urlscan.io logo urlscan.io
SecurityTrails logo

my.highpointfcu.com Open in urlscan Pro
52.189.66.201  Public Scan

Go To Rescan Add Verdict Report
URL: https://my.highpointfcu.com/
Submission: On August 01 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 36 HTTP transactions. The main IP is 52.189.66.201, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is my.highpointfcu.com.
TLS certificate: Issued by R3 on June 30th 2023. Valid for: 3 months.
This is the only time my.highpointfcu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
33 52.189.66.201 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
36 4
Apex Domain
Subdomains		 Transfer
33 highpointfcu.com
my.highpointfcu.com
524 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 114
349 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 58
331 B
0 googletagmanager.com Failed
www.googletagmanager.com Failed
36 4
Domain Requested by
33 my.highpointfcu.com my.highpointfcu.com
1 stats.g.doubleclick.net my.highpointfcu.com
1 www.google-analytics.com my.highpointfcu.com
0 www.googletagmanager.com Failed my.highpointfcu.com
36 4

This site contains no links.

Subject Issuer Validity Valid
online.banno-production.com
R3		 2023-06-30 -
2023-09-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://my.highpointfcu.com/
Frame ID: BBDEE3B60428B0DCFB8F2D80D0001027
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login ยท Olean Area Federal Credit Union

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

36
Requests

6 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

525 kB
Transfer

1054 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
my.highpointfcu.com/ 		84 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
14ca60788dc623395f15cb519e983ef170b387f02303bda338061de9e4708bfe
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-hoFl7VvLnA3/9z8WEErb7w2eZDTV9MK0tMJ6v8lmvrI=' 'sha256-E8XBBIVVJxEahI6Z6lB7wCXkhVXPJh36ppSlcQvoVVk=' 'sha256-Oe4IE3f/1WrVv+3Wbd8LcxK6qVCGQiMzotVbRo85ZcM=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-6WOa3pkD0jka3qgo3j2amNAM7zpSMhg6Z3yElUq9qdE=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.highpointfcu.com; manifest-src 'self'; worker-src 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, no-cache
content-encoding
gzip
content-length
18906
content-security-policy
default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-hoFl7VvLnA3/9z8WEErb7w2eZDTV9MK0tMJ6v8lmvrI=' 'sha256-E8XBBIVVJxEahI6Z6lB7wCXkhVXPJh36ppSlcQvoVVk=' 'sha256-Oe4IE3f/1WrVv+3Wbd8LcxK6qVCGQiMzotVbRo85ZcM=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-6WOa3pkD0jka3qgo3j2amNAM7zpSMhg6Z3yElUq9qdE=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.highpointfcu.com; manifest-src 'self'; worker-src 'self';
content-type
text/html
date
Tue, 01 Aug 2023 14:19:38 GMT
etag
W/"49da-hikrcZZJYAvU6e0YpEaSWR9fkYY"
permissions-policy
document-domain=()
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
standalone-app-2febe141.js
my.highpointfcu.com/js/ 		123 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/standalone-app-2febe141.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
b2492c0523e53191439722f1b5ed8d5d0b832f773e04c94fefdfb3748e774d66
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:38 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"8a61-W7tEWnEO+Ojkkk5bozXY/ZxKiBI"
content-length
35425
content-type
text/javascript; charset=UTF-8
banno-web-40499651.js
my.highpointfcu.com/js/ 		437 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/banno-web-40499651.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
f847513d7e1c805bd010dec0bbcb5beabd364ec19c87ff902e1d6e246e51fba0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:38 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"16cc6-Al3jq4RH8S/Kg1o7Ekt6TfmOyD8"
content-length
93382
content-type
text/javascript; charset=UTF-8
olean-area-fcu-logo-101378bb.png
my.highpointfcu.com/images/fi-assets/olean-area-fcu/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.highpointfcu.com/images/fi-assets/olean-area-fcu/olean-area-fcu-logo-101378bb.png
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
9636b33572840651b4d05b0f72eea28bb79b16c0cfa810b7f2f80654894fccba
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.highpointfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:38 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 31 Jul 2023 15:03:06 GMT
etag
W/"303b-189ac796c10"
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12347
analytics-575b548053.js
my.highpointfcu.com/js/ 		52 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/analytics-575b548053.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/js/standalone-app-2febe141.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.highpointfcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:38 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"4966-m+Kf18x95wa2DmY+M+ILK6D95JI"
content-length
18790
content-type
text/javascript; charset=UTF-8
client-shared-1e338e14.js
my.highpointfcu.com/js/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/client-shared-1e338e14.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
c4c0e17bc8c24c2c1879d58b705ddfd2d908f1d729b21d40d81983a7317162b7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:38 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"27d8-lUvWOR1r4nKPDAqxhG47XdrUU2c"
content-length
10200
content-type
text/javascript; charset=UTF-8
78295548-e5ed-cade-9e40-e70b0736e424
my.highpointfcu.com/a/consumer/api/offline-status/institutions/ 		0
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/a/consumer/api/offline-status/institutions/78295548-e5ed-cade-9e40-e70b0736e424
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/js/standalone-app-2febe141.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-hoFl7VvLnA3/9z8WEErb7w2eZDTV9MK0tMJ6v8lmvrI=' 'sha256-WLzHef/IBI5U2/lBG7Yp4SmzZDBG751a8JNVlNZKuiQ=' 'sha256-FiW4zvTEMxvAFexlZG9i5k9Vf+bqZ64C3NXGX58DkNw=' 'sha256-v2MJLw62aD2SBEgCAAq/tphIzexSig9Ro039DKbcZBs=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.highpointfcu.com; manifest-src 'self'; worker-src 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://my.highpointfcu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type
application/json

Response headers

date
Tue, 01 Aug 2023 14:19:38 GMT
content-security-policy
default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-hoFl7VvLnA3/9z8WEErb7w2eZDTV9MK0tMJ6v8lmvrI=' 'sha256-WLzHef/IBI5U2/lBG7Yp4SmzZDBG751a8JNVlNZKuiQ=' 'sha256-FiW4zvTEMxvAFexlZG9i5k9Vf+bqZ64C3NXGX58DkNw=' 'sha256-v2MJLw62aD2SBEgCAAq/tphIzexSig9Ro039DKbcZBs=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.highpointfcu.com; manifest-src 'self'; worker-src 'self';
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"41d7-mdtMF6aVqWnt8zd1s0H+o5xJNZc"
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
public, no-cache
permissions-policy
document-domain=()
content-length
16855
jha-icon-warning-963d148a.js
my.highpointfcu.com/js/ 		898 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/jha-icon-warning-963d148a.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
fac0b035089b71d6778017eef5af0a7b7e0210bb5838f3b2e14fe9aa87a16c18
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:38 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"1bf-NvLRf9emhOZKxS19H9Nt9Xnv+iM"
content-length
447
content-type
text/javascript; charset=UTF-8
bannoweb-shared-icons-9052908b.js
my.highpointfcu.com/js/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/bannoweb-shared-icons-9052908b.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
d637bdcae1bd32b411de2878a17023be8f5a1b907ac82fc30490e8a209924a7b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:38 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"b35-/DOPtiL17FoSi9iezQdgj/JFb/I"
content-length
2869
content-type
text/javascript; charset=UTF-8
jha-icon-close-e1f73909.js
my.highpointfcu.com/js/ 		658 B
540 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/jha-icon-close-e1f73909.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
51789393d649af18952629fd04c6e40663c5c42492e638a411f59a6c333a96e6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:38 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"14d-ZicRTkatGoV2kQpEjgtoQWhmSdc"
content-length
333
content-type
text/javascript; charset=UTF-8
jha-icon-fingerprint-2a3f01a0.js
my.highpointfcu.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/jha-icon-fingerprint-2a3f01a0.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
7ff7dacb702bcf88608e7a24d18c2fd03b7e5f1b793523db34c6969986d7a285
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:38 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"6ad-RHT1ZxinMYkuo2p9Ilg0OSsTdfs"
content-length
1709
content-type
text/javascript; charset=UTF-8
jha-icon-circle-warning-4268b56d.js
my.highpointfcu.com/js/ 		735 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/jha-icon-circle-warning-4268b56d.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
9836cd143012040606d6dbdc739597187c70446a68cf281aa3fbb97f56f74047
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:38 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"178-5sjj3qc2aedMA1nRVAtqBQN+OxA"
content-length
376
content-type
text/javascript; charset=UTF-8
jha-icon-form-f2f3fb2b.js
my.highpointfcu.com/js/ 		1 KB
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/jha-icon-form-f2f3fb2b.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
1a8664ac795240e5ad5663396bf5e60dd0c72ffeeb8e5d6b67e7f9283656670b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:38 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"1ff-61/izheXqT+BgByqIIWnLR6JV80"
content-length
511
content-type
text/javascript; charset=UTF-8
jha-icon-life-preserver-cf5f9fef.js
my.highpointfcu.com/js/ 		1 KB
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/jha-icon-life-preserver-cf5f9fef.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
162e26a0227d93b71038fed0ff192740a3a3116b0e4e0873fe6b0a2f6a291a0d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:38 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"273-xufpljQ+HEfPYR/aTJaori7ZFco"
content-length
627
content-type
text/javascript; charset=UTF-8
bannoweb-background-hero-f4102cce.js
my.highpointfcu.com/js/ 		820 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/bannoweb-background-hero-f4102cce.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
5294789b0c839c15c2443e452f4dc42808b10d5652a00974f412f10d6c42c500
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"17c-vNUssmRfloPaJucO+vSZN3CklFo"
content-length
380
content-type
text/javascript; charset=UTF-8
jha-icon-people-58a9336b.js
my.highpointfcu.com/js/ 		1 KB
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/jha-icon-people-58a9336b.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
700ecd6722ed249f2c1beb894ce62460b2bbdb49bbaaffd3448a76adf15ace30
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"236-HYQGigHqIZqCvA3FAmnaGY3/8qc"
content-length
566
content-type
text/javascript; charset=UTF-8
jha-icon-user-047f3a7a.js
my.highpointfcu.com/js/ 		1 KB
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/jha-icon-user-047f3a7a.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
9df270bf1bbe81513a59b54ad8428595cf0da52cae2e9ff2aaffa2998c83d57f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"210-5Ga+SYmGrsOYu3DTnO6+nyZnyHo"
content-length
528
content-type
text/javascript; charset=UTF-8
jha-icon-2fa-a0c40c53.js
my.highpointfcu.com/js/ 		830 B
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/jha-icon-2fa-a0c40c53.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
381c6a19b75a5d0e11a1efb0e37c9c0ffa1306e81e3c6263251cbfcae88941cd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"1b9-TZOGnShNqvkKgckzhgx8WJne6d4"
content-length
441
content-type
text/javascript; charset=UTF-8
jha-icon-message-e2338c26.js
my.highpointfcu.com/js/ 		770 B
586 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/jha-icon-message-e2338c26.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
f55aef249230491da442e96a9bf539a788fa8da03e277d8dbe19808e4361d84c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"17a-ELodKFeddBGvmsDaYJBbWh8h5GY"
content-length
378
content-type
text/javascript; charset=UTF-8
jha-icon-mail-dceb1e61.js
my.highpointfcu.com/js/ 		682 B
566 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/jha-icon-mail-dceb1e61.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
fe5819e648655fda462984aea69a34a7d5e6ce053ee68995baef89f095bf4f8b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"166-nSV7UKmtz3TDsigXIdUqH5mR/Cg"
content-length
358
content-type
text/javascript; charset=UTF-8
jha-icon-authy-c99d8388.js
my.highpointfcu.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/jha-icon-authy-c99d8388.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
dc7ef75bd82f9d1af761c155536c99a251e29211d35b985adee4b96996914420
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"3f0-WWScBwcGxMm2oG4NaMruTI7jbJU"
content-length
1008
content-type
text/javascript; charset=UTF-8
jha-icon-mobile-ad7d9be5.js
my.highpointfcu.com/js/ 		732 B
565 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/jha-icon-mobile-ad7d9be5.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
bfe4f06867a759c6874f3b9ecd4ea47a207a64dd454ce4f44184ca34984a9010
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"165-yfDbaKzSHKbwZXy/dMy7f1O8cN0"
content-length
357
content-type
text/javascript; charset=UTF-8
jha-icon-2fa-device-a49386b6.js
my.highpointfcu.com/js/ 		1 KB
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/jha-icon-2fa-device-a49386b6.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
5569b187bbec92965f1edf118e7a3328a6a519359b6a9850338bc50dd8ac4ee4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"24b-gN8A5RPdsMI2D1wF4WHQGtLUGyM"
content-length
587
content-type
text/javascript; charset=UTF-8
jha-icon-fido-211d034d.js
my.highpointfcu.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/jha-icon-fido-211d034d.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
9901b8b540d26ea2d913dbbae6b1d8e6f3021c8b03cf71776dda0cb2db1e6d4b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"680-jK/UEPt0HiMYNxR2Mem90BUAmMs"
content-length
1664
content-type
text/javascript; charset=UTF-8
mixpanel-eb781aca.js
my.highpointfcu.com/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/js/mixpanel-eb781aca.js
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
b8da9bd4e812a36d4bb24a40400b8ee03a7d60cfd3d6f4aa255c598bc187d329
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
content-encoding
br
cache-control
public, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"3e50-e3vrMCXsOGU+IoOkvkY1CbvuwIk"
content-length
15952
content-type
text/javascript; charset=UTF-8
validate
my.highpointfcu.com/a/consumer/api/auth/ 		0
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/a/consumer/api/auth/validate
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/js/standalone-app-2febe141.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-hoFl7VvLnA3/9z8WEErb7w2eZDTV9MK0tMJ6v8lmvrI=' 'sha256-WLzHef/IBI5U2/lBG7Yp4SmzZDBG751a8JNVlNZKuiQ=' 'sha256-FiW4zvTEMxvAFexlZG9i5k9Vf+bqZ64C3NXGX58DkNw=' 'sha256-v2MJLw62aD2SBEgCAAq/tphIzexSig9Ro039DKbcZBs=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.highpointfcu.com; manifest-src 'self'; worker-src 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://my.highpointfcu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type
application/json

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
content-security-policy
default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-hoFl7VvLnA3/9z8WEErb7w2eZDTV9MK0tMJ6v8lmvrI=' 'sha256-WLzHef/IBI5U2/lBG7Yp4SmzZDBG751a8JNVlNZKuiQ=' 'sha256-FiW4zvTEMxvAFexlZG9i5k9Vf+bqZ64C3NXGX58DkNw=' 'sha256-v2MJLw62aD2SBEgCAAq/tphIzexSig9Ro039DKbcZBs=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.highpointfcu.com; manifest-src 'self'; worker-src 'self';
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"41d7-mdtMF6aVqWnt8zd1s0H+o5xJNZc"
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
public, no-cache
permissions-policy
document-domain=()
content-length
16855
error-logs
my.highpointfcu.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/error-logs
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/js/standalone-app-2febe141.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type
application/json

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
78295548-e5ed-cade-9e40-e70b0736e424
my.highpointfcu.com/a/consumer/api/institutions/ 		0
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/a/consumer/api/institutions/78295548-e5ed-cade-9e40-e70b0736e424
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/js/standalone-app-2febe141.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-hoFl7VvLnA3/9z8WEErb7w2eZDTV9MK0tMJ6v8lmvrI=' 'sha256-WLzHef/IBI5U2/lBG7Yp4SmzZDBG751a8JNVlNZKuiQ=' 'sha256-FiW4zvTEMxvAFexlZG9i5k9Vf+bqZ64C3NXGX58DkNw=' 'sha256-v2MJLw62aD2SBEgCAAq/tphIzexSig9Ro039DKbcZBs=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.highpointfcu.com; manifest-src 'self'; worker-src 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://my.highpointfcu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type
application/json

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
content-security-policy
default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-hoFl7VvLnA3/9z8WEErb7w2eZDTV9MK0tMJ6v8lmvrI=' 'sha256-WLzHef/IBI5U2/lBG7Yp4SmzZDBG751a8JNVlNZKuiQ=' 'sha256-FiW4zvTEMxvAFexlZG9i5k9Vf+bqZ64C3NXGX58DkNw=' 'sha256-v2MJLw62aD2SBEgCAAq/tphIzexSig9Ro039DKbcZBs=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.highpointfcu.com; manifest-src 'self'; worker-src 'self';
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"41d7-mdtMF6aVqWnt8zd1s0H+o5xJNZc"
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
public, no-cache
permissions-policy
document-domain=()
content-length
16855
time
my.highpointfcu.com/a/consumer/api/v0/login/ 		0
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/a/consumer/api/v0/login/time
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/js/standalone-app-2febe141.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-hoFl7VvLnA3/9z8WEErb7w2eZDTV9MK0tMJ6v8lmvrI=' 'sha256-WLzHef/IBI5U2/lBG7Yp4SmzZDBG751a8JNVlNZKuiQ=' 'sha256-FiW4zvTEMxvAFexlZG9i5k9Vf+bqZ64C3NXGX58DkNw=' 'sha256-v2MJLw62aD2SBEgCAAq/tphIzexSig9Ro039DKbcZBs=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.highpointfcu.com; manifest-src 'self'; worker-src 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://my.highpointfcu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type
application/json

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
content-security-policy
default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-hoFl7VvLnA3/9z8WEErb7w2eZDTV9MK0tMJ6v8lmvrI=' 'sha256-WLzHef/IBI5U2/lBG7Yp4SmzZDBG751a8JNVlNZKuiQ=' 'sha256-FiW4zvTEMxvAFexlZG9i5k9Vf+bqZ64C3NXGX58DkNw=' 'sha256-v2MJLw62aD2SBEgCAAq/tphIzexSig9Ro039DKbcZBs=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.highpointfcu.com; manifest-src 'self'; worker-src 'self';
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"41d7-mdtMF6aVqWnt8zd1s0H+o5xJNZc"
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
public, no-cache
permissions-policy
document-domain=()
content-length
16855
time
my.highpointfcu.com/a/consumer/api/v0/login/ 		0
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/a/consumer/api/v0/login/time
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/js/standalone-app-2febe141.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-hoFl7VvLnA3/9z8WEErb7w2eZDTV9MK0tMJ6v8lmvrI=' 'sha256-WLzHef/IBI5U2/lBG7Yp4SmzZDBG751a8JNVlNZKuiQ=' 'sha256-FiW4zvTEMxvAFexlZG9i5k9Vf+bqZ64C3NXGX58DkNw=' 'sha256-v2MJLw62aD2SBEgCAAq/tphIzexSig9Ro039DKbcZBs=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.highpointfcu.com; manifest-src 'self'; worker-src 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://my.highpointfcu.com/login
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type
application/json

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
content-security-policy
default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-hoFl7VvLnA3/9z8WEErb7w2eZDTV9MK0tMJ6v8lmvrI=' 'sha256-WLzHef/IBI5U2/lBG7Yp4SmzZDBG751a8JNVlNZKuiQ=' 'sha256-FiW4zvTEMxvAFexlZG9i5k9Vf+bqZ64C3NXGX58DkNw=' 'sha256-v2MJLw62aD2SBEgCAAq/tphIzexSig9Ro039DKbcZBs=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.highpointfcu.com; manifest-src 'self'; worker-src 'self';
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"41d7-mdtMF6aVqWnt8zd1s0H+o5xJNZc"
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
public, no-cache
permissions-policy
document-domain=()
content-length
16855
collect
www.google-analytics.com/j/ 		16 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2021554849&t=pageview&_s=1&dl=https%3A%2F%2Fmy.highpointfcu.com%2F&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Login%20%C2%B7%20Olean%20Area%20Federal%20Credit%20Union&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=136739795&gjid=1009030553&cid=1007524592.1690899579&tid=UA-44924824-4&_gid=360304923.1690899579&_r=1&_slc=1&cd1=Browser&z=1969788383
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/js/analytics-575b548053.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6519bc23966bfb9a087ff56bd8c6a5a538c408bcc1e852ca10640ac65849acbc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://my.highpointfcu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 14:19:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://my.highpointfcu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
olean-area-fcu-background-landscape-11a8fbab.png
my.highpointfcu.com/images/fi-assets/olean-area-fcu/ 		200 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.highpointfcu.com/images/fi-assets/olean-area-fcu/olean-area-fcu-background-landscape-11a8fbab.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
c23e032117ae133c9f175128b198620ee1f501150293886f55393192010b40c1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.highpointfcu.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 31 Jul 2023 15:03:06 GMT
etag
W/"321fa-189ac796c10"
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
205306
roboto-regular-webfont.woff2
my.highpointfcu.com/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/fonts/roboto-regular-webfont.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/
Origin
https://my.highpointfcu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 31 Jul 2023 15:20:28 GMT
etag
W/"3bf0-189ac895260"
content-type
font/woff2
cache-control
public, no-cache
accept-ranges
bytes
content-length
15344
collect
stats.g.doubleclick.net/j/ 		1 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-44924824-4&cid=1007524592.1690899579&jid=136739795&gjid=1009030553&_gid=360304923.1690899579&_u=aEBAAEAAAAAAACAAI~&z=1526508253
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/js/analytics-575b548053.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://my.highpointfcu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 01 Aug 2023 14:19:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://my.highpointfcu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		0
0
error-logs
my.highpointfcu.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.highpointfcu.com/error-logs
Requested by
Host: my.highpointfcu.com
URL: https://my.highpointfcu.com/js/standalone-app-2febe141.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
online.banno-production.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.highpointfcu.com/login
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type
application/json

Response headers

date
Tue, 01 Aug 2023 14:19:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-E1TRHWB2RL&cx=c&_slc=1

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| imprt_ object| banno object| ShadyCSS string| mitekWorkerPath string| GoogleAnalyticsObject function| ga object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions function| rcb function| iMb function| es function| nt function| ioc function| ozc function| tCc function| cCc function| kzc function| sCc function| xCc function| uuc function| aa function| mhc function| qPa function| gr function| ba function| pib function| rNb function| gh function| pPb function| lvc function| okb function| rL function| mt function| sIc function| nsb function| gBc function| eGc function| cf function| hHc function| nec function| fIa function| fYa function| m0 function| bga function| iQ function| jea function| qTa function| jBc function| sab function| pBc function| wL function| nF function| cY function| ce function| wZa function| gxa function| gb function| hBc function| fY function| lKc function| rQb function| kNb function| aL function| vhc function| gRb function| oJb function| j2b function| ocb object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| hkb function| oOb function| vLb function| aNb function| jMb function| hcc function| gxb function| ckc function| fQb function| dzb object| dataLayer

5 Cookies

Domain/Path Name / Value
my.highpointfcu.com/ Name: deviceId
Value: online-02241988-16b8-463b-b1a3-a5f2b03a596a
.highpointfcu.com/ Name: _ga
Value: GA1.2.1007524592.1690899579
.highpointfcu.com/ Name: _gid
Value: GA1.2.360304923.1690899579
.highpointfcu.com/ Name: _gat
Value: 1
my.highpointfcu.com/ Name: mp_5ad87dc510a720035bac28b0d20a2df5_mixpanel
Value: %7B%22distinct_id%22%3A%20%22189b1780188175-0c85e2bdec3693-683e5154-1d4c00-189b178018910af%22%2C%22%24device_id%22%3A%20%22189b1780188175-0c85e2bdec3693-683e5154-1d4c00-189b178018910af%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22institutionId%22%3A%20%2278295548-e5ed-cade-9e40-e70b0736e424%22%2C%22institutionName%22%3A%20%22Olean%20Area%20Federal%20Credit%20Union%22%2C%22userAgent%22%3A%20%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36%22%7D

7 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
network error URL: https://my.highpointfcu.com/a/consumer/api/offline-status/institutions/78295548-e5ed-cade-9e40-e70b0736e424
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://my.highpointfcu.com/a/consumer/api/auth/validate
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://my.highpointfcu.com/js/analytics-575b548053.js(Line 23)
Message:
Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-E1TRHWB2RL&cx=c&_slc=1' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-hoFl7VvLnA3/9z8WEErb7w2eZDTV9MK0tMJ6v8lmvrI=' 'sha256-E8XBBIVVJxEahI6Z6lB7wCXkhVXPJh36ppSlcQvoVVk=' 'sha256-Oe4IE3f/1WrVv+3Wbd8LcxK6qVCGQiMzotVbRo85ZcM=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-6WOa3pkD0jka3qgo3j2amNAM7zpSMhg6Z3yElUq9qdE=' 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network error URL: https://my.highpointfcu.com/a/consumer/api/v0/login/time
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://my.highpointfcu.com/a/consumer/api/institutions/78295548-e5ed-cade-9e40-e70b0736e424
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://my.highpointfcu.com/a/consumer/api/v0/login/time
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-hoFl7VvLnA3/9z8WEErb7w2eZDTV9MK0tMJ6v8lmvrI=' 'sha256-E8XBBIVVJxEahI6Z6lB7wCXkhVXPJh36ppSlcQvoVVk=' 'sha256-Oe4IE3f/1WrVv+3Wbd8LcxK6qVCGQiMzotVbRo85ZcM=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-6WOa3pkD0jka3qgo3j2amNAM7zpSMhg6Z3yElUq9qdE=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.highpointfcu.com; manifest-src 'self'; worker-src 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

my.highpointfcu.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.googletagmanager.com
2a00:1450:4001:811::200e
2a00:1450:400c:c00::9d
52.189.66.201
14ca60788dc623395f15cb519e983ef170b387f02303bda338061de9e4708bfe
162e26a0227d93b71038fed0ff192740a3a3116b0e4e0873fe6b0a2f6a291a0d
1a8664ac795240e5ad5663396bf5e60dd0c72ffeeb8e5d6b67e7f9283656670b
381c6a19b75a5d0e11a1efb0e37c9c0ffa1306e81e3c6263251cbfcae88941cd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
51789393d649af18952629fd04c6e40663c5c42492e638a411f59a6c333a96e6
5294789b0c839c15c2443e452f4dc42808b10d5652a00974f412f10d6c42c500
5569b187bbec92965f1edf118e7a3328a6a519359b6a9850338bc50dd8ac4ee4
6519bc23966bfb9a087ff56bd8c6a5a538c408bcc1e852ca10640ac65849acbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
700ecd6722ed249f2c1beb894ce62460b2bbdb49bbaaffd3448a76adf15ace30
7ff7dacb702bcf88608e7a24d18c2fd03b7e5f1b793523db34c6969986d7a285
9636b33572840651b4d05b0f72eea28bb79b16c0cfa810b7f2f80654894fccba
9836cd143012040606d6dbdc739597187c70446a68cf281aa3fbb97f56f74047
9901b8b540d26ea2d913dbbae6b1d8e6f3021c8b03cf71776dda0cb2db1e6d4b
9df270bf1bbe81513a59b54ad8428595cf0da52cae2e9ff2aaffa2998c83d57f
b2492c0523e53191439722f1b5ed8d5d0b832f773e04c94fefdfb3748e774d66
b8da9bd4e812a36d4bb24a40400b8ee03a7d60cfd3d6f4aa255c598bc187d329
bfe4f06867a759c6874f3b9ecd4ea47a207a64dd454ce4f44184ca34984a9010
c23e032117ae133c9f175128b198620ee1f501150293886f55393192010b40c1
c4c0e17bc8c24c2c1879d58b705ddfd2d908f1d729b21d40d81983a7317162b7
d637bdcae1bd32b411de2878a17023be8f5a1b907ac82fc30490e8a209924a7b
dc7ef75bd82f9d1af761c155536c99a251e29211d35b985adee4b96996914420
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f55aef249230491da442e96a9bf539a788fa8da03e277d8dbe19808e4361d84c
f847513d7e1c805bd010dec0bbcb5beabd364ec19c87ff902e1d6e246e51fba0
fac0b035089b71d6778017eef5af0a7b7e0210bb5838f3b2e14fe9aa87a16c18
fe5819e648655fda462984aea69a34a7d5e6ce053ee68995baef89f095bf4f8b