integratedpayables.bbt.com Open in urlscan Pro
2a02:26f0:4700:199::faf  Public Scan

Submitted URL: https://integratedpayables.bbt.com/fis/customerlogin.aspx/r/nAccept-Language:
Effective URL: https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
Submission: On March 08 via api from US — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 2a02:26f0:4700:199::faf, located in Prague, Czech Republic and belongs to AKAMAI-ASN1, NL. The main domain is integratedpayables.bbt.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on December 12th 2022. Valid for: a year.
This is the only time integratedpayables.bbt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 2a02:26f0:470... 20940 (AKAMAI-ASN1)
13 1
Apex Domain
Subdomains
Transfer
14 bbt.com
integratedpayables.bbt.com
62 KB
13 1
Domain Requested by
14 integratedpayables.bbt.com 1 redirects integratedpayables.bbt.com
13 1

This site contains links to these domains. Also see Links.

Domain
www.fisglobal.com
Subject Issuer Validity Valid
www.bbt.com
Entrust Certification Authority - L1K
2022-12-12 -
2023-12-12
a year crt.sh

This page contains 1 frames:

Primary Page: https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
Frame ID: F2ECD513DE060DB4B24AF064C5A6C953
Requests: 13 HTTP requests in this frame

Screenshot

Page Title


Page URL History Show full URLs

  1. https://integratedpayables.bbt.com/fis/customerlogin.aspx/r/nAccept-Language: HTTP 302
    https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language: Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

61 kB
Transfer

155 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://integratedpayables.bbt.com/fis/customerlogin.aspx/r/nAccept-Language: HTTP 302
    https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language: Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Error.aspx
integratedpayables.bbt.com/fis/
Redirect Chain
  • https://integratedpayables.bbt.com/fis/customerlogin.aspx/r/nAccept-Language:
  • https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
6 KB
4 KB
Document
General
Full URL
https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700:199::faf Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8e8dbb1210f0a462e705ab9d3e9bb05ff39f3e8dcf84c0a557c08c72a7a47a9c
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://commercial.bbt.com
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store ,private, must-revalidate,no-cache, no-store ,private, must-revalidate,no-cache, no store
content-encoding
gzip
content-length
2699
content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
content-type
text/html; charset=utf-8
date
Wed, 08 Mar 2023 14:19:10 GMT
expires
-1,-1,-1
pragma
no-cache,no-cache,no-cache
server
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Accept-Encoding
x-content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
x-content-type-options
nosniff
x-frame-options
allow-from https://commercial.bbt.com
x-xss-protection
1; mode=block

Redirect headers

cache-control
private,no-cache, no store
content-length
208
content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
content-type
text/html; charset=utf-8
date
Wed, 08 Mar 2023 14:19:10 GMT
expires
-1
location
/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
pragma
no-cache
server
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
x-content-type-options
nosniff
x-frame-options
allow-from https://commercial.bbt.com
x-xss-protection
1; mode=block
SunGard.css
integratedpayables.bbt.com/fis/App_Themes/fis/
38 KB
8 KB
Stylesheet
General
Full URL
https://integratedpayables.bbt.com/fis/App_Themes/fis/SunGard.css
Requested by
Host: integratedpayables.bbt.com
URL: https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700:199::faf Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
32a7adfb35bb352f5de98f9fd065412caba8adc91a874c30ecb4192357312084
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://commercial.bbt.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Wed, 08 Mar 2023 14:18:32 GMT
content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Wed, 08 Mar 2023 14:19:11 GMT
content-length
7597
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Feb 2023 14:48:06 GMT
server
etag
"01796d69547d91:0"
vary
Accept-Encoding
x-frame-options
allow-from https://commercial.bbt.com
content-type
text/css
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
sungardMenu.css
integratedpayables.bbt.com/fis/App_Themes/fis/
6 KB
1 KB
Stylesheet
General
Full URL
https://integratedpayables.bbt.com/fis/App_Themes/fis/sungardMenu.css
Requested by
Host: integratedpayables.bbt.com
URL: https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700:199::faf Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9d2e48e6b4392095d20eb2a0ea7c2f73e0036b2bde178fb7f21e323c59c0708f
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://commercial.bbt.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Wed, 08 Mar 2023 14:18:32 GMT
content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Wed, 08 Mar 2023 14:19:11 GMT
content-length
889
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Feb 2023 14:48:08 GMT
server
etag
"044c7d79547d91:0"
vary
Accept-Encoding
x-frame-options
allow-from https://commercial.bbt.com
content-type
text/css
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
jquery-3.6.1.min.js
integratedpayables.bbt.com/fis/Script/
88 KB
31 KB
Script
General
Full URL
https://integratedpayables.bbt.com/fis/Script/jquery-3.6.1.min.js
Requested by
Host: integratedpayables.bbt.com
URL: https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700:199::faf Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
24c7030c50c1045cfefddac2d403f4bb2043b34183f6887f5c88a3e12e0236f9
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://commercial.bbt.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Sun, 26 Feb 2023 19:56:56 GMT
content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Wed, 08 Mar 2023 14:19:11 GMT
content-length
31039
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Feb 2023 14:48:18 GMT
server
etag
"025bddd9547d91:0"
vary
Accept-Encoding
x-frame-options
allow-from https://commercial.bbt.com
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
fislogo_Rev.png
integratedpayables.bbt.com/fis/App_Themes/fis/images/
2 KB
2 KB
Image
General
Full URL
https://integratedpayables.bbt.com/fis/App_Themes/fis/images/fislogo_Rev.png
Requested by
Host: integratedpayables.bbt.com
URL: https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700:199::faf Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a9755dd798aa4358abe05f952373be4a9439d23ba040369a8a7bd961e06d98fa
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://commercial.bbt.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Sun, 26 Feb 2023 23:01:12 GMT
content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
date
Wed, 08 Mar 2023 14:19:11 GMT
content-length
1587
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Feb 2023 14:48:08 GMT
server
etag
"1D94795D7C74400"
x-frame-options
allow-from https://commercial.bbt.com
content-type
image/png
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
IntegratedPyables_logo.png
integratedpayables.bbt.com/fis/App_Themes/fis/images/
3 KB
4 KB
Image
General
Full URL
https://integratedpayables.bbt.com/fis/App_Themes/fis/images/IntegratedPyables_logo.png
Requested by
Host: integratedpayables.bbt.com
URL: https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700:199::faf Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
30d5e2b611a7e8b27e2e9ed0c876421a3cceba229a900fe40dc7172dd7e48738
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://commercial.bbt.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Wed, 08 Mar 2023 14:18:32 GMT
content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
date
Wed, 08 Mar 2023 14:19:11 GMT
content-length
3026
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Feb 2023 14:48:08 GMT
server
etag
"1D94795D7C74400"
x-frame-options
allow-from https://commercial.bbt.com
content-type
image/png
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
icon-contact-us.jpg
integratedpayables.bbt.com/fis/App_Themes/fis/images/
624 B
1 KB
Image
General
Full URL
https://integratedpayables.bbt.com/fis/App_Themes/fis/images/icon-contact-us.jpg
Requested by
Host: integratedpayables.bbt.com
URL: https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700:199::faf Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e5ade231661496333f8f1c83da847d9a2afadf08035d7f84b48b5a8068d2b0f9
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://commercial.bbt.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Wed, 08 Mar 2023 14:18:32 GMT
content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
date
Wed, 08 Mar 2023 14:19:11 GMT
content-length
624
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Feb 2023 14:48:08 GMT
server
etag
"1D94795D7C74400"
x-frame-options
allow-from https://commercial.bbt.com
content-type
image/jpeg
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
jquery.idletimer.js
integratedpayables.bbt.com/fis/Script/
4 KB
2 KB
Script
General
Full URL
https://integratedpayables.bbt.com/fis/Script/jquery.idletimer.js
Requested by
Host: integratedpayables.bbt.com
URL: https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700:199::faf Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3a6836f01e603254c8d04983643586d372da74c3cf16eb3da7b9455d2f8808e0
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://commercial.bbt.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Wed, 08 Mar 2023 14:18:32 GMT
content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Wed, 08 Mar 2023 14:19:11 GMT
content-length
1787
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Feb 2023 14:48:18 GMT
server
etag
"025bddd9547d91:0"
vary
Accept-Encoding
x-frame-options
allow-from https://commercial.bbt.com
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
jquery.idletimeout.js
integratedpayables.bbt.com/fis/Script/
5 KB
2 KB
Script
General
Full URL
https://integratedpayables.bbt.com/fis/Script/jquery.idletimeout.js
Requested by
Host: integratedpayables.bbt.com
URL: https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700:199::faf Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1cf8c7cc7940901b8e5b315810e96bc80f09eb4eedb93961574a8e5f3348d621
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://commercial.bbt.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Wed, 08 Mar 2023 14:18:32 GMT
content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Wed, 08 Mar 2023 14:19:11 GMT
content-length
1834
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Feb 2023 14:48:18 GMT
server
etag
"025bddd9547d91:0"
vary
Accept-Encoding
x-frame-options
allow-from https://commercial.bbt.com
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
idler.js
integratedpayables.bbt.com/fis/Script/app/
690 B
1 KB
Script
General
Full URL
https://integratedpayables.bbt.com/fis/Script/app/idler.js
Requested by
Host: integratedpayables.bbt.com
URL: https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700:199::faf Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4fa901224306cd2a8d5f9a8d23f8619db4a007a83b7c9411914a801a0789d926
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://commercial.bbt.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Wed, 08 Mar 2023 14:18:32 GMT
content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
date
Wed, 08 Mar 2023 14:19:11 GMT
content-length
690
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Feb 2023 14:48:18 GMT
server
etag
"025bddd9547d91:0"
x-frame-options
allow-from https://commercial.bbt.com
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
RootMaster.js
integratedpayables.bbt.com/fis/Script/app/
454 B
1 KB
Script
General
Full URL
https://integratedpayables.bbt.com/fis/Script/app/RootMaster.js
Requested by
Host: integratedpayables.bbt.com
URL: https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700:199::faf Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3d9861ac5ae136f904b82b3f05c1a25bb1220208d4c0bf7f2664c1a5500f91c7
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://commercial.bbt.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://integratedpayables.bbt.com/fis/Error.aspx?aspxerrorpath=/fis/customerlogin.aspx/r/nAccept-Language:
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Wed, 08 Mar 2023 14:18:37 GMT
content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
date
Wed, 08 Mar 2023 14:19:11 GMT
content-length
454
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Feb 2023 14:48:18 GMT
server
etag
"025bddd9547d91:0"
x-frame-options
allow-from https://commercial.bbt.com
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
bg-container-content_new.png
integratedpayables.bbt.com/fis/App_Themes/fis/images/
966 B
1 KB
Image
General
Full URL
https://integratedpayables.bbt.com/fis/App_Themes/fis/images/bg-container-content_new.png
Requested by
Host: integratedpayables.bbt.com
URL: https://integratedpayables.bbt.com/fis/App_Themes/fis/SunGard.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700:199::faf Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1c002ffd6a5cb408d863694689c1f2dc2d9958df285b8ae3e9a0bd3e65a4fa40
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://commercial.bbt.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://integratedpayables.bbt.com/fis/App_Themes/fis/SunGard.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Wed, 08 Mar 2023 14:18:38 GMT
content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
date
Wed, 08 Mar 2023 14:19:11 GMT
content-length
966
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Feb 2023 14:48:08 GMT
server
etag
"1D94795D7C74400"
x-frame-options
allow-from https://commercial.bbt.com
content-type
image/png
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
newHeaderBg.gif
integratedpayables.bbt.com/fis/App_Themes/fis/images/
1 KB
2 KB
Image
General
Full URL
https://integratedpayables.bbt.com/fis/App_Themes/fis/images/newHeaderBg.gif
Requested by
Host: integratedpayables.bbt.com
URL: https://integratedpayables.bbt.com/fis/App_Themes/fis/SunGard.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700:199::faf Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c27d86ec1f97c11e9f284bdff94ada64091910a7bac2ed260f49359b268a8720
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://commercial.bbt.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://integratedpayables.bbt.com/fis/App_Themes/fis/SunGard.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Wed, 08 Mar 2023 14:18:38 GMT
content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
date
Wed, 08 Mar 2023 14:19:11 GMT
content-length
1261
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Feb 2023 14:48:08 GMT
server
etag
"1D94795D7C74400"
x-frame-options
allow-from https://commercial.bbt.com
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-content-security-policy
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery function| enableTimeOut object| theBody

2 Cookies

Domain/Path Name / Value
integratedpayables.bbt.com/fis/ Name: __AntiXsrfToken
Value: 1badda1455ec462284a87f0fbb08a0ae
integratedpayables.bbt.com/ Name: ASP.NET_SessionId
Value: 3tdz5qjgphfpmmxfglkbdho2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://www.google.com
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Security-Policy default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://commercial.bbt.com
X-Xss-Protection 1; mode=block