urlscan.io logo urlscan.io
SecurityTrails logo

banking.apiture.com Open in urlscan Pro
108.138.36.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://banking.apiture.com/DigitalBanking/login?iid=PBPTX
Effective URL: https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
Submission: On August 30 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 108.138.36.25, located in United States and belongs to AMAZON-02, US. The main domain is banking.apiture.com. The Cisco Umbrella rank of the primary domain is 101097.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 22nd 2023. Valid for: a year.
This is the only time banking.apiture.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 108.138.36.107 16509 (AMAZON-02)
13 108.138.36.25 16509 (AMAZON-02)
1 2600:9000:26d... 16509 (AMAZON-02)
3 34.149.155.70 15169 (GOOGLE)
17 3
Apex Domain
Subdomains		 Transfer
14 apiture.com
banking.apiture.com — Cisco Umbrella Rank: 101097
366 KB
4 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 780
data.pendo.io — Cisco Umbrella Rank: 759
141 KB
17 2
Domain Requested by
14 banking.apiture.com 1 redirects banking.apiture.com
3 data.pendo.io cdn.pendo.io
1 cdn.pendo.io banking.apiture.com
17 3

This site contains links to these domains. Also see Links.

Domain
gateway.fundsxpress.com
www.pilgrimbank.bank
Subject Issuer Validity Valid
prod-fxweb.apiture-comm-prod.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-22		 a year crt.sh
cdn.pendo.io
Amazon RSA 2048 M02		 2023-06-30 -
2024-07-28		 a year crt.sh
pendo.io
GTS CA 1D4		 2023-08-12 -
2023-11-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
Frame ID: A1E603E991E1E200DB4918DC23636722
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Banking Login

Page URL History Show full URLs

  1. http://banking.apiture.com/DigitalBanking/login?iid=PBPTX HTTP 301
    https://banking.apiture.com/DigitalBanking/login?iid=PBPTX Page URL

Page Statistics

17
Requests

100 %
HTTPS

25 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

506 kB
Transfer

1434 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://banking.apiture.com/DigitalBanking/login?iid=PBPTX HTTP 301
    https://banking.apiture.com/DigitalBanking/login?iid=PBPTX Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
banking.apiture.com/DigitalBanking/
Redirect Chain
  • http://banking.apiture.com/DigitalBanking/login?iid=PBPTX
  • https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-25.muc50.r.cloudfront.net
Software
/
Resource Hash
5c9a2c95330166130c163d7035d614f5491e23d3387bd88c2058fe9e017361f6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-control
no-store, no-cache, private, must-revalidate
Connection
keep-alive
Content-Length
3782
Content-Type
text/html; charset=ISO-8859-1
Content-encoding
gzip
Content-security-policy
frame-ancestors 'self'
Date
Wed, 30 Aug 2023 18:56:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Via
1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
1mfBoS6mhCEviChmNf7jAJhei7LrLgB0w2aKXX7M8ubV0EYZelVsqA==
X-Amz-Cf-Pop
MUC50-P2
X-Cache
Miss from cloudfront
X-frame-options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Wed, 30 Aug 2023 18:56:09 GMT
Location
https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
Server
CloudFront
Via
1.1 7f6fdb9a0ec439bac9ac6cc0db13237e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
pdlipTdeXleFlhVmO4D9tnazNGfee4Jg2s-S_wPERLLrRgGT8S2Bpg==
X-Amz-Cf-Pop
MUC50-P2
X-Cache
Redirect from cloudfront
combined.css
banking.apiture.com/fxweb/css/ 		268 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.apiture.com/fxweb/css/combined.css?cksum=2fa5cb820d20cc95
Requested by
Host: banking.apiture.com
URL: https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-25.muc50.r.cloudfront.net
Software
/
Resource Hash
2a44746d5e6679cd0540c8f2484798bf8fa84a9ce3d57788ab47d172880cdea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 18:56:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Encoding
gzip
Via
1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P2
X-Cache
Miss from cloudfront
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Connection
keep-alive
Content-Length
52828
Last-Modified
Fri, 25 Aug 2023 19:08:36 GMT
ETag
"ce5c-603c412507500"
Vary
Accept-encoding
Content-Type
text/css
Cache-Control
max-age=180, must-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
y60BO9bsUTnlJjAk9wC3AkTPLA-G2a75V61IpQDeeeBZbNQi8m-Xhg==
Expires
Thu, 31 Aug 2023 18:56:10 GMT
styles
banking.apiture.com/fdobi/institution/PBPTX/ 		800 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.apiture.com/fdobi/institution/PBPTX/styles
Requested by
Host: banking.apiture.com
URL: https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-25.muc50.r.cloudfront.net
Software
/
Resource Hash
646731ec165886f2e66b45f14fb7125ff08c46f5233be2de3aa8a080717d5a33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 18:56:10 GMT
Content-encoding
gzip
Via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Amz-Cf-Pop
MUC50-P2
X-Cache
Miss from cloudfront
Content-Type
text/css; charset=ISO-8859-1
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Content-disposition
inline; filename="PBPTX.css"
Connection
keep-alive
Content-Length
295
X-Amz-Cf-Id
e3zv5tks14aYjxWEuCvMrZmk_9x1Y4vYBTIHImst2S8_5cnTOjllBg==
Expires
Thu, 01 Jan 1970 00:00:00 GMT
fxweb-all.min.js
banking.apiture.com/fxweb/js/ 		616 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.apiture.com/fxweb/js/fxweb-all.min.js?cksum=1f491b4adbfa94d3
Requested by
Host: banking.apiture.com
URL: https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-25.muc50.r.cloudfront.net
Software
/
Resource Hash
48d853178c9befe6950fde8fca345ed879fdfad956c020846133f76d8f39eed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 18:56:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Encoding
gzip
Via
1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P2
X-Cache
Miss from cloudfront
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Connection
keep-alive
Content-Length
190821
Last-Modified
Fri, 25 Aug 2023 19:10:40 GMT
ETag
"2e965-603c419b48c00"
Vary
Accept-encoding
Content-Type
application/javascript
Cache-Control
max-age=180, must-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
bHWI1cwxU7-Gm9N7hE7r9d7bbyAVMq7CAgUFuJ-U7tKKFprUv5URWw==
Expires
Thu, 31 Aug 2023 18:56:10 GMT
PBPTXlogo-fx.gif
banking.apiture.com/images/fx/fxweb/var/institution/ 		182 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banking.apiture.com/images/fx/fxweb/var/institution/PBPTXlogo-fx.gif
Requested by
Host: banking.apiture.com
URL: https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-25.muc50.r.cloudfront.net
Software
/
Resource Hash
dc834487536e69272b8d8a4b0d50a49007c49b2e939fa30bc4641aa677eedb70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 18:56:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Via
1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
Last-Modified
Sat, 26 Jan 2019 00:15:50 GMT
X-Amz-Cf-Pop
MUC50-P2
ETag
"b6-58051588e9980"
X-Cache
Miss from cloudfront
Content-Type
image/gif
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
182
X-Amz-Cf-Id
f8bsmb-UduQli065WNNXF8e1uXfSx_S0mSSJmp_khSYezKY_1Ahh3A==
Expires
Wed, 30 Aug 2023 19:11:11 GMT
FDIC-logo.gif
banking.apiture.com/images/fx/fxweb/var/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banking.apiture.com/images/fx/fxweb/var/FDIC-logo.gif
Requested by
Host: banking.apiture.com
URL: https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-25.muc50.r.cloudfront.net
Software
/
Resource Hash
7bd4ac3d139038ac6cff6b8f4c3fc480bbb548c692bf69a4163bb649876ff938
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 18:56:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Via
1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
Last-Modified
Sat, 26 Jan 2019 00:15:21 GMT
X-Amz-Cf-Pop
MUC50-P2
ETag
"2393-5805156d41840"
X-Cache
Miss from cloudfront
Content-Type
image/gif
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9107
X-Amz-Cf-Id
B3ltyFzKx1x57hIiSlofOIFfwcHBhhYVwMWBVF8DIssyLKcbHvXUiw==
Expires
Wed, 30 Aug 2023 19:11:11 GMT
apiture-iconfont.css
banking.apiture.com/style/fonts/xpress-icon-font/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.apiture.com/style/fonts/xpress-icon-font/css/apiture-iconfont.css
Requested by
Host: banking.apiture.com
URL: https://banking.apiture.com/fxweb/css/combined.css?cksum=2fa5cb820d20cc95
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-25.muc50.r.cloudfront.net
Software
/
Resource Hash
bb9305e99d47f5c8d03040c1cdd59272b546d385c7a7bce6151eaa8965ea9713
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.apiture.com/fxweb/css/combined.css?cksum=2fa5cb820d20cc95
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 18:56:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Encoding
gzip
Via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P2
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Connection
keep-alive
Last-Modified
Sun, 24 Oct 2021 05:24:54 GMT
ETag
W/"2bdb-5cf1276db5580"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86400
X-Amz-Cf-Id
mTntQNZa_6uPV1x6xbGF2svVYy3XHYEQ4AjNYmNS_wemNpqcHeQbgg==
Expires
Thu, 31 Aug 2023 18:56:11 GMT
pendo.js
cdn.pendo.io/agent/static/5a78dbd3-9cca-4318-77df-cb903fc1e0b8/ 		420 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/5a78dbd3-9cca-4318-77df-cb903fc1e0b8/pendo.js
Requested by
Host: banking.apiture.com
URL: https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:3400:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash
819621fc89b4370f5a95ce85d627f7914ad3503ad648e67e387689cfcc918a06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.apiture.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 18:56:11 GMT
content-encoding
gzip
via
1.1 67b5b59d34e71a36a3955bf957ea9ed2.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
232
x-guploader-uploadid
ADPycdtJRqK6zJIQOvHswr1Y2LsZu4uPlI_F-f4bRqP58TmJDW7va7C-mGC4xMjlk7zWFD8Aaj2C0-ix-qbRWBQyFPeREpgT6UVq
x-cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
142564
last-modified
Fri, 25 Aug 2023 15:11:45 GMT
server
UploadServer
etag
"f42b44d64a75c9f85da6bb8543d89b84"
vary
Accept-Encoding
x-goog-generation
1692976304901154
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=QAAJ/w==, md5=9CtE1kp1yfhdpruFQ9ibhA==
access-control-expose-headers
*
cache-control
max-age=450
x-goog-stored-content-length
142564
accept-ranges
bytes
x-amz-cf-id
SDtHk4-lv31KQ65jX8aGoNaDUNsUHnYupTTx6hmpT1XJcM_-hrOKvQ==
expires
Wed, 30 Aug 2023 18:59:49 GMT
accounts
banking.apiture.com/fdobi/ 		103 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://banking.apiture.com/fdobi/accounts
Requested by
Host: banking.apiture.com
URL: https://banking.apiture.com/fxweb/js/fxweb-all.min.js?cksum=1f491b4adbfa94d3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-25.muc50.r.cloudfront.net
Software
/
Resource Hash
e760af5ada2b356baf0cb8ab018b368525dd193271dd64c298ce19e32daef9bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
X-XSRF-TOKEN
bqhgdKNshm
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 18:56:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P2
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Content-Type
application/json; charset=ISO-8859-1
Connection
keep-alive
X-Amz-Cf-Id
9ytFRVPlKMXGvp-05fN8tBBeRkEc-ERrAO3YNEl2CotKnWGzkWax5g==
Expires
Thu, 01 Jan 1970 00:00:00 GMT
home
banking.apiture.com/fdobi/fxweb/page_data/ 		103 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://banking.apiture.com/fdobi/fxweb/page_data/home
Requested by
Host: banking.apiture.com
URL: https://banking.apiture.com/fxweb/js/fxweb-all.min.js?cksum=1f491b4adbfa94d3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-25.muc50.r.cloudfront.net
Software
/
Resource Hash
e760af5ada2b356baf0cb8ab018b368525dd193271dd64c298ce19e32daef9bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://banking.apiture.com/DigitalBanking/login?iid=PBPTX
X-XSRF-TOKEN
bqhgdKNshm
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 18:56:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Via
1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P2
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Content-Type
application/json; charset=ISO-8859-1
Connection
keep-alive
X-Amz-Cf-Id
5VxAexf2yQeXqZOwcjD75HweYSxvsiInHpOb_pzn3Hw_CjRL14pwBg==
Expires
Thu, 01 Jan 1970 00:00:00 GMT
PublicSans-Medium.woff2
banking.apiture.com/style/fonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banking.apiture.com/style/fonts/PublicSans-Medium.woff2
Requested by
Host: banking.apiture.com
URL: https://banking.apiture.com/fxweb/css/combined.css?cksum=2fa5cb820d20cc95
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-25.muc50.r.cloudfront.net
Software
/
Resource Hash
6389d387846c982f2f70a81ebd5c7638b8be5752a65eef02cf229b623bd72614
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Referer
https://banking.apiture.com/fxweb/css/combined.css?cksum=2fa5cb820d20cc95
Origin
https://banking.apiture.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 18:56:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Via
1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
Last-Modified
Sun, 24 Oct 2021 05:24:54 GMT
X-Amz-Cf-Pop
MUC50-P2
ETag
"64c0-5cf1276db5580"
X-Cache
Miss from cloudfront
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25792
X-Amz-Cf-Id
tZWnvlYPC_w4gw792Xr6IToD92Stqvmiu70FNNjCKh1wOQN33CYXJA==
PublicSans-Regular.woff2
banking.apiture.com/style/fonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banking.apiture.com/style/fonts/PublicSans-Regular.woff2
Requested by
Host: banking.apiture.com
URL: https://banking.apiture.com/fxweb/css/combined.css?cksum=2fa5cb820d20cc95
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-25.muc50.r.cloudfront.net
Software
/
Resource Hash
92f94a52d3618721d5463bf9997d151942527d535310da0d314c289eb2df2064
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Referer
https://banking.apiture.com/fxweb/css/combined.css?cksum=2fa5cb820d20cc95
Origin
https://banking.apiture.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 18:56:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Via
1.1 05e8912dc00dd796ed2b040e3237568e.cloudfront.net (CloudFront)
Last-Modified
Sun, 24 Oct 2021 05:24:54 GMT
X-Amz-Cf-Pop
MUC50-P2
ETag
"6368-5cf1276db5580"
X-Cache
Miss from cloudfront
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25448
X-Amz-Cf-Id
O8Xv_1THSpFMglKKtAT4H9XzyWNmq8UVqPkUD-CXhoSNS9PR4D9VPA==
PublicSans-Bold.woff2
banking.apiture.com/style/fonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banking.apiture.com/style/fonts/PublicSans-Bold.woff2
Requested by
Host: banking.apiture.com
URL: https://banking.apiture.com/fxweb/css/combined.css?cksum=2fa5cb820d20cc95
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-25.muc50.r.cloudfront.net
Software
/
Resource Hash
c0c7504de81690d12ea9de72acd5a7fb0c1bfc6c2cc1ff3434ce1169864c5ae6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Referer
https://banking.apiture.com/fxweb/css/combined.css?cksum=2fa5cb820d20cc95
Origin
https://banking.apiture.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 18:56:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Via
1.1 05e8912dc00dd796ed2b040e3237568e.cloudfront.net (CloudFront)
Last-Modified
Sun, 24 Oct 2021 05:24:54 GMT
X-Amz-Cf-Pop
MUC50-P2
ETag
"63ac-5cf1276db5580"
X-Cache
Miss from cloudfront
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25516
X-Amz-Cf-Id
IeNo1sB8fiO5LB6Fa0pgIiKGRqCAXjuUh12Xpn3cs5OuA4a7bKrUHg==
PublicSans-Thin.woff2
banking.apiture.com/style/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banking.apiture.com/style/fonts/PublicSans-Thin.woff2
Requested by
Host: banking.apiture.com
URL: https://banking.apiture.com/fxweb/css/combined.css?cksum=2fa5cb820d20cc95
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-25.muc50.r.cloudfront.net
Software
/
Resource Hash
e741d6f4f30eac615859945955bae39480983c2e3055653087093a33a36e99d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Referer
https://banking.apiture.com/fxweb/css/combined.css?cksum=2fa5cb820d20cc95
Origin
https://banking.apiture.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 18:56:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Via
1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
Last-Modified
Sun, 24 Oct 2021 05:24:54 GMT
X-Amz-Cf-Pop
MUC50-P2
ETag
"5fd0-5cf1276db5580"
X-Cache
Miss from cloudfront
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24528
X-Amz-Cf-Id
Hvfoinb9rpjgH9SICso5EI7Nv3guXeo6RbgXtVqfTGXbWYaC0qO5Ng==
5a78dbd3-9cca-4318-77df-cb903fc1e0b8
data.pendo.io/data/ptm.gif/ 		42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.pendo.io/data/ptm.gif/5a78dbd3-9cca-4318-77df-cb903fc1e0b8?v=2.199.1_prod&ct=1693421771871&jzb=eJzNkt9r2zAQx_-VoefgH7Kd2IExlqYre-nSzQmjYwjFVt2jsmTkc7pQ-r_3VGchfSljUGgeTKS7--pz37tfDwz3nWJzBrUyCDd7NmFbZ-975QRCS5F4WiQpj2ezOJ-mE7aDHtA6ATUVidX55fKbKEUyXSbrq3O-c1ckIKvKDgbHnNViVf6ky8FpOt0idv08DLfS3IFpAtkBDk4FlW3DJTSAUi_GUKhtA-YTQP3xr0TnbNez-QOzuhb_AuLzTmHMoPV_t_BIANKRS6Xcfj2K4XhgaZTvL9bXm0ZvFuVdcUYaN0626jn4R95WXzbFsLzG-8xeVN7kPSrqJZlNHyfHIbQK5asDyN7JAA4Q_m-PsvHsFKsp5TUsLU0zjNnKiPUPb-kB1Su9oAXTI5EhWLOy9IY-szUVzrI0IxNOopdksq8D3ThoP3j4l-XfVUNfSjmd4efjs3RVS_QSSRRGecgjnpDATrl-LONBXBRBLJ4bfJMlyKL0ZAm0ld7I978EHvSAx6M4CeKIfpzneR7n1NAbGMVJ9_cTAQeEeQ&acc=UEJQVFg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.155.70 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.155.149.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.apiture.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 18:56:11 GMT
via
1.1 google
x-content-type-options
nosniff
strict-transport-security
max-age=3600
server
istio-envoy
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
x-envoy-upstream-service-time
28
access-control-allow-headers
*
content-length
42
alt-svc
clear
5a78dbd3-9cca-4318-77df-cb903fc1e0b8
data.pendo.io/data/guide.js/ 		382 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.pendo.io/data/guide.js/5a78dbd3-9cca-4318-77df-cb903fc1e0b8?id=5&jzb=eJx9j0FPg0AQhf-K2bNhKYhaEmOs9OClUm0Tb5sRNuvEZZcsAxfDf-8AaZNevJBl5r3vvfkTA3ZIPrzVIheq3O6Kd3VQ6X2RHvfbZAh7cSugqnzvaJaUm_LwxbM-WP77IWq7XMpvcL_oTAQtUh90VPlGFmiQwG6WlbTeoHtGrJ_OiEYT1EAg8kuL6dkRGM3sNviaVfhPMQvO9ItaO3X8FOOl7ESarec0dB1xOULvSs8Z9tXXbHzI7rLsaruDZgKWaE3A5mbqf23_0Ia_LGEuB7YQtKOXSyyP-KoJkcYyfpRJnKQMGHToFlsSrdbraKXmA8fxBMDlfpU&v=2.199.1_prod&ct=1693421771873&acc=UEJQVFg
Requested by
Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/5a78dbd3-9cca-4318-77df-cb903fc1e0b8/pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.155.70 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.155.149.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
96014ad1b931836cd328a580d6f28898a41ed952ac10e830c56c8ace2f676802
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.apiture.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 18:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=3600
via
1.1 google
server
istio-envoy
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
false
x-envoy-upstream-service-time
3
access-control-allow-headers
*
content-length
276
alt-svc
clear
5a78dbd3-9cca-4318-77df-cb903fc1e0b8
data.pendo.io/data/guide.gif/ 		42 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.pendo.io/data/guide.gif/5a78dbd3-9cca-4318-77df-cb903fc1e0b8?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1693421771874&v=2.199.1_prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.155.70 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.155.149.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banking.apiture.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 18:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=3600
via
1.1 google
server
istio-envoy
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
x-envoy-upstream-service-time
1
access-control-allow-headers
*
content-length
57
alt-svc
clear

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| nav_data object| $jscomp function| $jscomp$lookupPolyfilledValue function| $ function| jQuery object| angular function| Calendar object| _dynarch_popupCalendar object| FX function| new_window object| pendo

6 Cookies

Domain/Path Name / Value
.banking.apiture.com/ Name: XSRF-TOKEN
Value: bqhgdKNshm
.banking.apiture.com/ Name: secure.fx.sid.fxweb
Value: login%232%234419a41c9fa6ec19%23cff5e8ed8471f126af2e624f2f4686570bfcf37a648d21835d6e6ba5b66f5757c19f0e9ee945b73c95787ee9dd2cc8730ee6a699e48e542f
banking.apiture.com/ Name: TS0140539d
Value: 01c6fb4b6cd13300f1433f383b08c3fe312224e998b63f5aaba957177d6f429a6d7b3eaad08706220f7638fa609bcb7977bc41843f
.banking.apiture.com/ Name: TS01c5c00b
Value: 01c6fb4b6c46b9c8f90d04c1857268891536588e0db63f5aaba957177d6f429a6d7b3eaad0258d30c1a433032ed4e9481ee8492e69ed0c7034194b125a31d8ec0ef058b00e69ffa6b9f64b720a96cae49c63cef7f0
banking.apiture.com/ Name: TS8aa168cd029
Value: 0894bc7510ab280081818628fd461340c839b9351b53538b637e9ea0ac784fa588f02b598ec4ab7f946e879488fef161
banking.apiture.com/ Name: TS481daac3027
Value: 0894bc7510ab20004d97bfcec40938463b42812d005c1ff34a66929eb43ce56c83e62c34b83b7cd108ee3144951130000e18bc2217ce40fbb453c4b8d03869c78885c5cdde6ba943ced848b79f39be3bac6a0c700da9f15ed499185ba72c67bc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN