stateexchangebank.com Open in urlscan Pro
54.244.18.2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://stateexchangebank.com/
Submission: On March 17 via automatic, source certstream-suspicious (March 17th 2020, 3:38:31 pm UTC)

Summary HTTP 23 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 54.244.18.2, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is stateexchangebank.com.
TLS certificate: Issued by Amazon on July 19th 2019. Valid for: a year.

This is the only time stateexchangebank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	54.244.18.2 54.244.18.2	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	13.224.194.88 13.224.194.88	16509 (AMAZON-02) (AMAZON-02)
23	3

20 54.244.18.2 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-18-2.us-west-2.compute.amazonaws.com

stateexchangebank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.88 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-88.fra2.r.cloudfront.net

seblo.secure.fundsxpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	stateexchangebank.com stateexchangebank.com	296 KB
2	google-analytics.com ssl.google-analytics.com	17 KB
1	fundsxpress.com seblo.secure.fundsxpress.com
23	3

	Domain	Requested by
20	stateexchangebank.com	stateexchangebank.com
2	ssl.google-analytics.com	stateexchangebank.com
1	seblo.secure.fundsxpress.com	stateexchangebank.com
23	3

This site contains links to these domains. Also see Links.

Domain
www.icsandcdars.com
itunes.apple.com
play.google.com
www.amazon.com
gateway.fundsxpress.com
www.templatemo.com

Subject Issuer	Validity	Valid
stateexchangebank.com Amazon	`2019-07-19` - `2020-08-19`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
prod-fxweb.apiture-comm-prod.com Amazon	`2019-05-29` - `2020-06-29`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://stateexchangebank.com/
Frame ID: D9B79CCC2FBE5D3EDCA700D94B5CB272
Requests: 22 HTTP requests in this frame

Frame: https://seblo.secure.fundsxpress.com/piles/fxweb.pile/custom_login?template=default&iid=SEBLO
Frame ID: 3DF2F23C2C4F419C8C6B75A31BCEB5A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

DreamWeaver (Editors) Expand

Overall confidence: 100%
Detected patterns

html /<!--[^>]*(?:InstanceBeginEditable|Dreamweaver([^>]+)target|DWLayoutDefaultTable)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

23
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

313 kB
Transfer

325 kB
Size

9
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.icsandcdars.com/cbw/stateexchangebank
Title: ICS/CDARS

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/the-state-exchange-bank-mobile/id1263237137?ls=1&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.fdc.seblodroid

Search URL Search Domain Scan URL

URL: https://www.amazon.com/The-State-Exchange-Bank-Mobile/dp/B074JGB8GL/ref=sr_1_1?s=mobile-apps&ie=UTF8&qid=1502718842&sr=1-1&keywords=the+state+exchange+bank

Search URL Search Domain Scan URL

URL: https://gateway.fundsxpress.com/SEBLO/disclosures.htm
Title: Enroll today

Search URL Search Domain Scan URL

URL: http://www.templatemo.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
stateexchangebank.com/ 12 KB
13 KB 825ms
328ms Document
text/html 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

f5d1fc8a7b1546f5372e3435719362482c937b5e962922add5a6a4f33db25a61

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: stateexchangebank.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Tue, 17 Mar 2020 15:38:14 GMT
content-type: text/html; charset=UTF-8
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
pragma: no-cache
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;

GET
H2 200 library.js Show response
stateexchangebank.com/js/ 4 KB
5 KB 345ms
345ms Script
application/javascript 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stateexchangebank.com/js/library.js

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

44343c48bb6efeefe0c396ee627b01ac26e2695aaf90403565f8aa82f81110bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "af61990d1f98d042-f58-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 3928
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
stateexchangebank.com/css/ 10 KB
11 KB 197ms
197ms Stylesheet
text/css 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stateexchangebank.com/css/styles.css

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

5c39a6e1f1970754fdf1424e87a27e083605cb96578be0bd6340ff3d01456a64

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "e2ba81af2f294a1d-297e-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 10622
x-xss-protection: 1; mode=block

GET
H2 200 menu-h.css
stateexchangebank.com/css/ 2 KB
3 KB 346ms
346ms Stylesheet
text/css 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stateexchangebank.com/css/menu-h.css

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

cbeea2e8e671ca644ae9304414da6f99c8bfcfaa1ec87c1d171a1bae4ccb860c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "7cd9b82b41e42df9-79a-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 1946
x-xss-protection: 1; mode=block

GET
H2 200 SEB_Icon-144.png
stateexchangebank.com/images/ 12 KB
13 KB 343ms
343ms Image
image/png 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateexchangebank.com/images/SEB_Icon-144.png

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

8e474feb25a3ac7dc6e69934906366086808c6d3e269bc9c5c0563c08b86030e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "ceb3197e5d4ed415-31a3-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 12707
x-xss-protection: 1; mode=block

GET
H2 200 icon_appstore.png
stateexchangebank.com/images/ 10 KB
11 KB 191ms
191ms Image
image/png 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateexchangebank.com/images/icon_appstore.png

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

25be4a30ba427540892fab615e27fb41140b0e92a5eefa490193e6bd6ebdb16d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "2eaf52d3eba1d748-2980-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 10624
x-xss-protection: 1; mode=block

GET
H2 200 icon_googleplay.png
stateexchangebank.com/images/ 10 KB
11 KB 188ms
188ms Image
image/png 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateexchangebank.com/images/icon_googleplay.png

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

b0af1bdcab1835ab7da4668e1234311b138e4d3bff3b75722d80615172c66727

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "9c42bcf1ae9700fb-29c6-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 10694
x-xss-protection: 1; mode=block

GET
H2 200 icon_amazon.png
stateexchangebank.com/images/ 9 KB
10 KB 337ms
336ms Image
image/png 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateexchangebank.com/images/icon_amazon.png

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

0ee442ed03dc6ffbddbfb0fac09ab69f22fed95f035c8ec21dea820b3acf9069

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "210dda4a2f0e7538-249c-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 9372
x-xss-protection: 1; mode=block

GET
H2 200 App-Insert.gif
stateexchangebank.com/images/ 62 KB
63 KB 193ms
193ms Image
image/gif 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateexchangebank.com/images/App-Insert.gif

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

4e05485adca8f9394a72a1fdcc61eaa382ecab03d6ec73b828fe64b5361cfc2e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "9a422ac23e4d1daf-f98a-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 63882
x-xss-protection: 1; mode=block

GET
H2 200 fdic_250000.png
stateexchangebank.com/images/ 6 KB
6 KB 187ms
186ms Image
image/png 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateexchangebank.com/images/fdic_250000.png

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

6aa7f2c8c690b780fbd13f51e70fa1f87c02eef16cfb5a650626414aead7b4be

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "8f7d57ed330b287c-161e-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 5662
x-xss-protection: 1; mode=block

GET
H2 200 ehl.png
stateexchangebank.com/images/ 4 KB
5 KB 336ms
336ms Image
image/png 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateexchangebank.com/images/ehl.png

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

59ccddbbf6144ec4f347b1002ff836e13740c06bfa97d5f75c82dde162c66833

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "e7871f9a77fcc275-1149-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 4425
x-xss-protection: 1; mode=block

GET
H2 200 pngfix.js Show response
stateexchangebank.com/js/ 1 KB
2 KB 187ms
187ms Script
application/javascript 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stateexchangebank.com/js/pngfix.js

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

25243ae3c829a4b1fdf3a650bc3853d185e09316d9785a0d2f8815a4c18b6c77

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "612cca56abd21af3-5ef-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 1519
x-xss-protection: 1; mode=block

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/js/library.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stateexchangebank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3817
date: Tue, 17 Mar 2020 14:34:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 17168
expires: Tue, 17 Mar 2020 16:34:37 GMT

GET
H/1.1 200
OK Cookie set custom_login
seblo.secure.fundsxpress.com/piles/fxweb.pile/ Frame 3DF2 0
0 615ms
440ms Document
text/html 13.224.194.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://seblo.secure.fundsxpress.com/piles/fxweb.pile/custom_login?template=default&iid=SEBLO

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.194.88 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-88.fra2.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Host: seblo.secure.fundsxpress.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://stateexchangebank.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://stateexchangebank.com/

Response headers

Content-Type: text/html; charset=ISO-8859-1
Content-Length: 1642
Connection: keep-alive
Date: Tue, 17 Mar 2020 15:38:15 GMT
Set-Cookie: XSRF-TOKEN=72qDl8NpmD; domain=secure.fundsxpress.com; path=/; expires=+1D; secure; SameSite=Lax secure.fx.sid.fxweb=login%232%232ac4c14cc9deb477%230010af9e1dac299488fd2992c1221070ea349278d6f9915bae0452ed26d009007b7fe41b010baa69a0d74b9e8666dcf04bd0050733d7d33f; domain=secure.fundsxpress.com; path=/; secure; HttpOnly; SameSite=None TS0140539d=01c6fb4b6ca42b88a622573e2e06bec0bf3bc8ad93c3499732525fb8ae556ea88615a1a1616695a2f20862f77551f32d797935d696; Path=/;Secure; Samesite=None TS0193399d=01c6fb4b6ccd476d1208d04ab1323f80c2149fefc1c3499732525fb8ae556ea88615a1a1612698f82b9a79628896fcc0f87a84105d295bd3e89ac551b0d9b17d9132a161bf179ac5cb5bffc126f7aa6a05fdf0861f; path=/; domain=secure.fundsxpress.com;Secure; Samesite=None TS481daac3027=0894bc7510ab2000d8e1f10feed4c0cb161a4ab4cc508693762e431a02b923defc5608038a6b4dfd0852caf53711300051f9e4c03e4b4c13de71f48d32f3bfaa7b3cde50788c4d9332f043bd985a8de3095acdcbbd6af5c25e911c1e27890de5;Path=/;Secure; Samesite=None
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Content-encoding: gzip
Cache-control: no-store, no-cache, private, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
X-Cache: Miss from cloudfront
Via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: 2ujbG5x_rq8cfT6ZC47YKWzQdC4PisLjASS_HB1Ib6mFNsCPFC-w1Q==

GET
H2 200 bkg-body.jpg
stateexchangebank.com/images/ 420 B
1 KB 334ms
333ms Image
image/jpeg 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateexchangebank.com/images/bkg-body.jpg

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

68b9b0f51ae6b6e4756aebe6a0be50f95a8eba7fef22e3081da166e72eebabb6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "ccb25e8ad50930fc-1a4-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 420
x-xss-protection: 1; mode=block

GET
H2 200 content-bottom.jpg
stateexchangebank.com/images/ 2 KB
3 KB 335ms
334ms Image
image/jpeg 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateexchangebank.com/images/content-bottom.jpg

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

61f6cf621fc9ac3173f6348ff3b86ce80dea4747246cafaf53272555522249d8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "f9845bb95c9f7096-718-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 1816
x-xss-protection: 1; mode=block

GET
H2 200 bkg-masthead.jpg
stateexchangebank.com/images/ 104 KB
105 KB 334ms
333ms Image
image/jpeg 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateexchangebank.com/images/bkg-masthead.jpg

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a1b5e506aca9273d3e3dda221eae3eb9a035bf16d5f5f1ae385c97c6f71284bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "34ff94d5c94c567b-1a0f2-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 106738
x-xss-protection: 1; mode=block

GET
H2 200 logo.png
stateexchangebank.com/images/ 20 KB
21 KB 334ms
334ms Image
image/png 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateexchangebank.com/images/logo.png

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

acafee606556cf7ef571dfce443121f03086c4a58807b2af2b2f83b0919860be

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "707f1d1092bf7573-5006-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 20486
x-xss-protection: 1; mode=block

GET
H2 200 bkg-menu.jpg
stateexchangebank.com/images/ 387 B
1 KB 334ms
333ms Image
image/jpeg 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateexchangebank.com/images/bkg-menu.jpg

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

0f2fbcbaa98de2b520b95d8f08db06d33ca49506edab80b1a54bda2007faf88c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "fdabce19b1d5dcaf-183-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 387
x-xss-protection: 1; mode=block

GET
H2 200 content-top.jpg
stateexchangebank.com/images/ 2 KB
2 KB 492ms
491ms Image
image/jpeg 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateexchangebank.com/images/content-top.jpg

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

32949fefa547cfb5bdfc00cb9164ac5afcdd01408edabcc268f4222e1f892490

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "868ac9583ba8341e-6a2-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 1698
x-xss-protection: 1; mode=block

GET
H2 200 divider-h.png
stateexchangebank.com/images/ 871 B
2 KB 491ms
491ms Image
image/png 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateexchangebank.com/images/divider-h.png

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

bd4e45e9426bc09139542e6aa9a4ec16047802b2fdcd4b331f8c14ca4cc5d8c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "53c538f8e8000f-367-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 871
x-xss-protection: 1; mode=block

GET
H2 200 bkg-login.png
stateexchangebank.com/images/ 6 KB
7 KB 492ms
492ms Image
image/png 54.244.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateexchangebank.com/images/bkg-login.png

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.18.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-18-2.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

3e3c8cb4c5c4e02fe6fd596a41617f5e01ef6817304221c068cb91575afcf3a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateexchangebank.com/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Feb 2019 15:16:50 GMT
server: Apache
etag: "a91b4ca55dcbd13f-194d-5813b3709dc80"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com https://*.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
content-length: 6477
x-xss-protection: 1; mode=block

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
101 B 14ms
14ms Image
image/gif 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1229411782&utmhn=stateexchangebank.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=The%20State%20Exchange%20Bank&utmhid=308399601&utmr=-&utmp=%2F&utmht=1584459494833&utmac=UA-39176364-2&utmcc=__utma%3D99353692.1503825022.1584459495.1584459495.1584459495.1%3B%2B__utmz%3D99353692.1584459495.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=946345975&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: stateexchangebank.com
URL: https://stateexchangebank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://stateexchangebank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 17 Mar 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.secure.fundsxpress.com/	1969-12-31 23:59:59	Name: TS0193399d Value: 01c6fb4b6ccd476d1208d04ab1323f80c2149fefc1c3499732525fb8ae556ea88615a1a1612698f82b9a79628896fcc0f87a84105d295bd3e89ac551b0d9b17d9132a161bf179ac5cb5bffc126f7aa6a05fdf0861f
seblo.secure.fundsxpress.com/	1969-12-31 23:59:59	Name: TS0140539d Value: 01c6fb4b6ca42b88a622573e2e06bec0bf3bc8ad93c3499732525fb8ae556ea88615a1a1616695a2f20862f77551f32d797935d696
.secure.fundsxpress.com/	1969-12-31 23:59:59	Name: secure.fx.sid.fxweb Value: login%232%232ac4c14cc9deb477%230010af9e1dac299488fd2992c1221070ea349278d6f9915bae0452ed26d009007b7fe41b010baa69a0d74b9e8666dcf04bd0050733d7d33f
.stateexchangebank.com/	1970-01-20 01:38:51	Name: __utma Value: 99353692.1503825022.1584459495.1584459495.1584459495.1
.stateexchangebank.com/	1970-01-19 08:07:40	Name: __utmt Value: 1
.stateexchangebank.com/	1970-01-19 12:30:27	Name: __utmz Value: 99353692.1584459495.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
seblo.secure.fundsxpress.com/	1969-12-31 23:59:59	Name: TS481daac3027 Value: 0894bc7510ab2000d8e1f10feed4c0cb161a4ab4cc508693762e431a02b923defc5608038a6b4dfd0852caf53711300051f9e4c03e4b4c13de71f48d32f3bfaa7b3cde50788c4d9332f043bd985a8de3095acdcbbd6af5c25e911c1e27890de5
.stateexchangebank.com/	1969-12-31 23:59:59	Name: __utmc Value: 99353692
.stateexchangebank.com/	1970-01-19 08:07:41	Name: __utmb Value: 99353692.1.10.1584459495

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .fundsxpress.com api.accuweather.com https://.google-analytics.com https://.googleapis.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' .fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://.fundsxpress.com https://.google.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://.google-analytics.com .fundsxpress.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

seblo.secure.fundsxpress.com
ssl.google-analytics.com
stateexchangebank.com
13.224.194.88
2a00:1450:4001:806::2008
54.244.18.2
0ee442ed03dc6ffbddbfb0fac09ab69f22fed95f035c8ec21dea820b3acf9069
0f2fbcbaa98de2b520b95d8f08db06d33ca49506edab80b1a54bda2007faf88c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
25243ae3c829a4b1fdf3a650bc3853d185e09316d9785a0d2f8815a4c18b6c77
25be4a30ba427540892fab615e27fb41140b0e92a5eefa490193e6bd6ebdb16d
32949fefa547cfb5bdfc00cb9164ac5afcdd01408edabcc268f4222e1f892490
3e3c8cb4c5c4e02fe6fd596a41617f5e01ef6817304221c068cb91575afcf3a6
44343c48bb6efeefe0c396ee627b01ac26e2695aaf90403565f8aa82f81110bd
4e05485adca8f9394a72a1fdcc61eaa382ecab03d6ec73b828fe64b5361cfc2e
59ccddbbf6144ec4f347b1002ff836e13740c06bfa97d5f75c82dde162c66833
5c39a6e1f1970754fdf1424e87a27e083605cb96578be0bd6340ff3d01456a64
61f6cf621fc9ac3173f6348ff3b86ce80dea4747246cafaf53272555522249d8
68b9b0f51ae6b6e4756aebe6a0be50f95a8eba7fef22e3081da166e72eebabb6
6aa7f2c8c690b780fbd13f51e70fa1f87c02eef16cfb5a650626414aead7b4be
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e474feb25a3ac7dc6e69934906366086808c6d3e269bc9c5c0563c08b86030e
a1b5e506aca9273d3e3dda221eae3eb9a035bf16d5f5f1ae385c97c6f71284bd
acafee606556cf7ef571dfce443121f03086c4a58807b2af2b2f83b0919860be
b0af1bdcab1835ab7da4668e1234311b138e4d3bff3b75722d80615172c66727
bd4e45e9426bc09139542e6aa9a4ec16047802b2fdcd4b331f8c14ca4cc5d8c3
cbeea2e8e671ca644ae9304414da6f99c8bfcfaa1ec87c1d171a1bae4ccb860c
f5d1fc8a7b1546f5372e3435719362482c937b5e962922add5a6a4f33db25a61

stateexchangebank.com Open in urlscan Pro 54.244.18.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

313 kBTransfer

325 kBSize

9 Cookies

6 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

9 Cookies

Security Headers

Indicators

stateexchangebank.com Open in urlscan Pro
54.244.18.2 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

313 kB
Transfer

325 kB
Size

9
Cookies

23 HTTP transactions
0 data transactions