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://10381388.fls.doubleclick.net/activityi;src=10381388;type=count0;cat=sitev0;ord=1;num=9638981718410;auiddc=68186350.1701781693;gtm=45He3bt0v71073013;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bankplus.net%2F HTTP 302
  • https://10381388.fls.doubleclick.net/activityi;dc_pre=CIrL1Oqu-IIDFX7yKAUdmi0O8A;src=10381388;type=count0;cat=sitev0;ord=1;num=9638981718410;auiddc=68186350.1701781693;gtm=45He3bt0v71073013;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bankplus.net%2F

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bankplus.net/
Redirect Chain
  • http://bankplus.net/
  • https://bankplus.net/
  • https://www.bankplus.net/
50 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
2a134f04d3a109f0a74b7faf4a4ba31cd9050b669c5205a7c932d663a2555820
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
no-cache
content-encoding
gzip
content-length
14896
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
content-type
text/html; charset=utf-8
date
Tue, 05 Dec 2023 13:08:11 GMT
expires
-1
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-azure-ref
20231205T130811Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000sybd
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-type
text/html
date
Tue, 05 Dec 2023 13:08:10 GMT
location
https://www.bankplus.net/
x-azure-ref
20231205T130810Z-uytah9up452c35kce50puys6an0000000z9g000000010c61
x-cache
CONFIG_NOCACHE
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=%20GTM-%20M7NZP7
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
bfd9edaa73a2b65e740fbf480924a14040b07eef43348f9aaea7e17f4aaef6ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44219
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Dec 2023 13:08:12 GMT
css
www.bankplus.net/Content/ 		314 KB
72 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bankplus.net/Content/css?v=eETbv3rXb_NrZhhj291N8Nh7kicOr6uxzqkNNfEvm8U1
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
a037eaf4904488888e72b91a90680c2f52d4ff383a6866e040876e0667b7130c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-cache
CONFIG_NOCACHE
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 05 Dec 2023 13:08:11 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public
x-azure-ref
20231205T130811Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000sycb
expires
Wed, 04 Dec 2024 13:08:11 GMT
css
fonts.googleapis.com/ 		24 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:400&display=swap
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
8a57aa2b04e7ebbd0a93909f7b3d0855d177567e46ec15fb957ca9ab6b09f7b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Dec 2023 13:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 13:08:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Dec 2023 13:08:12 GMT
css
fonts.googleapis.com/ 		29 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:400&display=swap
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
48fca381a7cadb80037395ed02390c9074156f85353ff9e793577be2a4ea04b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Dec 2023 13:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 13:08:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Dec 2023 13:08:12 GMT
ScriptResource.axd
www.bankplus.net/ 		87 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bankplus.net/ScriptResource.axd?d=okuX3IVIBwfJlfEQK32K3gSg_pg8Qs_lSBG5RUf6xQuPgfjkegjqIaYsmviOx5FOLM8IesSNVq-glz4RP0NqPlHzwWTbJ1g5Rjx0TduNDUpuKiOKWnbzb6YXRDVkLJEEDifxmr98xBQoDm0L7BVzO3FTufN5rwc03sGUC_1GF7-Aq-vemVLoYO3L7puzbsMs0&t=ffffffffa0f4e70c
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-cache
CONFIG_NOCACHE
content-length
39737
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 Nov 2023 16:22:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public
x-azure-ref
20231205T130811Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000sycc
accept-ranges
bytes
expires
Wed, 13 Nov 2024 16:22:58 GMT
ScriptResource.axd
www.bankplus.net/ 		8 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bankplus.net/ScriptResource.axd?d=EydukmxBmDstn7gSYzQESIoIphIHo9x6cTOdIItoPtGMn8csJfRPFK3tv_9hZZnQiCsS_t93peKGXeM8fXY8Wh6N-FTubiqrSgOHmN3kl4foM-5nybOC5yGRmi1sisBG1fWFPQ5eYE2jtWLwVqdsifEgH3ikpk3EjiSCUUMThyhyACL9jmTRC3REdisBfTpP0&t=ffffffffa0f4e70c
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
7545b8823869f8c680bfe9c73f8d2d9295d98e891a58f26b186a7379cc6c7ead
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-cache
CONFIG_NOCACHE
content-length
3836
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Nov 2023 02:47:11 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public
x-azure-ref
20231205T130811Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000sycd
accept-ranges
bytes
expires
Thu, 14 Nov 2024 02:47:11 GMT
ScriptResource.axd
www.bankplus.net/ 		249 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bankplus.net/ScriptResource.axd?d=2z9h4-hKx8Yk1hygmet7pnBH_Ij61oyKC7eG_fsFqch4lDzgOtY5bnix5_7TQyV1UjrQAk7N9VqD9pM-qEm3RDm_8d8-voopNcO-P9py6huFSipUHOB0YTQLzoslVyo_rTzhDbU5iFg2Mo6Oo47Knr_rBWMAkJT2ikSd5T99pQGuD_SBeqZAN78C2JXtdOb50&t=ffffffffa0f4e70c
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
83cab6462e99178db1ce81a14deb2b5da764de98c3c5a597c06e789ec1cf14a1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-cache
CONFIG_NOCACHE
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 16 Nov 2023 20:12:41 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public
x-azure-ref
20231205T130811Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000syce
expires
Fri, 15 Nov 2024 20:12:41 GMT
js
maps.googleapis.com/maps/api/ 		197 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?libraries=places,geometry&key=AIzaSyCHIYZUBpk78GNW7bU0EAWw6wX2K8XTleo
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
72d6d171b570f59bc69f2f6a9e0028aa5e21826beb9a08b93b0f47f314d1317b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67703
x-xss-protection
0
logo@2x.png
www.bankplus.net/images/default-source/default-album/ 		8 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankplus.net/images/default-source/default-album/logo@2x.png?sfvrsn=84a783e4_2
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
4efceed79943d83edd5c21f323b01c50e333c5703ed9ccc16ec77c8c4b75d48c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-disposition
inline; filename=logo@2x.png
content-length
7988
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 06 Mar 2022 16:06:58 GMT
x-frame-options
SAMEORIGIN
x-azure-ref
20231205T130811Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000sycf
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 13:08:11 GMT
raf-2.png
www.bankplus.net/images/default-source/home/ 		133 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankplus.net/images/default-source/home/raf-2.png?sfvrsn=3bfb92bc_0
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
b3123a6c8b985361cf4747ba85a4390c8c0baf4ccda06d374ba64bacebf6acb9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-disposition
inline; filename=raf-2.png
content-length
136159
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 07 Nov 2023 22:46:33 GMT
x-frame-options
SAMEORIGIN
x-azure-ref
20231205T130811Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000sycg
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 13:08:11 GMT
business-checking-large.png
www.bankplus.net/images/default-source/personal-section/ 		8 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankplus.net/images/default-source/personal-section/business-checking-large.png?sfvrsn=3d7a9423_0
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
c4d2213a930f169b8d9b7f08f0a94cb0680a7643974767e965eaf475231e8c52
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-disposition
inline; filename=business-checking-large.png
content-length
7866
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Aug 2020 15:43:44 GMT
x-frame-options
SAMEORIGIN
x-azure-ref
20231205T130811Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000sydg
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 13:08:11 GMT
personal-loans-large.png
www.bankplus.net/images/default-source/personal-section/ 		6 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankplus.net/images/default-source/personal-section/personal-loans-large.png?sfvrsn=167327cc_0
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
c581370f6dc0d44b20e2fa0fb7989674b50ce7d14c08bae55510b6a94bd745b9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-disposition
inline; filename=personal-loans-large.png
content-length
5969
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 May 2020 02:47:57 GMT
x-frame-options
SAMEORIGIN
x-azure-ref
20231205T130811Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000sydw
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 13:08:11 GMT
business-liquidity-large.png
www.bankplus.net/images/default-source/business/business-icon/ 		9 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankplus.net/images/default-source/business/business-icon/business-liquidity-large.png?sfvrsn=f6c33e63_2
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
5812dfed9d74fe20e65d6a2960801beb5b748ca836990af97049318baed91a7f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-disposition
inline; filename=business-liquidity-large.png
content-length
9031
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 08 Jul 2020 19:04:08 GMT
x-frame-options
SAMEORIGIN
x-azure-ref
20231205T130812Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000symw
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 13:08:12 GMT
bankplus-logo-color-2x.png
www.bankplus.net/images/default-source/default-album/ 		6 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankplus.net/images/default-source/default-album/bankplus-logo-color-2x.png?sfvrsn=36b5aef4_0
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
416d6c5fec69bae08bf341e86c8dc897214ae52d15f3691f04158140fecebe5d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-disposition
inline; filename=bankplus-logo-color-2x.png
content-length
6349
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 04 Mar 2020 21:46:28 GMT
x-frame-options
SAMEORIGIN
x-azure-ref
20231205T130812Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000symx
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 13:08:12 GMT
logo-copyrights@2x.png
www.bankplus.net/images/default-source/default-album/ 		3 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankplus.net/images/default-source/default-album/logo-copyrights@2x.png?sfvrsn=49b1ee80_0
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
4ef6aa0e84a0f374c79ff43afe3c49871a945af717bc45143926f2a6fbf4917b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-disposition
inline; filename=logo-copyrights@2x.png
content-length
3085
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Apr 2020 17:58:05 GMT
x-frame-options
SAMEORIGIN
x-azure-ref
20231205T130812Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000symy
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 13:08:12 GMT
download_on_the_app_store_badge_us-uk_rgb_blk_092917.png
www.bankplus.net/images/default-source/default-album/ 		20 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankplus.net/images/default-source/default-album/download_on_the_app_store_badge_us-uk_rgb_blk_092917.png?sfvrsn=7dd4a4df_6
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
5c839949700c64bdef4bf819f053e625f233a79ce70d1afbc577dc79841e8531
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-disposition
inline; filename=download_on_the_app_store_badge_us-uk_rgb_blk_092917.png
content-length
20489
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 15 Oct 2020 21:07:58 GMT
x-frame-options
SAMEORIGIN
x-azure-ref
20231205T130812Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000symz
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 13:08:12 GMT
google-play-badge.png
www.bankplus.net/images/default-source/default-album/ 		13 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankplus.net/images/default-source/default-album/google-play-badge.png?sfvrsn=e2af3b73_8
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
a6d366810b9c5d91263d955c6edd21e9d197d0a03a8c860380b592f41e687609
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-disposition
inline; filename=google-play-badge.png
content-length
13535
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 15 Oct 2020 21:08:45 GMT
x-frame-options
SAMEORIGIN
x-azure-ref
20231205T130812Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000syn0
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 13:08:12 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 05:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 05:30:52 GMT
bankplus
www.bankplus.net/bundles/ 		126 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bankplus.net/bundles/bankplus?v=Fi3auZNBzcFCS9GzvIyNuK57sq87XtxjufDyQVynxFk1
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
cd60ff8e1758d34279c918a26bc3a033f0a2191e94a3855def4632e519f63e44
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-cache
CONFIG_NOCACHE
content-length
48117
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 05 Dec 2023 13:08:11 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public
x-azure-ref
20231205T130811Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000sye6
accept-ranges
bytes
expires
Wed, 04 Dec 2024 13:08:11 GMT
jquery.dataTables.min.js
cdn.datatables.net/1.10.20/js/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/1.10.20/js/jquery.dataTables.min.js
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.14.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f871fee6fdc802e757bb0453f141c299717af2cd28eeed56012892ce28f1ef4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
349133
content-length
28862
last-modified
Mon, 06 Nov 2023 12:01:10 GMT
server
cloudflare
etag
"112045f-14961-6097a9c2668f8-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
830c84361f89543d-YYZ
access-control-allow-headers
origin, x-requested-with, content-type
expires
Sat, 30 Nov 2024 12:09:18 GMT
dataTables.responsive.min.js
cdn.datatables.net/responsive/2.2.3/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/responsive/2.2.3/js/dataTables.responsive.min.js
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.14.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed36e2939292383b8688e2c83857e13f8ee9e542ba875c33c3c085488fd32a17
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
451595
content-length
4594
last-modified
Tue, 17 Jul 2018 10:19:02 GMT
server
cloudflare
etag
"13e05e4-32e7-5712f46726cda-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
830c84368810543d-YYZ
access-control-allow-headers
origin, x-requested-with, content-type
expires
Fri, 29 Nov 2024 07:41:36 GMT
adb8b6b108.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/adb8b6b108.js
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
510e0c5cc65de575025a30bbbcfe3ab1c57746b9f543fd69119617f47cec0a31

Request headers

Referer
https://www.bankplus.net/
Origin
https://www.bankplus.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:12 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
830c84374d9653e9-YYZ
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F5x-hduXey0zEj5lUJMi
Search-box.min.js
www.bankplus.net/Frontend-Assembly/Telerik.Sitefinity.Frontend.Search/Mvc/Scripts/SearchBox/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bankplus.net/Frontend-Assembly/Telerik.Sitefinity.Frontend.Search/Mvc/Scripts/SearchBox/Search-box.min.js?package=Bootstrap4&v=MTQuMS43ODI3LjA%3d
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
69a04c26013467c1c86cda9d63f19e14c492126a9e444d3dea601023f93b441d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-cache
CONFIG_NOCACHE
content-length
1352
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Sep 2023 11:21:22 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=86400
x-azure-ref
20231205T130811Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000sygn
accept-ranges
bytes
expires
Tue, 12 Dec 2023 13:08:12 GMT
WebResource.axd
www.bankplus.net/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bankplus.net/WebResource.axd?d=Oiw5o8i74rDb2VpVaCaMStWRpYNKJlg4mzKRTtILnRp7HvddV-tpN0JoLd2tz4VKYauBSYRWxEzyqQdDTLjsvxkoveDuSv8uESQ7_adrllUwsajf5X6ZYaGsmJooV4YU45tNuABqzla9gnE58OaUoB5cLHqlHZP2GbQN6ynLjsTkcDxC_195uX8J1FS4hyMuQSff9YNEpXGShMY86X4kGjWG-KVjEIaC07QlAADh8WE1&t=638308920840000000
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
70af2c1692797d05c8e4df12a63f1a1034600dfb1e303ebfc32750b7cd8e5630
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-cache
CONFIG_NOCACHE
content-length
2535
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Sep 2023 11:21:24 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public
x-azure-ref
20231205T130812Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000sygy
accept-ranges
bytes
expires
Mon, 25 Nov 2024 19:17:33 GMT
gtm.js
www.googletagmanager.com/ 		449 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M7NZP7
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
20913ccfccf88c1ae80acc011e502f97a539b350cf725c1bd07f4cdcae85c7a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106083
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Dec 2023 13:08:12 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.244.1 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-mty2.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 05 Dec 2023 13:08:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma
public
x-fb-debug
vjwJ2mAHvd7CK5DdFVC0ieEbfL0WbjqzfA/4wwtVraSI4M064XsrHfZ8d2UGl+e2Yc4skzol3vSrwOhYS9atww==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (cha/81AB) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Dec 2023 13:08:13 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
917
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (cha/81AB)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6ff4ff42-f01e-004d-4579-279481000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Tue, 05 Dec 2023 13:38:13 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bankplus.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 07:16:07 GMT
x-content-type-options
nosniff
age
280326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 07:16:07 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places,geometry&key=AIzaSyCHIYZUBpk78GNW7bU0EAWw6wX2K8XTleo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bankplus.net
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
fa.svg
www.bankplus.net/ResourcePackages/ST/library/img/ 		606 KB
189 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.bankplus.net/ResourcePackages/ST/library/img/fa.svg
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e5606050dc568572439eaf433184ad7680e08fbad59cfda0745a8391992ca2db
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-length
190578
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 03 May 2021 19:06:26 GMT
etag
"0a5416a4f40d71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
max-age=2678400
x-azure-ref
20231205T130812Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000syp4
accept-ranges
bytes
fab036dbf2595af4c41a1fdcdda3138a346.svg
www.bankplus.net/images/default-source/svg-library/ 		444 KB
447 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.bankplus.net/images/default-source/svg-library/fab036dbf2595af4c41a1fdcdda3138a346.svg?sfvrsn=6616aa83_0
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1dbd425b57e699aba852d320c2fcaf77394d6b1391fc92e23d622d8a6c26dc75
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-disposition
inline; filename=fab036dbf2595af4c41a1fdcdda3138a346.svg
content-length
455092
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Apr 2020 17:36:24 GMT
x-frame-options
SAMEORIGIN
x-azure-ref
20231205T130812Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000syp5
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 13:08:12 GMT
clover.png
www.bankplus.net/images/default-source/home/ 		104 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankplus.net/images/default-source/home/clover.png?sfvrsn=3fbbbf0e_0
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
c239758b318e92750b44b27788aa61eff1c5db04502cd6e7460d6f96e39d43f2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-disposition
inline; filename=clover.png
content-length
106263
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Jan 2023 17:42:42 GMT
x-frame-options
SAMEORIGIN
x-azure-ref
20231205T130812Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000syq3
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 13:08:13 GMT
money-manager.png
www.bankplus.net/images/default-source/home/ 		65 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankplus.net/images/default-source/home/money-manager.png?sfvrsn=b9c31ee9_0
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
227ee94184eac4945aae60815e6e0f39be714911bf7922f9b5eed56abe5aec59
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-disposition
inline; filename=money-manager.png
content-length
66364
x-xss-protection
1; mode=block
request-context
appId=cid-v1:17de5a11-c659-4471-9b9b-1954f0f73b0d
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Jan 2023 17:44:56 GMT
x-frame-options
SAMEORIGIN
x-azure-ref
20231205T130812Z-sf19tzepk165z6w07tty8w1ynw0000000y1g00000000syq4
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 13:08:12 GMT
1Ptsg8zYS_SKggPNyCg4TYFq.woff2
fonts.gstatic.com/s/raleway/v29/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4TYFq.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
039ddf14394e123b661886c7f7342ad63a40000003933122b7eb1ad0228e5077
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bankplus.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:55:51 GMT
x-content-type-options
nosniff
age
382342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50400
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:55:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 02:55:51 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=adb8b6b108
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/adb8b6b108.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.205.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:13 GMT
via
1.1 e027f912c97cbcd70bdff61138a2cbfa.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
ORD51-C4
age
613385
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2BWL20QnhQQYg7CO80HTGO7gnwbol8ESRmzZUXKihpxHsASKABTjpG7dND95bRP0Rc9%2BRfi%2BfZjU%2BjlzDl60uFbIr8BI%2FDIrlOq%2B2dIHhUBRXiwYvPivgv7ROSqw2i%2BUrpJxvbjaw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
830c843fdcd7e13f-ORD
access-control-allow-headers
fa-kit-token
x-amz-cf-id
F-nLmFCtsxEpLPrvXXb_TDKKcn2K1kLcjiszI4otu52gvZYdaY83Iw==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=adb8b6b108
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/adb8b6b108.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.205.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:13 GMT
via
1.1 444bca304ff3e288c7dc16cd9c038358.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
ORD51-C4
age
363690
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5G17BEx9ZkBZwmT%2BVNTHuvpqx0WcGTPsd5X5BPKt0bCRKpecNcLggT99r27s6tQoHNjOiTJDtXxJ1vtxQLJc9Sum3skm4%2F0GyKV1xBSYQqXQTJVcr7jllXD%2Fnh26EHWyxo8dbV%2F1zw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
830c843fccd6e13f-ORD
access-control-allow-headers
fa-kit-token
x-amz-cf-id
4G__uTDIdUeGwinhNgmowpCJpoxJTPcQICUfQqW2vHkRuxhRMvrc6w==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=adb8b6b108
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/adb8b6b108.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.205.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:13 GMT
via
1.1 51a9fe879233bcdaa87b146359af2e0c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
ORD51-C4
age
540554
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ow5t7hl80U3vcznFYxg3Sk1bMly59MXV%2FKKGrlpz9EhEOpM6Sx2Dm6JZgPCC8UR9h90xwAKsNJsdi1NAsru6eWNUYGSYdFHlVM2o5YLgylvBrKGGOQ09WIKujzp6uXg7o6W27Guzgg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
830c843fdcd9e13f-ORD
access-control-allow-headers
fa-kit-token
x-amz-cf-id
m1D2ZgHpPwPisjy0k0tczlFT63unRyx14dGTWvAplpRTiMNgThSTIA==
js
www.googletagmanager.com/gtag/ 		288 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-93RK6WT467&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7NZP7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
ab8da3dd2741eb8916da2ec2c30f06ca819b25abdaf7be619d2580239b5436b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93682
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Dec 2023 13:08:13 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7NZP7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 05 Dec 2023 11:39:00 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5353
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 05 Dec 2023 13:39:00 GMT
activityi;dc_pre=CIrL1Oqu-IIDFX7yKAUdmi0O8A;src=10381388;type=count0;cat=sitev0;ord=1;num=9638981718410;auiddc=68186350.1701781693;gtm=45He3bt0v71073013;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0...
10381388.fls.doubleclick.net/ Frame A0D4
Redirect Chain
  • https://10381388.fls.doubleclick.net/activityi;src=10381388;type=count0;cat=sitev0;ord=1;num=9638981718410;auiddc=68186350.1701781693;gtm=45He3bt0v71073013;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uam...
  • https://10381388.fls.doubleclick.net/activityi;dc_pre=CIrL1Oqu-IIDFX7yKAUdmi0O8A;src=10381388;type=count0;cat=sitev0;ord=1;num=9638981718410;auiddc=68186350.1701781693;gtm=45He3bt0v71073013;gcd=11l...
572 B
495 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10381388.fls.doubleclick.net/activityi;dc_pre=CIrL1Oqu-IIDFX7yKAUdmi0O8A;src=10381388;type=count0;cat=sitev0;ord=1;num=9638981718410;auiddc=68186350.1701781693;gtm=45He3bt0v71073013;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bankplus.net%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7NZP7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
cafe /
Resource Hash
59d6a9cf27ed0f1ade5d37225907aae26c08e4f95ff2922ce8d26d58c671a4bc
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bankplus.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
320
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 13:08:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 13:08:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10381388.fls.doubleclick.net/activityi;dc_pre=CIrL1Oqu-IIDFX7yKAUdmi0O8A;src=10381388;type=count0;cat=sitev0;ord=1;num=9638981718410;auiddc=68186350.1701781693;gtm=45He3bt0v71073013;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bankplus.net%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
up.js
up.pixel.ad/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://up.pixel.ad/assets/up.js?um=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7NZP7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.157.216 Ashburn, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-157-216.iad.llnw.net
Software
AC1.1 /
Resource Hash
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:14 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 16:22:21 GMT
server
AC1.1
age
385069
vary
accept-encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1550
x-llid
fe8bfe894dab8c5de5801d4d7517bf21
monsido-script.js
app-script.monsido.com/v2/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-script.monsido.com/v2/monsido-script.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7NZP7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.105.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
146.105.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
64e8ce58f2d8ee4332cc27fcb759c31013f418b6523586b6441fd2f097107b35

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:06:36 GMT
content-encoding
gzip
age
97
x-guploader-uploadid
ABPtcPqjM7gR6I_A7vQjt9Mx7w2pGCCURQVs2ZhVntMLsSAkJbgZvef_j3TkkfsprgVSOA-SNRRKemLIpMM10xuHY5Yz1KF4ZN85
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2757
last-modified
Thu, 01 Jun 2023 11:12:59 GMT
server
UploadServer
etag
"fce0a6a1f924b9c6816bdc5bc679506e"
vary
Accept-Encoding
x-goog-generation
1685617979609837
x-goog-hash
crc32c=dMVJbw==, md5=/OCmofkkucaBa9xbxnlQbg==
content-type
text/javascript
cache-control
public, max-age=300
x-goog-stored-content-length
2757
accept-ranges
bytes
expires
Tue, 05 Dec 2023 13:11:36 GMT
406006.gif
di.rlcdn.com/ 		0
0
impression
b.videoamp.com/d2/c8307792-98e2-40ea-99c3-3d1b9de42c52/7934/ 		0
0
584957262878999
connect.facebook.net/signals/config/ 		140 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/584957262878999?v=2.9.138&r=stable&domain=www.bankplus.net
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.244.1 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-mty2.fbcdn.net
Software
/
Resource Hash
84d3ef2e9bed302701430d8f223b73b075b41d38eaa019a9d5124643d7cb6abb
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 05 Dec 2023 13:08:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma
public
x-fb-debug
z8Up1VIVVKLS93mf0Yqj5e4n5Sse6lTGGXu3IQ5VrZzoHwa9hBy8TBF2+vqJjQ2NcWDrUb0mj0ulmJMDpD/Myg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1465798920&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bankplus.net%2F&ul=en-us&de=UTF-8&dt=Personal%20and%20Business%20Banking%20%7C%20BankPlus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=1830446582&gjid=731441187&cid=445426130.1701781694&tid=UA-7458601-1&_gid=1229319848.1701781694&_r=1&_slc=1&gtm=45He3bt0n71M7NZP7v71073013&gcd=11l1l1l1l1&dma=0&z=1815831467
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bankplus.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 13:08:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bankplus.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-93RK6WT467&gtm=45je3bt0v880996822z871073013&_p=1701781691327&gcd=11l1l1l1l1&dma=0&cid=445426130.1701781694&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1701781693&sct=1&seg=0&dl=https%3A%2F%2Fwww.bankplus.net%2F&dt=Personal%20and%20Business%20Banking%20%7C%20BankPlus&en=page_view&_fv=1&_ss=1&tfd=3708
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-93RK6WT467&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 13:08:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bankplus.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CIrL1Oqu-IIDFX7yKAUdmi0O8A;src=10381388;type=count0;cat=sitev0;ord=1;num=9638981718410;auiddc=68186350.1701781693;gtm=45He3bt0v71073013;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=...
adservice.google.com/ddm/fls/i/ Frame D4DA 		571 B
695 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CIrL1Oqu-IIDFX7yKAUdmi0O8A;src=10381388;type=count0;cat=sitev0;ord=1;num=9638981718410;auiddc=68186350.1701781693;gtm=45He3bt0v71073013;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bankplus.net%2F
Requested by
Host: 10381388.fls.doubleclick.net
URL: https://10381388.fls.doubleclick.net/activityi;dc_pre=CIrL1Oqu-IIDFX7yKAUdmi0O8A;src=10381388;type=count0;cat=sitev0;ord=1;num=9638981718410;auiddc=68186350.1701781693;gtm=45He3bt0v71073013;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bankplus.net%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
7e18ef637422710805bb2991aaa419b587ae6775fce1051e88659f06b2aed115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10381388.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
321
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 13:08:14 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=584957262878999&ev=PageView&dl=https%3A%2F%2Fwww.bankplus.net&rl=&if=false&ts=1701781694045&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1701781694039.819574286&cs_est=true&pm=1&hrl=f429d5&ler=empty&it=1701781693676&coo=false&cs_cc=1&cas=5839072866162741&rqm=GET
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.244.35 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-mty2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 05 Dec 2023 13:08:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
dc_pre=CIrL1Oqu-IIDFX7yKAUdmi0O8A;src=10381388;type=count0;cat=sitev0;ord=1;num=9638981718410;auiddc=68186350.1701781693;gtm=45He3bt0v71073013;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=...
adservice.google.ca/ddm/fls/i/ Frame D806 		194 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/ddm/fls/i/dc_pre=CIrL1Oqu-IIDFX7yKAUdmi0O8A;src=10381388;type=count0;cat=sitev0;ord=1;num=9638981718410;auiddc=68186350.1701781693;gtm=45He3bt0v71073013;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bankplus.net%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIrL1Oqu-IIDFX7yKAUdmi0O8A;src=10381388;type=count0;cat=sitev0;ord=1;num=9638981718410;auiddc=68186350.1701781693;gtm=45He3bt0v71073013;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bankplus.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 13:08:14 GMT
expires
Tue, 05 Dec 2023 13:08:14 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
page-correct.js
pagecorrect.monsido.com/v1/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagecorrect.monsido.com/v1/page-correct.js
Requested by
Host: app-script.monsido.com
URL: https://app-script.monsido.com/v2/monsido-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.52.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.52.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d141769570c57f86e87777d2093d36608c97f30872dbc3ce9c918b35793c180f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:03:26 GMT
content-encoding
gzip
age
289
x-guploader-uploadid
ABPtcPo7sd_q2R6Dbf9-x_EIAhVjOrzNfPpoiMUTUCGnWtarGyu7CPTEfRjxBPP3sw_AP1xCjOUlErUmcm_EvabLz00InsFuHlsz
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5178
last-modified
Thu, 06 Oct 2022 07:44:18 GMT
server
UploadServer
etag
"462a91667ac49521f34a03a7abc942f5"
vary
Accept-Encoding
x-goog-generation
1665042258321151
x-goog-hash
crc32c=hee7Lw==, md5=RiqRZnrElSHzSgOnq8lC9Q==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=300
x-goog-stored-content-length
5178
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 05 Dec 2023 13:08:26 GMT
/
tracking.monsido.com/ 		43 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.monsido.com/?a=22tHWIGuJCgNjqm6niDImA&b=https%3A%2F%2Fwww.bankplus.net%2F&c=3311701781694671&f=7341701781694671&h=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.93.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.93.190.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
2023-12-05T13:08:15Z
date
Tue, 05 Dec 2023 13:08:15 GMT
cache-control
private, no-store, max-age=0
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.140 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://www.bankplus.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Tue, 05 Dec 2023 13:08:14 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		96 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.140 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e69f399179d706c9efaf5c9da4dcca140f9917a9236fd591a038c6f281f283b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bankplus.net/
accept-language
en-CA,en;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
B705E92D-0440-4123-BD84-EE6A714D41A5
strict-transport-security
max-age=31536000
date
Tue, 05 Dec 2023 13:08:14 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
22tHWIGuJCgNjqm6niDImA.json
pagecorrect.monsido.com/v1/settings/ 		2 B
30 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagecorrect.monsido.com/v1/settings/22tHWIGuJCgNjqm6niDImA.json
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.52.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.52.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:08:15 GMT
age
0
x-guploader-uploadid
ABPtcPoqX4ZqKo4Mxfd8Crf-ro4Pwkzpbw9txFsqV3jaJf6wuFdaL8roAWSdjScpGNCkr6WeACBsciJ9fZIvut8biLduJkXFB2Fk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
last-modified
Sun, 03 Dec 2023 10:16:34 GMT
server
UploadServer
etag
"d751713988987e9331980363e24189ce"
x-goog-generation
1701598593921290
x-goog-hash
crc32c=dk29dg==, md5=11FxOYiYfpMxmANj4kGJzg==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=300
x-goog-stored-content-length
2
accept-ranges
bytes
content-type
application/json
expires
Tue, 05 Dec 2023 13:13:15 GMT
asyncPixelSync
pixel.sitescout.com/dmp/ Frame 2DA5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by
Host: www.bankplus.net
URL: https://www.bankplus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
207.198.113.230 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
A /
Resource Hash

Request headers

Referer
https://www.bankplus.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Tue, 05 Dec 2023 13:08:15 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
A
520e72554873836b
pixel.sitescout.com/up/ 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/up/520e72554873836b?cntr_url=https%3A%2F%2Fwww.bankplus.net%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
207.198.113.230 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 13:08:15 GMT
server
AC1.1
content-type
image/gif
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control
max-age=0,no-cache,no-store
content-length
43
expires
Tue, 11 Oct 1977 12:34:56 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/55/3/ 		255 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/3/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places,geometry&key=AIzaSyCHIYZUBpk78GNW7bU0EAWw6wX2K8XTleo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
sffe /
Resource Hash
862626d7f047d662ba009df71a153f10d6e807f7ef17d0d5127f0bef16e215d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 12:58:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57129
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 00:55:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 12:58:06 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/55/3/ 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/3/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places,geometry&key=AIzaSyCHIYZUBpk78GNW7bU0EAWw6wX2K8XTleo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
sffe /
Resource Hash
416d94f82831298c634952e55392f6a187d52da70fe49083b99af1755bde4615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bankplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 09:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
13747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55134
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 00:55:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 09:19:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
di.rlcdn.com
URL
https://di.rlcdn.com/406006.gif?pdata=partner%3Dtap390014%2Cdata%3Dtype%3Asite%24audience%3ASS_BankPlus_ClientSite_Control
Domain
b.videoamp.com
URL
https://b.videoamp.com/d2/c8307792-98e2-40ea-99c3-3d1b9de42c52/7934/impression?bwb=35&vpxid=7934&dnt=false&cevt=SITEWIDE&us_privacy=

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| dataLayer function| fbq function| _fbq object| appInsights function| $ function| jQuery object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| module$exports$mapsapi$geometry$polyGeometry object| module$exports$mapsapi$poly$polylineCodec object| google_tag_manager object| google_tag_data function| _classCallCheck function| MapMarker function| addBaseClickEvents function| formLabelHandler function| accordionInit function| _createClass function| StorageHelper string| _storageKey function| TextSizeChanger function| ScrollToTop function| ImageLoader string| userAgent function| isIe function| isSafari function| ProductComparison function| Alert function| GoogleMap function| Locations function| GetZipCode function| LocationsNearby function| RatesByZip function| Properties function| Callout function| SpeedBump function| LoginBox function| Menu function| addGenericFormClass function| LocationDetails object| _MONTHS_ undefined| MainScripts object| $body object| $window object| get function| svg4everybody object| Vimeo boolean| VimeoPlayerResizeEmbeds_ object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| $jscomp object| FontAwesomeKitConfig string| GoogleAnalyticsObject function| ga object| _monsido object| AI object| Microsoft function| __extends function| _endsWith object| PersonalizationTracker function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData object| cntrUpTag boolean| _monsido_script_loader_has_run object| monsido_functions

13 Cookies

Domain/Path Name / Value
.www.bankplus.net/ Name: ARRAffinity
Value: 62db18380e813d82256176a1fd6543a43d6a734e299ceadd8b272cc06a84c6bf
.www.bankplus.net/ Name: ARRAffinitySameSite
Value: 62db18380e813d82256176a1fd6543a43d6a734e299ceadd8b272cc06a84c6bf
.bankplus.net/ Name: _gcl_au
Value: 1.1.68186350.1701781693
www.bankplus.net/ Name: ai_user
Value: Dmyc7|2023-12-05T13:08:13.524Z
www.bankplus.net/ Name: sf-prs-ss
Value: 638373784935750000
www.bankplus.net/ Name: sf-prs-lu
Value: https://www.bankplus.net/
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bankplus.net/ Name: _gid
Value: GA1.2.1229319848.1701781694
.bankplus.net/ Name: _gat_UA-7458601-1
Value: 1
.bankplus.net/ Name: _ga_93RK6WT467
Value: GS1.1.1701781693.1.0.1701781693.0.0.0
.bankplus.net/ Name: _ga
Value: GA1.1.445426130.1701781694
www.bankplus.net/ Name: ai_session
Value: sOP9g|1701781693948.5|1701781693948.5
.bankplus.net/ Name: _fbp
Value: fb.1.1701781694039.819574286

2 Console Messages

Source Level URL
Text
security error URL: https://www.bankplus.net/(Line 909)
Message:
Refused to load the image 'https://di.rlcdn.com/406006.gif?pdata=partner%3Dtap390014%2Cdata%3Dtype%3Asite%24audience%3ASS_BankPlus_ClientSite_Control' because it violates the following Content Security Policy directive: "img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com".
security error URL: https://www.bankplus.net/(Line 909)
Message:
Refused to load the image 'https://b.videoamp.com/d2/c8307792-98e2-40ea-99c3-3d1b9de42c52/7934/impression?bwb=35&vpxid=7934&dnt=false&cevt=SITEWIDE&us_privacy=' because it violates the following Content Security Policy directive: "img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com rlforms.referlive.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com *.youtube.com *.twitter.com https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com https://apps.usw2.pure.cloud http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org *.googletagmanager.com cdn.datatables.net kit.fontawesome.com www.youtube.com *.vo.msecnd.net *.us.tvsquared.com *.monsido.com up.pixel.ad *.doubleclick.net *.hotjar.com *.digindemo.com; style-src 'self' 'unsafe-inline' *.googleapis.com rlforms.referlive.com/css/ReferLive_bankplus.css *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: ka-f.fontawesome.com; img-src bap.bankplus.net 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com *.tvsquared.com *.monsido.com *.sitescout.com; media-src 'self' data: blob:; frame-src player.vimeo.com 'self' *.doubleclick.net *.hotjar.com *.facebook.com *.sitescout.com *.bankplus.net https://apps.usw2.pure.cloud https://www.digindemo.com/; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com; connect-src bpwebsvc.bankplus.net 'self' accounts.google.com https://*.insight.sitefinity.com *.hotjar.com *.hotjar.io https://*.dec.sitefinity.com *.mktoresp.com maps.googleapis.com https://api.usw2.pure.cloud wss://webmessaging.usw2.pure.cloud https://api-cdn.usw2.pure.cloud ka-f.fontawesome.com *.google-analytics.com dc.services.visualstudio.com *.visualstudio.com *.monsido.com wss://ws22.hotjar.com rlforms.referlive.com https://ecmacore.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10381388.fls.doubleclick.net
adservice.google.ca
adservice.google.com
ajax.googleapis.com
app-script.monsido.com
az416426.vo.msecnd.net
b.videoamp.com
bankplus.net
cdn.datatables.net
connect.facebook.net
dc.services.visualstudio.com
di.rlcdn.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
maps.googleapis.com
pagecorrect.monsido.com
pixel.sitescout.com
tracking.monsido.com
up.pixel.ad
www.bankplus.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
b.videoamp.com
di.rlcdn.com
104.18.40.68
13.107.213.38
13.107.213.40
13.107.246.40
142.251.16.156
142.251.163.149
142.251.163.95
157.240.244.1
157.240.244.35
172.253.122.94
172.253.122.95
172.253.62.101
172.253.62.95
172.253.63.97
172.64.205.20
172.67.14.139
20.42.73.140
207.198.113.230
34.98.105.146
35.190.52.95
35.190.93.146
69.28.157.216
72.21.81.200
039ddf14394e123b661886c7f7342ad63a40000003933122b7eb1ad0228e5077
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1dbd425b57e699aba852d320c2fcaf77394d6b1391fc92e23d622d8a6c26dc75
20913ccfccf88c1ae80acc011e502f97a539b350cf725c1bd07f4cdcae85c7a5
227ee94184eac4945aae60815e6e0f39be714911bf7922f9b5eed56abe5aec59
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
2a134f04d3a109f0a74b7faf4a4ba31cd9050b669c5205a7c932d663a2555820
2f871fee6fdc802e757bb0453f141c299717af2cd28eeed56012892ce28f1ef4
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
416d6c5fec69bae08bf341e86c8dc897214ae52d15f3691f04158140fecebe5d
416d94f82831298c634952e55392f6a187d52da70fe49083b99af1755bde4615
48fca381a7cadb80037395ed02390c9074156f85353ff9e793577be2a4ea04b7
4ef6aa0e84a0f374c79ff43afe3c49871a945af717bc45143926f2a6fbf4917b
4efceed79943d83edd5c21f323b01c50e333c5703ed9ccc16ec77c8c4b75d48c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
510e0c5cc65de575025a30bbbcfe3ab1c57746b9f543fd69119617f47cec0a31
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5812dfed9d74fe20e65d6a2960801beb5b748ca836990af97049318baed91a7f
59d6a9cf27ed0f1ade5d37225907aae26c08e4f95ff2922ce8d26d58c671a4bc
5c839949700c64bdef4bf819f053e625f233a79ce70d1afbc577dc79841e8531
64e8ce58f2d8ee4332cc27fcb759c31013f418b6523586b6441fd2f097107b35
69a04c26013467c1c86cda9d63f19e14c492126a9e444d3dea601023f93b441d
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
70af2c1692797d05c8e4df12a63f1a1034600dfb1e303ebfc32750b7cd8e5630
72d6d171b570f59bc69f2f6a9e0028aa5e21826beb9a08b93b0f47f314d1317b
7545b8823869f8c680bfe9c73f8d2d9295d98e891a58f26b186a7379cc6c7ead
7e18ef637422710805bb2991aaa419b587ae6775fce1051e88659f06b2aed115
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
83cab6462e99178db1ce81a14deb2b5da764de98c3c5a597c06e789ec1cf14a1
84d3ef2e9bed302701430d8f223b73b075b41d38eaa019a9d5124643d7cb6abb
862626d7f047d662ba009df71a153f10d6e807f7ef17d0d5127f0bef16e215d7
8a57aa2b04e7ebbd0a93909f7b3d0855d177567e46ec15fb957ca9ab6b09f7b8
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
a037eaf4904488888e72b91a90680c2f52d4ff383a6866e040876e0667b7130c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a6d366810b9c5d91263d955c6edd21e9d197d0a03a8c860380b592f41e687609
ab8da3dd2741eb8916da2ec2c30f06ca819b25abdaf7be619d2580239b5436b1
b3123a6c8b985361cf4747ba85a4390c8c0baf4ccda06d374ba64bacebf6acb9
bfd9edaa73a2b65e740fbf480924a14040b07eef43348f9aaea7e17f4aaef6ad
c239758b318e92750b44b27788aa61eff1c5db04502cd6e7460d6f96e39d43f2
c4d2213a930f169b8d9b7f08f0a94cb0680a7643974767e965eaf475231e8c52
c581370f6dc0d44b20e2fa0fb7989674b50ce7d14c08bae55510b6a94bd745b9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd60ff8e1758d34279c918a26bc3a033f0a2191e94a3855def4632e519f63e44
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d141769570c57f86e87777d2093d36608c97f30872dbc3ce9c918b35793c180f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5606050dc568572439eaf433184ad7680e08fbad59cfda0745a8391992ca2db
e69f399179d706c9efaf5c9da4dcca140f9917a9236fd591a038c6f281f283b9
ed36e2939292383b8688e2c83857e13f8ee9e542ba875c33c3c085488fd32a17
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda