urlscan.io logo urlscan.io
SecurityTrails logo

my.thestatebankgroup.com Open in urlscan Pro
35.225.70.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://my.thestatebankgroup.com/
Effective URL: https://my.thestatebankgroup.com/
Submission: On March 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 35.225.70.12, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is my.thestatebankgroup.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on June 15th 2023. Valid for: a year.
This is the only time my.thestatebankgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 35.225.70.12 396982 (GOOGLE-CL...)
19 2
Apex Domain
Subdomains		 Transfer
20 thestatebankgroup.com
my.thestatebankgroup.com
279 KB
19 1
Domain Requested by
20 my.thestatebankgroup.com 1 redirects my.thestatebankgroup.com
19 1

This site contains no links.

Subject Issuer Validity Valid
my.thestatebankgroup.com
GeoTrust TLS RSA CA G1		 2023-06-15 -
2024-06-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://my.thestatebankgroup.com/
Frame ID: F3CA7978520EB4047FE452E9DF5EF248
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login ยท The State Bank Group

Page URL History Show full URLs

  1. http://my.thestatebankgroup.com/ HTTP 308
    https://my.thestatebankgroup.com/ Page URL

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

279 kB
Transfer

830 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://my.thestatebankgroup.com/ HTTP 308
    https://my.thestatebankgroup.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
my.thestatebankgroup.com/
Redirect Chain
  • http://my.thestatebankgroup.com/
  • https://my.thestatebankgroup.com/
90 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.thestatebankgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
64c4cde8b8dcf583c55ccea6d789b48221a44e6c0e76c4361b16749fe986e9a9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-B/Y15AqgwPinWDxzd7Xe8dJn9xwvf0fSnNlkjKQ1lI4=' 'sha256-XK0GXQ41SZtVOPnOHKV08r9ShhjQCubkjppKFNoziqQ=' 'sha256-FqoAgzjhpDdvlxwkNhb2ESdoJ0ehyOdjpQqe/JIJCeQ=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-itwJmOr1Zj1/pTf9gOPYc8fDNND4TBbFVVXe6Ab8nAk=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co https://creditscore.savvymoney.com; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.thestatebankgroup.com; manifest-src 'self'; worker-src 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, no-cache
content-encoding
gzip
content-length
20226
content-security-policy
default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-B/Y15AqgwPinWDxzd7Xe8dJn9xwvf0fSnNlkjKQ1lI4=' 'sha256-XK0GXQ41SZtVOPnOHKV08r9ShhjQCubkjppKFNoziqQ=' 'sha256-FqoAgzjhpDdvlxwkNhb2ESdoJ0ehyOdjpQqe/JIJCeQ=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-itwJmOr1Zj1/pTf9gOPYc8fDNND4TBbFVVXe6Ab8nAk=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co https://creditscore.savvymoney.com; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.thestatebankgroup.com; manifest-src 'self'; worker-src 'self';
content-type
text/html
date
Sun, 24 Mar 2024 04:08:14 GMT
etag
W/"4f02-WDE4myKcNI28HdL2x1Nva2dAzL4"
permissions-policy
document-domain=()
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-sampled
1
x-b3-spanid
ef03a5e4095fe940
x-b3-traceid
fed05231c0f3d26ecac745e9c27cd990
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
164
Content-Type
text/html
Date
Sun, 24 Mar 2024 04:08:14 GMT
Location
https://my.thestatebankgroup.com
standalone-app-47df604c.js
my.thestatebankgroup.com/js/ 		123 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.thestatebankgroup.com/js/standalone-app-47df604c.js
Requested by
Host: my.thestatebankgroup.com
URL: https://my.thestatebankgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
76e961fafe5293e1455f381911d0313bfe6360b60e933fa0b48aab7ac843b20f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
Origin
https://my.thestatebankgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 04:08:15 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
298e21020b8e7a35be756738d00464cb
etag
W/"8a6b-NHZ7tnTO3CeSa0T5/y/NaPaYHvo"
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-b3-spanid
906149cb389e86b1
x-b3-sampled
1
content-length
35435
banno-web-b45a4575.js
my.thestatebankgroup.com/js/ 		456 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.thestatebankgroup.com/js/banno-web-b45a4575.js
Requested by
Host: my.thestatebankgroup.com
URL: https://my.thestatebankgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
0ec4fa1c129ccc3e76b26962790b7af7c400f966651947ee8fd06c001bd7c458
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
Origin
https://my.thestatebankgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 04:08:15 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
304781565c7713586e0a300484859f6d
etag
W/"18538-gcNtbRw+5dffJQe3qiZmlKXXPyk"
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-b3-spanid
5b7550c1c015c372
x-b3-sampled
1
content-length
99640
state-bank-logo-28ab3b2c.png
my.thestatebankgroup.com/images/fi-assets/state-bank/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.thestatebankgroup.com/images/fi-assets/state-bank/state-bank-logo-28ab3b2c.png
Requested by
Host: my.thestatebankgroup.com
URL: https://my.thestatebankgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
0e39d8e4a1cf2edd11a4b1ee7ea4ce641139c77a6925f2f7e042993e48274d28
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.thestatebankgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 04:08:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 22 Mar 2024 16:52:22 GMT
x-b3-traceid
ff35629288917a43f9f90f1c07a322ed
etag
W/"3763-18e6713e970"
content-type
image/png
cache-control
public, max-age=31536000
x-b3-spanid
e01b7ec356325bf8
x-b3-sampled
1
accept-ranges
bytes
content-length
14179
jha-icon-circle-warning-f526f2a0.js
my.thestatebankgroup.com/js/ 		733 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.thestatebankgroup.com/js/jha-icon-circle-warning-f526f2a0.js
Requested by
Host: my.thestatebankgroup.com
URL: https://my.thestatebankgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
eb0ed6b660a3e308bdfc9a9a080dd17a10d9f7b65bd415bf63dab48ff6ae199f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.thestatebankgroup.com/
Origin
https://my.thestatebankgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 04:08:15 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
84ac0f13d698f3f9bc44abdca1604797
etag
W/"176-PBnqLRJcgveUOiSUbD3Ed0PDzuQ"
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-b3-spanid
a3c6b17caeaa7167
x-b3-sampled
1
content-length
374
client-shared-3246b890.js
my.thestatebankgroup.com/js/ 		146 B
406 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.thestatebankgroup.com/js/client-shared-3246b890.js
Requested by
Host: my.thestatebankgroup.com
URL: https://my.thestatebankgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
0e21f52bd73cb180b342939d486238b7c9fbcf5a7396665894bbdc9b30af7698
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.thestatebankgroup.com/
Origin
https://my.thestatebankgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 04:08:15 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
22397d8d9498571311721b4fa99fa658
etag
W/"7f-xJdNReWhnCnsYqTqibS2C9Ac/+M"
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-b3-spanid
db96b1653f728e5d
x-b3-sampled
1
content-length
127
eac975a7-0bc3-4859-ad92-f2959553e49d
my.thestatebankgroup.com/a/consumer/api/offline-status/institutions/ 		20 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.thestatebankgroup.com/a/consumer/api/offline-status/institutions/eac975a7-0bc3-4859-ad92-f2959553e49d
Requested by
Host: my.thestatebankgroup.com
URL: https://my.thestatebankgroup.com/js/standalone-app-47df604c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
bdbf1c1b735b09d5cdd6e0d87b5a3db5f5334f23e13dfe29e2ceb3d687e02716
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.thestatebankgroup.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
application/json

Response headers

date
Sun, 24 Mar 2024 04:08:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-envoy-upstream-service-time
0
content-length
20
x-request-id
04ef2ae2c1eeb859a3984cd5bdc81e4e
content-type
application/json
mixpanel-3d15b603.js
my.thestatebankgroup.com/js/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.thestatebankgroup.com/js/mixpanel-3d15b603.js
Requested by
Host: my.thestatebankgroup.com
URL: https://my.thestatebankgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
e53b17418bda7bdd078784064e239590ad19c4e6d4b47925a88e36a54b51c7d4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.thestatebankgroup.com/
Origin
https://my.thestatebankgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 04:08:15 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
55f515d0dc0806cb4cb68d8aaa08ac75
etag
W/"4227-OtU6kuyEw0yFB6YPRXJ6WTUYWkI"
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-b3-spanid
51f92af0ec27e82d
x-b3-sampled
1
content-length
16935
bannoweb-background-hero-e53c2a6f.js
my.thestatebankgroup.com/js/ 		820 B
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.thestatebankgroup.com/js/bannoweb-background-hero-e53c2a6f.js
Requested by
Host: my.thestatebankgroup.com
URL: https://my.thestatebankgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
45761385621c1969c736d333bacd0afd5bc4918963afd54b40217bed6736a6e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.thestatebankgroup.com/
Origin
https://my.thestatebankgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 04:08:15 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
406f383090f300d416e16da614ac26b5
etag
W/"17d-3d6GKIDLM9LTa27CXLcSQIzJawo"
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-b3-spanid
e2f93a33bae54f9c
x-b3-sampled
1
content-length
381
validate
my.thestatebankgroup.com/a/consumer/api/auth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.thestatebankgroup.com/a/consumer/api/auth/validate
Requested by
Host: my.thestatebankgroup.com
URL: https://my.thestatebankgroup.com/js/standalone-app-47df604c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.thestatebankgroup.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
application/json

Response headers

date
Sun, 24 Mar 2024 04:08:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
x-request-id
672e459d0662e54de10a748a8b24ee66
state-bank-background-landscape-c618a38f.png
my.thestatebankgroup.com/images/fi-assets/state-bank/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.thestatebankgroup.com/images/fi-assets/state-bank/state-bank-background-landscape-c618a38f.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
e5932f34f5622cee539148dba7afb355b2ce2265c7370fc8563dea78ea6e649d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.thestatebankgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 04:08:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 22 Mar 2024 16:52:22 GMT
x-b3-traceid
29ef79ea27bfd90d118a7c3fc3cc29eb
etag
W/"6de9-18e6713e970"
content-type
image/png
cache-control
public, max-age=31536000
x-b3-spanid
547036ba889ff8c9
x-b3-sampled
1
accept-ranges
bytes
content-length
28137
eac975a7-0bc3-4859-ad92-f2959553e49d
my.thestatebankgroup.com/a/consumer/api/institutions/ 		46 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.thestatebankgroup.com/a/consumer/api/institutions/eac975a7-0bc3-4859-ad92-f2959553e49d
Requested by
Host: my.thestatebankgroup.com
URL: https://my.thestatebankgroup.com/js/standalone-app-47df604c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
514867b6559ccbc4e5f87d76f6febab3afe89e11986b70efee4bb1ff88c5c406
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.thestatebankgroup.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
application/json

Response headers

date
Sun, 24 Mar 2024 04:08:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
46599
x-request-id
a105205806a17f7945066b8a3a67622c
content-type
application/json
jha-icon-form-4a6a788f.js
my.thestatebankgroup.com/js/ 		1 KB
791 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.thestatebankgroup.com/js/jha-icon-form-4a6a788f.js
Requested by
Host: my.thestatebankgroup.com
URL: https://my.thestatebankgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
19717f65b3877132633da7e4ac809ca1a60c4385c73ca2a4fe683f342ac3f5fe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.thestatebankgroup.com/
Origin
https://my.thestatebankgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 04:08:15 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
f2492b6e11d076d01bd62df0d7e48bbb
etag
W/"200-XrYG7yz7iO39aEYu+J8MfIcpD9E"
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-b3-spanid
cee53a668bb6399d
x-b3-sampled
1
content-length
512
jha-icon-life-preserver-1f26c89c.js
my.thestatebankgroup.com/js/ 		1 KB
907 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.thestatebankgroup.com/js/jha-icon-life-preserver-1f26c89c.js
Requested by
Host: my.thestatebankgroup.com
URL: https://my.thestatebankgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
c9df975989806c4402d32a1bcce96509416c996309336ba20010ce4587cf1371
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.thestatebankgroup.com/
Origin
https://my.thestatebankgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 04:08:15 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
e94fe2e453bca356b3061013fdf5f23a
etag
W/"274-/THCQe8iZjfwSsUyr/ApAirIX0k"
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-b3-spanid
8ac8fdef11988f04
x-b3-sampled
1
content-length
628
time
my.thestatebankgroup.com/a/consumer/api/v0/login/ 		13 B
239 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.thestatebankgroup.com/a/consumer/api/v0/login/time
Requested by
Host: my.thestatebankgroup.com
URL: https://my.thestatebankgroup.com/js/standalone-app-47df604c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
17211eb521976b6da55f1da97bf1ff40adcfadf0f085801d99eb342f9cfe9db1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.thestatebankgroup.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
application/json

Response headers

date
Sun, 24 Mar 2024 04:08:15 GMT
cache-control
private, no-store, no-cache
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"d-mitjfNfnDPMxN6ESiPcNTpy7mn4"
content-length
13
x-request-id
6c446c6ddacd250b46e07df65b7c7e47
content-type
application/json; charset=utf-8
jha-icon-warning-76a80b1a.js
my.thestatebankgroup.com/js/ 		898 B
723 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.thestatebankgroup.com/js/jha-icon-warning-76a80b1a.js
Requested by
Host: my.thestatebankgroup.com
URL: https://my.thestatebankgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
c07d4eba12addee137134e2c251f45cefebcb07d48a8cc55ab4d6126a1d6a09d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.thestatebankgroup.com/
Origin
https://my.thestatebankgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 04:08:15 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
ac60f2f36539a13efe619e6e34fa095f
etag
W/"1bf-eetjkiWF228E0dn22pxoMg3wTfo"
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-b3-spanid
0a28adc41fee754d
x-b3-sampled
1
content-length
447
time
my.thestatebankgroup.com/a/consumer/api/v0/login/ 		13 B
239 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.thestatebankgroup.com/a/consumer/api/v0/login/time
Requested by
Host: my.thestatebankgroup.com
URL: https://my.thestatebankgroup.com/js/standalone-app-47df604c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
bb5a3a85193312228e911521478e3e1d188d5d518030527745bd4ac16a56eb8d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.thestatebankgroup.com/login
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
application/json

Response headers

date
Sun, 24 Mar 2024 04:08:15 GMT
cache-control
private, no-store, no-cache
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"d-tXXWqeThc590OfiA8QUFQmKduKo"
content-length
13
x-request-id
33f766a7291c96b36705edbc366e2c6e
content-type
application/json; charset=utf-8
roboto-regular-webfont.woff2
my.thestatebankgroup.com/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.thestatebankgroup.com/fonts/roboto-regular-webfont.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.thestatebankgroup.com/
Origin
https://my.thestatebankgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 04:08:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 22 Mar 2024 16:54:48 GMT
x-b3-traceid
324fe6cacb4fbf18bd261888839a8feb
etag
W/"3bf0-18e671623c0"
content-type
font/woff2
cache-control
public, no-cache
x-b3-spanid
227d25327502b512
x-b3-sampled
1
accept-ranges
bytes
content-length
15344
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/gif
start
my.thestatebankgroup.com/a/consumer/api/login/assertion/ 		161 B
389 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.thestatebankgroup.com/a/consumer/api/login/assertion/start
Requested by
Host: my.thestatebankgroup.com
URL: https://my.thestatebankgroup.com/js/standalone-app-47df604c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
79c9dda455e4999f5afc30775539f91905bd7c39d0e56267d81acebb99a4924c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.thestatebankgroup.com/login
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
application/json

Response headers

date
Sun, 24 Mar 2024 04:08:16 GMT
cache-control
private, no-store, no-cache
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"a1-GAtXGcfEawjrBIHHt3WrqrL9MXo"
content-length
161
x-request-id
a92eb300d4e326933e1dbfc1360f4c5f
content-type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| imprt_ object| banno string| mitekWorkerPath object| ShadyCSS object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions function| qcb function| tAc function| tT function| wt function| jdb function| lvc function| gCc function| byc function| v function| sgc function| hHc function| wja function| hnc function| ozb function| xm function| npc function| aoc function| toc function| ugb function| h0a function| yn function| ga function| dEc function| oTc function| hvc function| fCc function| hMb function| jmc function| gYa function| eFc function| em function| uGc function| t7b function| dCc function| iVa function| y3 function| zja function| x0 function| yMa function| rFa function| ozc function| yK function| uFa function| pja function| gv function| gea function| vf function| y1a function| uxa function| rc function| rAc function| dU function| wHc function| p5a function| iic function| qRb function| lVb function| tCb

2 Cookies

Domain/Path Name / Value
my.thestatebankgroup.com/ Name: deviceId
Value: online-26bea227-4baa-4093-a238-d908dcb0600b
my.thestatebankgroup.com/ Name: mp_5ad87dc510a720035bac28b0d20a2df5_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18e6ea5123261c-0c30a2314683c3-64345551-1d4c00-18e6ea5123261c%22%2C%22%24device_id%22%3A%20%2218e6ea5123261c-0c30a2314683c3-64345551-1d4c00-18e6ea5123261c%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22institutionId%22%3A%20%22eac975a7-0bc3-4859-ad92-f2959553e49d%22%2C%22institutionName%22%3A%20%22The%20State%20Bank%20Group%22%2C%22userAgent%22%3A%20%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.128%20Safari%2F537.36%22%7D

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
network error URL: https://my.thestatebankgroup.com/a/consumer/api/auth/validate
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-B/Y15AqgwPinWDxzd7Xe8dJn9xwvf0fSnNlkjKQ1lI4=' 'sha256-XK0GXQ41SZtVOPnOHKV08r9ShhjQCubkjppKFNoziqQ=' 'sha256-FqoAgzjhpDdvlxwkNhb2ESdoJ0ehyOdjpQqe/JIJCeQ=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-itwJmOr1Zj1/pTf9gOPYc8fDNND4TBbFVVXe6Ab8nAk=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co https://creditscore.savvymoney.com; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.thestatebankgroup.com; manifest-src 'self'; worker-src 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN