Submitted URL: https://statebankoftoulon.com/
Effective URL: https://www.banksbt.bank/
Submission: On February 02 via manual from US — Scanned from DE

Summary

This website contacted 19 IPs in 3 countries across 20 domains to perform 78 HTTP transactions. The main IP is 18.219.25.198, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is www.banksbt.bank.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 7th 2023. Valid for: a year.
This is the only time www.banksbt.bank was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
21 banksbt.bank
www.banksbt.bank
583 KB
14 lk-cs.com
clients.lk-cs.com — Cisco Umbrella Rank: 138810
social-feeds.lk-cs.com
2 MB
10 typekit.net
use.typekit.net — Cisco Umbrella Rank: 463
p.typekit.net — Cisco Umbrella Rank: 566
175 KB
9 quilocloud.com
widget.quilocloud.com — Cisco Umbrella Rank: 932725
104 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
424 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
331 KB
2 cdninstagram.com
scontent-ord5-1.cdninstagram.com — Cisco Umbrella Rank: 6229
42 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
394 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
859 B
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 3321
18 KB
1 lkcsunix.com
lkcsunix.com
1 KB
1 apiture.com
szsbtti.banking.apiture.com
3 KB
1 fundsxpress.com
szsbtti.secure.fundsxpress.com
784 B
1 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 637
149 B
1 brandcdn.com
tag.brandcdn.com — Cisco Umbrella Rank: 16545
1 KB
1 statebankoftoulon.com
statebankoftoulon.com
880 B
0 google.de Failed
www.google.de Failed
0 windows.net Failed
mgmtpublicdata.blob.core.windows.net Failed
78 20
Domain Requested by
21 www.banksbt.bank www.banksbt.bank
9 widget.quilocloud.com www.banksbt.bank
widget.quilocloud.com
9 clients.lk-cs.com www.banksbt.bank
8 use.typekit.net www.banksbt.bank
use.typekit.net
szsbtti.banking.apiture.com
5 social-feeds.lk-cs.com www.banksbt.bank
4 www.googletagmanager.com www.banksbt.bank
www.googletagmanager.com
3 www.gstatic.com www.google.com
2 scontent-ord5-1.cdninstagram.com www.banksbt.bank
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 p.typekit.net use.typekit.net
2 www.google.com www.banksbt.bank
www.gstatic.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com client
1 cdn.mxpnl.com www.banksbt.bank
1 lkcsunix.com www.banksbt.bank
1 szsbtti.banking.apiture.com www.banksbt.bank
1 szsbtti.secure.fundsxpress.com 1 redirects
1 insight.adsrvr.org www.banksbt.bank
1 tag.brandcdn.com www.banksbt.bank
1 statebankoftoulon.com 1 redirects
0 www.google.de Failed www.banksbt.bank
0 mgmtpublicdata.blob.core.windows.net Failed widget.quilocloud.com
78 23
Subject Issuer Validity Valid
*.banksbt.bank
Amazon RSA 2048 M01
2023-03-07 -
2024-04-04
a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-01 -
2025-03-03
a year crt.sh
*.brandcdn.com
Amazon RSA 2048 M02
2023-08-02 -
2024-08-30
a year crt.sh
lk-cs.com
GTS CA 1P5
2024-01-13 -
2024-04-12
3 months crt.sh
www.google.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
widget.quilocloud.com
R3
2024-01-12 -
2024-04-11
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
prod-fxweb.apiture-comm-prod.com
Amazon RSA 2048 M03
2024-01-23 -
2025-02-20
a year crt.sh
*.gstatic.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.lkcsunix.com
Amazon RSA 2048 M01
2023-09-03 -
2024-10-02
a year crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1
2023-07-12 -
2024-08-11
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.instagram.com
DigiCert SHA2 High Assurance Server CA
2023-11-12 -
2024-02-10
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.banksbt.bank/
Frame ID: E1B7950C5CBB122E4BC459D023E64CB5
Requests: 70 HTTP requests in this frame

Frame: https://szsbtti.banking.apiture.com/piles/fxweb.pile/custom_login?template=2019&iid=SZSBTTI
Frame ID: 161ADF0212A9895D8AA3F4236858676E
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMRXYUAAAAAOgbA5sofS16eFf-Oy4dQeiqaOjc&co=aHR0cHM6Ly93d3cuYmFua3NidC5iYW5rOjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=normal&cb=bjq5w8dje3ic
Frame ID: C0C06670B9F283577683ECEB11196F6F
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

State Bank of Toulon Close Announcement

Page URL History Show full URLs

  1. https://statebankoftoulon.com/ HTTP 301
    https://www.banksbt.bank/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

78
Requests

97 %
HTTPS

68 %
IPv6

20
Domains

23
Subdomains

19
IPs

3
Countries

3348 kB
Transfer

5266 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://statebankoftoulon.com/ HTTP 301
    https://www.banksbt.bank/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://szsbtti.secure.fundsxpress.com/piles/fxweb.pile/custom_login?template=2019&iid=SZSBTTI HTTP 302
  • https://szsbtti.banking.apiture.com/piles/fxweb.pile/custom_login?template=2019&iid=SZSBTTI

78 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.banksbt.bank/
Redirect Chain
  • https://statebankoftoulon.com/
  • https://www.banksbt.bank/
29 KB
30 KB
Document
General
Full URL
https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
0107b6fa3ca7902147f6069de8b87da2120e6c1a7b7bfd46098232cff523a45e
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-length
29506
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
content-type
text/html; charset=utf-8
date
Fri, 02 Feb 2024 20:01:51 GMT
expires
-1
pragma
no-cache
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
148
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
content-type
text/html; charset=UTF-8
date
Fri, 02 Feb 2024 20:01:50 GMT
location
https://www.banksbt.bank/
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
kau1rpk.css
use.typekit.net/
5 KB
1 KB
Stylesheet
General
Full URL
https://use.typekit.net/kau1rpk.css
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
94c6971ad1109548832e116027926e5caba5159153cdc167eb98b60dc6c4c1db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Fri, 02 Feb 2024 20:01:51 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
820
ScriptResource.axd
www.banksbt.bank/
88 KB
89 KB
Script
General
Full URL
https://www.banksbt.bank/ScriptResource.axd?d=ktXPS54N4JY6vbaCTPlT9f_GXpH_ocXoBuM5OrMYSZVyt6ipzLcB2JYAN-6x3q6v2h1l8PmviGNxmm6ge4Id9wsIsX2zWOOQN-I9JvGrzB_39_SDedncI4wRkxkQl7x2g_-qxCD1XQHG6kgSVVLoQmHxGEbL-qaJTCOsmoDDeNr7bZbXu8gFQuG6Uh5Xz6Vl0&t=ffffffffc6fa8477
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
c4ae5268bef77000a0b3d189ab188bcd5a819ed731d3e2577ff75e22a5ab37b7
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:51 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Fri, 02 Feb 2024 07:17:44 GMT
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
cache-control
public
content-length
89949
x-xss-protection
1; mode=block
expires
Sat, 01 Feb 2025 07:17:44 GMT
ScriptResource.axd
www.banksbt.bank/
17 KB
18 KB
Script
General
Full URL
https://www.banksbt.bank/ScriptResource.axd?d=ePnjFy9PuY6CB3GWMX-b_6a53smIDmukez_uFxy5_fCwdqp_G0OziltbJ4HCcUcQR8sPPJmsDOeDootjbzshn5svwYQlq4qUkDWE69141j9bMujIZ1RoszONw7eqDyd_JYRRg1n74vWJADNZXevBPBA7Kk_GMd_i5LyFvG6jxubpu0uLTQ9v8XuRxwwRNlwB0&t=ffffffffc6fa8477
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
751aade30dcb685090ac48f4f949f6ebf4459d0d04a3bda0837b0aef4809e34d
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:51 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Fri, 02 Feb 2024 07:17:44 GMT
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
cache-control
public
content-length
17011
x-xss-protection
1; mode=block
expires
Sat, 01 Feb 2025 07:17:44 GMT
main.css
www.banksbt.bank/ResourcePackages/Custom/assets/css/
65 KB
13 KB
Stylesheet
General
Full URL
https://www.banksbt.bank/ResourcePackages/Custom/assets/css/main.css?v=060821
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
c0ae25e86eac76505c4df330a08164b8b2791cca435d788ffd182604b73c610e
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 29 Oct 2021 18:23:20 GMT
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
etag
"09cd2cf2ccd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
accept-ranges
bytes
content-length
12003
x-xss-protection
1; mode=block
245305.js
tag.brandcdn.com/autoscript/stbanktoulonkewaneebankqc_vfdwtk1fmvvxvda9/
1 KB
1 KB
Script
General
Full URL
https://tag.brandcdn.com/autoscript/stbanktoulonkewaneebankqc_vfdwtk1fmvvxvda9/245305.js
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:6a00:7:e536:8b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e9f1603f2752bf43a95ce1c4521e1f65fafe4603fc115466bbd8c982dfc683a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
NwV65wuk1ggYAO5SmJYNl7p1nxzyJQxC
date
Fri, 02 Feb 2024 18:20:42 GMT
via
1.1 aca4cfc16ad0f84e78738cc400bfb7f4.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 18:56:22 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
age
6070
x-amz-server-side-encryption
AES256
etag
"47aafaf4cd719982fc1d31d2de25792c"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
1090
x-amz-cf-id
Ma1yBZi0Fl76YMuOuJsgj3c5C7uFTTgRo-qZB6vL5WF3L0XO7nneRA==
logo.svg
www.banksbt.bank/images/default-source/default-album/
16 KB
17 KB
Image
General
Full URL
https://www.banksbt.bank/images/default-source/default-album/logo.svg?sfvrsn=35f79f35_0
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
759be3038b131388f7b5f3ae74539bd7215357589bc130cd31680581a288fc94
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:51 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Thu, 27 Dec 2018 16:24:31 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=7776000
content-disposition
inline; filename=logo.svg
content-length
15947
x-xss-protection
1; mode=block
expires
Thu, 02 May 2024 20:01:51 GMT
622426086323640-compressed.jpg
clients.lk-cs.com/id/62242/images/
286 KB
287 KB
Image
General
Full URL
https://clients.lk-cs.com/id/62242/images/622426086323640-compressed.jpg
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5f169ba6f40d6d189765e7cd018a4584cc3c23beb3a61226fe4408a2181ad907

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
cf-cache-status
MISS
last-modified
Mon, 15 Apr 2019 13:32:50 GMT
server
cloudflare
etag
"fc5ca0b88ff3d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
POST,GET
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84f5074ae8a603b8-FRA
access-control-allow-headers
Origin, Cache-Control, X-File-Name, X-Requested-With, Content-Type, Accept
content-length
293193
622426020757600-compressed.jpg
clients.lk-cs.com/id/62242/images/
174 KB
174 KB
Image
General
Full URL
https://clients.lk-cs.com/id/62242/images/622426020757600-compressed.jpg
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7a66161912ccd1e24168931cfa502843c9171cedfa35814be00a1bdf677609a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
cf-cache-status
MISS
last-modified
Tue, 29 Jan 2019 17:16:07 GMT
server
cloudflare
etag
"ceb7b052f6b7d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
POST,GET
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84f5074cfb6903b8-FRA
access-control-allow-headers
Origin, Cache-Control, X-File-Name, X-Requested-With, Content-Type, Accept
content-length
177670
622426020758260-compressed.jpg
clients.lk-cs.com/id/62242/images/
120 KB
120 KB
Image
General
Full URL
https://clients.lk-cs.com/id/62242/images/622426020758260-compressed.jpg
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3c22d1ad57f4b644fb0fbd374e23136f6ecf56b7beaa32dbe3264be096c8833d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
cf-cache-status
MISS
last-modified
Tue, 29 Jan 2019 17:17:11 GMT
server
cloudflare
etag
"d96ae578f6b7d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
POST,GET
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84f5074d0b7703b8-FRA
access-control-allow-headers
Origin, Cache-Control, X-File-Name, X-Requested-With, Content-Type, Accept
content-length
122762
622427309187120-compressed.png
clients.lk-cs.com/id/62242/images/
62 KB
62 KB
Image
General
Full URL
https://clients.lk-cs.com/id/62242/images/622427309187120-compressed.png
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6ea0eeb8ac6df2f6d7a6abe3f1e6d6d5a4c41cf62785f48fb3f841601222dbd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
cf-cache-status
MISS
last-modified
Tue, 28 Feb 2023 16:58:37 GMT
server
cloudflare
etag
"58817ee6954bd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
POST,GET
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84f5074d0b7903b8-FRA
access-control-allow-headers
Origin, Cache-Control, X-File-Name, X-Requested-With, Content-Type, Accept
content-length
63335
instagram.svg
www.banksbt.bank/ResourcePackages/Custom/assets/images/
1 KB
2 KB
Image
General
Full URL
https://www.banksbt.bank/ResourcePackages/Custom/assets/images/instagram.svg
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
c139273446667be8d8142ba086b1997fc7238ca0349adb2c98f854dff31a5899
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Thu, 27 Dec 2018 21:08:00 GMT
etag
"038643f289ed41:0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=2678400
accept-ranges
bytes
content-length
1210
x-xss-protection
1; mode=block
facebook.svg
www.banksbt.bank/ResourcePackages/Custom/assets/images/
647 B
2 KB
Image
General
Full URL
https://www.banksbt.bank/ResourcePackages/Custom/assets/images/facebook.svg
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
6bda3f14179f6916445aea2b00d024db02db756b086341d25983d2b61ecb9029
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Thu, 27 Dec 2018 21:08:00 GMT
etag
"038643f289ed41:0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=2678400
accept-ranges
bytes
content-length
647
x-xss-protection
1; mode=block
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
15dd40f19386303a8f905168185e422e41815f8fa2d655d860a0a676e173b460
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 02 Feb 2024 20:01:52 GMT
validate.js
www.banksbt.bank/ResourcePackages/Custom/assets/js/vendor/
47 KB
48 KB
Script
General
Full URL
https://www.banksbt.bank/ResourcePackages/Custom/assets/js/vendor/validate.js
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
3980637d10c8be157e33048db192981d022c22a028fce4f54b77b65c75041c5a
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Mon, 30 Nov 2020 22:37:00 GMT
etag
"08e175169c7d61:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2678400
accept-ranges
bytes
content-length
47689
x-xss-protection
1; mode=block
insta-white.svg
www.banksbt.bank/images/default-source/default-album/
934 B
2 KB
Image
General
Full URL
https://www.banksbt.bank/images/default-source/default-album/insta-white.svg?sfvrsn=874681e5_0
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
98e24dcd8739d9946279181825543b4317054c3d33a9b9317fe583d7f375920d
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Mon, 31 Dec 2018 14:19:44 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=7776000
content-disposition
inline; filename=insta-white.svg
content-length
934
x-xss-protection
1; mode=block
expires
Thu, 02 May 2024 20:01:52 GMT
facebook-white.svg
www.banksbt.bank/images/default-source/default-album/
592 B
2 KB
Image
General
Full URL
https://www.banksbt.bank/images/default-source/default-album/facebook-white.svg?sfvrsn=2d15a309_0
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
16dd0011aad40d7af70ec8f492d7a753c1d35bcffb8f012cf4aaaf428f678b13
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Mon, 31 Dec 2018 14:28:57 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=7776000
content-disposition
inline; filename=facebook-white.svg
content-length
592
x-xss-protection
1; mode=block
expires
Thu, 02 May 2024 20:01:52 GMT
fdic.svg
www.banksbt.bank/images/default-source/default-album/
3 KB
4 KB
Image
General
Full URL
https://www.banksbt.bank/images/default-source/default-album/fdic.svg?sfvrsn=dafa20c4_0
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
bb08b6425f3e5c26fadf7343b1dc91e8a91c17f511f48b4ce19a7681faa0666e
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Thu, 27 Dec 2018 17:09:28 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=7776000
content-disposition
inline; filename=fdic.svg
content-length
3152
x-xss-protection
1; mode=block
expires
Thu, 02 May 2024 20:01:52 GMT
ehl.svg
www.banksbt.bank/images/default-source/default-album/
4 KB
5 KB
Image
General
Full URL
https://www.banksbt.bank/images/default-source/default-album/ehl.svg?sfvrsn=ddf948d6_0
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
b2d1d4f338ea3872e93eb6f6acc700fc5ab4db2b1091ca1e037e879fa033141f
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Thu, 27 Dec 2018 17:09:51 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=7776000
content-disposition
inline; filename=ehl.svg
content-length
4277
x-xss-protection
1; mode=block
expires
Thu, 02 May 2024 20:01:52 GMT
lkcs.svg
www.banksbt.bank/images/default-source/default-album/
6 KB
7 KB
Image
General
Full URL
https://www.banksbt.bank/images/default-source/default-album/lkcs.svg?sfvrsn=2cb405d6_0
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2ad801fc21a3b5278bac0ae7f5d042c64088d8780efdb41a4973748315edbd42
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Thu, 27 Dec 2018 17:10:31 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=7776000
content-disposition
inline; filename=lkcs.svg
content-length
5960
x-xss-protection
1; mode=block
expires
Thu, 02 May 2024 20:01:52 GMT
ts.vendor.min.js
clients.lk-cs.com/shared/js/
423 KB
123 KB
Script
General
Full URL
https://clients.lk-cs.com/shared/js/ts.vendor.min.js
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6d3977e6465dab26bfe14d8de9f6f9befcf7f4e53924c069ca60cee7e43aa23a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 30 Jan 2024 14:00:50 GMT
server
cloudflare
age
278940
etag
W/"669237bb8453da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
POST,GET
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
84f5074d0b7b03b8-FRA
access-control-allow-headers
Origin, Cache-Control, X-File-Name, X-Requested-With, Content-Type, Accept
ts.min.js
clients.lk-cs.com/shared/js/
37 KB
10 KB
Script
General
Full URL
https://clients.lk-cs.com/shared/js/ts.min.js
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9495b8bfc02e086a49fdb8c22727cc8288c0ffd2f54c6ae5096e7fd92c240670

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 17:51:35 GMT
server
cloudflare
age
7303224
etag
W/"56c34dbe34fdd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
POST,GET
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
84f5074d0b7d03b8-FRA
access-control-allow-headers
Origin, Cache-Control, X-File-Name, X-Requested-With, Content-Type, Accept
script.min.js
www.banksbt.bank/ResourcePackages/Custom/assets/js/
48 KB
49 KB
Script
General
Full URL
https://www.banksbt.bank/ResourcePackages/Custom/assets/js/script.min.js
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
9b71ede96e89d0b855cb282de2f859d0e5327c3125dd7a03f80cc116d540d217
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Mon, 30 Nov 2020 22:37:00 GMT
etag
"08e175169c7d61:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2678400
accept-ranges
bytes
content-length
49317
x-xss-protection
1; mode=block
quilo-widget.min.js
widget.quilocloud.com/
27 KB
8 KB
Script
General
Full URL
https://widget.quilocloud.com/quilo-widget.min.js
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.85.40.85 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
7050a3dea26d368a1e1405f5608d9d2eaedec4f8d3f0fa9d28e7b37379f5d26a
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
1
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 26 Jan 2024 10:14:16 GMT
server
istio-envoy
etag
W/"65b385f8-6d21"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,no-cache, no-store, must-revalidate
permissions-policy
geolocation=(self "https://*.quilocloud.com"), fullscreen=*
expires
Fri, 02 Feb 2024 20:01:52 GMT
p.css
p.typekit.net/
5 B
172 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=kau1rpk&ht=tk&f=15759.15760.22737.22489.22490.22495&a=87891360&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kau1rpk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
/
insight.adsrvr.org/track/conv/
70 B
149 B
Image
General
Full URL
https://insight.adsrvr.org/track/conv/?adv=3hv1psu&ct=0:7ncup4b&fmt=3
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
server
Kestrel
content-length
70
content-type
image/gif
gtm.js
www.googletagmanager.com/
194 KB
70 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W9DQTFM
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2c22d2de122491deb92c556f2945d6f06f490b9cf11da375eaefa9175150a702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71003
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 18:16:54 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Feb 2024 20:01:52 GMT
custom_login
szsbtti.banking.apiture.com/piles/fxweb.pile/ Frame 161A
Redirect Chain
  • https://szsbtti.secure.fundsxpress.com/piles/fxweb.pile/custom_login?template=2019&iid=SZSBTTI
  • https://szsbtti.banking.apiture.com/piles/fxweb.pile/custom_login?template=2019&iid=SZSBTTI
5 KB
3 KB
Document
General
Full URL
https://szsbtti.banking.apiture.com/piles/fxweb.pile/custom_login?template=2019&iid=SZSBTTI
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-122.zrh55.r.cloudfront.net
Software
/
Resource Hash
d00aa30f9af388367f01b82138e7c9995ff79e6af39af331e2966025a21e5bac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Referer
https://www.banksbt.bank/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-control
no-store, no-cache, private, must-revalidate
Connection
keep-alive
Content-Length
1513
Content-Type
text/html; charset=ISO-8859-1
Content-encoding
gzip
Date
Fri, 02 Feb 2024 20:01:53 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Via
1.1 3d994808da6a9ce8c9e7b1364fa689ea.cloudfront.net (CloudFront)
X-Amz-Cf-Id
wgzOZFS4ZY2NR1dxDG5_fOK8UvQhz-mbAJCCBO8W7l_bDQ1jHOTcwA==
X-Amz-Cf-Pop
ZRH55-P1
X-Cache
Miss from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
279
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 02 Feb 2024 20:01:52 GMT
Location
https://szsbtti.banking.apiture.com/piles/fxweb.pile/custom_login?template=2019&iid=SZSBTTI
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Via
1.1 6678c1810851ff197cbe3fe4c41e86a6.cloudfront.net (CloudFront)
X-Amz-Cf-Id
89dZkAF_-pgljBSvfii-HNtmCORJCMkiybhQOT19N2HuCiy-_pXqaQ==
X-Amz-Cf-Pop
ZRH55-P1
X-Cache
Miss from cloudfront
gray-line.jpg
www.banksbt.bank/ResourcePackages/Custom/assets/images/
1 KB
2 KB
Image
General
Full URL
https://www.banksbt.bank/ResourcePackages/Custom/assets/images/gray-line.jpg
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/ResourcePackages/Custom/assets/css/main.css?v=060821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2d1a0b92168233c63430fdbd4c03c9f08f0780e06583eb082d34005c10b59f75
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/ResourcePackages/Custom/assets/css/main.css?v=060821
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Fri, 28 Dec 2018 17:26:00 GMT
etag
"0447766d29ed41:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
content-length
1405
x-xss-protection
1; mode=block
moving.jpg
www.banksbt.bank/ResourcePackages/Custom/assets/images/
21 KB
22 KB
Image
General
Full URL
https://www.banksbt.bank/ResourcePackages/Custom/assets/images/moving.jpg
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/ResourcePackages/Custom/assets/css/main.css?v=060821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
c2c5a60ba23c9325b4d2223a8a601e45fcb92ac0796c7adb15a00fc6286f2234
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/ResourcePackages/Custom/assets/css/main.css?v=060821
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Thu, 27 Dec 2018 22:10:00 GMT
etag
"02cafe8309ed41:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
content-length
21814
x-xss-protection
1; mode=block
farm.jpg
www.banksbt.bank/ResourcePackages/Custom/assets/images/
209 KB
210 KB
Image
General
Full URL
https://www.banksbt.bank/ResourcePackages/Custom/assets/images/farm.jpg?v=2
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/ResourcePackages/Custom/assets/css/main.css?v=060821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
04f10ad6cb1a792f8f871064b17e6aa62f930c882d591171212304754ec0b54a
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/ResourcePackages/Custom/assets/css/main.css?v=060821
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Mon, 03 Jun 2019 12:50:00 GMT
etag
"08ccadaa1ad51:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
content-length
213977
x-xss-protection
1; mode=block
mobile.jpg
www.banksbt.bank/ResourcePackages/Custom/assets/images/
15 KB
16 KB
Image
General
Full URL
https://www.banksbt.bank/ResourcePackages/Custom/assets/images/mobile.jpg
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/ResourcePackages/Custom/assets/css/main.css?v=060821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
37f4e36d3982fdc14e95fa55984d815f1cb64de4d97aad5d597e32265de31103
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/ResourcePackages/Custom/assets/css/main.css?v=060821
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Thu, 27 Dec 2018 22:11:00 GMT
etag
"07272c319ed41:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
content-length
15838
x-xss-protection
1; mode=block
meeting.jpg
www.banksbt.bank/ResourcePackages/Custom/assets/images/
13 KB
13 KB
Image
General
Full URL
https://www.banksbt.bank/ResourcePackages/Custom/assets/images/meeting.jpg
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/ResourcePackages/Custom/assets/css/main.css?v=060821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
4f5557369b4a1d98496a044692359a7d4920133d37448e195a3308846e295b16
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/ResourcePackages/Custom/assets/css/main.css?v=060821
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Thu, 27 Dec 2018 22:11:00 GMT
etag
"07272c319ed41:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
content-length
12828
x-xss-protection
1; mode=block
l
use.typekit.net/af/c5635c/000000000000000000015891/27/
35 KB
35 KB
Font
General
Full URL
https://use.typekit.net/af/c5635c/000000000000000000015891/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kau1rpk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
22f9ec936edd693ea5e8fadfec9afdd56dcb385c0db6b130b2c06445bdea92bf

Request headers

Referer
https://use.typekit.net/kau1rpk.css
Origin
https://www.banksbt.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
server
nginx
etag
"931566100ca17dc176c48299428b70a4d23e2199"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35368
l
use.typekit.net/af/8254f0/000000000000000000015892/27/
36 KB
37 KB
Font
General
Full URL
https://use.typekit.net/af/8254f0/000000000000000000015892/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kau1rpk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cc4a234edc6272aa6c31173c30a96f0dc7139cc40e837c2dca54b4427f4d6a59

Request headers

Referer
https://use.typekit.net/kau1rpk.css
Origin
https://www.banksbt.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
server
nginx
etag
"51c50f442a5a505c49adfd7a57c65a30f6bc94f2"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
37224
l
use.typekit.net/af/dacbbb/000000000000000000014a3f/27/
15 KB
15 KB
Font
General
Full URL
https://use.typekit.net/af/dacbbb/000000000000000000014a3f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kau1rpk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3a60515edb1d4731353d11bc1936a877ac3101cbe24f2a5fd3711e0ba0f7b2bc

Request headers

Referer
https://use.typekit.net/kau1rpk.css
Origin
https://www.banksbt.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
server
nginx
etag
"9f69a3fb9ccd97d61c83bc04e10301a095b7a449"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15612
i_1706819289_0001.jpg
social-feeds.lk-cs.com/storage/feeds/12/3/
141 KB
141 KB
Image
General
Full URL
https://social-feeds.lk-cs.com/storage/feeds/12/3/i_1706819289_0001.jpg
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e761a75400d9a9d98cf4e5d21aa1e49364dca9aca1bac4e03cf95de3f75e1cb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 20:28:09 GMT
server
cloudflare
etag
"234fc-61057d5791343"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84f5074d4be003b8-FRA
content-length
144636
i_1706729771_0001.jpg
social-feeds.lk-cs.com/storage/feeds/12/3/
251 KB
252 KB
Image
General
Full URL
https://social-feeds.lk-cs.com/storage/feeds/12/3/i_1706729771_0001.jpg
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50d9887542bf192cb6b19e77eec0a87f5aa2f571cb8a3515a1866ccf7a4689a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
cf-cache-status
MISS
last-modified
Wed, 31 Jan 2024 19:36:11 GMT
server
cloudflare
etag
"3eddd-61042fdc877ae"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84f5074d4bda03b8-FRA
content-length
257501
i_1706249683_0001.jpg
social-feeds.lk-cs.com/storage/feeds/12/3/
105 KB
105 KB
Image
General
Full URL
https://social-feeds.lk-cs.com/storage/feeds/12/3/i_1706249683_0001.jpg
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f6ad279f0d72d60fc7ca888678fb3a69c485dfa47f0c42b729171aa2ae734ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
cf-cache-status
REVALIDATED
cf-bgj
h2pri
last-modified
Fri, 26 Jan 2024 06:14:43 GMT
server
cloudflare
etag
"1a2ed-60fd336410c0c"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84f5074d4be203b8-FRA
content-length
107245
i_1706249683_0002.jpg
social-feeds.lk-cs.com/storage/feeds/12/3/
214 KB
214 KB
Image
General
Full URL
https://social-feeds.lk-cs.com/storage/feeds/12/3/i_1706249683_0002.jpg
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
112b5a135de362414f9da830f850bca440b8e3430af489094ef9f305a91194b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:53 GMT
cf-cache-status
MISS
last-modified
Fri, 26 Jan 2024 06:14:43 GMT
server
cloudflare
etag
"3589b-60fd336435dcc"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84f5074d4be403b8-FRA
content-length
219291
i_1706249683_0003.jpg
social-feeds.lk-cs.com/storage/feeds/12/3/
191 KB
191 KB
Image
General
Full URL
https://social-feeds.lk-cs.com/storage/feeds/12/3/i_1706249683_0003.jpg
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30e8cf65c04b8983c956fb7ad64ff29a72ea86e87d94e0266c6c49c72837feb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
cf-cache-status
MISS
last-modified
Fri, 26 Jan 2024 06:14:43 GMT
server
cloudflare
etag
"2fb14-60fd336461cec"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84f5074d4be703b8-FRA
content-length
195348
recaptcha__de.js
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/
491 KB
196 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.banksbt.bank/
Origin
https://www.banksbt.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 13:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200286
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 03:01:23 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Feb 2025 13:49:24 GMT
json
clients.lk-cs.com/shared/announcements/
616 B
483 B
XHR
General
Full URL
https://clients.lk-cs.com/shared/announcements/json?id=62242&_=1706904112150
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/ScriptResource.axd?d=ktXPS54N4JY6vbaCTPlT9f_GXpH_ocXoBuM5OrMYSZVyt6ipzLcB2JYAN-6x3q6v2h1l8PmviGNxmm6ge4Id9wsIsX2zWOOQN-I9JvGrzB_39_SDedncI4wRkxkQl7x2g_-qxCD1XQHG6kgSVVLoQmHxGEbL-qaJTCOsmoDDeNr7bZbXu8gFQuG6Uh5Xz6Vl0&t=ffffffffc6fa8477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d44c29af6f84f8016f922be1d4577b38f6191f8c179d9c6b70d823863705971a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.banksbt.bank/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
ASP.NET
access-control-allow-methods
POST,GET
content-type
application/json
access-control-allow-origin
https://www.banksbt.bank
cache-control
private
cf-ray
84f5074ece1603f4-FRA
access-control-allow-headers
Origin, Cache-Control, X-File-Name, X-Requested-With, Content-Type, Accept
home
clients.lk-cs.com/id/62242/custom/rates/
2 KB
367 B
XHR
General
Full URL
https://clients.lk-cs.com/id/62242/custom/rates/home?r=0&s=0&id=62242&_=1706904112151
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/ScriptResource.axd?d=ktXPS54N4JY6vbaCTPlT9f_GXpH_ocXoBuM5OrMYSZVyt6ipzLcB2JYAN-6x3q6v2h1l8PmviGNxmm6ge4Id9wsIsX2zWOOQN-I9JvGrzB_39_SDedncI4wRkxkQl7x2g_-qxCD1XQHG6kgSVVLoQmHxGEbL-qaJTCOsmoDDeNr7bZbXu8gFQuG6Uh5Xz6Vl0&t=ffffffffc6fa8477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ad75ddb5dc154e53003ff04f729a5ebd32ffca9da58a3ed9d5d454ea18082a11

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.banksbt.bank/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
ASP.NET
access-control-allow-methods
POST,GET
content-type
text/html
access-control-allow-origin
https://www.banksbt.bank
cache-control
private
cf-ray
84f5074ece1803f4-FRA
access-control-allow-headers
Origin, Cache-Control, X-File-Name, X-Requested-With, Content-Type, Accept
json
clients.lk-cs.com/shared/external-links/
736 B
758 B
XHR
General
Full URL
https://clients.lk-cs.com/shared/external-links/json?id=62242&_=1706904112152
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/ScriptResource.axd?d=ktXPS54N4JY6vbaCTPlT9f_GXpH_ocXoBuM5OrMYSZVyt6ipzLcB2JYAN-6x3q6v2h1l8PmviGNxmm6ge4Id9wsIsX2zWOOQN-I9JvGrzB_39_SDedncI4wRkxkQl7x2g_-qxCD1XQHG6kgSVVLoQmHxGEbL-qaJTCOsmoDDeNr7bZbXu8gFQuG6Uh5Xz6Vl0&t=ffffffffc6fa8477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
22d62a4541b60cd223bf971c21cf2eb43c37f4e8d497cb541d7618658b09ee18

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.banksbt.bank/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
ASP.NET
access-control-allow-methods
POST,GET
content-type
application/json
access-control-allow-origin
https://www.banksbt.bank
cache-control
private
cf-ray
84f5074ece1703f4-FRA
access-control-allow-headers
Origin, Cache-Control, X-File-Name, X-Requested-With, Content-Type, Accept
statebankoftoulon
lkcsunix.com/social/feed/
6 KB
1 KB
XHR
General
Full URL
https://lkcsunix.com/social/feed/statebankoftoulon?_=1706904112153
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/ScriptResource.axd?d=ktXPS54N4JY6vbaCTPlT9f_GXpH_ocXoBuM5OrMYSZVyt6ipzLcB2JYAN-6x3q6v2h1l8PmviGNxmm6ge4Id9wsIsX2zWOOQN-I9JvGrzB_39_SDedncI4wRkxkQl7x2g_-qxCD1XQHG6kgSVVLoQmHxGEbL-qaJTCOsmoDDeNr7bZbXu8gFQuG6Uh5Xz6Vl0&t=ffffffffc6fa8477
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.243.169 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-243-169.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
fd0dbe3a968e61b89ec77f611f3fbf25f8365fe6b525f7969650afa39697ff10

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.banksbt.bank/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 02 Feb 2024 20:01:52 GMT
content-encoding
gzip
server
Apache
content-length
1368
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js
www.googletagmanager.com/gtag/
264 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z81V76WTTM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9DQTFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f8ce1096a902d2d7f4904ca436966c03e10bf8c57f2cf8af4dd2d1f2b97b0091
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90930
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 02 Feb 2024 20:01:52 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9DQTFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Feb 2024 19:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
823
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 02 Feb 2024 21:48:09 GMT
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/
52 KB
18 KB
Script
General
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:57:29 GMT
content-encoding
gzip
age
263
x-guploader-uploadid
ABPtcPpFnI3Z4H79lM3Ox1ND9rkHCFR-lxmfCMFDMnOx8L8NplX4KJKLBZ2MGKPk_v08Icgc71w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18139
last-modified
Tue, 14 Nov 2023 19:54:10 GMT
server
UploadServer
etag
"dff66d0b72bdc18a02be56412d5ef8c4"
vary
Accept-Encoding
x-goog-generation
1699991650202934
x-goog-hash
crc32c=VW26dg==, md5=3/ZtC3K9wYoCvlZBLV74xA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=600
x-goog-stored-content-length
18139
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 02 Feb 2024 20:07:29 GMT
gtm.js
www.googletagmanager.com/
229 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P9Q8TNQ
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8fc32ef6c5d881df686acd225b6a32ac3cf07cb7e46f5e85f6c5e9056904882e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82395
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 18:16:54 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Feb 2024 20:01:52 GMT
config.js
widget.quilocloud.com/
544 B
315 B
Script
General
Full URL
https://widget.quilocloud.com/config.js
Requested by
Host: widget.quilocloud.com
URL: https://widget.quilocloud.com/quilo-widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.85.40.85 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
a73a8e5c1b31b7f85f3f28e0b29ea390fcbe35bdc8513c8a3730e012b5df1b44
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
1
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Jan 2024 15:55:58 GMT
server
istio-envoy
etag
W/"65b91c0e-220"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,no-cache, no-store, must-revalidate
permissions-policy
geolocation=(self "https://*.quilocloud.com"), fullscreen=*
expires
Fri, 02 Feb 2024 20:01:52 GMT
bodyScrollLock.min.js
widget.quilocloud.com/libs/body-scroll-lock/3.1.5/
3 KB
1 KB
Script
General
Full URL
https://widget.quilocloud.com/libs/body-scroll-lock/3.1.5/bodyScrollLock.min.js
Requested by
Host: widget.quilocloud.com
URL: https://widget.quilocloud.com/quilo-widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.85.40.85 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
866f0301eda412172e6011cd70d0b1a15dd106414c901d73b01c4de129762de2
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 26 Jan 2024 10:14:16 GMT
server
istio-envoy
etag
W/"65b385f8-a92"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,no-cache, no-store, must-revalidate
permissions-policy
geolocation=(self "https://*.quilocloud.com"), fullscreen=*
expires
Fri, 02 Feb 2024 20:01:52 GMT
css2
fonts.googleapis.com/
1 KB
859 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3499bd0d6e6b9d2d80d08684882f2715adc7a8066b853cf032f30b9f244aac7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Feb 2024 20:01:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 19:15:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Feb 2024 20:01:52 GMT
widget-config.json
mgmtpublicdata.blob.core.windows.net/static/prod/json/
0
0

lottie.min.js
widget.quilocloud.com/libs/lottie/5.10.0/
285 KB
84 KB
Script
General
Full URL
https://widget.quilocloud.com/libs/lottie/5.10.0/lottie.min.js
Requested by
Host: widget.quilocloud.com
URL: https://widget.quilocloud.com/quilo-widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.85.40.85 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
9ba1612028519e7d8aff28a9b942c0aef9768ef042cac678931fd4c92742fad5
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
3
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 26 Jan 2024 10:14:16 GMT
server
istio-envoy
etag
W/"65b385f8-475eb"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,no-cache, no-store, must-revalidate
permissions-policy
geolocation=(self "https://*.quilocloud.com"), fullscreen=*
expires
Fri, 02 Feb 2024 20:01:52 GMT
q.png
widget.quilocloud.com/client/images/white/
429 B
503 B
Image
General
Full URL
https://widget.quilocloud.com/client/images/white/q.png
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.85.40.85 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
c8f5ce6bb713172c579e514629cd9eac90f0e2b14f6771995ebde7262db46f5b
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jan 2024 10:14:16 GMT
server
istio-envoy
x-content-type-options
nosniff
etag
"65b385f8-1ad"
content-type
image/png
access-control-allow-origin
*
x-envoy-upstream-service-time
1
permissions-policy
geolocation=(self "https://*.quilocloud.com"), fullscreen=*
accept-ranges
bytes
content-length
429
close.png
widget.quilocloud.com/client/images/white/
262 B
324 B
Image
General
Full URL
https://widget.quilocloud.com/client/images/white/close.png
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.85.40.85 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
83aaf502c01a0cc538dcb40422e790eb4d915f5b6e515e481abcef79c38f30a5
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jan 2024 10:14:16 GMT
server
istio-envoy
x-content-type-options
nosniff
etag
"65b385f8-106"
content-type
image/png
access-control-allow-origin
*
x-envoy-upstream-service-time
5
permissions-policy
geolocation=(self "https://*.quilocloud.com"), fullscreen=*
accept-ranges
bytes
content-length
262
quilo-black.png
widget.quilocloud.com/client/images/white/
1 KB
1 KB
Image
General
Full URL
https://widget.quilocloud.com/client/images/white/quilo-black.png
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.85.40.85 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
8b64056da2d83c43840937c68f409979eb58f589a6b668cc8a885ac5c525497e
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jan 2024 10:14:16 GMT
server
istio-envoy
x-content-type-options
nosniff
etag
"65b385f8-41b"
content-type
image/png
access-control-allow-origin
*
x-envoy-upstream-service-time
1
permissions-policy
geolocation=(self "https://*.quilocloud.com"), fullscreen=*
accept-ranges
bytes
content-length
1051
icons-time.png
widget.quilocloud.com/client/images/white/
278 B
342 B
Image
General
Full URL
https://widget.quilocloud.com/client/images/white/icons-time.png
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.85.40.85 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
db4c8215998c49ec781213540f3d14dfed2a47866c1deb5b45ee66bf0d0274cb
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jan 2024 10:14:16 GMT
server
istio-envoy
x-content-type-options
nosniff
etag
"65b385f8-116"
content-type
image/png
access-control-allow-origin
*
x-envoy-upstream-service-time
2
permissions-policy
geolocation=(self "https://*.quilocloud.com"), fullscreen=*
accept-ranges
bytes
content-length
278
js
www.googletagmanager.com/gtag/
280 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DWDQNZYTW4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9Q8TNQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d8b7bdb799e2a78f31f4a4f557a520b72ca5e80d2b52dfbc996a8ed35f84f56c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94015
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 02 Feb 2024 20:01:52 GMT
collect
www.google-analytics.com/j/
4 B
210 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=187055987&t=pageview&_s=1&dl=https%3A%2F%2Fwww.banksbt.bank%2F&ul=en-us&de=UTF-8&dt=State%20Bank%20of%20Toulon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=795707222&gjid=1738583175&cid=688757614.1706904113&tid=UA-134284246-1&_gid=20016595.1706904113&_r=1&_slc=1&gtm=45He41v0n81W9DQTFMv895536643za200&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=2122324346
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.banksbt.bank/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 20:01:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.banksbt.bank
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame C0C0
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMRXYUAAAAAOgbA5sofS16eFf-Oy4dQeiqaOjc&co=aHR0cHM6Ly93d3cuYmFua3NidC5iYW5rOjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=normal&cb=bjq5w8dje3ic
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f8beb809f543f23813b78e5289034db6a498bc02451f18e48a107af8bf2a7438
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-80AegLOO-X7WopdcwRA1uw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.banksbt.bank/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-80AegLOO-X7WopdcwRA1uw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 20:01:52 GMT
expires
Fri, 02 Feb 2024 20:01:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
stats.g.doubleclick.net/j/
1 B
347 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-134284246-1&cid=688757614.1706904113&jid=795707222&gjid=1738583175&_gid=20016595.1706904113&_u=YADAAEAAAAAAACAAI~&z=940093921
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.banksbt.bank/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 02 Feb 2024 20:01:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.banksbt.bank
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame C0C0
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMRXYUAAAAAOgbA5sofS16eFf-Oy4dQeiqaOjc&co=aHR0cHM6Ly93d3cuYmFua3NidC5iYW5rOjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=normal&cb=bjq5w8dje3ic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:49:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 03:01:23 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Feb 2025 16:49:16 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame C0C0
491 KB
196 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMRXYUAAAAAOgbA5sofS16eFf-Oy4dQeiqaOjc&co=aHR0cHM6Ly93d3cuYmFua3NidC5iYW5rOjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=normal&cb=bjq5w8dje3ic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 13:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200286
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 03:01:23 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Feb 2025 13:49:24 GMT
collect
stats.g.doubleclick.net/g/
0
47 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DWDQNZYTW4&cid=688757614.1706904113&gtm=45je41v0v882759831z8862497699za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DWDQNZYTW4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 20:01:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.banksbt.bank
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
0
0

feed-facebook.png
www.banksbt.bank/ResourcePackages/Custom/assets/images/
15 KB
16 KB
Image
General
Full URL
https://www.banksbt.bank/ResourcePackages/Custom/assets/images/feed-facebook.png
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
5a94e6a1bbaf8583049cdb5baf65dc2fa63b12e096fa2664c667d04adc279071
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Mon, 21 Jan 2019 20:31:00 GMT
etag
"0da7e38c8b1d41:0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
content-length
15490
x-xss-protection
1; mode=block
feed-instagram.png
www.banksbt.bank/ResourcePackages/Custom/assets/images/
16 KB
17 KB
Image
General
Full URL
https://www.banksbt.bank/ResourcePackages/Custom/assets/images/feed-instagram.png
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.25.198 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-25-198.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
a1ac7ae124b723abd62eaa89e855d43273544e2926fed8e2182bfc104bf52c44
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:52 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
last-modified
Mon, 21 Jan 2019 20:31:00 GMT
etag
"0da7e38c8b1d41:0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
content-length
16324
x-xss-protection
1; mode=block
356688580_1168003614146279_5857693348299609901_n.jpg
scontent-ord5-1.cdninstagram.com/v/t39.30808-6/
21 B
21 B
Image
General
Full URL
https://scontent-ord5-1.cdninstagram.com/v/t39.30808-6/356688580_1168003614146279_5857693348299609901_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=6ufHhrBfBdEAX9UNfvS&_nc_ht=scontent-ord5-1.cdninstagram.com&edm=ANQ71j8EAAAA&oh=00_AfC5kIzy8EuD3Zu8aoaMiUs3bitdrRZAeG8ulSutqk7cdA&oe=64A211B3
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f275:cd:face:b00c:0:43fe Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

proxy-status
http_request_error; e_clientaddr="AcJSENGElKjZN0ocIRIIolSo_hA3IarQC_KTIb-ZXtOVZhAVXtGfYIaGvZTTPUSdwxZ4eqloayBlKmkr2gQP3z9LuFV_JQ"; e_fb_vipport="AcJd4jYyKJVu266ZS4-cGMqvgDs3L8ITbEk5hp8KvsF_Viqg1plbsNKrYPeL"; e_fb_hostheader="AcI8h2tRJyWILiYgCUD4GxTSKz6uHfUPnPbhPFSHmG3azQAKYXxHFYYCUt8U9dFlsk502--kbT__vrjCU07NIoPUDYuVHvGKIbU"; e_fb_vipaddr="AcJ4seI_xCkMB-4q0dIXCaQfH4E21vNIhhm9g8e4LrixNsnP8lDZB9J7YEPfR659hK4Lf7GjB4z8uWR71ugBIoG-ygihgIezcupWdg"; e_fb_requesthandler="AcJTClZlrrekgbnI8yujJO_NSFQ7gufR5QmDowuIyxprj1V3eLEmVR7uiaGb-PkPlYAPkkM0fXa3UL1FkA"; e_fb_builduser="AcK_5cRODms5oDWDXFK2LZnYmwRkDrc0mYkgGMGSoNtjndGxZtfOvQ8_1YWIqvFmCHA"; e_fb_binaryversion="AcL_7_jkvA5sf9i1AhfU9QA3N5hkHvz7IjDrYQgfjR5WoNUMLqCJs-5phz7kALwHw_OxnHRt7pCnAOkPEXFeNY-SEHWx-OPxS3U"; e_proxy="AcJuiBVlMgwnMi_BEGJX_f_kEoOqeWk3_qwchIobrsVaQqabpZ8hCMfTq5cS2BbpRuxMR6pU7XpYwOA", http_request_error; e_clientaddr="AcKEKS33xtWpel-GeOaUgLoetz_PA9C3AqjposVH3BU6HpIcprSiT3Sl1ebzcoOcanuANiY9hWPb4tAaWvKTCDI5Yi1f0A"; e_fb_vipport="AcJQncmaD2F-2xgL6ZANzdlfs7giaKqlYDbxJwwHToNm_O4hfXyWdxgQF7HI"; e_fb_hostheader="AcISIJU_d7WXcqJ_YbOid3gC8GrM0OuzYXAkXBoUuS4FzzQvH7v3-yOY2u16ndgr1lqFi-FSHdR9THGPHbfQAMYlXv4NIqbIfKw"; e_fb_vipaddr="AcKQCc-gSLl8ctgdzeX_5hL29X-pDVj0WF4ycyNVbise2HaGtMTx3O-bg9YwOqTj0mpid6MulpnXUzvl84uGfIR3LIFhKS7ZiRiOrw"; e_fb_requesthandler="AcIPWy_k1MjD2-ZH5a5-8atKrxpvhBTAuIdY4IyDPQ-gfiBW5ruG2TQrzPigZN1HYwCoItwnpMjJVExYvw"; e_fb_builduser="AcJQqZ5xDmDxK5J9e8TuEmqnwbdiNAqWbANo9OZXqgP8eHkf9jwHpwtfjPcFMbv8mDw"; e_fb_binaryversion="AcJldoJe61rKvTGI33pM_jog3fLwsXzTn3SYz5L-YOVWy2RZ7T94KKk_P7OaPwWf9nuATiojBvL9vl2WjyaUEbsmlNbhc34dVFU"; e_proxy="AcINkZKv7BVo_OgBiFelrNF_n0aWpTshd0uFNWGMAg5NtanJouX13y-XNf85g4WBW7EQ21fXzem0Wz8"
date
Fri, 02 Feb 2024 20:01:53 GMT
server
proxygen-bolt
alt-svc
h3=":443"; ma=86400
content-length
21
content-type
text/plain
355256863_1163498831263424_2524598327579650251_n.jpg
scontent-ord5-1.cdninstagram.com/v/t39.30808-6/
21 B
21 B
Image
General
Full URL
https://scontent-ord5-1.cdninstagram.com/v/t39.30808-6/355256863_1163498831263424_2524598327579650251_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=E4ZB3WqyxbIAX-KMpNw&_nc_ht=scontent-ord5-1.cdninstagram.com&edm=ANQ71j8EAAAA&oh=00_AfANjguD83-dEJ2mdwbJtqvPCPFOp8PB-oNFg5dm5Dsphg&oe=6497134B
Requested by
Host: www.banksbt.bank
URL: https://www.banksbt.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f275:cd:face:b00c:0:43fe Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

proxy-status
http_request_error; e_clientaddr="AcJgVVYpHxYT1hnmm_idouJyAFSDv9EHcLLzbxKfq3e6aMVmfP3yG6GCfSYiQfNvOag2AnAxyzAPV0J0VvcHDjrHyXJVCQ"; e_fb_vipport="AcJX1mdHQy3q0ay-EuAm7NCwPjPZcKzrOOMekBqhvy8-RoqHP4H8Zq1YhQc3"; e_fb_hostheader="AcJTFxT51G0qbu-j-F1Bx4DT0f7bZm7RL635v6cGobkTMRaX4Hw556RUCSPaCkcYqmPNuCffOYbVPvadZJR623ajS-5d3LRHuxw"; e_fb_vipaddr="AcIaySOSPcnZw7egVsyyZoErSZfhAYX7lAbOWjTtAQb_C3NHppCNcXHeymErFBhvbZPE-mZa0YkSBc0ixer0qrbz_lNO38OGjDFijg"; e_fb_requesthandler="AcIIeblp9B3K5kgmSKy1Z3L9M3bmEkZfUJKtT_AxUkXoQJ72FOjAKY_RGgZ-v0EgQ09YV5ZxFhWNzkv6NA"; e_fb_builduser="AcJr5ZsFIN687KOwWve-W69iQReHHDxeyU6RhXzR8lB7V_YjrS3pYrBX1nEi0LOpCr8"; e_fb_binaryversion="AcLSHO8AB0URmiNFyi8eG_CLygcubz2ulpENyWuYLPTjibAG_65LC7-y_bmDYqpOhiQDa-xs8Ew5ZWWRLyv2w8bVed91Ma8AHVE"; e_proxy="AcI40LDb3KZgX8FOM6JdUtWcQrsoJ9U2cKKlNxTpCKX_DMSfeyG9c9zPT0b8iut0fyOPky6n7-Qva0I", http_request_error; e_clientaddr="AcLoYQi-q_eZY0kDpS8fv2_QTK6-WKhrS-RJqwumh2XhBsYv04x_fDMQChkM2AJOR_e1FNl7Eu0G80lSLawicmvUZ9ugLg"; e_fb_vipport="AcJLi5tsdgJl9VNfCjyO6wzwgGl7p4kESNisyTLEP-KJLCjVewoUM3MaQHdy"; e_fb_hostheader="AcIeeG7ka3JNZjJsfw3cFXHtcJcGG104gxGmkNIaadpcaIqEm67TqrlvTRXNRVs7LRr-qBnUH_Q9rzKouk8qPzYMATtal2uMh94"; e_fb_vipaddr="AcKuCPl9Qvgj9Pbe4qcBWueiYMJBKkT-XqnIm16p1qXg5rn9THflbHpBWhjrfV2MauD4uwlptfj_aJU_2qisHw4cYnGVbvbrI60-Dw"; e_fb_requesthandler="AcIF22syV-tT8irLAy17tmG0YXVfT4iTumrUXdDIfhqpISMDQCHtzFyJNVuShIxWPunMjq1YKwPIlUq3hw"; e_fb_builduser="AcKzCZdYCh2Ux6X3vDy9juknl2Y7MOxALBFqd4b_AsXbEpo8_mh5Ig4q5gFgfz9t1y8"; e_fb_binaryversion="AcKvWIYXkqTCMrNdJ_b2TaKk4TXdUo7nzlyxTScX_9IC3iYHD3JAMX3vufLi_JAoHM7Y7xksMLoHswsuUNisFljJlajUFi61ft4"; e_proxy="AcLG9hvQT8lVfdoVen4pvo1K81gAfw0v0kOzagvanda9YrKYw8rhYIwhIRW9GFRSxAj2wSX3Bgkbm7s"
date
Fri, 02 Feb 2024 20:01:53 GMT
server
proxygen-bolt
alt-svc
h3=":443"; ma=86400
content-length
21
content-type
text/plain
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.banksbt.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:59:09 GMT
x-content-type-options
nosniff
age
262963
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:59:09 GMT
animation.json
widget.quilocloud.com/client/documents/
8 KB
8 KB
XHR
General
Full URL
https://widget.quilocloud.com/client/documents/animation.json
Requested by
Host: widget.quilocloud.com
URL: https://widget.quilocloud.com/libs/lottie/5.10.0/lottie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.85.40.85 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
8c59194f8b2a2229f64da4510de0dc081b4c5ec904971c1b7d0acf5506c65dfa
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.banksbt.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:53 GMT
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https: wss: mailto: tel: blob:
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jan 2024 10:14:16 GMT
server
istio-envoy
x-content-type-options
nosniff
etag
"65b385f8-1fef"
content-type
application/json
access-control-allow-origin
*
x-envoy-upstream-service-time
1
permissions-policy
geolocation=(self "https://*.quilocloud.com"), fullscreen=*
accept-ranges
bytes
content-length
8175
kau1rpk.css
use.typekit.net/ Frame 161A
5 KB
1 KB
Stylesheet
General
Full URL
https://use.typekit.net/kau1rpk.css
Requested by
Host: szsbtti.banking.apiture.com
URL: https://szsbtti.banking.apiture.com/piles/fxweb.pile/custom_login?template=2019&iid=SZSBTTI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
94c6971ad1109548832e116027926e5caba5159153cdc167eb98b60dc6c4c1db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://szsbtti.banking.apiture.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Fri, 02 Feb 2024 20:01:53 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
820
p.css
p.typekit.net/ Frame 161A
5 B
172 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=kau1rpk&ht=tk&f=15759.15760.22737.22489.22490.22495&a=87891360&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kau1rpk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:53 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
l
use.typekit.net/af/dacbbb/000000000000000000014a3f/27/ Frame 161A
15 KB
15 KB
Font
General
Full URL
https://use.typekit.net/af/dacbbb/000000000000000000014a3f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kau1rpk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3a60515edb1d4731353d11bc1936a877ac3101cbe24f2a5fd3711e0ba0f7b2bc

Request headers

Referer
https://use.typekit.net/kau1rpk.css
Origin
https://szsbtti.banking.apiture.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:53 GMT
server
nginx
etag
"9f69a3fb9ccd97d61c83bc04e10301a095b7a449"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15612
l
use.typekit.net/af/c5635c/000000000000000000015891/27/ Frame 161A
35 KB
35 KB
Font
General
Full URL
https://use.typekit.net/af/c5635c/000000000000000000015891/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kau1rpk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
22f9ec936edd693ea5e8fadfec9afdd56dcb385c0db6b130b2c06445bdea92bf

Request headers

Referer
https://use.typekit.net/kau1rpk.css
Origin
https://szsbtti.banking.apiture.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:53 GMT
server
nginx
etag
"931566100ca17dc176c48299428b70a4d23e2199"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35368
l
use.typekit.net/af/db612c/000000000000000000015895/27/
36 KB
36 KB
Font
General
Full URL
https://use.typekit.net/af/db612c/000000000000000000015895/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kau1rpk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
86c1dc887f229aa09d97a7a3896e7f06b63755a6d1073c2c4c4219ba52ede387

Request headers

Referer
https://use.typekit.net/kau1rpk.css
Origin
https://www.banksbt.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:01:53 GMT
server
nginx
etag
"d0dbc32e7af5941a8451f9f50bd4f96b0c9d8f5f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36784

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mgmtpublicdata.blob.core.windows.net
URL
https://mgmtpublicdata.blob.core.windows.net/static/prod/json/widget-config.json
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DWDQNZYTW4&cid=688757614.1706904113&gtm=45je41v0v882759831z8862497699za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=555691820

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| $ function| jQuery object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| Dropzone function| tinysort string| clientUrl string| clientId function| trackLink function| capitalizeFirstLetter undefined| resizeTimer undefined| currentSize undefined| newSize number| resizeCount function| sizeBanners function| displayBanners function| displayAds undefined| delay function| displayAnnouncements undefined| listingId undefined| customUploadTitle undefined| additionalParams function| displayCareers function| displayCareer function| displayCalendar function| displayEvents function| displayEventView function| displayLocations function| atmRedirect number| marketplaceCount object| itemTypes function| displayMarketplace function| displayMarketplaceWidget function| showRates function| displayPoll function| saveVote function| addToCompletedPolls function| findExternalLinks function| displayPopup function| displayFullScreen function| triggerRedirectNotice function| getHostname function| conditionalFormat function| _typeof undefined| selectedFontSize string| fontSelector undefined| adjust_progress undefined| lkcsForm undefined| stepCount undefined| progressBar undefined| current undefined| accordion undefined| v object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| mixpanel undefined| QuiloWidget function| onYouTubeIframeAPIReady object| gaGlobal object| bodyScrollLock object| quiloConfig object| gaplugins object| gaData object| recaptcha object| closure_lm_766863 object| bodymovin object| lottie

12 Cookies

Domain/Path Name / Value
.banksbt.bank/ Name: _ga_Z81V76WTTM
Value: GS1.1.1706904112.1.0.1706904112.0.0.0
.banksbt.bank/ Name: mp_05f7d7236f3fd8e1a6db32008852a8f0_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18d6b69cddb79c-048d2f3a05de3e-65335652-1d4c00-18d6b69cddb79c%22%2C%22%24device_id%22%3A%20%2218d6b69cddb79c-048d2f3a05de3e-65335652-1d4c00-18d6b69cddb79c%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.banksbt.bank/ Name: _gcl_au
Value: 1.1.1026943126.1706904113
.banksbt.bank/ Name: _gid
Value: GA1.2.20016595.1706904113
.banksbt.bank/ Name: _gat_UA-134284246-1
Value: 1
szsbtti.secure.fundsxpress.com/ Name: TS481daac3027
Value: 0894bc7510ab2000faec839b9253d0eb3ed4fd6849361be7638e2bac63845b7698022c02dc5ea2ee083de202971130009e3badaaae3e41b655ee9a244985ad67441e6e285a0e368197dc36d2fede68dd0944f112fadb724c660516673c76a005
.banksbt.bank/ Name: _ga_DWDQNZYTW4
Value: GS1.1.1706904112.1.0.1706904112.60.0.0
.banksbt.bank/ Name: _ga
Value: GA1.1.688757614.1706904113
.banking.apiture.com/ Name: secure.fx.sid.fxweb
Value: login%232%2383767d29a4dc8b7c%238c63726603d30964b0ad0f6ab88a9b0346c70dd08d36cd8742303b5323f242d632a294a328dd758886677187b72fef7f23339bfe90fbbb00
szsbtti.banking.apiture.com/ Name: TS01d09e1e
Value: 01c6fb4b6cd98aa192f9c70f6fe2f321a97e7fe7f5d87ca297018caa49388b82a968ecca1cf5f2154e7031e53680197f2e98e613c2
.banking.apiture.com/ Name: TS01550d88
Value: 01c6fb4b6cd98aa192f9c70f6fe2f321a97e7fe7f5d87ca297018caa49388b82a968ecca1cf5f2154e7031e53680197f2e98e613c2
szsbtti.banking.apiture.com/ Name: TS481daac3027
Value: 0894bc7510ab2000be70bc7d13dddd9df947776e31ea1e04ea3a3cd8a4880ed45bcfeaa01f6d7c7d087cf412041130005f7a2b3c38f393c1be9bd8255ea1c1e179ea30b4eb7459a991f546c210b9c7b3cbdf07c31a080df2985a34e3759840db

11 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtag/js?id=G-Z81V76WTTM&l=dataLayer&cx=c(Line 151)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-Z81V76WTTM&gtm=45je41v0v895536654z8895536643za200&_p=1706904112157&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=688757614.1706904113&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706904112&sct=1&seg=0&dl=https%3A%2F%2Fwww.banksbt.bank%2F&dt=State%20Bank%20of%20Toulon&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1940' because it violates the following Content Security Policy directive: "default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://widget.quilocloud.com/quilo-widget.min.js
Message:
Refused to connect to 'https://mgmtpublicdata.blob.core.windows.net/static/prod/json/widget-config.json' because it violates the following Content Security Policy directive: "default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-DWDQNZYTW4&l=dataLayer&cx=c(Line 201)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-DWDQNZYTW4&gtm=45je41v0v882759831z8862497699za200&_p=1706904112157&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=688757614.1706904113&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706904112&sct=1&seg=0&dl=https%3A%2F%2Fwww.banksbt.bank%2F&dt=State%20Bank%20of%20Toulon&en=page_view&_fv=1&_ss=1&tfd=2171' because it violates the following Content Security Policy directive: "default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://www.banksbt.bank/
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DWDQNZYTW4&cid=688757614.1706904113&gtm=45je41v0v882759831z8862497699za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=555691820' because it violates the following Content Security Policy directive: "default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
network error URL: https://scontent-ord5-1.cdninstagram.com/v/t39.30808-6/355256863_1163498831263424_2524598327579650251_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=E4ZB3WqyxbIAX-KMpNw&_nc_ht=scontent-ord5-1.cdninstagram.com&edm=ANQ71j8EAAAA&oh=00_AfANjguD83-dEJ2mdwbJtqvPCPFOp8PB-oNFg5dm5Dsphg&oe=6497134B
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://scontent-ord5-1.cdninstagram.com/v/t39.30808-6/356688580_1168003614146279_5857693348299609901_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=6ufHhrBfBdEAX9UNfvS&_nc_ht=scontent-ord5-1.cdninstagram.com&edm=ANQ71j8EAAAA&oh=00_AfC5kIzy8EuD3Zu8aoaMiUs3bitdrRZAeG8ulSutqk7cdA&oe=64A211B3
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://www.banksbt.bank/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.banksbt.bank/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.banksbt.bank/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.banksbt.bank/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.banksbt.bank/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: https://*.apiture.com https://*.mixpanel.com https://analytics.google.com https://cdn.mxpnl.com https://*.quilocloud.com https://*.statebankoftoulon.com https://*.instagram.com https://*.cloudfront.net https://*.adsrvr.org https://*.brandcdn.com https://netdna.bootstrapcdn.com https://*.cdninstagram.com https://platform.twitter.com https://*.ytimg.com https://szsbtti.banking.apiture.com https://szsbtti.secure.fundsxpress.com https://maps.google.com https://stats.g.doubleclick.net https://scontent.xx.fbcdn.net https://scontent.cdninstagram.com https://www.googletagmanager.com https://*.typekit.net https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.lk-cs.com https://lkcsunix.com; frame-ancestors 'self' https://szsbtti.secure.fundsxpress.com https://szsbtti.banking.apiture.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.mxpnl.com
clients.lk-cs.com
fonts.googleapis.com
fonts.gstatic.com
insight.adsrvr.org
lkcsunix.com
mgmtpublicdata.blob.core.windows.net
p.typekit.net
scontent-ord5-1.cdninstagram.com
social-feeds.lk-cs.com
statebankoftoulon.com
stats.g.doubleclick.net
szsbtti.banking.apiture.com
szsbtti.secure.fundsxpress.com
tag.brandcdn.com
use.typekit.net
widget.quilocloud.com
www.banksbt.bank
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
mgmtpublicdata.blob.core.windows.net
www.google.de
18.165.183.122
18.165.183.32
18.219.25.198
20.85.40.85
2600:1901:0:498c::
2600:9000:25a2:6a00:7:e536:8b00:93a1
2606:4700:10::6816:21c1
2a00:1450:4001:806::200a
2a00:1450:4001:810::2008
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9c
2a02:26f0:3500:16::215:1484
2a02:26f0:3500:16::215:148b
2a03:2880:f275:cd:face:b00c:0:43fe
3.132.243.169
52.223.40.198
0107b6fa3ca7902147f6069de8b87da2120e6c1a7b7bfd46098232cff523a45e
04f10ad6cb1a792f8f871064b17e6aa62f930c882d591171212304754ec0b54a
112b5a135de362414f9da830f850bca440b8e3430af489094ef9f305a91194b5
15dd40f19386303a8f905168185e422e41815f8fa2d655d860a0a676e173b460
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
16dd0011aad40d7af70ec8f492d7a753c1d35bcffb8f012cf4aaaf428f678b13
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
22d62a4541b60cd223bf971c21cf2eb43c37f4e8d497cb541d7618658b09ee18
22f9ec936edd693ea5e8fadfec9afdd56dcb385c0db6b130b2c06445bdea92bf
2ad801fc21a3b5278bac0ae7f5d042c64088d8780efdb41a4973748315edbd42
2c22d2de122491deb92c556f2945d6f06f490b9cf11da375eaefa9175150a702
2d1a0b92168233c63430fdbd4c03c9f08f0780e06583eb082d34005c10b59f75
30e8cf65c04b8983c956fb7ad64ff29a72ea86e87d94e0266c6c49c72837feb9
3499bd0d6e6b9d2d80d08684882f2715adc7a8066b853cf032f30b9f244aac7c
37f4e36d3982fdc14e95fa55984d815f1cb64de4d97aad5d597e32265de31103
3980637d10c8be157e33048db192981d022c22a028fce4f54b77b65c75041c5a
3a60515edb1d4731353d11bc1936a877ac3101cbe24f2a5fd3711e0ba0f7b2bc
3c22d1ad57f4b644fb0fbd374e23136f6ecf56b7beaa32dbe3264be096c8833d
4f5557369b4a1d98496a044692359a7d4920133d37448e195a3308846e295b16
50d9887542bf192cb6b19e77eec0a87f5aa2f571cb8a3515a1866ccf7a4689a3
5a94e6a1bbaf8583049cdb5baf65dc2fa63b12e096fa2664c667d04adc279071
5e9f1603f2752bf43a95ce1c4521e1f65fafe4603fc115466bbd8c982dfc683a
5f169ba6f40d6d189765e7cd018a4584cc3c23beb3a61226fe4408a2181ad907
5f6ad279f0d72d60fc7ca888678fb3a69c485dfa47f0c42b729171aa2ae734ea
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bda3f14179f6916445aea2b00d024db02db756b086341d25983d2b61ecb9029
6d3977e6465dab26bfe14d8de9f6f9befcf7f4e53924c069ca60cee7e43aa23a
6ea0eeb8ac6df2f6d7a6abe3f1e6d6d5a4c41cf62785f48fb3f841601222dbd1
7050a3dea26d368a1e1405f5608d9d2eaedec4f8d3f0fa9d28e7b37379f5d26a
751aade30dcb685090ac48f4f949f6ebf4459d0d04a3bda0837b0aef4809e34d
759be3038b131388f7b5f3ae74539bd7215357589bc130cd31680581a288fc94
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a66161912ccd1e24168931cfa502843c9171cedfa35814be00a1bdf677609a1
83aaf502c01a0cc538dcb40422e790eb4d915f5b6e515e481abcef79c38f30a5
866f0301eda412172e6011cd70d0b1a15dd106414c901d73b01c4de129762de2
86c1dc887f229aa09d97a7a3896e7f06b63755a6d1073c2c4c4219ba52ede387
8b64056da2d83c43840937c68f409979eb58f589a6b668cc8a885ac5c525497e
8c59194f8b2a2229f64da4510de0dc081b4c5ec904971c1b7d0acf5506c65dfa
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fc32ef6c5d881df686acd225b6a32ac3cf07cb7e46f5e85f6c5e9056904882e
9495b8bfc02e086a49fdb8c22727cc8288c0ffd2f54c6ae5096e7fd92c240670
94c6971ad1109548832e116027926e5caba5159153cdc167eb98b60dc6c4c1db
98e24dcd8739d9946279181825543b4317054c3d33a9b9317fe583d7f375920d
9b71ede96e89d0b855cb282de2f859d0e5327c3125dd7a03f80cc116d540d217
9ba1612028519e7d8aff28a9b942c0aef9768ef042cac678931fd4c92742fad5
9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52
a1ac7ae124b723abd62eaa89e855d43273544e2926fed8e2182bfc104bf52c44
a73a8e5c1b31b7f85f3f28e0b29ea390fcbe35bdc8513c8a3730e012b5df1b44
acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4
ad75ddb5dc154e53003ff04f729a5ebd32ffca9da58a3ed9d5d454ea18082a11
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2d1d4f338ea3872e93eb6f6acc700fc5ab4db2b1091ca1e037e879fa033141f
bb08b6425f3e5c26fadf7343b1dc91e8a91c17f511f48b4ce19a7681faa0666e
c0ae25e86eac76505c4df330a08164b8b2791cca435d788ffd182604b73c610e
c139273446667be8d8142ba086b1997fc7238ca0349adb2c98f854dff31a5899
c2c5a60ba23c9325b4d2223a8a601e45fcb92ac0796c7adb15a00fc6286f2234
c4ae5268bef77000a0b3d189ab188bcd5a819ed731d3e2577ff75e22a5ab37b7
c8f5ce6bb713172c579e514629cd9eac90f0e2b14f6771995ebde7262db46f5b
cc4a234edc6272aa6c31173c30a96f0dc7139cc40e837c2dca54b4427f4d6a59
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d00aa30f9af388367f01b82138e7c9995ff79e6af39af331e2966025a21e5bac
d44c29af6f84f8016f922be1d4577b38f6191f8c179d9c6b70d823863705971a
d8b7bdb799e2a78f31f4a4f557a520b72ca5e80d2b52dfbc996a8ed35f84f56c
db4c8215998c49ec781213540f3d14dfed2a47866c1deb5b45ee66bf0d0274cb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e761a75400d9a9d98cf4e5d21aa1e49364dca9aca1bac4e03cf95de3f75e1cb3
f8beb809f543f23813b78e5289034db6a498bc02451f18e48a107af8bf2a7438
f8ce1096a902d2d7f4904ca436966c03e10bf8c57f2cf8af4dd2d1f2b97b0091
fd0dbe3a968e61b89ec77f611f3fbf25f8365fe6b525f7969650afa39697ff10