zlcuma.banking.apiture.com Open in urlscan Pro
52.84.174.45  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request custom_login Show response zlcuma.banking.apiture.com/piles/fxweb.pile/	17 KB 5 KB	707ms 391ms	Document text/html	52.84.174.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://zlcuma.banking.apiture.com/piles/fxweb.pile/custom_login?template=2018&iid=ZLCUMA Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.84.174.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-174-45.cdg50.r.cloudfront.net Software / Resource Hash 2bb37544727f91262c398c7a715c0f1c92c1857aa3914f3cefff2720f2e62ef9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-control no-store, no-cache, private, must-revalidate Connection keep-alive Content-Length 3211 Content-Type text/html; charset=ISO-8859-1 Content-encoding gzip Date Sat, 29 Jul 2023 22:21:40 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT P3P CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubdomains; preload Via 1.1 42feecb57a2a4d3ece0a33f7c279b80a.cloudfront.net (CloudFront) X-Amz-Cf-Id -kTOX6lf_kYopF6U2yeZugPine47BtcfMYG5D3EaKdPS9-LqbMHNGg== X-Amz-Cf-Pop CDG50-P1 X-Cache Miss from cloudfront
GET H2	200	gtm.js Show response www.googletagmanager.com/	262 KB 83 KB	209ms 85ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-K94Q7TF Requested by Host: zlcuma.banking.apiture.com URL: https://zlcuma.banking.apiture.com/piles/fxweb.pile/custom_login?template=2018&iid=ZLCUMA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9f3ed47479771c747081a18b92213a31e75c7b892213d1fcf167d761ce4e22af Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sat, 29 Jul 2023 22:21:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 84862 x-xss-protection 0 last-modified Sat, 29 Jul 2023 21:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 29 Jul 2023 22:21:40 GMT
GET H2	200	optimize.js Show response www.google-analytics.com/gtm/	122 KB 48 KB	236ms 112ms	Script application/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/optimize.js?id=GTM-PRQ7R32 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K94Q7TF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7c5f417305d02120637b694315753ca6257ccbb1351b3eab6bc0ae68f27079a7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sat, 29 Jul 2023 22:21:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48358 x-xss-protection 0 last-modified Sat, 29 Jul 2023 21:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 29 Jul 2023 22:21:40 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	177ms 58ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K94Q7TF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 29 Jul 2023 21:49:45 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 1915 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sat, 29 Jul 2023 23:49:45 GMT
GET H2	200	hotjar-1629961.js Show response static.hotjar.com/c/	9 KB 4 KB	182ms 75ms	Script application/javascript	18.66.192.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1629961.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K94Q7TF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-39.muc50.r.cloudfront.net Software / Resource Hash d2830e76648010e9a185ab1f48bde2017ddcadac9ccf378366ffaa892551bdb7 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sat, 29 Jul 2023 22:21:40 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 5cc4b35b46cb9b55d49e7f47442e6838.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 etag W/722a43faf054dda853aae89dd4a2bb5c vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id bHJJohS3_OY7nBObcpHOTG106cW-BdACgFNnfHH7CtB5q798HxBuxA==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	171 KB 47 KB	97ms 29ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: zlcuma.banking.apiture.com URL: https://zlcuma.banking.apiture.com/piles/fxweb.pile/custom_login?template=2018&iid=ZLCUMA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 52ea134848cf261f25b89a48cf302f4d97f3d69ef6db75c3648ff1ea6cd6fb3a Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 29 Jul 2023 22:21:40 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 47009 x-xss-protection 0 pragma public x-fb-debug n7mGIJgdvSvTG+VxgU9oDrTG3Zs4Qe7dkv8hHconsg5lSKIaAiBfnIS7wYhVlwPLfcoe6eSZrETY5e3uTky39g== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	8334616.js Show response js.hs-scripts.com/	974 B 1 KB	473ms 402ms	Script application/javascript	2606:4700::6812:883b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/8334616.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K94Q7TF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:883b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ff7bc09820ef078507d79ad56dfb75e6aa8965b3194294ca5aef9546b7792a1 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sat, 29 Jul 2023 22:21:41 GMT content-encoding br x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 8800bddd-2997-4117-9c8f-b77102e650d1 x-envoy-upstream-service-time 6 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 8800bddd-2997-4117-9c8f-b77102e650d1 last-modified Sat, 29 Jul 2023 13:31:52 GMT server cloudflare x-trace 2B30A5B2FA7303E5478A235736A0D32657EF053417000000000000000000 vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://zlcuma.banking.apiture.com x-evy-trace-virtual-host all cache-control public, max-age=60 access-control-allow-credentials true x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-598c95b5b7-zqxft cf-ray 7ee8c1996b0b9a30-FRA expires Sat, 29 Jul 2023 22:22:41 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	262 KB 87 KB	75ms 74ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-C9XFPW3RCR&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K94Q7TF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5025a0246aea359a20fe56cd9481d40dfe331ed8243f601c6df6ff8f3b8b95c6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sat, 29 Jul 2023 22:21:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 88785 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 29 Jul 2023 22:21:40 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 262 B	100ms 34ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-C9XFPW3RCR&gtm=45je37q0&_p=1284274014&cid=1960406878.1690669301&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690669300&sct=1&seg=0&dl=https%3A%2F%2Fzlcuma.banking.apiture.com%2Fpiles%2Ffxweb.pile%2Fcustom_login%3Ftemplate%3D2018%26iid%3DZLCUMA&dt=Listerhill%20Credit%20Union%20-%20Online%20Banking%20Login&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-C9XFPW3RCR&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jul 2023 22:21:40 GMT server Golfe2 content-type text/plain access-control-allow-origin https://zlcuma.banking.apiture.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1614531332198728 Show response connect.facebook.net/signals/config/	166 KB 46 KB	87ms 86ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1614531332198728?v=2.9.119&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f3a521490bfa1d8e3d2fbbf81bee2fdd3404ba181e7d5bd539d699804ed9438b Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 29 Jul 2023 22:21:40 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug 7URLjDnNirV0SvpqdHC4c6VS6zw+jy2VfRboq1gE9WAXgQjEeLIKfN9epvomVfban6Uhj8MpUG0myZfk8vz9ow== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	modules.6b15d95870354fc25d31.js Show response script.hotjar.com/	227 KB 56 KB	140ms 43ms	Script application/javascript	18.173.154.84 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.6b15d95870354fc25d31.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1629961.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.154.84 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-154-84.muc50.r.cloudfront.net Software / Resource Hash 46e9e4a4dcefc780ebf5d3d24bdbc96d647beb4244df31bf35f4ba77a077de06 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Fri, 28 Jul 2023 09:27:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P3 age 132874 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 56514 last-modified Fri, 28 Jul 2023 09:27:03 GMT etag "d8fc4fd06d4a76974c96d8997389f289" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id W6lDKUDQxCJZ90f7BfarefM7OXxU1so0Dm_5VaCKLeaKRgtwg0yvlA==
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 190 B	68ms 67ms	XHR text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1284274014&t=pageview&_s=1&dl=https%3A%2F%2Fzlcuma.banking.apiture.com%2Fpiles%2Ffxweb.pile%2Fcustom_login%3Ftemplate%3D2018%26iid%3DZLCUMA&ul=en-us&de=windows-1252&dt=Listerhill%20Credit%20Union%20-%20Online%20Banking%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABRAAAACAAI~&jid=1035364435&gjid=1994983093&cid=1960406878.1690669301&tid=UA-7633478-1&_gid=522013066.1690669301&_r=1&_slc=1&gtm=45He37q0n81K94Q7TF&z=1014157942 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://zlcuma.banking.apiture.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 29 Jul 2023 22:21:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://zlcuma.banking.apiture.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	169ms 28ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1614531332198728&ev=PageView&dl=https%3A%2F%2Fzlcuma.banking.apiture.com&rl=&if=false&ts=1690669300947&sw=1600&sh=1200&v=2.9.119&r=stable&a=tmgoogletagmanager&ec=0&o=28&fbp=fb.1.1690669300945.195159840&cs_est=true&pm=1&it=1690669300813&coo=false&cs_cc=1&cas=2691922410843445&exp=a0&rqm=GET Requested by Host: zlcuma.banking.apiture.com URL: https://zlcuma.banking.apiture.com/piles/fxweb.pile/custom_login?template=2018&iid=ZLCUMA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sat, 29 Jul 2023 22:21:41 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/tr/	0 31 B	170ms 29ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1614531332198728&ev=Page%20View&dl=https%3A%2F%2Fzlcuma.banking.apiture.com&rl=&if=false&ts=1690669300949&sw=1600&sh=1200&v=2.9.119&r=stable&a=tmgoogletagmanager&ec=1&o=28&fbp=fb.1.1690669300945.195159840&pm=1&it=1690669300813&coo=false&cs_cc=1&cas=2691922410843445&exp=a0&rqm=GET Requested by Host: zlcuma.banking.apiture.com URL: https://zlcuma.banking.apiture.com/piles/fxweb.pile/custom_login?template=2018&iid=ZLCUMA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sat, 29 Jul 2023 22:21:41 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 357 B	128ms 34ms	XHR text/plain	2a00:1450:400c:c0a::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-7633478-1&cid=1960406878.1690669301&jid=1035364435&gjid=1994983093&_gid=522013066.1690669301&_u=aCDACEAARAAAACAAI~&z=1004482017 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://zlcuma.banking.apiture.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sat, 29 Jul 2023 22:21:41 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://zlcuma.banking.apiture.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	8334616.js Show response js.hs-analytics.net/analytics/1690669200000/	66 KB 21 KB	598ms 521ms	Script text/javascript	2606:4700::6810:89ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1690669200000/8334616.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/8334616.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:89ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fe044308a0f4520e2bc7e34fbe99af4ee8bb5814d82ee6d5b7058b8ab1cf934 Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sat, 29 Jul 2023 22:21:41 GMT x-amz-version-id null content-encoding br cf-cache-status MISS x-amz-request-id 7SDFXE234Q39GJHG x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 7765d995-3546-4921-bd19-bdda9e5d3ceb x-envoy-upstream-service-time 24 x-amz-id-2 OqYK3nk2gJ0M7xHY6xF7nw7R8Qq3oqyWh8L+v+yTbrrj3kxl2dZbyLgVQWpCnlozhCQpWXBPSTo= x-evy-trace-listener listener_https x-request-id 7765d995-3546-4921-bd19-bdda9e5d3ceb x-evy-trace-route-configuration listener_https/all last-modified Thu, 20 Jul 2023 16:13:45 GMT server cloudflare etag W/"0b391fa3dbe8bac41eb5ce00c5d46bef" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-9vnjb cache-control max-age=300,public access-control-allow-credentials false cf-ray 7ee8c19c898118dd-FRA expires Sat, 29 Jul 2023 22:26:41 GMT
GET H2	200	banner.js Show response js.hs-banner.com/v2/8334616/	209 KB 64 KB	462ms 385ms	Script text/javascript	2606:4700::6812:18c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/8334616/banner.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/8334616.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ddddd6aa7389fcec9da557bc690c6295419bd3b059a4237965660e997c1145c4 Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sat, 29 Jul 2023 22:21:41 GMT x-amz-version-id .oWhj5LPPcKq7cL28K7fkB_FLEaQYO.S content-encoding br cf-cache-status MISS x-amz-request-id 7SDEGGY8GCGGEPBN x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 255f7581-669a-4a38-9fee-a81c4ef1a732 x-envoy-upstream-service-time 72 x-amz-id-2 aNL0fHL99xGU3iBGgyqWmurho+v91rc+xruM+tSprQd6KkwWZUup9pl4+yWZf0f88epi6faSJT8= x-evy-trace-listener listener_https x-request-id 255f7581-669a-4a38-9fee-a81c4ef1a732 x-evy-trace-route-configuration listener_https/all last-modified Thu, 22 Jun 2023 17:15:11 GMT server cloudflare etag W/"45850c2c5d6c1dbcfb30e475f5cb2fc9" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://zlcuma.banking.apiture.com x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-ns2gd vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 7ee8c19c8c8ebb7a-FRA expires Sat, 29 Jul 2023 22:26:41 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	203ms 69ms	Image image/gif	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7633478-1&cid=1960406878.1690669301&jid=1035364435&_u=aCDACEAARAAAACAAI~&z=541955803 Requested by Host: zlcuma.banking.apiture.com URL: https://zlcuma.banking.apiture.com/piles/fxweb.pile/custom_login?template=2018&iid=ZLCUMA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jul 2023 22:21:41 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	202ms 68ms	Image image/gif	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7633478-1&cid=1960406878.1690669301&jid=1035364435&_u=aCDACEAARAAAACAAI~&z=541955803 Requested by Host: zlcuma.banking.apiture.com URL: https://zlcuma.banking.apiture.com/piles/fxweb.pile/custom_login?template=2018&iid=ZLCUMA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jul 2023 22:21:41 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	219ms 158ms	Image image/gif	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=windows-1252&ln=en-us&bfp=600004306&v=1.1&a=8334616&pu=https%3A%2F%2Fzlcuma.banking.apiture.com%2Fpiles%2Ffxweb.pile%2Fcustom_login%3Ftemplate%3D2018%26iid%3DZLCUMA&t=Listerhill+Credit+Union+-+Online+Banking+Login&cts=1690669301827&vi=04d3aea5d0111b70cd5bf1ba12457e29&nc=true&u=45728443.04d3aea5d0111b70cd5bf1ba12457e29.1690669301824.1690669301824.1690669301824.1&b=45728443.1.1690669301824&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sat, 29 Jul 2023 22:21:42 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id d1cc2b7e-a97e-44fb-a843-2fcd7002a14e p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 7 alt-svc h3=":443"; ma=86400 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id d1cc2b7e-a97e-44fb-a843-2fcd7002a14e server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7j0OOaaNueURmoEQNNWXCPdu6FG1JI44Lru83unvLTDdVbUt%2FOr6SYVvhNe5hXni8Ka0U3rqujulzlmxZCDb999NNt0ko8vm57kn4yx0BOegtBzZJ1ucme2R5JDFXjtQUOdx73%2B3IiJrIFgQQCDP"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-5f6448c676-vrlgm x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 7ee8c1a0ef343a94-FRA x-robots-tag none
GET H3	200	a www.googletagmanager.com/	0 11 B	69ms 69ms	Image text/html	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-PRQ7R32&cv=7&t=ol&p=gtmo&l=661&q=359&f=295&e=7&i=1&d=657&c=643&hc=0&sr=0.050000&ps=0.04362987985667144&cb=844049297 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zlcuma.banking.apiture.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sat, 29 Jul 2023 22:21:41 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaplugins object| google_optimize object| gaData object| _hsp undefined| _hstc undefined| _hssc undefined| _hsfp object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.banking.apiture.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: Hgwl9VgHAj
			.banking.apiture.com/	1969-12-31 23:59:59	Name: secure.fx.sid.fxweb Value: login%232%23321c4fd65148785c%232eb4c51470e4dda582ef3583dd8015e756a3090d366f4493cc090861a5023687a4506e08d2dd8d1a4b8de9fb8ebe9c7c11aefbbb5dfc23af
			zlcuma.banking.apiture.com/	1969-12-31 23:59:59	Name: TS01d09e1e Value: 01c6fb4b6c07f509edebda81f96939d28d90a9d7783feb6796a55b70c7487dc4e4dacbab594ba3ebaae10e228bb661f0040fc58e65
			.banking.apiture.com/	1969-12-31 23:59:59	Name: TS01550d88 Value: 01c6fb4b6c07f509edebda81f96939d28d90a9d7783feb6796a55b70c7487dc4e4dacbab594ba3ebaae10e228bb661f0040fc58e65
			zlcuma.banking.apiture.com/	1969-12-31 23:59:59	Name: TS481daac3027 Value: 0894bc7510ab20000a9efc4207cd623da924b67ab6c8b50c817e47f0e589c0381f34357dc45a7184080c1fd4d21130007127d21c00c5a16db49d480893c119335134fb754e31056e5d95749f5c693b7cc7182c3a00d24ffcf8bba59a6b450261
			.apiture.com/	1970-01-20 23:13:49	Name: _ga_C9XFPW3RCR Value: GS1.1.1690669300.1.0.1690669300.0.0.0
			.apiture.com/	1970-01-20 23:13:49	Name: _ga Value: GA1.2.1960406878.1690669301
			.apiture.com/	1970-01-20 13:39:15	Name: _gid Value: GA1.2.522013066.1690669301
			.apiture.com/	1970-01-20 13:37:49	Name: _gat_UA-7633478-1 Value: 1
			.apiture.com/	1970-01-20 15:47:25	Name: _fbp Value: fb.1.1690669300945.195159840
			.apiture.com/	1970-01-20 22:23:25	Name: _hjSessionUser_1629961 Value: eyJpZCI6ImE0OTA3YTliLWI2NWMtNTljOS1iOGY1LTFjNjYyNzg3Njg5YyIsImNyZWF0ZWQiOjE2OTA2NjkzMDExMDIsImV4aXN0aW5nIjpmYWxzZX0=
			.apiture.com/	1970-01-20 13:37:51	Name: _hjFirstSeen Value: 1
			.apiture.com/	1970-01-20 13:37:49	Name: _hjIncludedInSessionSample_1629961 Value: 0
			.apiture.com/	1970-01-20 13:37:51	Name: _hjSession_1629961 Value: eyJpZCI6ImFjMGQ3NDdkLWQyMmUtNDYwYS1hMTA0LWY5NjYwYTRjMTlhMiIsImNyZWF0ZWQiOjE2OTA2NjkzMDExMTQsImluU2FtcGxlIjpmYWxzZX0=
			.apiture.com/	1970-01-20 13:37:51	Name: _hjAbsoluteSessionInProgress Value: 0
			zlcuma.banking.apiture.com/	1970-01-20 17:57:01	Name: __hstc Value: 45728443.04d3aea5d0111b70cd5bf1ba12457e29.1690669301824.1690669301824.1690669301824.1
			zlcuma.banking.apiture.com/	1970-01-20 17:57:01	Name: hubspotutk Value: 04d3aea5d0111b70cd5bf1ba12457e29
			zlcuma.banking.apiture.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
			zlcuma.banking.apiture.com/	1970-01-20 13:37:51	Name: __hssc Value: 45728443.1.1690669301824
			.hubspot.com/	1970-01-20 13:37:51	Name: __cf_bm Value: dwVBsqCJvMTLNpPeGI5mou5BMBFiZ6iEgpiX6WfnIBM-1690669302-0-AY11rIl55hkkG0ZoCQ5cvHBNxSFMLykp3wJfZfLjq/xAiIcoUyN+tHLM5Nmznt6p3OzkDhkay+kCBSga6XD98hs=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
zlcuma.banking.apiture.com
18.173.154.84
18.66.192.39
2001:4860:4802:34::36
2606:4700::6810:89ce
2606:4700::6812:18c4
2606:4700::6812:883b
2606:4700::6813:9a53
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::9d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
52.84.174.45
2bb37544727f91262c398c7a715c0f1c92c1857aa3914f3cefff2720f2e62ef9
46e9e4a4dcefc780ebf5d3d24bdbc96d647beb4244df31bf35f4ba77a077de06
5025a0246aea359a20fe56cd9481d40dfe331ed8243f601c6df6ff8f3b8b95c6
52ea134848cf261f25b89a48cf302f4d97f3d69ef6db75c3648ff1ea6cd6fb3a
7c5f417305d02120637b694315753ca6257ccbb1351b3eab6bc0ae68f27079a7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8fe044308a0f4520e2bc7e34fbe99af4ee8bb5814d82ee6d5b7058b8ab1cf934
9f3ed47479771c747081a18b92213a31e75c7b892213d1fcf167d761ce4e22af
9ff7bc09820ef078507d79ad56dfb75e6aa8965b3194294ca5aef9546b7792a1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
d2830e76648010e9a185ab1f48bde2017ddcadac9ccf378366ffaa892551bdb7
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ddddd6aa7389fcec9da557bc690c6295419bd3b059a4237965660e997c1145c4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a521490bfa1d8e3d2fbbf81bee2fdd3404ba181e7d5bd539d699804ed9438b