api.bankofstrategy.com Open in urlscan Pro
3.143.85.249 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://api.bankofstrategy.com/
Submission: On August 07 via automatic, source certstream-suspicious (August 7th 2024, 4:33:06 pm UTC) — Scanned from US

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 35 HTTP transactions. The main IP is 3.143.85.249, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is api.bankofstrategy.com.
TLS certificate: Issued by WR1 on August 4th 2024. Valid for: 3 months.

This is the only time api.bankofstrategy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	3.143.85.249 3.143.85.249	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
4	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
4	34.194.37.158 34.194.37.158	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
35	5

22 3.143.85.249 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-143-85-249.us-east-2.compute.amazonaws.com

api.bankofstrategy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.217 (San Francisco, United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.194.37.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-37-158.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	bankofstrategy.com api.bankofstrategy.com	5 MB
8	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 1046 events.launchdarkly.com — Cisco Umbrella Rank: 1278	3 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	3 KB
2	gstatic.com fonts.gstatic.com	37 KB
35	4

	Domain	Requested by
22	api.bankofstrategy.com	api.bankofstrategy.com
4	events.launchdarkly.com	api.bankofstrategy.com
4	app.launchdarkly.com	api.bankofstrategy.com
3	fonts.googleapis.com	api.bankofstrategy.com
2	fonts.gstatic.com	fonts.googleapis.com
35	5

This site contains no links.

Subject Issuer	Validity	Valid
api.bankofstrategy.com WR1	`2024-08-04` - `2024-11-02`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M03	`2024-07-16` - `2025-08-14`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://api.bankofstrategy.com/
Frame ID: FC3BAA2800137D314E28ACE0D3B127CB
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In | Developer Portal

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

35
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

5183 kB
Transfer

5199 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
api.bankofstrategy.com/ 2 KB
3 KB 688ms
83ms Document
text/html 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

kong-mesh /

Resource Hash

6c60b094a80292aacc117784217c5aff642a5e63a4124d18f9cada359ad605f5

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 443934
content-length: 2183
content-security-policy: style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 02 Aug 2024 13:14:07 GMT
etag: "8ac6437428825b70fec1655d2d426e7a"
last-modified: Fri, 02 Aug 2024 13:14:03 GMT
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
ratelimit-limit: 600
ratelimit-remaining: 599
ratelimit-reset: 10
referrer-policy: no-referrer
server: kong-mesh
strict-transport-security: max-age=15552000; includeSubDomains
via: kong-enterprise-edition
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-kong-proxy-latency: 1
x-kong-upstream-latency: 15
x-permitted-cross-domain-policies: none
x-ratelimit-limit-10: 600
x-ratelimit-limit-minute: 4000
x-ratelimit-remaining-10: 599
x-ratelimit-remaining-minute: 3999

GET
H2 200 font.css
api.bankofstrategy.com/api/v2/portal/stylesheet/ 336 B
2 KB 141ms
138ms Stylesheet
text/css 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/api/v2/portal/stylesheet/font.css

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

Resource Hash

49ef1ca7ed29fad79840599266712ab308505b60571bb4f01bbdfabce7018e08

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'nonce-a84a4421346819bdba9833cc22b4c9da';script-src-elem 'self' 'unsafe-inline';connect-src 'self' 'unsafe-eval' 'nonce-a84a4421346819bdba9833cc22b4c9da' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-eval' 'nonce-a84a4421346819bdba9833cc22b4c9da';script-src-elem 'self' 'unsafe-inline';connect-src 'self' 'unsafe-eval' 'nonce-a84a4421346819bdba9833cc22b4c9da' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-permitted-cross-domain-policies: none
x-b3-traceid: 00000000000000009203cce805553000
x-kong-proxy-latency: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3998
ratelimit-limit: 600
x-datadog-parent-id: 6012047763486096939
referrer-policy: no-referrer
etag: W/"150-d+IsSiXZja6hHHP+w0cVag9toH4"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store
feature-policy: midi 'none'; camera 'none'; geolocation 'none'; microphone 'none'; usb 'none'; microphone 'none'; accelerometer 'none'; xr-spatial-tracking 'none'; magnetometer 'none'; gyroscope 'none'
x-b3-sampled: 1
ratelimit-remaining: 598
ratelimit-reset: 10
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
date: Wed, 07 Aug 2024 16:33:00 GMT
via: kong-enterprise-edition
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 5
x-envoy-upstream-service-time: 4
x-ratelimit-remaining-10: 598
content-length: 336
x-xss-protection: 0
last-modified: Fri Mar 01 2024 18:34:52 GMT+0000 (Coordinated Universal Time)
cross-origin-opener-policy: same-origin
x-ratelimit-limit-10: 600
expect-ct: max-age=0
x-download-options: noopen
x-b3-spanid: 536f159673454000
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
x-datadog-trace-id: 10521478451361559003

GET
H2 200 stylesheet.css
api.bankofstrategy.com/api/v2/portal/ 3 KB
4 KB 142ms
140ms Stylesheet
text/css 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/api/v2/portal/stylesheet.css

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

Resource Hash

39da6acbc01eb2bd5c4c60721fe395353053e56ea444899156d5f4fad383ff54

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'nonce-7ba2fa64d4dabd271479e846846738b1';script-src-elem 'self' 'unsafe-inline';connect-src 'self' 'unsafe-eval' 'nonce-7ba2fa64d4dabd271479e846846738b1' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-eval' 'nonce-7ba2fa64d4dabd271479e846846738b1';script-src-elem 'self' 'unsafe-inline';connect-src 'self' 'unsafe-eval' 'nonce-7ba2fa64d4dabd271479e846846738b1' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-permitted-cross-domain-policies: none
x-b3-traceid: 000000000000000064d885a54d00e400
x-kong-proxy-latency: 1
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3997
ratelimit-limit: 600
x-datadog-parent-id: 492910415402798985
referrer-policy: no-referrer
etag: W/"b87-GZDayjeURINDbZUc4HY3Qa3uzB4"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store
feature-policy: midi 'none'; camera 'none'; geolocation 'none'; microphone 'none'; usb 'none'; microphone 'none'; accelerometer 'none'; xr-spatial-tracking 'none'; magnetometer 'none'; gyroscope 'none'
x-b3-sampled: 1
ratelimit-remaining: 597
ratelimit-reset: 10
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
date: Wed, 07 Aug 2024 16:33:00 GMT
via: kong-enterprise-edition
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 5
x-envoy-upstream-service-time: 4
x-ratelimit-remaining-10: 597
content-length: 2951
x-xss-protection: 0
last-modified: Fri Mar 01 2024 18:34:52 GMT+0000 (Coordinated Universal Time)
cross-origin-opener-policy: same-origin
x-ratelimit-limit-10: 600
expect-ct: max-age=0
x-download-options: noopen
x-b3-spanid: 06d72b69482c8f80
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
x-datadog-trace-id: 7266704943770297477

GET
H2 200 index-enbGKePS.js Show response
api.bankofstrategy.com/assets/ 621 KB
622 KB 342ms
341ms Script
text/javascript 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/assets/index-enbGKePS.js

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

kong-mesh /

Resource Hash

d11184504596ddeaaa962604e216baf25988ed47064cbc00784177fce209df9c

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://api.bankofstrategy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ratelimit-reset: 10
date: Fri, 02 Aug 2024 13:14:14 GMT
via: kong-enterprise-edition
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
age: 443927
x-permitted-cross-domain-policies: none
x-kong-proxy-latency: 0
x-cache: Hit from cloudfront
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 15
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3995
x-ratelimit-remaining-10: 595
ratelimit-limit: 600
content-length: 635601
referrer-policy: no-referrer
last-modified: Fri, 02 Aug 2024 13:14:02 GMT
server: kong-mesh
cross-origin-opener-policy: same-origin
etag: "18929661f5f9f13f2923e6ded6421db0"
x-ratelimit-limit-10: 600
x-frame-options: SAMEORIGIN
content-type: text/javascript
x-download-options: noopen
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
accept-ranges: bytes
ratelimit-remaining: 595

GET
H2 200 vue-blgNmdmJ.js Show response
api.bankofstrategy.com/assets/ 93 KB
94 KB 74ms
73ms Script
text/javascript 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/assets/vue-blgNmdmJ.js

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

kong-mesh /

Resource Hash

8c130fd3241135c4dde03d5ada452ee568ac16f09843340e1507285f1a2f3962

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://api.bankofstrategy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ratelimit-reset: 10
date: Thu, 20 Jun 2024 05:33:48 GMT
via: kong-enterprise-edition
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
age: 4186753
x-permitted-cross-domain-policies: none
x-kong-proxy-latency: 1
x-cache: Hit from cloudfront
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 3
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3994
x-ratelimit-remaining-10: 594
ratelimit-limit: 600
content-length: 95345
referrer-policy: no-referrer
last-modified: Mon, 03 Jun 2024 15:12:30 GMT
server: kong-mesh
cross-origin-opener-policy: same-origin
etag: "75c3040f95cdc7fb66d64ddaa85d0836"
x-ratelimit-limit-10: 600
x-frame-options: SAMEORIGIN
content-type: text/javascript
x-download-options: noopen
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
accept-ranges: bytes
ratelimit-remaining: 594

GET
H2 200 kongponents-T_dz3z7y.js Show response
api.bankofstrategy.com/assets/ 568 KB
569 KB 339ms
338ms Script
text/javascript 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/assets/kongponents-T_dz3z7y.js

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

kong-mesh /

Resource Hash

37956cef0036f40b3ff913ecb105dda43a7fe8cf8bccc8d832033e12a9ee1c14

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://api.bankofstrategy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ratelimit-reset: 10
date: Sat, 27 Jul 2024 13:22:43 GMT
via: kong-enterprise-edition
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
age: 961818
x-permitted-cross-domain-policies: none
x-kong-proxy-latency: 0
x-cache: Hit from cloudfront
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 13
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3993
x-ratelimit-remaining-10: 593
ratelimit-limit: 600
content-length: 581208
referrer-policy: no-referrer
last-modified: Wed, 24 Jul 2024 20:11:51 GMT
server: kong-mesh
cross-origin-opener-policy: same-origin
etag: "8a60abc1f5d4fc2253980a79dc1d28ab"
x-ratelimit-limit-10: 600
x-frame-options: SAMEORIGIN
content-type: text/javascript
x-download-options: noopen
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
accept-ranges: bytes
ratelimit-remaining: 593

GET
H2 200 specRenderer-mrBb-bCZ.js Show response
api.bankofstrategy.com/assets/ 3 MB
3 MB 337ms
336ms Script
text/javascript 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/assets/specRenderer-mrBb-bCZ.js

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

kong-mesh /

Resource Hash

9630ba1a9a76bdcf0682da26c0c30ff338e64862e45b6d686acff352d24e559b

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://api.bankofstrategy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ratelimit-reset: 10
date: Mon, 06 May 2024 20:11:49 GMT
via: kong-enterprise-edition
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
age: 8022072
x-permitted-cross-domain-policies: none
x-kong-proxy-latency: 0
x-cache: Hit from cloudfront
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 13
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3992
x-ratelimit-remaining-10: 592
ratelimit-limit: 600
content-length: 3148531
referrer-policy: no-referrer
last-modified: Mon, 06 May 2024 20:11:38 GMT
server: kong-mesh
cross-origin-opener-policy: same-origin
etag: "50741e15d5bd5ec583b54ccbfef7bbc3"
x-ratelimit-limit-10: 600
x-frame-options: SAMEORIGIN
content-type: text/javascript
x-download-options: noopen
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
accept-ranges: bytes
ratelimit-remaining: 592

GET
H2 200 index-z4cb4VUW.css
api.bankofstrategy.com/assets/ 628 KB
630 KB 142ms
141ms Stylesheet
text/css 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/assets/index-z4cb4VUW.css

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

kong-mesh /

Resource Hash

52f09dec1c7f53dbd782df82f477ad910f4091db0e2e64934cbf45f88821169c

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://api.bankofstrategy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ratelimit-reset: 10
date: Wed, 17 Jul 2024 02:24:53 GMT
via: kong-enterprise-edition
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
age: 1865288
x-permitted-cross-domain-policies: none
x-kong-proxy-latency: 0
x-cache: Hit from cloudfront
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 5
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3996
x-ratelimit-remaining-10: 596
ratelimit-limit: 600
content-length: 643042
referrer-policy: no-referrer
last-modified: Wed, 17 Jul 2024 02:24:40 GMT
server: kong-mesh
cross-origin-opener-policy: same-origin
etag: "4d8129475160ad20f1d33d66d51d9a15"
x-ratelimit-limit-10: 600
x-frame-options: SAMEORIGIN
content-type: text/css
x-download-options: noopen
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
accept-ranges: bytes
ratelimit-remaining: 596

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 186ms
70ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/api/v2/portal/stylesheet/font.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

43c1442ae5959bac5957595d96e6503bbce4ba333af532fe4264d283ffe7453f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Aug 2024 16:33:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Aug 2024 14:45:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Aug 2024 16:33:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 17 KB
937 B 188ms
73ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%20Mono:300,300i,400,400i,500,500i,700,700i&display=swap

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/api/v2/portal/stylesheet/font.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

60146b9c90eaf40b6b811bdeec6338756ca5aa0491130b9b3e5cd33311f70a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Aug 2024 16:33:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Aug 2024 16:33:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Aug 2024 16:33:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
599 B 186ms
71ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,500,500i,700,700i&display=swap

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/api/v2/portal/stylesheet/font.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b182db1057f945fffa546ba81b50550db742f6007c3298d9a2ffc5a8b9472f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Aug 2024 16:33:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Aug 2024 16:33:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Aug 2024 16:33:01 GMT

GET
H2 200 ldclient.es-LCCX_vJB.js Show response
api.bankofstrategy.com/assets/ 52 KB
53 KB 76ms
75ms Script
text/javascript 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/assets/ldclient.es-LCCX_vJB.js

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/assets/index-enbGKePS.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

kong-mesh /

Resource Hash

e71760958e12f9ff0820b83f70f6b78402f1662dc0c200e8b1bb4453fda651f2

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://api.bankofstrategy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ratelimit-reset: 8
date: Sun, 28 Jul 2024 20:02:19 GMT
via: kong-enterprise-edition
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
age: 851444
x-permitted-cross-domain-policies: none
x-kong-proxy-latency: 1
x-cache: Hit from cloudfront
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 4
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3991
x-ratelimit-remaining-10: 591
ratelimit-limit: 600
content-length: 53015
referrer-policy: no-referrer
last-modified: Wed, 24 Jul 2024 20:11:51 GMT
server: kong-mesh
cross-origin-opener-policy: same-origin
etag: "040fd1ac50f4c404dacf0c4f2a359bb2"
x-ratelimit-limit-10: 600
x-frame-options: SAMEORIGIN
content-type: text/javascript
x-download-options: noopen
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
accept-ranges: bytes
ratelimit-remaining: 591

GET
H2 200 portal Show response
api.bankofstrategy.com/api/v2/ 310 B
2 KB 241ms
241ms XHR
application/json 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/api/v2/portal

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/assets/index-enbGKePS.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

Resource Hash

f732557c0722f90651a933b12a556b2ba7962ab16c727e0313005a945bb037b6

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'nonce-286e3d04a1af5e95d444f28552b34fc4';script-src-elem 'self' 'unsafe-inline';connect-src 'self' 'unsafe-eval' 'nonce-286e3d04a1af5e95d444f28552b34fc4' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-eval' 'nonce-286e3d04a1af5e95d444f28552b34fc4';script-src-elem 'self' 'unsafe-inline';connect-src 'self' 'unsafe-eval' 'nonce-286e3d04a1af5e95d444f28552b34fc4' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-permitted-cross-domain-policies: none
x-b3-traceid: 0000000000000000dc29fe437d307800
x-kong-proxy-latency: 1
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3990
ratelimit-limit: 600
x-datadog-parent-id: 8154225430247968961
referrer-policy: no-referrer
etag: W/"136-RGB5SATvsio9cQYi5i5YnyEmhVE"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
feature-policy: midi 'none'; camera 'none'; geolocation 'none'; microphone 'none'; usb 'none'; microphone 'none'; accelerometer 'none'; xr-spatial-tracking 'none'; magnetometer 'none'; gyroscope 'none'
x-b3-sampled: 1
ratelimit-remaining: 590
ratelimit-reset: 8
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
date: Wed, 07 Aug 2024 16:33:02 GMT
via: kong-enterprise-edition
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 172
x-envoy-upstream-service-time: 172
x-ratelimit-remaining-10: 590
content-length: 310
x-xss-protection: 0
cross-origin-opener-policy: same-origin
x-ratelimit-limit-10: 600
expect-ct: max-age=0
x-download-options: noopen
x-b3-spanid: 7129a0d36c631000
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
x-datadog-trace-id: 15864490728205875865

GET
H2 200 favicon.ico
api.bankofstrategy.com/api/v2/portal/ 1 KB
2 KB 167ms
167ms Other
image/x-icon 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/api/v2/portal/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

Resource Hash

c83033aa551c8bc51b273de962230f55db73b266b04720848bce4539d09e4211

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'nonce-b1e3160ed0093e1676d8b80d3e909da4';script-src-elem 'self' 'unsafe-inline';connect-src 'self' 'unsafe-eval' 'nonce-b1e3160ed0093e1676d8b80d3e909da4' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-eval' 'nonce-b1e3160ed0093e1676d8b80d3e909da4';script-src-elem 'self' 'unsafe-inline';connect-src 'self' 'unsafe-eval' 'nonce-b1e3160ed0093e1676d8b80d3e909da4' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-permitted-cross-domain-policies: none
x-b3-traceid: 0000000000000000342c6a7fb4fb4400
x-kong-proxy-latency: 1
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3989
ratelimit-limit: 600
x-datadog-parent-id: 149899184008000720
referrer-policy: no-referrer
etag: W/"405-19128bb8e50"
x-frame-options: SAMEORIGIN
content-type: image/x-icon
origin-agent-cluster: ?1
cache-control: public, max-age=0
feature-policy: midi 'none'; camera 'none'; geolocation 'none'; microphone 'none'; usb 'none'; microphone 'none'; accelerometer 'none'; xr-spatial-tracking 'none'; magnetometer 'none'; gyroscope 'none'
x-b3-sampled: 1
ratelimit-remaining: 589
ratelimit-reset: 8
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
date: Wed, 07 Aug 2024 16:33:02 GMT
via: kong-enterprise-edition
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 99
x-envoy-upstream-service-time: 98
x-ratelimit-remaining-10: 589
content-length: 1029
x-xss-protection: 0
last-modified: Fri Mar 01 2024 18:34:52 GMT+0000 (Coordinated Universal Time)
cross-origin-opener-policy: same-origin
x-ratelimit-limit-10: 600
expect-ct: max-age=0
x-download-options: noopen
x-b3-spanid: 02148c837eeaf4c0
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
x-datadog-trace-id: 3759496885677278158
accept-ranges: bytes

OPTIONS
H2 200 61b4d3465f21630d15d3ca71
app.launchdarkly.com/sdk/goals/ 0
0 182ms
57ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/61b4d3465f21630d15d3ca71

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://api.bankofstrategy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Wed, 07 Aug 2024 16:33:02 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mia-kmia1760095-MIA
x-timer: S1723048382.485689,VS0,VE26

OPTIONS
H2 204 61b4d3465f21630d15d3ca71
events.launchdarkly.com/events/diagnostic/ 0
0 193ms
58ms Preflight 34.194.37.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/61b4d3465f21630d15d3ca71

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.194.37.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-37-158.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://api.bankofstrategy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Wed, 07 Aug 2024 16:33:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 eyJrZXkiOiJBTk9OWU1PVVNfVVNFUiIsIm9yZ0lkIjoiNTVkOTFjMGUtZTE5Zi00ODJkLTg0MzAtZWVhMjUxYjUyNDRlIiwicG9ydGFsSWQiOiI5NzZkMDhmNS1iNTkzLTRiNzctODU2MS02YmViMTc4MjNmMGMifQ
app.launchdarkly.com/sdk/evalx/61b4d3465f21630d15d3ca71/contexts/ 0
0 179ms
57ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/61b4d3465f21630d15d3ca71/contexts/eyJrZXkiOiJBTk9OWU1PVVNfVVNFUiIsIm9yZ0lkIjoiNTVkOTFjMGUtZTE5Zi00ODJkLTg0MzAtZWVhMjUxYjUyNDRlIiwicG9ydGFsSWQiOiI5NzZkMDhmNS1iNTkzLTRiNzctODU2MS02YmViMTc4MjNmMGMifQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://api.bankofstrategy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Wed, 07 Aug 2024 16:33:02 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mia-kmia1760095-MIA
x-timer: S1723048382.485549,VS0,VE26

GET
H2 200 61b4d3465f21630d15d3ca71 Show response
app.launchdarkly.com/sdk/goals/ 2 B
167 B 61ms
60ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/61b4d3465f21630d15d3ca71

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/assets/ldclient.es-LCCX_vJB.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-User-Agent: JSClient/3.2.0
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 varnish
date: Wed, 07 Aug 2024 16:33:02 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-mia-kmia1760095-MIA
x-timer: S1723048383.544292,VS0,VE30
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 0

POST
H2 202 61b4d3465f21630d15d3ca71 Show response
events.launchdarkly.com/events/diagnostic/ 0
358 B 91ms
89ms XHR
application/json 34.194.37.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/61b4d3465f21630d15d3ca71

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/assets/ldclient.es-LCCX_vJB.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.194.37.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-37-158.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
X-LaunchDarkly-User-Agent: JSClient/3.2.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 07 Aug 2024 16:33:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H2 200 eyJrZXkiOiJBTk9OWU1PVVNfVVNFUiIsIm9yZ0lkIjoiNTVkOTFjMGUtZTE5Zi00ODJkLTg0MzAtZWVhMjUxYjUyNDRlIiwicG9ydGFsSWQiOiI5NzZkMDhmNS1iNTkzLTRiNzctODU2MS02YmViMTc4MjNmMGMifQ Show response
app.launchdarkly.com/sdk/evalx/61b4d3465f21630d15d3ca71/contexts/ 11 KB
2 KB 52ms
52ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/61b4d3465f21630d15d3ca71/contexts/eyJrZXkiOiJBTk9OWU1PVVNfVVNFUiIsIm9yZ0lkIjoiNTVkOTFjMGUtZTE5Zi00ODJkLTg0MzAtZWVhMjUxYjUyNDRlIiwicG9ydGFsSWQiOiI5NzZkMDhmNS1iNTkzLTRiNzctODU2MS02YmViMTc4MjNmMGMifQ
Requested by: Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/assets/ldclient.es-LCCX_vJB.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 87996f11dd4c6b24ec5a942d2e8745fc8ef8dd2586f856a4cc80202e51a4bde9

Request headers

X-LaunchDarkly-User-Agent: JSClient/3.2.0
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 16:33:02 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 1947
x-served-by: cache-mia-kmia1760025-MIA, cache-mia-kmia1760095-MIA
x-timer: S1723048383.544156,VS0,VE19
etag: "633dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

GET
H2 200 logo
api.bankofstrategy.com/api/v2/portal/ 2 KB
4 KB 78ms
77ms Image
image/png 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.bankofstrategy.com/api/v2/portal/logo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

Resource Hash

adcfc547e20617c90b30d34b4ba430ad125b275604dcdec576396b97583bb845

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'nonce-1849cd6f2e7c263362cd8a9bf19d3355';script-src-elem 'self' 'unsafe-inline';connect-src 'self' 'unsafe-eval' 'nonce-1849cd6f2e7c263362cd8a9bf19d3355' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-eval' 'nonce-1849cd6f2e7c263362cd8a9bf19d3355';script-src-elem 'self' 'unsafe-inline';connect-src 'self' 'unsafe-eval' 'nonce-1849cd6f2e7c263362cd8a9bf19d3355' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-permitted-cross-domain-policies: none
x-b3-traceid: 00000000000000005b91c1c2cc690c00
x-kong-proxy-latency: 1
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3988
ratelimit-limit: 600
x-datadog-parent-id: 4124290098339859415
referrer-policy: no-referrer
etag: W/"96e-19128bb8e50"
x-frame-options: SAMEORIGIN
content-type: image/png
origin-agent-cluster: ?1
cache-control: public, max-age=0
feature-policy: midi 'none'; camera 'none'; geolocation 'none'; microphone 'none'; usb 'none'; microphone 'none'; accelerometer 'none'; xr-spatial-tracking 'none'; magnetometer 'none'; gyroscope 'none'
x-b3-sampled: 1
ratelimit-remaining: 588
ratelimit-reset: 8
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
date: Wed, 07 Aug 2024 16:33:02 GMT
via: kong-enterprise-edition
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 10
x-envoy-upstream-service-time: 9
x-ratelimit-remaining-10: 588
content-length: 2414
x-xss-protection: 0
last-modified: Fri Mar 01 2024 18:34:52 GMT+0000 (Coordinated Universal Time)
cross-origin-opener-policy: same-origin
x-ratelimit-limit-10: 600
expect-ct: max-age=0
x-download-options: noopen
x-b3-spanid: 393c6bfe36354c00
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
x-datadog-trace-id: 6598267971471740147
accept-ranges: bytes

POST
H2 204 logout Show response
api.bankofstrategy.com/api/v2/developer/ 0
710 B 73ms
72ms XHR
text/plain 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bankofstrategy.com/api/v2/developer/logout
Requested by: Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/assets/index-enbGKePS.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-143-85-249.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ratelimit-reset: 8
date: Wed, 07 Aug 2024 16:33:02 GMT
via: kong-enterprise-edition
x-b3-traceid: 66b3a1be00000000b0aeb9a7867a1f10
x-kong-proxy-latency: 0
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 3
x-envoy-upstream-service-time: 1
x-ratelimit-remaining-10: 587
x-ratelimit-remaining-minute: 3987
ratelimit-limit: 600
x-datadog-parent-id: 2457805066310396511
x-ratelimit-limit-10: 600
x-datadog-sampling-priority: 0
x-b3-spanid: 221be0af90962a5f
x-datadog-tags: _dd.p.tid=66b3a1be00000000
x-b3-sampled: 0
x-datadog-trace-id: 12731317325789798160
ratelimit-remaining: 587

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 222ms
53ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://api.bankofstrategy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:57:21 GMT
x-content-type-options: nosniff
age: 502541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:57:21 GMT

GET
H2 200 Shell-qZk2YIbv.js Show response
api.bankofstrategy.com/assets/ 348 B
1 KB 101ms
97ms Script
text/javascript 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/assets/Shell-qZk2YIbv.js

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/assets/index-enbGKePS.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

kong-mesh /

Resource Hash

17c77e8b5eaaf1e6101eacdb592263309858c9e935789d7ec98e95fa520b4445

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://api.bankofstrategy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ratelimit-reset: 8
date: Fri, 02 Aug 2024 13:14:16 GMT
via: kong-enterprise-edition
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
age: 443927
x-permitted-cross-domain-policies: none
x-kong-proxy-latency: 0
x-cache: Hit from cloudfront
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 25
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3985
x-ratelimit-remaining-10: 585
ratelimit-limit: 600
content-length: 348
referrer-policy: no-referrer
last-modified: Fri, 02 Aug 2024 13:14:02 GMT
server: kong-mesh
cross-origin-opener-policy: same-origin
etag: "83b7805d3c7dd8f6bbe119bd6b6175e1"
x-ratelimit-limit-10: 600
x-frame-options: SAMEORIGIN
content-type: text/javascript
x-download-options: noopen
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
accept-ranges: bytes
ratelimit-remaining: 585

GET
H2 200 Shell-zGcZOa0g.css
api.bankofstrategy.com/assets/ 96 B
1 KB 94ms
91ms Stylesheet
text/css 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/assets/Shell-zGcZOa0g.css

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/assets/index-enbGKePS.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

kong-mesh /

Resource Hash

b657c0c414ad87e149f18e0dcfe1a71025db5a45be15545b1061aab709bd75b0

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ratelimit-reset: 8
date: Mon, 18 Dec 2023 22:13:01 GMT
via: kong-enterprise-edition
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
age: 20110802
x-permitted-cross-domain-policies: none
x-kong-proxy-latency: 1
x-cache: Hit from cloudfront
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 3
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3986
x-ratelimit-remaining-10: 586
ratelimit-limit: 600
content-length: 96
referrer-policy: no-referrer
last-modified: Mon, 18 Dec 2023 22:12:47 GMT
server: kong-mesh
cross-origin-opener-policy: same-origin
etag: "09ae1ef3c9f3989fd96f886a76ff21bd"
x-ratelimit-limit-10: 600
x-frame-options: SAMEORIGIN
content-type: text/css
x-download-options: noopen
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
accept-ranges: bytes
ratelimit-remaining: 586

GET
H2 200 Login-gWWeci0U.js Show response
api.bankofstrategy.com/assets/ 4 KB
5 KB 96ms
92ms Script
text/javascript 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/assets/Login-gWWeci0U.js

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/assets/index-enbGKePS.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

kong-mesh /

Resource Hash

208f308e662c11b095e8e9b4311bb5238f5eb56fdf318a9c64a3bc686a2b404a

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://api.bankofstrategy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ratelimit-reset: 8
date: Fri, 02 Aug 2024 13:14:16 GMT
via: kong-enterprise-edition
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
age: 443927
x-permitted-cross-domain-policies: none
x-kong-proxy-latency: 0
x-cache: Hit from cloudfront
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 4
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3984
x-ratelimit-remaining-10: 584
ratelimit-limit: 600
content-length: 3699
referrer-policy: no-referrer
last-modified: Fri, 02 Aug 2024 13:14:02 GMT
server: kong-mesh
cross-origin-opener-policy: same-origin
etag: "6d889ef118c475a00f0fcf524bd15888"
x-ratelimit-limit-10: 600
x-frame-options: SAMEORIGIN
content-type: text/javascript
x-download-options: noopen
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
accept-ranges: bytes
ratelimit-remaining: 584

GET
H2 200 AuthCard-oz29i0xR.js Show response
api.bankofstrategy.com/assets/ 1 KB
2 KB 100ms
97ms Script
text/javascript 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/assets/AuthCard-oz29i0xR.js

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/assets/index-enbGKePS.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

kong-mesh /

Resource Hash

1832cce41d263136b6e143c61d0fa6cbd2533e3a1da0e956fbb246170fa823e2

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://api.bankofstrategy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ratelimit-reset: 8
date: Fri, 02 Aug 2024 13:14:16 GMT
via: kong-enterprise-edition
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
age: 443927
x-permitted-cross-domain-policies: none
x-kong-proxy-latency: 0
x-cache: Hit from cloudfront
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 16
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3981
x-ratelimit-remaining-10: 581
ratelimit-limit: 600
content-length: 1036
referrer-policy: no-referrer
last-modified: Fri, 02 Aug 2024 13:14:02 GMT
server: kong-mesh
cross-origin-opener-policy: same-origin
etag: "fb39ee16fb5a66350538a422765882fb"
x-ratelimit-limit-10: 600
x-frame-options: SAMEORIGIN
content-type: text/javascript
x-download-options: noopen
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
accept-ranges: bytes
ratelimit-remaining: 581

GET
H2 200 AuthCard-qG-IsVAX.css
api.bankofstrategy.com/assets/ 653 B
2 KB 94ms
91ms Stylesheet
text/css 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/assets/AuthCard-qG-IsVAX.css

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/assets/index-enbGKePS.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

kong-mesh /

Resource Hash

b1cf78c395557479992a6071903d174cdc0f1d766d20133a5ae8cbe6a5e656b6

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ratelimit-reset: 8
date: Tue, 02 Jan 2024 22:15:54 GMT
via: kong-enterprise-edition
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
age: 18814629
x-permitted-cross-domain-policies: none
x-kong-proxy-latency: 1
x-cache: Hit from cloudfront
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 4
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3983
x-ratelimit-remaining-10: 583
ratelimit-limit: 600
content-length: 653
referrer-policy: no-referrer
last-modified: Tue, 02 Jan 2024 22:15:33 GMT
server: kong-mesh
cross-origin-opener-policy: same-origin
etag: "a7b5d301aecb96cea46bb5682ac06050"
x-ratelimit-limit-10: 600
x-frame-options: SAMEORIGIN
content-type: text/css
x-download-options: noopen
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
accept-ranges: bytes
ratelimit-remaining: 583

GET
H2 200 useMachine-9WzNrxbV.js Show response
api.bankofstrategy.com/assets/ 58 KB
59 KB 94ms
91ms Script
text/javascript 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/assets/useMachine-9WzNrxbV.js

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/assets/index-enbGKePS.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

kong-mesh /

Resource Hash

8b76f487c874b26705e91764a7d2988793c4edd6bd46edb11efc22b710615560

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://api.bankofstrategy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ratelimit-reset: 8
date: Fri, 15 Mar 2024 16:12:45 GMT
via: kong-enterprise-edition
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
age: 12529218
x-permitted-cross-domain-policies: none
x-kong-proxy-latency: 1
x-cache: Hit from cloudfront
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 12
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3980
x-ratelimit-remaining-10: 580
ratelimit-limit: 600
content-length: 59097
referrer-policy: no-referrer
last-modified: Fri, 15 Mar 2024 16:12:32 GMT
server: kong-mesh
cross-origin-opener-policy: same-origin
etag: "3db3336c82a65ab138a446ca62f4d3e5"
x-ratelimit-limit-10: 600
x-frame-options: SAMEORIGIN
content-type: text/javascript
x-download-options: noopen
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
accept-ranges: bytes
ratelimit-remaining: 580

GET
H2 200 Login-ZWRYr8xs.css
api.bankofstrategy.com/assets/ 375 B
1 KB 95ms
92ms Stylesheet
text/css 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/assets/Login-ZWRYr8xs.css

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/assets/index-enbGKePS.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

kong-mesh /

Resource Hash

60449c1279c275627aed41d54e2f82a02ad34ff69848997d5bc1ad1dfc0ab523

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ratelimit-reset: 8
date: Tue, 02 Jan 2024 22:15:54 GMT
via: kong-enterprise-edition
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
age: 18814629
x-permitted-cross-domain-policies: none
x-kong-proxy-latency: 0
x-cache: Hit from cloudfront
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 8
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3982
x-ratelimit-remaining-10: 582
ratelimit-limit: 600
content-length: 375
referrer-policy: no-referrer
last-modified: Tue, 02 Jan 2024 22:15:33 GMT
server: kong-mesh
cross-origin-opener-policy: same-origin
etag: "476146601dd73b92940a136a7d980a1a"
x-ratelimit-limit-10: 600
x-frame-options: SAMEORIGIN
content-type: text/css
x-download-options: noopen
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
accept-ranges: bytes
ratelimit-remaining: 582

GET
H2 200 logo
api.bankofstrategy.com/api/v2/portal/ 2 KB
1 KB 79ms
78ms Image
image/png 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.bankofstrategy.com/api/v2/portal/logo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

Resource Hash

adcfc547e20617c90b30d34b4ba430ad125b275604dcdec576396b97583bb845

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'nonce-febcfceb0187e4b105f6a73ffbee6c31';script-src-elem 'self' 'unsafe-inline';connect-src 'self' 'unsafe-eval' 'nonce-febcfceb0187e4b105f6a73ffbee6c31' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-eval' 'nonce-febcfceb0187e4b105f6a73ffbee6c31';script-src-elem 'self' 'unsafe-inline';connect-src 'self' 'unsafe-eval' 'nonce-febcfceb0187e4b105f6a73ffbee6c31' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-permitted-cross-domain-policies: none
x-b3-traceid: 00000000000000007d039ceac6a0d800
x-kong-proxy-latency: 1
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3979
ratelimit-limit: 600
x-datadog-parent-id: 8265018793904504138
referrer-policy: no-referrer
etag: W/"96e-19128bb8e50"
x-frame-options: SAMEORIGIN
content-type: image/png
origin-agent-cluster: ?1
cache-control: public, max-age=0
feature-policy: midi 'none'; camera 'none'; geolocation 'none'; microphone 'none'; usb 'none'; microphone 'none'; accelerometer 'none'; xr-spatial-tracking 'none'; magnetometer 'none'; gyroscope 'none'
x-b3-sampled: 1
ratelimit-remaining: 579
ratelimit-reset: 8
via: kong-enterprise-edition
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
date: Wed, 07 Aug 2024 16:33:02 GMT
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 10
x-envoy-upstream-service-time: 10
x-ratelimit-remaining-10: 579
content-length: 2414
x-xss-protection: 0
last-modified: Fri Mar 01 2024 18:34:52 GMT+0000 (Coordinated Universal Time)
cross-origin-opener-policy: same-origin
x-ratelimit-limit-10: 600
expect-ct: max-age=0
x-download-options: noopen
x-b3-spanid: 72b33ecd989afc00
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
x-datadog-trace-id: 9008216211839833878
accept-ranges: bytes

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 58ms
56ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://api.bankofstrategy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:57:27 GMT
x-content-type-options: nosniff
age: 502535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:57:27 GMT

GET
H2 200 favicon.ico
api.bankofstrategy.com/api/v2/portal/ 1 KB
1 KB 84ms
82ms Other
image/x-icon 3.143.85.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bankofstrategy.com/api/v2/portal/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.143.85.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-85-249.us-east-2.compute.amazonaws.com

Software

Resource Hash

c83033aa551c8bc51b273de962230f55db73b266b04720848bce4539d09e4211

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'nonce-f8d93c58e0fdb2f4c8a4d53df71beb97';script-src-elem 'self' 'unsafe-inline';connect-src 'self' 'unsafe-eval' 'nonce-f8d93c58e0fdb2f4c8a4d53df71beb97' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-eval' 'nonce-f8d93c58e0fdb2f4c8a4d53df71beb97';script-src-elem 'self' 'unsafe-inline';connect-src 'self' 'unsafe-eval' 'nonce-f8d93c58e0fdb2f4c8a4d53df71beb97' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-permitted-cross-domain-policies: none
x-b3-traceid: 0000000000000000eb9c2652376f5800
x-kong-proxy-latency: 1
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-ratelimit-remaining-minute: 3978
ratelimit-limit: 600
x-datadog-parent-id: 371565857697106696
referrer-policy: no-referrer
etag: W/"405-19128bb8e50"
x-frame-options: SAMEORIGIN
content-type: image/x-icon
origin-agent-cluster: ?1
cache-control: public, max-age=0
feature-policy: midi 'none'; camera 'none'; geolocation 'none'; microphone 'none'; usb 'none'; microphone 'none'; accelerometer 'none'; xr-spatial-tracking 'none'; magnetometer 'none'; gyroscope 'none'
x-b3-sampled: 1
ratelimit-remaining: 578
ratelimit-reset: 8
via: kong-enterprise-edition
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
date: Wed, 07 Aug 2024 16:33:02 GMT
x-ratelimit-limit-minute: 4000
x-kong-upstream-latency: 8
x-envoy-upstream-service-time: 7
x-ratelimit-remaining-10: 578
content-length: 1029
x-xss-protection: 0
last-modified: Fri Mar 01 2024 18:34:52 GMT+0000 (Coordinated Universal Time)
cross-origin-opener-policy: same-origin
x-ratelimit-limit-10: 600
expect-ct: max-age=0
x-download-options: noopen
x-b3-spanid: 0528112dceb30b00
permissions-policy: midi=(), camera=(), geolocation=(), microphone=(), usb=(), microphone=(), accelerometer=(), xr-spatial-tracking=(), magnetometer=(), gyroscope=()
x-datadog-trace-id: 16977486829839145915
accept-ranges: bytes

OPTIONS
H2 204 61b4d3465f21630d15d3ca71
events.launchdarkly.com/events/bulk/ 0
0 55ms
55ms Preflight 34.194.37.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/61b4d3465f21630d15d3ca71

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.194.37.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-37-158.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://api.bankofstrategy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Wed, 07 Aug 2024 16:33:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 202 61b4d3465f21630d15d3ca71 Show response
events.launchdarkly.com/events/bulk/ 0
358 B 114ms
111ms XHR
application/json 34.194.37.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/61b4d3465f21630d15d3ca71

Requested by

Host: api.bankofstrategy.com
URL: https://api.bankofstrategy.com/assets/ldclient.es-LCCX_vJB.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.194.37.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-37-158.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
X-LaunchDarkly-Payload-ID: b84d4490-54da-11ef-964a-1b6cab073293
X-LaunchDarkly-Event-Schema: 4
X-LaunchDarkly-User-Agent: JSClient/3.2.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 07 Aug 2024 16:33:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' https: http:;img-src 'self' https: http: data:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.bankofstrategy.com
app.launchdarkly.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
151.101.194.217
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c1b::5e
3.143.85.249
34.194.37.158
17c77e8b5eaaf1e6101eacdb592263309858c9e935789d7ec98e95fa520b4445
1832cce41d263136b6e143c61d0fa6cbd2533e3a1da0e956fbb246170fa823e2
208f308e662c11b095e8e9b4311bb5238f5eb56fdf318a9c64a3bc686a2b404a
37956cef0036f40b3ff913ecb105dda43a7fe8cf8bccc8d832033e12a9ee1c14
39da6acbc01eb2bd5c4c60721fe395353053e56ea444899156d5f4fad383ff54
43c1442ae5959bac5957595d96e6503bbce4ba333af532fe4264d283ffe7453f
49ef1ca7ed29fad79840599266712ab308505b60571bb4f01bbdfabce7018e08
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52f09dec1c7f53dbd782df82f477ad910f4091db0e2e64934cbf45f88821169c
60146b9c90eaf40b6b811bdeec6338756ca5aa0491130b9b3e5cd33311f70a1e
60449c1279c275627aed41d54e2f82a02ad34ff69848997d5bc1ad1dfc0ab523
6c60b094a80292aacc117784217c5aff642a5e63a4124d18f9cada359ad605f5
87996f11dd4c6b24ec5a942d2e8745fc8ef8dd2586f856a4cc80202e51a4bde9
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8b76f487c874b26705e91764a7d2988793c4edd6bd46edb11efc22b710615560
8c130fd3241135c4dde03d5ada452ee568ac16f09843340e1507285f1a2f3962
9630ba1a9a76bdcf0682da26c0c30ff338e64862e45b6d686acff352d24e559b
adcfc547e20617c90b30d34b4ba430ad125b275604dcdec576396b97583bb845
b182db1057f945fffa546ba81b50550db742f6007c3298d9a2ffc5a8b9472f91
b1cf78c395557479992a6071903d174cdc0f1d766d20133a5ae8cbe6a5e656b6
b657c0c414ad87e149f18e0dcfe1a71025db5a45be15545b1061aab709bd75b0
c83033aa551c8bc51b273de962230f55db73b266b04720848bce4539d09e4211
d11184504596ddeaaa962604e216baf25988ed47064cbc00784177fce209df9c
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71760958e12f9ff0820b83f70f6b78402f1662dc0c200e8b1bb4453fda651f2
f732557c0722f90651a933b12a556b2ba7962ab16c727e0313005a945bb037b6

api.bankofstrategy.com Open in urlscan Pro 3.143.85.249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

40 %IPv6

4 Domains

5 Subdomains

5 IPs

1 Countries

5183 kBTransfer

5199 kBSize

0 Cookies

0 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

api.bankofstrategy.com Open in urlscan Pro
3.143.85.249 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

5183 kB
Transfer

5199 kB
Size

0
Cookies

35 HTTP transactions
0 data transactions