sps.sbmbank.co.ke Open in urlscan Pro
196.13.136.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sps.sbmbank.co.ke/
Effective URL:
https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f
Submission: On July 26 via automatic, source certstream-suspicious (July 26th 2024, 7:56:44 am UTC) — Scanned from US

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 33 HTTP transactions. The main IP is 196.13.136.18, located in Kenya and belongs to CHASE-BANK-KENYA, KE. The main domain is sps.sbmbank.co.ke.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 1st 2023. Valid for: a year.

This is the only time sps.sbmbank.co.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 33	196.13.136.18 196.13.136.18		327753 (CHASE-BAN...) (CHASE-BANK-KENYA)
33	2

33 196.13.136.18 (Kenya) 1 redirects

ASN327753 (CHASE-BANK-KENYA, KE)

sps.sbmbank.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	sbmbank.co.ke 1 redirects sps.sbmbank.co.ke	330 KB
33	1

	Domain	Requested by
33	sps.sbmbank.co.ke	1 redirects sps.sbmbank.co.ke
33	1

This site contains no links.

Subject Issuer	Validity	Valid
sps.sbmbank.co.ke DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-01` - `2024-07-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f
Frame ID: 76BFA9AC95C218E475C5EB04454F0A98
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Simple Payments System [ Log On]

Page URL History Show full URLs

https://sps.sbmbank.co.ke/ HTTP 302
https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f Page URL

Page Statistics

33
Requests

97 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

329 kB
Transfer

700 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sps.sbmbank.co.ke/ HTTP 302
https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://sps.sbmbank.co.ke/Content/css?v=mz9rPHS2ehX9q2IyJNNSUOtfvfAv5LsS_3rYF0gAwS81 HTTP 301
https://sps.sbmbank.co.ke/Content/css/?v=mz9rPHS2ehX9q2IyJNNSUOtfvfAv5LsS_3rYF0gAwS81

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request logon Show response
sps.sbmbank.co.ke/account/
Redirect Chain

https://sps.sbmbank.co.ke/
https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f

5 KB
4 KB

311ms
310ms

Document
text/html

196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

a582fb56953a0ec159d5f890783c6fe874e5f99a8152f748cfdc3af1015df80d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: public, no-store, max-age=0
Content-Encoding: gzip
Content-Length: 2466
Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Type: text/html; charset=utf-8
Date: Fri, 26 Jul 2024 07:56:17 GMT
Expires: Fri, 26 Jul 2024 07:56:18 GMT
Last-Modified: Fri, 26 Jul 2024 07:56:18 GMT
P3P: CP="{}"
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: *
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 1; mode=block

Redirect headers

Cache-Control: private
Content-Length: 145
Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Type: text/html; charset=utf-8
Date: Fri, 26 Jul 2024 07:56:17 GMT
Location: /account/logon?ReturnUrl=%2f
P3P: CP="{}"
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Site.css
sps.sbmbank.co.ke/Content/SBM_Styling/ 10 KB
5 KB 415ms
414ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/SBM_Styling/Site.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

72b0dd4f8f8db9c8359c01d62c1a6e501f70717ac754affc2cce63be228d83b2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:18 GMT
P3P: CP="{}"
Content-Length: 3315
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 14 Jun 2022 15:26:34 GMT
ETag: "0715621380d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET

/
sps.sbmbank.co.ke/Content/css/
Redirect Chain

https://sps.sbmbank.co.ke/Content/css?v=mz9rPHS2ehX9q2IyJNNSUOtfvfAv5LsS_3rYF0gAwS81
https://sps.sbmbank.co.ke/Content/css/?v=mz9rPHS2ehX9q2IyJNNSUOtfvfAv5LsS_3rYF0gAwS81

0
0

GET
H/1.1 200
OK css
sps.sbmbank.co.ke/Content/themes/base/ 37 B
2 KB 1141ms
550ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/css?v=YfG0rbCQuqF3rBsbknb6vK86z-xdqhRzpxyPo7oZEdo1

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

4aaa6b71920ca9d27c8c8af450355de554e46c41754222a341439a0f126ee8dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:18 GMT
P3P: CP="{}"
Content-Length: 143
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Jul 2024 07:56:19 GMT
X-Download-Options: noopen
Vary: User-Agent,Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Expires: Sat, 26 Jul 2025 07:56:19 GMT

GET
H/1.1 200
OK modernizr Show response
sps.sbmbank.co.ke/bundles/ 11 KB
7 KB 986ms
285ms Script
text/javascript 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:18 GMT
P3P: CP="{}"
Content-Length: 5292
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Jul 2024 07:56:19 GMT
X-Download-Options: noopen
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Expires: Sat, 26 Jul 2025 07:56:19 GMT

GET
H/1.1 200
OK jquery Show response
sps.sbmbank.co.ke/bundles/ 87 KB
41 KB 1433ms
290ms Script
text/javascript 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/bundles/jquery?v=235DeCRyc2KKtm5-u-WowaGmWHU3ft44y448NxHpMf41

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

b3f3b16d93406fa02f4fe5f26078dad9bd67b1a8d017caa94861e80243b7abef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:19 GMT
P3P: CP="{}"
Content-Length: 40497
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Jul 2024 07:56:19 GMT
X-Download-Options: noopen
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Expires: Sat, 26 Jul 2025 07:56:19 GMT

GET
H/1.1 200
OK jqueryval Show response
sps.sbmbank.co.ke/bundles/ 29 KB
13 KB 4079ms
310ms Script
text/javascript 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/bundles/jqueryval?v=I7Ic3e1q-k_7t8Uhw4GbUdHXbwpxco1iFb1VoEX5Hg81

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

e9c4e3db18f2fb18eec6e262cfc1b09dc61fc1f44246d199fd831525ab7d06f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:21 GMT
P3P: CP="{}"
Content-Length: 11855
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Jul 2024 07:56:22 GMT
X-Download-Options: noopen
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Expires: Sat, 26 Jul 2025 07:56:22 GMT

GET
H/1.1 200
OK jqueryui Show response
sps.sbmbank.co.ke/bundles/ 247 KB
90 KB 4172ms
300ms Script
text/javascript 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/bundles/jqueryui?v=yqCVigxSu97_s_vulMWzX97PVmpAp1RUApV3df4vSeo1

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

e4c4fef621fd22525224291561879f8cc45f445b5f397d21063315ecae609b4b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:21 GMT
Transfer-Encoding: chunked
P3P: CP="{}"
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Jul 2024 07:56:22 GMT
X-Download-Options: noopen
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Expires: Sat, 26 Jul 2025 07:56:22 GMT

GET
H/1.1 200
OK bootstrap Show response
sps.sbmbank.co.ke/bundles/ 75 KB
30 KB 4184ms
298ms Script
text/javascript 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/bundles/bootstrap?v=gmojQUd0PbjNooOmKe-43VZS2Z6cEDSv0B0uD0GG75M1

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

ccc866af837d32986ca52680c76b96bfa17784868ece9f9b76d6e08641ae2f87

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:21 GMT
P3P: CP="{}"
Content-Length: 28897
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Jul 2024 07:56:22 GMT
X-Download-Options: noopen
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Expires: Sat, 26 Jul 2025 07:56:22 GMT

GET
H/1.1 200
OK libraries Show response
sps.sbmbank.co.ke/bundles/ 188 KB
75 KB 4255ms
313ms Script
text/javascript 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/bundles/libraries?v=37vQr9DJ3KttjRyDywS4JW4KxgLL8Wci_c2yfFnhTOs1

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

d213e7d61e672925bc437cdb84b9e1bddd10f2c0fc1e7f90a48831e6095a7535

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:21 GMT
Transfer-Encoding: chunked
P3P: CP="{}"
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Jul 2024 07:56:22 GMT
X-Download-Options: noopen
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Expires: Sat, 26 Jul 2025 07:56:22 GMT

GET
H/1.1 200
OK site Show response
sps.sbmbank.co.ke/Scripts/ 295 B
2 KB 4275ms
283ms Script
text/javascript 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Scripts/site?v=oBgKFWV_s3i7P2OiRj_eynJbFHQys8xZMU1sttGqt7M1

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

527cd293e06059a68c7fbe693fb49e0253e64659f1bb6466544388ae283c8998

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:21 GMT
P3P: CP="{}"
Content-Length: 300
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Jul 2024 07:56:22 GMT
X-Download-Options: noopen
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Expires: Sat, 26 Jul 2025 07:56:22 GMT

GET
H/1.1 200
OK base.css
sps.sbmbank.co.ke/Content/themes/base/ 752 B
2 KB 468ms
338ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/base.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/css?v=YfG0rbCQuqF3rBsbknb6vK86z-xdqhRzpxyPo7oZEdo1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

ecae7e4d64529f7ad9cf7c2f08c622400d56e7ea663c7913e661d67ff0f050b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:19 GMT
P3P: CP="{}"
Content-Length: 415
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK theme.css
sps.sbmbank.co.ke/Content/themes/base/ 17 KB
5 KB 766ms
298ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/theme.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/css?v=YfG0rbCQuqF3rBsbknb6vK86z-xdqhRzpxyPo7oZEdo1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

6423ac51e8fd47a3f7aee6aa9c51d678d5883dda7ccf2a1f7a56a4a39ec1205d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:19 GMT
P3P: CP="{}"
Content-Length: 3930
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK core.css
sps.sbmbank.co.ke/Content/themes/base/ 2 KB
2 KB 582ms
284ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/core.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

4fdbd21ae35704087e09e6b8d4676653273b0723105c653dff3cc7f25b66f6e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:19 GMT
P3P: CP="{}"
Content-Length: 832
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK accordion.css
sps.sbmbank.co.ke/Content/themes/base/ 829 B
2 KB 630ms
286ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/accordion.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

c0c46897b68da1c1b15cf75b02fc80f56b58b59b5f39ef7473f836f0d280e6b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:19 GMT
P3P: CP="{}"
Content-Length: 517
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK autocomplete.css
sps.sbmbank.co.ke/Content/themes/base/ 332 B
2 KB 871ms
287ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/autocomplete.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

e172d7435d78e822a54e9841cf97ee2147ca2bccc6145b1a0abf7d25897fc8e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:20 GMT
P3P: CP="{}"
Content-Length: 336
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK button.css
sps.sbmbank.co.ke/Content/themes/base/ 3 KB
3 KB 921ms
290ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/button.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

8acd19575bd2f5837ed758ff259732f5ad63e0a340ce7f2079630b8e1ddc6ebc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:20 GMT
P3P: CP="{}"
Content-Length: 1044
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK datepicker.css
sps.sbmbank.co.ke/Content/themes/base/ 4 KB
3 KB 1201ms
329ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/datepicker.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

ab7672827b0537e1b7f9e997a5ea16b67b3ffe28262b3e6d6b23d60cd12cdc8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:20 GMT
P3P: CP="{}"
Content-Length: 1157
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK dialog.css
sps.sbmbank.co.ke/Content/themes/base/ 1 KB
2 KB 1218ms
295ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/dialog.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

eb7ec9f094c87b9cf9a5d146e7f3970681ba28afe9da07b600dca20c9e78cf1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:20 GMT
P3P: CP="{}"
Content-Length: 712
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK draggable.css
sps.sbmbank.co.ke/Content/themes/base/ 265 B
2 KB 1531ms
328ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/draggable.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

0d4528d0f785f9443494af29d6059dae7c3dc90a3f842cf83a4b79c4485fe2de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:20 GMT
P3P: CP="{}"
Content-Length: 295
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK menu.css
sps.sbmbank.co.ke/Content/themes/base/ 1 KB
2 KB 1506ms
287ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/menu.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

c482806814ead6e7c73e814b42e4137570f14787b7ca6ae4e26f9d8c324fa30f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:20 GMT
P3P: CP="{}"
Content-Length: 708
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK progressbar.css
sps.sbmbank.co.ke/Content/themes/base/ 3 KB
4 KB 1792ms
286ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/progressbar.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

be554ca9cac80fa5a4cacf552720e68d5abe785c4cde89effa159fd9b586d6a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:20 GMT
P3P: CP="{}"
Content-Length: 2822
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK resizable.css
sps.sbmbank.co.ke/Content/themes/base/ 1 KB
2 KB 1818ms
286ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/resizable.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

cb7c33e8ffeebabc75a75a98f5561f703cc9aae5db9b55515d0093aec7add125

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:20 GMT
P3P: CP="{}"
Content-Length: 546
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK selectable.css
sps.sbmbank.co.ke/Content/themes/base/ 354 B
2 KB 2082ms
287ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/selectable.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

3349a662b5b038c6e42e33cb17b0b0f3a32fc8d4c7ceb14c294440bf01fcca0b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:21 GMT
P3P: CP="{}"
Content-Length: 348
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK selectmenu.css
sps.sbmbank.co.ke/Content/themes/base/ 1 KB
2 KB 2154ms
334ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/selectmenu.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

73bbfabf653799c49e01b1bb42646e98f2a4af2691e57f31a47622696d591fb5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:21 GMT
P3P: CP="{}"
Content-Length: 683
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK sortable.css
sps.sbmbank.co.ke/Content/themes/base/ 263 B
2 KB 2255ms
296ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/sortable.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

9fa003f0366d67eb5f0cfa6ef1aa57ea4bd94148358f2065e696f29db9b85c0e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:21 GMT
P3P: CP="{}"
Content-Length: 294
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK slider.css
sps.sbmbank.co.ke/Content/themes/base/ 1 KB
2 KB 2269ms
310ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/slider.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

ac610c03a0e4cbdceca6bed5d60e519f8df632b29c8ca0ad4742219cf4169f77

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:21 GMT
P3P: CP="{}"
Content-Length: 680
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK spinner.css
sps.sbmbank.co.ke/Content/themes/base/ 1 KB
2 KB 2538ms
562ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/spinner.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

1ca47cc5aee6b7fe9ef4c6dbbe7e9b7a4c44112db6b7130771475a01a6e971bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:21 GMT
P3P: CP="{}"
Content-Length: 711
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK tabs.css
sps.sbmbank.co.ke/Content/themes/base/ 1 KB
2 KB 2325ms
349ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/tabs.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

04fbef003436d56b629aa8eb883b4699cb7ca0a113ade880516261aee4822ed5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:21 GMT
P3P: CP="{}"
Content-Length: 676
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK tooltip.css
sps.sbmbank.co.ke/Content/themes/base/ 438 B
2 KB 2376ms
293ms Stylesheet
text/css 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/Content/themes/base/tooltip.css

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/themes/base/base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

bad09cb038bac74bdd2400309fce6d56a50370bba742d9d264f47616d0fbf1d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:21 GMT
P3P: CP="{}"
Content-Length: 393
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK BodyBG.png
sps.sbmbank.co.ke/Content/SBM_Styling/images/ 3 KB
4 KB 291ms
291ms Image
image/png 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sps.sbmbank.co.ke/Content/SBM_Styling/images/BodyBG.png

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/SBM_Styling/Site.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

93e5c234529c82af7dc681b90b119adfa1fe476789de12a0a3f95aca60788f5d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:24 GMT
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:21 GMT
ETag: "032ee94d27d81:0"
X-Download-Options: noopen
Content-Type: image/png
P3P: CP="{}"
Accept-Ranges: bytes
Content-Length: 2941
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK TitleLeft.png
sps.sbmbank.co.ke/Content/SBM_Styling/images/ 4 KB
5 KB 298ms
297ms Image
image/png 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sps.sbmbank.co.ke/Content/SBM_Styling/images/TitleLeft.png

Requested by

Host: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/SBM_Styling/Site.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

85cd43aec963f40ede3f28f57a147a93e3d9463dd4fba64f54253cc8484dfcfb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:24 GMT
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:22 GMT
ETag: "032ee94d27d81:0"
X-Download-Options: noopen
Content-Type: image/png
P3P: CP="{}"
Accept-Ranges: bytes
Content-Length: 4067
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK favicon.ico
sps.sbmbank.co.ke/ 1 KB
3 KB 285ms
285ms Other
image/x-icon 196.13.136.18
CHASE-BANK-KENYA

General

Check archive.org

Show headers Download Go to

Full URL

https://sps.sbmbank.co.ke/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.136.18 , Kenya, ASN327753 (CHASE-BANK-KENYA, KE),

Reverse DNS

Software

Resource Hash

0c46b256537f6bac99c27cbf50d98a5439c13c1248e5d9e52b2fb06d4affba26

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sps.sbmbank.co.ke/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin
Last-Modified: Mon, 21 Feb 2022 18:01:26 GMT
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 07:56:22 GMT
ETag: "05f1fb4d27d81:0"
X-Download-Options: noopen
Content-Type: image/x-icon
P3P: CP="{}"
Accept-Ranges: bytes
Content-Length: 1150
X-Xss-Protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sps.sbmbank.co.ke
URL: https://sps.sbmbank.co.ke/Content/css/?v=mz9rPHS2ehX9q2IyJNNSUOtfvfAv5LsS_3rYF0gAwS81

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sps.sbmbank.co.ke/	1969-12-31 23:59:59	Name: sps-mvc-caft Value: Q6XF0x_F2ikUTPK60O_Hd4k0YNinsCW2ZaPEH1gUZhiAVPlinRUlYFskMUZTZJ5n5RF06lghli-TmrXjew9bYqOtl8c1
.sps.sbmbank.co.ke/	1969-12-31 23:59:59	Name: TS0171c098 Value: 018c49fab032b8010d1b3c55089eb2e4937b64d116faec5c4c19dab8eb08950abb6c8ae6c640f4bd6308ad146af61983f0b8e1fc231a267c59b19b4e2727830659cdfe084e
sps.sbmbank.co.ke/	1969-12-31 23:59:59	Name: TS0fed1527027 Value: 083fd1c936ab2000383188b5540b2a42beef5a4a6b84aadc1c418f076478548d0132fad405f9752108dd24cba2113000d2f4acc06e5c94f4b57e3a2a10de730fae3bbf2679b199d98e0ccc8fb4d87abbbc35b8e8929c88d343ef4f84e5c20579

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	warning	URL: https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://sps.sbmbank.co.ke/account/logon?ReturnUrl=%2f Message: Refused to apply style from 'https://sps.sbmbank.co.ke/Content/css/?v=mz9rPHS2ehX9q2IyJNNSUOtfvfAv5LsS_3rYF0gAwS81' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; object-src 'self'; frame-ancestors 'self'; sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; script-src * 'self' 'unsafe-inline' data: https:; connect-src * 'self' data: https:; img-src * 'self' data: https:; style-src * 'self' 'unsafe-inline' data: https:; frame-src 'self'; font-src 'self'; media-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sps.sbmbank.co.ke
sps.sbmbank.co.ke
196.13.136.18
04fbef003436d56b629aa8eb883b4699cb7ca0a113ade880516261aee4822ed5
0c46b256537f6bac99c27cbf50d98a5439c13c1248e5d9e52b2fb06d4affba26
0d4528d0f785f9443494af29d6059dae7c3dc90a3f842cf83a4b79c4485fe2de
1ca47cc5aee6b7fe9ef4c6dbbe7e9b7a4c44112db6b7130771475a01a6e971bc
3349a662b5b038c6e42e33cb17b0b0f3a32fc8d4c7ceb14c294440bf01fcca0b
4aaa6b71920ca9d27c8c8af450355de554e46c41754222a341439a0f126ee8dd
4fdbd21ae35704087e09e6b8d4676653273b0723105c653dff3cc7f25b66f6e0
527cd293e06059a68c7fbe693fb49e0253e64659f1bb6466544388ae283c8998
6423ac51e8fd47a3f7aee6aa9c51d678d5883dda7ccf2a1f7a56a4a39ec1205d
72b0dd4f8f8db9c8359c01d62c1a6e501f70717ac754affc2cce63be228d83b2
73bbfabf653799c49e01b1bb42646e98f2a4af2691e57f31a47622696d591fb5
85cd43aec963f40ede3f28f57a147a93e3d9463dd4fba64f54253cc8484dfcfb
8acd19575bd2f5837ed758ff259732f5ad63e0a340ce7f2079630b8e1ddc6ebc
93e5c234529c82af7dc681b90b119adfa1fe476789de12a0a3f95aca60788f5d
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
9fa003f0366d67eb5f0cfa6ef1aa57ea4bd94148358f2065e696f29db9b85c0e
a582fb56953a0ec159d5f890783c6fe874e5f99a8152f748cfdc3af1015df80d
ab7672827b0537e1b7f9e997a5ea16b67b3ffe28262b3e6d6b23d60cd12cdc8a
ac610c03a0e4cbdceca6bed5d60e519f8df632b29c8ca0ad4742219cf4169f77
b3f3b16d93406fa02f4fe5f26078dad9bd67b1a8d017caa94861e80243b7abef
bad09cb038bac74bdd2400309fce6d56a50370bba742d9d264f47616d0fbf1d1
be554ca9cac80fa5a4cacf552720e68d5abe785c4cde89effa159fd9b586d6a4
c0c46897b68da1c1b15cf75b02fc80f56b58b59b5f39ef7473f836f0d280e6b9
c482806814ead6e7c73e814b42e4137570f14787b7ca6ae4e26f9d8c324fa30f
cb7c33e8ffeebabc75a75a98f5561f703cc9aae5db9b55515d0093aec7add125
ccc866af837d32986ca52680c76b96bfa17784868ece9f9b76d6e08641ae2f87
d213e7d61e672925bc437cdb84b9e1bddd10f2c0fc1e7f90a48831e6095a7535
e172d7435d78e822a54e9841cf97ee2147ca2bccc6145b1a0abf7d25897fc8e8
e4c4fef621fd22525224291561879f8cc45f445b5f397d21063315ecae609b4b
e9c4e3db18f2fb18eec6e262cfc1b09dc61fc1f44246d199fd831525ab7d06f2
eb7ec9f094c87b9cf9a5d146e7f3970681ba28afe9da07b600dca20c9e78cf1f
ecae7e4d64529f7ad9cf7c2f08c622400d56e7ea663c7913e661d67ff0f050b3

sps.sbmbank.co.ke Open in urlscan Pro 196.13.136.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

33 Requests

97 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

329 kBTransfer

700 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sps.sbmbank.co.ke Open in urlscan Pro
196.13.136.18 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

97 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

329 kB
Transfer

700 kB
Size

3
Cookies

33 HTTP transactions
0 data transactions