urlscan.io logo urlscan.io
SecurityTrails logo

novpara.capital Open in urlscan Pro
148.66.137.114  Public Scan

Go To Rescan Add Verdict Report
URL: https://novpara.capital/NBT/
Submission: On October 18 via automatic, source openphish — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 42 HTTP transactions. The main IP is 148.66.137.114, located in Singapore and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is novpara.capital.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 30th 2023. Valid for: a year.
This is the only time novpara.capital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 148.66.137.114 26496 (AS-26496-...)
23 66.22.19.92 25773 (RADWARE-C...)
1 2 23.33.126.53 20940 (AKAMAI-ASN1)
1 74.125.68.94 15169 (GOOGLE)
2 23.32.29.90 20940 (AKAMAI-ASN1)
42 6
7    148.66.137.114 (Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
novpara.capital
23    66.22.19.92 (United States)

ASN25773 (RADWARE-CLOUD-SERVICES, US)
nbtbank.onlinebank.com
2    23.33.126.53 (Tseung Kwan O, Hong Kong)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-33-126-53.deploy.static.akamaitechnologies.com
img1.wsimg.com
img6.wsimg.com
1    74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net
fonts.gstatic.com
2    23.32.29.90 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-29-90.deploy.static.akamaitechnologies.com
events.api.secureserver.net
Apex Domain
Subdomains		 Transfer
23 onlinebank.com
nbtbank.onlinebank.com — Cisco Umbrella Rank: 313106
2 MB
7 novpara.capital
novpara.capital
5 KB
2 secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 14696
564 B
2 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 11326
img6.wsimg.com — Cisco Umbrella Rank: 14158
12 KB
1 gstatic.com
fonts.gstatic.com
16 KB
42 5
Domain Requested by
23 nbtbank.onlinebank.com novpara.capital
nbtbank.onlinebank.com
7 novpara.capital novpara.capital
2 events.api.secureserver.net img1.wsimg.com
1 fonts.gstatic.com novpara.capital
1 img6.wsimg.com novpara.capital
1 img1.wsimg.com 1 redirects
42 6

This site contains no links.

Subject Issuer Validity Valid
novpara.capital
Go Daddy Secure Certificate Authority - G2		 2023-08-30 -
2024-09-30		 a year crt.sh
nbtbank.onlinebank.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-03 -
2024-04-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2023-07-10 -
2024-08-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://novpara.capital/NBT/
Frame ID: F5886B4E3684D82A0E5D12F003286225
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In - NBT Bank

Page Statistics

42
Requests

79 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

1740 kB
Transfer

1754 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
novpara.capital/NBT/ 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://novpara.capital/NBT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.66.137.114 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
a6df81bdc5c30e0032063fc972c2a3213726a7ea5a79e14fb448d209bbb6fe03

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
3046
content-type
text/html
date
Wed, 18 Oct 2023 13:12:04 GMT
etag
"72e0257-2e2d-60644afd86080-br"
last-modified
Tue, 26 Sep 2023 15:25:38 GMT
server
Apache
vary
Accept-Encoding
EditMode.css
novpara.capital/NBT/css/ 		774 B
350 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://novpara.capital/NBT/css/EditMode.css
Requested by
Host: novpara.capital
URL: https://novpara.capital/NBT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.66.137.114 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
94fb85c0bd3e70b7508434ba7625483252ed4e86dbde231b7917c9ef0a7ef781

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://novpara.capital/NBT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:12:04 GMT
content-encoding
br
last-modified
Fri, 28 Oct 2022 01:48:08 GMT
server
Apache
etag
"72e024b-306-5ec0e7314e600-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
263
LoadingPanel.css
novpara.capital/NBT/css/ 		89 B
148 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://novpara.capital/NBT/css/LoadingPanel.css
Requested by
Host: novpara.capital
URL: https://novpara.capital/NBT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.66.137.114 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
c0ff4817b1eb977c5bd7b1991006c69090ffdae73733a7d8829fec8d611f69fc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://novpara.capital/NBT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:12:04 GMT
content-encoding
br
last-modified
Fri, 28 Oct 2022 01:48:22 GMT
server
Apache
etag
"72e024c-59-5ec0e73ea8580-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
69
opensans.css
novpara.capital/NBT/css/ 		2 KB
629 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://novpara.capital/NBT/css/opensans.css
Requested by
Host: novpara.capital
URL: https://novpara.capital/NBT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.66.137.114 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
b9c775232213b8a4b7a63dfaf839757b2a8d1583a1af7b5766030da6e8c474b4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://novpara.capital/NBT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:12:04 GMT
content-encoding
br
last-modified
Fri, 28 Oct 2022 01:49:44 GMT
server
Apache
etag
"72e024d-92b-5ec0e78cdbe00-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
549
screen.css
nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/ 		835 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Requested by
Host: novpara.capital
URL: https://novpara.capital/NBT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
edc9bb5e63c9fbf99f6d5e7448a9454c7b51a8fc5154e9939c863312b19e6f5a
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://novpara.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:05 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
WebResource.axd
novpara.capital/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://novpara.capital/WebResource.axd?d=urCACUaUZeT6oPoIZXShbu_1mg_N_l4jShKx1J9bVPsVr2NBR6js8hj-QO5R4_ig_UM_6BTEvsUm0pVZPSI45Qh8HhMXpcfZ0-H_jz5gjdjFcqhl8Q2uekFcLFceEEhLFJKexQwJQYE-YZPPmEfmF2tz8ibp1V0Knp5fHHCZZeU1&t=637356662800000000
Requested by
Host: novpara.capital
URL: https://novpara.capital/NBT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.66.137.114 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache / PHP/7.3.33
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://novpara.capital/NBT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:12:04 GMT
content-encoding
br
server
Apache
x-powered-by
PHP/7.3.33
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
content-length
3599
retry-after
3600
expires
Wed, 11 Jan 1984 05:00:00 GMT
RadDockableObject.css
novpara.capital/NBT/css/ 		2 KB
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://novpara.capital/NBT/css/RadDockableObject.css
Requested by
Host: novpara.capital
URL: https://novpara.capital/NBT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.66.137.114 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
926172c6f78bad8d437e449a3309ea0de03199f2bc0d2101899f3ce99df04f4b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://novpara.capital/NBT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:12:04 GMT
content-encoding
br
last-modified
Fri, 28 Oct 2022 01:48:56 GMT
server
Apache
etag
"72e024f-839-5ec0e75f15200-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
590
Content.aspx
nbtbank.onlinebank.com/ 		19 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/Content.aspx?name=Spire+global&t=04/13/2020%205:35:30%20PM
Requested by
Host: novpara.capital
URL: https://novpara.capital/NBT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
6a2903f7d7ae456e492c508436131513961416f8a9fe2891d5935bd78fa3a3bd
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://novpara.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:06 GMT
Last-Modified
Mon, 13 Apr 2020 17:35:29 GMT
ETag
W/"1586799330:dtagent10275230919171419dMZQ"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
public
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="1676684745"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
Content.aspx
nbtbank.onlinebank.com/ 		225 KB
227 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/Content.aspx?name=NBT_Spire&t=07/20/2021%206:54:48%20AM
Requested by
Host: novpara.capital
URL: https://novpara.capital/NBT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
bb043aa269fe9de97965cf157e082e415bf9ae806307df528d4d50da63d7c34a
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://novpara.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:05 GMT
Last-Modified
Mon, 31 Jul 2023 16:56:52 GMT
ETag
W/"1690822613:dtagent10275230919171419dMZQ"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
public
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1745535355"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
tccl.min.js
img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
Requested by
Host: novpara.capital
URL: https://novpara.capital/NBT/
Protocol
H2
Server
23.33.126.53 Tseung Kwan O, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-126-53.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://novpara.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
sTnOEJpl_Bn63xNm3Yru0HbQaHbS55CR
content-encoding
br
date
Wed, 18 Oct 2023 13:12:05 GMT
x-amz-request-id
SW42RCTKTQJH3SB5
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1697634725423_388070453_315880059_24_1757_59_0_219";dur=1
content-length
11347
x-amz-id-2
SOgzPYjoNVqHmzSUdDQxjVjpOcgl04n3arSWjBq/s2doz6LRg79tFfSvSDtud9Y0icsa8uPNWH0=
last-modified
Tue, 29 Nov 2022 21:30:05 GMT
etag
"5c3e20ad749ddb088afc84b1b7ff009e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
access-control-allow-origin
*
date
Wed, 18 Oct 2023 13:12:05 GMT
cache-control
max-age=1800
timing-allow-origin
*
content-length
0
expires
Wed, 18 Oct 2023 13:42:05 GMT
print.css
novpara.capital/NBT/css/ 		172 B
176 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://novpara.capital/NBT/css/print.css
Requested by
Host: novpara.capital
URL: https://novpara.capital/NBT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.66.137.114 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
f4f9f204aaab6f4fc1dfda7bc3bd4aad98d4236c7061b144b496dd991cbf12ae

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://novpara.capital/NBT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:12:04 GMT
content-encoding
br
last-modified
Fri, 28 Oct 2022 01:48:42 GMT
server
Apache
etag
"72e024e-ac-5ec0e751bb280-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
98
accordion.css
nbtbank.onlinebank.com/App_Themes/theme4-css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/theme4-css/accordion.css
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
90a5e085de08b76787107ea46a188afc417537f1903e36ef89b6c63d5b0581e2
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:06 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
carousel.css
nbtbank.onlinebank.com/App_Themes/theme4-css/ 		6 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/theme4-css/carousel.css
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
bc5427c8becdc12dbb8026919b68588038af5c479590819134593e007eadfa67
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:06 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1464014000"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
checkBoxList.css
nbtbank.onlinebank.com/App_Themes/theme4-css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/theme4-css/checkBoxList.css
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
2ea7c05ebc9afbf695a66e0d86c1a4ec99c81bd71afd1c7c545165980b696557
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:05 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="251288929"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
common.css
nbtbank.onlinebank.com/App_Themes/theme4-css/ 		13 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/theme4-css/common.css?v=2020.1
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
dc4688372f9f18ec8fd4265f947de23ae7df92e0f3214209c6a6686581125d7f
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:06 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
google-map.css
nbtbank.onlinebank.com/App_Themes/theme4-css/ 		724 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/theme4-css/google-map.css
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
5c541e2e8634c45cd04c9cebc6f84b3c0a5bfe126b515cecc87ca428af1da52c
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:07 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
template.css
nbtbank.onlinebank.com/App_Themes/theme4-css/ 		56 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/theme4-css/template.css?v=2019.4
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
da2ee22c8a2e3f8713bf425acb1673a4aba3ff8d3a22065f93822fe90b756049
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:07 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
module.css
nbtbank.onlinebank.com/App_Themes/theme4-css/ 		191 KB
193 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/theme4-css/module.css?v=2020.1
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
8fa7b47dbc7dc84c77ed9e6c4a0d761daf2e2431f07e803c99935cdbc7020c3d
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:07 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
printer.css
nbtbank.onlinebank.com/App_Themes/theme4-css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/theme4-css/printer.css
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
367da0b2f03e6a6035c24189543b0cab1980e2e62b38c8ad1efa69cd06097562
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:07 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1544658575"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
tileManager.css
nbtbank.onlinebank.com/App_Themes/theme4-css/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/theme4-css/tileManager.css
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
3a080f18685baaf2be511a9859d6bbeee808392ac034e12c9da7894aef487920
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:07 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
menu.css
nbtbank.onlinebank.com/App_Themes/theme4-css/ 		12 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/theme4-css/menu.css
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
bfc59a75bccdb0ec1a57be01f8e7e6888b9fdfaccaf1f311bcf105bdbc5f4e2d
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:07 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="599347431"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
wizard.css
nbtbank.onlinebank.com/App_Themes/theme4-css/ 		63 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/theme4-css/wizard.css?v=2019.4
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
75f4116483c2205de07ef000b889ff3195c13bc18babcc64f7754c9fe72aa0d6
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:07 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1251868379"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
tab.css
nbtbank.onlinebank.com/App_Themes/theme4-css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/theme4-css/tab.css
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
5ef32ff73136070a4d457187063dcb443eaa6edc7c9408feffa1ae3f19a66996
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:07 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
progress-bar.css
nbtbank.onlinebank.com/App_Themes/theme4-css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/theme4-css/progress-bar.css?v=2019.3
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
7671989da274ffd9497bd1dac6f07c7463f85a34efdbed6c8561220adce7b506
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:08 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="478555795"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
drawer.css
nbtbank.onlinebank.com/App_Themes/theme4-css/ 		983 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/theme4-css/drawer.css
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
3e667460fefce5a2fe970fe89057f6c18e7b72e63067df7c3b4168b36d587a08
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:07 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
atmLocator.css
nbtbank.onlinebank.com/App_Themes/theme4-css/ 		218 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/theme4-css/atmLocator.css
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
b7acb047f2d46898d4fe77b16ab0aeb7f66b0124d50bab9fa39ce26fa32bc3e9
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:07 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
range.css
nbtbank.onlinebank.com/App_Themes/theme4-css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/theme4-css/range.css
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
900c3453f4434eeed8a825da471927e0e8483768f2f91ca75b300d127c460f9b
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:08 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
switch.css
nbtbank.onlinebank.com/App_Themes/theme4-css/ 		4 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbtbank.onlinebank.com/App_Themes/theme4-css/switch.css
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
45b648ffbe4bda170b2cda93900228a1c57ea28583dcb6a0d2319ef5b6c868b7
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/App_Themes/Theme4/stylesheets/screen.css?h=549CC0B71293AD1BE3E239CC865F6EAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:08 GMT
Last-Modified
Fri, 09 Sep 2022 14:00:38 GMT
ETag
W/"087f8a54c4d81:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=604800
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
x-Robots-tag
noindex
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
nbt-background-07012023.jpg
nbtbank.onlinebank.com/spire/images/backgrounds/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nbtbank.onlinebank.com/spire/images/backgrounds/nbt-background-07012023.jpg
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/Content.aspx?name=NBT_Spire&t=07/20/2021%206:54:48%20AM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
9a3de0785fe588d31de641b263447b44eecac79980836f344fa0e43f8591939c
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/Content.aspx?name=NBT_Spire&t=07/20/2021%206:54:48%20AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:09 GMT
Last-Modified
Wed, 28 Jun 2023 21:31:52 GMT
ETag
"014bf47aad91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
x-Robots-tag
noindex
Server-Timing
dtSInfo;desc="1"
Content-Length
1108182
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
nbt-logo.svg
nbtbank.onlinebank.com/spire/images/logos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nbtbank.onlinebank.com/spire/images/logos/nbt-logo.svg
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/Content.aspx?name=NBT_Spire&t=07/20/2021%206:54:48%20AM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
c85e6e75d4bbb64b497c7573afdd63e0d08ecbc15f97745baa3cdd77a225603d
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/Content.aspx?name=NBT_Spire&t=07/20/2021%206:54:48%20AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:09 GMT
Last-Modified
Mon, 13 Apr 2020 17:30:12 GMT
ETag
"06aa52fb911d61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
x-Robots-tag
noindex
Server-Timing
dtSInfo;desc="1"
Content-Length
1962
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
robotocondensed.woff
nbtbank.onlinebank.com/spire/fonts/roboto/ 		0
0
content.aspx
nbtbank.onlinebank.com/ 		2 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nbtbank.onlinebank.com/content.aspx?theme=Theme4&color1=%23767676&image=svg/equal-housing-lender.svg
Requested by
Host: nbtbank.onlinebank.com
URL: https://nbtbank.onlinebank.com/Content.aspx?name=NBT_Spire&t=07/20/2021%206:54:48%20AM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.19.92 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
46517f6f4078142106a45169de25355c683bf71b66fd819cccd914319918898a
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; report=https://architect.report-uri.com/r/d/xss/enforce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://nbtbank.onlinebank.com/Content.aspx?name=NBT_Spire&t=07/20/2021%206:54:48%20AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: ; script-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob: ; style-src * 'self' data: 'unsafe-inline' blob: ; img-src * 'self' blob: data: ; child-src * 'self' blob: ; connect-src * 'self' ; media-src * 'self' ; font-src * 'self' ; object-src * 'self' blob: ; frame-src * fingerprintauth orcc-mobile: notifipushnotificationregistration ; worker-src * 'self' blob: ; frame-ancestors * 'self' ; form-action * 'self' orcc-mobile: ; upgrade-insecure-requests; report-uri https://onlinebank.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options
nosniff
Date
Wed, 18 Oct 2023 13:12:07 GMT
Last-Modified
Mon, 01 Jan 0001 05:00:00 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
public
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1557832116"
x-Robots-tag
noindex
Content-Length
2403
X-XSS-Protection
1; report=https://architect.report-uri.com/r/d/xss/enforce
gotham-bold.woff
nbtbank.onlinebank.com/spire/fonts/gotham/ 		0
0
fa.woff
nbtbank.onlinebank.com/spire/fonts/fontawesome/fonts/ 		0
0
robotocondensed_bold.woff
nbtbank.onlinebank.com/spire/fonts/roboto/ 		0
0
opensans-bold.woff
nbtbank.onlinebank.com/spire/fonts/OpenSans/ 		0
0
opensans-regular.woff
nbtbank.onlinebank.com/spire/fonts/OpenSans/ 		0
0
opensans-bold.woff2
nbtbank.onlinebank.com/spire/fonts/OpenSans/ 		0
0
opensans-regular.woff2
nbtbank.onlinebank.com/spire/fonts/OpenSans/ 		0
0
cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v13/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
Requested by
Host: novpara.capital
URL: https://novpara.capital/NBT/css/opensans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://novpara.capital/
Origin
https://novpara.capital
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 11:09:49 GMT
x-content-type-options
nosniff
age
525744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15572
x-xss-protection
0
last-modified
Mon, 27 Apr 2015 23:46:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 11:09:49 GMT
event
events.api.secureserver.net/t/1/tl/ 		43 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1697634728832&dh=novpara.capital&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.70%20Safari%2F537.36&vci=1185651913&cv=2.0.1&z=114193687&vg=0b4ddfb3-4d1b-5b5a-9814-a58802c8a66d&vtg=0b4ddfb3-4d1b-5b5a-9814-a58802c8a66d&dp=%2FNBT&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22sg3plcpnl0087%22%2C%22dcenter%22%3A%22sg3%22%2C%22cp_id%22%3A%227245357%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%226%22%7D&hit_id=fdc97905-0535-5253-b3fe-a891f826d9a6&ht=pageview
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.29.90 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-29-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://novpara.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Wed, 18 Oct 2023 13:12:15 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://novpara.capital
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
event
events.api.secureserver.net/t/1/tl/ 		43 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1697634734204&dh=novpara.capital&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.70%20Safari%2F537.36&vci=1185651913&cv=2.0.1&z=590486045&vg=0b4ddfb3-4d1b-5b5a-9814-a58802c8a66d&vtg=0b4ddfb3-4d1b-5b5a-9814-a58802c8a66d&dp=%2FNBT&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22sg3plcpnl0087%22%2C%22dcenter%22%3A%22sg3%22%2C%22cp_id%22%3A%227245357%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%226%22%7D&hit_id=f3ddc3fd-9789-551b-8ee9-d7d87df1417e&ht=perf&tce=1697634724621&tcs=1697634724266&tdc=1697634734200&tdclee=1697634728842&tdcles=1697634728842&tdi=1697634728842&tdl=1697634724797&tdle=1697634724266&tdls=1697634724266&tfs=1697634724143&tns=1697634724143&trqs=1697634724622&tre=1697634724792&trps=1697634724791&tles=1697634734200&tlee=0&nt=navigate&lcp=4718&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.29.90 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-29-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://novpara.capital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Wed, 18 Oct 2023 13:12:15 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://novpara.capital
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nbtbank.onlinebank.com
URL
https://nbtbank.onlinebank.com/spire/fonts/roboto/robotocondensed.woff
Domain
nbtbank.onlinebank.com
URL
https://nbtbank.onlinebank.com/spire/fonts/gotham/gotham-bold.woff
Domain
nbtbank.onlinebank.com
URL
https://nbtbank.onlinebank.com/spire/fonts/fontawesome/fonts/fa.woff
Domain
nbtbank.onlinebank.com
URL
https://nbtbank.onlinebank.com/spire/fonts/roboto/robotocondensed_bold.woff
Domain
nbtbank.onlinebank.com
URL
https://nbtbank.onlinebank.com/spire/fonts/OpenSans/opensans-bold.woff
Domain
nbtbank.onlinebank.com
URL
https://nbtbank.onlinebank.com/spire/fonts/OpenSans/opensans-regular.woff
Domain
nbtbank.onlinebank.com
URL
https://nbtbank.onlinebank.com/spire/fonts/OpenSans/opensans-bold.woff2
Domain
nbtbank.onlinebank.com
URL
https://nbtbank.onlinebank.com/spire/fonts/OpenSans/opensans-regular.woff2

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _trfd boolean| _tcclPageReqFired object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| _trfq object| tccl

3 Cookies

Domain/Path Name / Value
novpara.capital/ Name: PHPSESSID
Value: 082239b83c9e1d40daf94d7abda7280d
.novpara.capital/ Name: _tccl_visitor
Value: 0b4ddfb3-4d1b-5b5a-9814-a58802c8a66d
.novpara.capital/ Name: _tccl_visit
Value: 0b4ddfb3-4d1b-5b5a-9814-a58802c8a66d

17 Console Messages

Source Level URL
Text
network error URL: https://novpara.capital/WebResource.axd?d=urCACUaUZeT6oPoIZXShbu_1mg_N_l4jShKx1J9bVPsVr2NBR6js8hj-QO5R4_ig_UM_6BTEvsUm0pVZPSI45Qh8HhMXpcfZ0-H_jz5gjdjFcqhl8Q2uekFcLFceEEhLFJKexQwJQYE-YZPPmEfmF2tz8ibp1V0Knp5fHHCZZeU1&t=637356662800000000
Message:
Failed to load resource: the server responded with a status of 503 ()
javascript error URL: https://novpara.capital/NBT/
Message:
Access to font at 'https://nbtbank.onlinebank.com/spire/fonts/gotham/gotham-bold.woff' from origin 'https://novpara.capital' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://nbtbank.onlinebank.com/spire/fonts/gotham/gotham-bold.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://novpara.capital/NBT/
Message:
Access to font at 'https://nbtbank.onlinebank.com/spire/fonts/roboto/robotocondensed.woff' from origin 'https://novpara.capital' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://nbtbank.onlinebank.com/spire/fonts/roboto/robotocondensed.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://novpara.capital/NBT/
Message:
Access to font at 'https://nbtbank.onlinebank.com/spire/fonts/fontawesome/fonts/fa.woff' from origin 'https://novpara.capital' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://nbtbank.onlinebank.com/spire/fonts/fontawesome/fonts/fa.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://novpara.capital/NBT/
Message:
Access to font at 'https://nbtbank.onlinebank.com/spire/fonts/roboto/robotocondensed_bold.woff' from origin 'https://novpara.capital' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://nbtbank.onlinebank.com/spire/fonts/roboto/robotocondensed_bold.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://novpara.capital/NBT/
Message:
Access to font at 'https://nbtbank.onlinebank.com/spire/fonts/OpenSans/opensans-bold.woff' from origin 'https://novpara.capital' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://nbtbank.onlinebank.com/spire/fonts/OpenSans/opensans-bold.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://novpara.capital/NBT/
Message:
Access to font at 'https://nbtbank.onlinebank.com/spire/fonts/OpenSans/opensans-regular.woff' from origin 'https://novpara.capital' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://nbtbank.onlinebank.com/spire/fonts/OpenSans/opensans-regular.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://novpara.capital/NBT/
Message:
Access to font at 'https://nbtbank.onlinebank.com/spire/fonts/OpenSans/opensans-bold.woff2' from origin 'https://novpara.capital' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://nbtbank.onlinebank.com/spire/fonts/OpenSans/opensans-bold.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://novpara.capital/NBT/
Message:
Access to font at 'https://nbtbank.onlinebank.com/spire/fonts/OpenSans/opensans-regular.woff2' from origin 'https://novpara.capital' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://nbtbank.onlinebank.com/spire/fonts/OpenSans/opensans-regular.woff2
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

events.api.secureserver.net
fonts.gstatic.com
img1.wsimg.com
img6.wsimg.com
nbtbank.onlinebank.com
novpara.capital
nbtbank.onlinebank.com
148.66.137.114
23.32.29.90
23.33.126.53
66.22.19.92
74.125.68.94
2ea7c05ebc9afbf695a66e0d86c1a4ec99c81bd71afd1c7c545165980b696557
367da0b2f03e6a6035c24189543b0cab1980e2e62b38c8ad1efa69cd06097562
3a080f18685baaf2be511a9859d6bbeee808392ac034e12c9da7894aef487920
3e667460fefce5a2fe970fe89057f6c18e7b72e63067df7c3b4168b36d587a08
45b648ffbe4bda170b2cda93900228a1c57ea28583dcb6a0d2319ef5b6c868b7
46517f6f4078142106a45169de25355c683bf71b66fd819cccd914319918898a
5c541e2e8634c45cd04c9cebc6f84b3c0a5bfe126b515cecc87ca428af1da52c
5ef32ff73136070a4d457187063dcb443eaa6edc7c9408feffa1ae3f19a66996
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
6a2903f7d7ae456e492c508436131513961416f8a9fe2891d5935bd78fa3a3bd
75f4116483c2205de07ef000b889ff3195c13bc18babcc64f7754c9fe72aa0d6
7671989da274ffd9497bd1dac6f07c7463f85a34efdbed6c8561220adce7b506
8fa7b47dbc7dc84c77ed9e6c4a0d761daf2e2431f07e803c99935cdbc7020c3d
900c3453f4434eeed8a825da471927e0e8483768f2f91ca75b300d127c460f9b
90a5e085de08b76787107ea46a188afc417537f1903e36ef89b6c63d5b0581e2
926172c6f78bad8d437e449a3309ea0de03199f2bc0d2101899f3ce99df04f4b
94fb85c0bd3e70b7508434ba7625483252ed4e86dbde231b7917c9ef0a7ef781
9a3de0785fe588d31de641b263447b44eecac79980836f344fa0e43f8591939c
a6df81bdc5c30e0032063fc972c2a3213726a7ea5a79e14fb448d209bbb6fe03
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7acb047f2d46898d4fe77b16ab0aeb7f66b0124d50bab9fa39ce26fa32bc3e9
b9c775232213b8a4b7a63dfaf839757b2a8d1583a1af7b5766030da6e8c474b4
bb043aa269fe9de97965cf157e082e415bf9ae806307df528d4d50da63d7c34a
bc5427c8becdc12dbb8026919b68588038af5c479590819134593e007eadfa67
bfc59a75bccdb0ec1a57be01f8e7e6888b9fdfaccaf1f311bcf105bdbc5f4e2d
c0ff4817b1eb977c5bd7b1991006c69090ffdae73733a7d8829fec8d611f69fc
c85e6e75d4bbb64b497c7573afdd63e0d08ecbc15f97745baa3cdd77a225603d
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b
da2ee22c8a2e3f8713bf425acb1673a4aba3ff8d3a22065f93822fe90b756049
dc4688372f9f18ec8fd4265f947de23ae7df92e0f3214209c6a6686581125d7f
edc9bb5e63c9fbf99f6d5e7448a9454c7b51a8fc5154e9939c863312b19e6f5a
f4f9f204aaab6f4fc1dfda7bc3bd4aad98d4236c7061b144b496dd991cbf12ae