go.manhattanbank.bank Open in urlscan Pro
52.189.66.201  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response go.manhattanbank.bank/	84 KB 20 KB	460ms 179ms	Document text/html	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://go.manhattanbank.bank/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash deb199bdf9e6e7e5fd31568916079db9c882afa2526efa4042cf512a593b6a59 Security Headers Name Value Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-r8zoNCMsusI92VvYBwu0GlXizSKnaTF/PP+PuHgaxZY=' 'sha256-PEeEcSzfpPyKA0sBW7zJs5MZU5WS+zHItyqmX8nfriA=' 'sha256-2QyxVYHBvVfBrEk3LUHSGIPEVe9RkqOPCqMQ1v4chtw=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-wffdQe+e9p2H3+CYs+rpy2bkhUYGvVuUMzi6lHMRi8M=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://go.manhattanbank.bank; manifest-src 'self'; worker-src 'self'; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control public, no-cache content-encoding gzip content-length 18888 content-security-policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-r8zoNCMsusI92VvYBwu0GlXizSKnaTF/PP+PuHgaxZY=' 'sha256-PEeEcSzfpPyKA0sBW7zJs5MZU5WS+zHItyqmX8nfriA=' 'sha256-2QyxVYHBvVfBrEk3LUHSGIPEVe9RkqOPCqMQ1v4chtw=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-wffdQe+e9p2H3+CYs+rpy2bkhUYGvVuUMzi6lHMRi8M=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://go.manhattanbank.bank; manifest-src 'self'; worker-src 'self'; content-type text/html date Wed, 20 Dec 2023 17:31:35 GMT etag W/"49c8-Yc9gBMDixSmkaJSVlnRJ4dLtFPw" permissions-policy document-domain=() referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=15724800; includeSubDomains x-b3-sampled 1 x-b3-spanid b48a438781b5ad1c x-b3-traceid 5a2292deb99a80c405cafdccbc453800 x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	standalone-app-4af47efc.js Show response go.manhattanbank.bank/js/	122 KB 35 KB	258ms 258ms	Script text/javascript	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://go.manhattanbank.bank/js/standalone-app-4af47efc.js Requested by Host: go.manhattanbank.bank URL: https://go.manhattanbank.bank/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash 4e5d60785dd34516ecb2cd8337819f8e62f0900ec03fea8ec31efbcb4de81423 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer Origin https://go.manhattanbank.bank accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 17:31:35 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid b6ba0d160c1aed1935cf9f1ef8fe9b82 etag W/"89c9-Hjg3TlCBxB1rvRLd/311RXlF4cc" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid 0bb19b5e367b7caa x-b3-sampled 1 content-length 35273
GET H2	200	banno-web-fb7bc1d7.js Show response go.manhattanbank.bank/js/	454 KB 97 KB	129ms 129ms	Script text/javascript	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://go.manhattanbank.bank/js/banno-web-fb7bc1d7.js Requested by Host: go.manhattanbank.bank URL: https://go.manhattanbank.bank/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash 5ecc185eedee654a16be139976b76be8170527b1a3c8c31d4459fadd155a4f2d Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer Origin https://go.manhattanbank.bank accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 17:31:35 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid 6427ef10c9bf268ce59c4890a9ee110b etag W/"182ff-4k0vP13NsJs7vJdq+BeV+sQJ8W4" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid 07ffbcc8eba234b1 x-b3-sampled 1 content-length 99071
GET H2	200	manhattan-bank-logo-545ca07a.png go.manhattanbank.bank/images/fi-assets/manhattan-bank/	8 KB 9 KB	331ms 331ms	Image image/png	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://go.manhattanbank.bank/images/fi-assets/manhattan-bank/manhattan-bank-logo-545ca07a.png Requested by Host: go.manhattanbank.bank URL: https://go.manhattanbank.bank/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash a83e40382d2850567fd9ff4badc0e6f11af0a763e8727238c1aaa6bcbe68ee0e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://go.manhattanbank.bank/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 17:31:35 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 20 Dec 2023 05:00:52 GMT x-b3-traceid 24bc104d9efab71fdf4bc8ca075c288d etag W/"219d-18c859917a0" content-type image/png cache-control public, max-age=31536000 x-b3-spanid 37918f77358cdd4d x-b3-sampled 1 accept-ranges bytes content-length 8605
GET H2	200	client-shared-418c3d4a.js Show response go.manhattanbank.bank/js/	146 B 404 B	127ms 126ms	Script text/javascript	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://go.manhattanbank.bank/js/client-shared-418c3d4a.js Requested by Host: go.manhattanbank.bank URL: https://go.manhattanbank.bank/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash 5275c5b526cc8bc796d9fe75adfcff01773660090288704180e8566972380a34 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://go.manhattanbank.bank/ Origin https://go.manhattanbank.bank accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 17:31:35 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid 2441ce0d5d8a79de524818578957190d etag W/"7e-lZaeGb5l7u19Ji9rsWzRvZfT38s" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid b412e5f3969fdebb x-b3-sampled 1 content-length 126
GET H2	200	d29c0d50-1566-11e8-980f-0adf1aff7f9e Show response go.manhattanbank.bank/a/consumer/api/offline-status/institutions/	20 B 329 B	134ms 133ms	Fetch application/json	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://go.manhattanbank.bank/a/consumer/api/offline-status/institutions/d29c0d50-1566-11e8-980f-0adf1aff7f9e Requested by Host: go.manhattanbank.bank URL: https://go.manhattanbank.bank/js/standalone-app-4af47efc.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash bdbf1c1b735b09d5cdd6e0d87b5a3db5f5334f23e13dfe29e2ceb3d687e02716 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://go.manhattanbank.bank/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 content-type application/json Response headers date Wed, 20 Dec 2023 17:31:35 GMT x-envoy-decorator-operation go-institution-offline-status.mirai.svc.cluster.local:80/* strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid 8c356cd41cebaf4b512a7183bc31ede3 content-type application/json x-b3-spanid d375f288355bb185 x-envoy-upstream-service-time 0 x-b3-sampled 1 content-length 20 x-request-id 7d6dc22b0ebd27d48085fd90f6461b53
GET H2	200	jha-icon-circle-warning-ed311dce.js Show response go.manhattanbank.bank/js/	735 B 655 B	127ms 127ms	Script text/javascript	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://go.manhattanbank.bank/js/jha-icon-circle-warning-ed311dce.js Requested by Host: go.manhattanbank.bank URL: https://go.manhattanbank.bank/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash a0e21a082a5ee1686bd15ad0d14cb1a02c2ba841195dc0aa408318de63c04b83 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://go.manhattanbank.bank/ Origin https://go.manhattanbank.bank accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 17:31:35 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid cb2e02e153bb216b1705151fd7fc3126 etag W/"179-tI83iX6SRmxyC3R0B7Rij9cHeBc" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid 968d24682d00647f x-b3-sampled 1 content-length 377
GET H2	200	mixpanel-b9060906.js Show response go.manhattanbank.bank/js/	52 KB 16 KB	128ms 127ms	Script text/javascript	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://go.manhattanbank.bank/js/mixpanel-b9060906.js Requested by Host: go.manhattanbank.bank URL: https://go.manhattanbank.bank/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash 3fafb3716c3f7e00c3c82c1b442dc6b8e036cb991c621ab1239e01e4b4b27089 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://go.manhattanbank.bank/ Origin https://go.manhattanbank.bank accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 17:31:35 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid 28820b3293842f55b95016048b24d543 etag W/"407e-aesUtPbfngCeBBmMOTn16G5Ob2w" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid a07db10111d569c6 x-b3-sampled 1 content-length 16510
GET H2	200	bannoweb-background-hero-67dec1b1.js Show response go.manhattanbank.bank/js/	820 B 630 B	128ms 128ms	Script text/javascript	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://go.manhattanbank.bank/js/bannoweb-background-hero-67dec1b1.js Requested by Host: go.manhattanbank.bank URL: https://go.manhattanbank.bank/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash 21fe1faed67b4d528e5633bfd8594930e1793062a6c17a76c2343137ef64b2b5 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://go.manhattanbank.bank/ Origin https://go.manhattanbank.bank accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 17:31:35 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid edd1b03e7aa5c8bad6007882b6831434 etag W/"160-KAONJerG0jBK6OHTY5+uF00Sa1w" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid 38c35890ca090a52 x-b3-sampled 1 content-length 352
GET H2	401	validate go.manhattanbank.bank/a/consumer/api/auth/	0 0	131ms 131ms	Fetch	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://go.manhattanbank.bank/a/consumer/api/auth/validate Requested by Host: go.manhattanbank.bank URL: https://go.manhattanbank.bank/js/standalone-app-4af47efc.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://go.manhattanbank.bank/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 content-type application/json Response headers date Wed, 20 Dec 2023 17:31:35 GMT strict-transport-security max-age=15724800; includeSubDomains x-b3-spanid 4272cba179e2b393 x-b3-sampled 1 x-b3-traceid 97050b59aa5ca08988deb56b891f5d57 content-length 0 x-request-id 27cbb731982411263c3efeb3445e520f
GET H2	200	manhattan-bank-background-landscape-65688dd2.png go.manhattanbank.bank/images/fi-assets/manhattan-bank/	275 KB 276 KB	181ms 181ms	Image image/png	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://go.manhattanbank.bank/images/fi-assets/manhattan-bank/manhattan-bank-background-landscape-65688dd2.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash 4af915b0314c47c3fd286fb229f66b8beacb2ea1dacbf762981e45e89534f06e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://go.manhattanbank.bank/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 17:31:35 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 20 Dec 2023 05:00:52 GMT x-b3-traceid 430e341827a6747d87b6bbc6f6db0aad etag W/"44bcc-18c859917a0" content-type image/png cache-control public, max-age=31536000 x-b3-spanid 156a962a5a3b63f8 x-b3-sampled 1 accept-ranges bytes content-length 281548
GET H2	200	d29c0d50-1566-11e8-980f-0adf1aff7f9e Show response go.manhattanbank.bank/a/consumer/api/institutions/	72 KB 72 KB	139ms 138ms	Fetch application/json	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://go.manhattanbank.bank/a/consumer/api/institutions/d29c0d50-1566-11e8-980f-0adf1aff7f9e Requested by Host: go.manhattanbank.bank URL: https://go.manhattanbank.bank/js/standalone-app-4af47efc.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash 7bf3c0009aae4d2a64fc72cebca747915fbafb65885c9f23df77245b05a32351 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://go.manhattanbank.bank/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 content-type application/json Response headers date Wed, 20 Dec 2023 17:31:35 GMT strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid a93ba5f554078222756caf108c8d8307 content-type application/json x-b3-spanid bfcfd86eec3ecfe8 x-b3-sampled 1 content-length 73331 x-request-id 28b008ced49587f9a9e988e1a85720e1
GET H2	200	jha-icon-form-38afe02e.js Show response go.manhattanbank.bank/js/	1 KB 791 B	132ms 131ms	Script text/javascript	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://go.manhattanbank.bank/js/jha-icon-form-38afe02e.js Requested by Host: go.manhattanbank.bank URL: https://go.manhattanbank.bank/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash 742ee65c97734962bfff26cf8f0050e976b6134e6fd28cd00bb64b7215d5c86a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://go.manhattanbank.bank/ Origin https://go.manhattanbank.bank accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 17:31:35 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid dfec34838889d756d9ec0d1de2c32567 etag W/"201-VVg17HTYt7Q/diE5/eLR11yogD8" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid 620ba76ffc3f9291 x-b3-sampled 1 content-length 513
GET H2	200	jha-icon-life-preserver-7ec5bac9.js Show response go.manhattanbank.bank/js/	1 KB 906 B	131ms 130ms	Script text/javascript	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://go.manhattanbank.bank/js/jha-icon-life-preserver-7ec5bac9.js Requested by Host: go.manhattanbank.bank URL: https://go.manhattanbank.bank/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash 86e4f609602acbf10497ee3b2c21e25903470f684d67b1bcc93ef2aa5655ff12 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://go.manhattanbank.bank/ Origin https://go.manhattanbank.bank accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 17:31:35 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid 27e561a71d162aff77caae9a3adecca0 etag W/"273-r5KXX4et0jpw90UYxexk+5X/lNM" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid b15f55c645406f75 x-b3-sampled 1 content-length 627
GET H2	200	time Show response go.manhattanbank.bank/a/consumer/api/v0/login/	13 B 311 B	144ms 144ms	Fetch application/json	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://go.manhattanbank.bank/a/consumer/api/v0/login/time Requested by Host: go.manhattanbank.bank URL: https://go.manhattanbank.bank/js/standalone-app-4af47efc.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash 3223aedc5ee861d37c7d9fa2de41bed04aca36bdb985550ea488147d61ba202a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://go.manhattanbank.bank/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 content-type application/json Response headers date Wed, 20 Dec 2023 17:31:35 GMT strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid f70c9b1cdfc05b1921ff3a12c978f46e etag W/"d-7kUC1G9lhoYzR+xjcD0g8AJ2jpw" content-type application/json; charset=utf-8 cache-control private, no-store, no-cache x-b3-spanid dd157e28a4360dcb x-b3-sampled 1 content-length 13 x-request-id 2d41355970d30a4490f5f610cbd1547a
GET H2	200	jha-icon-warning-1c4e1b64.js Show response go.manhattanbank.bank/js/	898 B 727 B	128ms 127ms	Script text/javascript	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://go.manhattanbank.bank/js/jha-icon-warning-1c4e1b64.js Requested by Host: go.manhattanbank.bank URL: https://go.manhattanbank.bank/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash d709cca4227b6bcd39899d02728ec4c8c6e781b0a9a7859ce164d843fd796b12 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://go.manhattanbank.bank/ Origin https://go.manhattanbank.bank accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 17:31:35 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid f7b72576ec85a779653d74fccd31e489 etag W/"1c0-i3ymaA8Z7CCWhTQtij/zXSCIpfw" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid eb264dd3a7d0dc31 x-b3-sampled 1 content-length 448
GET H2	200	time Show response go.manhattanbank.bank/a/consumer/api/v0/login/	13 B 310 B	138ms 138ms	Fetch application/json	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://go.manhattanbank.bank/a/consumer/api/v0/login/time Requested by Host: go.manhattanbank.bank URL: https://go.manhattanbank.bank/js/standalone-app-4af47efc.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash 43b727e0af69a57c5a4037333942a08bded51e6658f5920a8d28caa9963d7d01 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://go.manhattanbank.bank/login accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 content-type application/json Response headers date Wed, 20 Dec 2023 17:31:35 GMT strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid 710cbd180f39c528c117877eaccecac5 etag W/"d-mJ6+Pb7AdzhxgIfO5tdB4C0UoJs" content-type application/json; charset=utf-8 cache-control private, no-store, no-cache x-b3-spanid 174344bdea55b6f8 x-b3-sampled 1 content-length 13 x-request-id a7c6f4ae208f912b9849501cf296732a
GET H2	200	roboto-regular-webfont.woff2 go.manhattanbank.bank/fonts/	15 KB 15 KB	248ms 248ms	Font font/woff2	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://go.manhattanbank.bank/fonts/roboto-regular-webfont.woff2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://go.manhattanbank.bank/ Origin https://go.manhattanbank.bank accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 17:31:35 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 20 Dec 2023 05:07:13 GMT x-b3-traceid 766f1baaece52c252cdd6b6c58524530 etag W/"3bf0-18c859ee7e8" content-type font/woff2 cache-control public, no-cache x-b3-spanid 2b6fcac78802419c x-b3-sampled 1 accept-ranges bytes content-length 15344
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/gif
POST H2	200	start Show response go.manhattanbank.bank/a/consumer/api/login/assertion/	158 B 457 B	243ms 243ms	Fetch application/json	52.189.66.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://go.manhattanbank.bank/a/consumer/api/login/assertion/start Requested by Host: go.manhattanbank.bank URL: https://go.manhattanbank.bank/js/standalone-app-4af47efc.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS online.banno-production.com Software / Resource Hash a189a05d111b870ad9e5e679f2c67ad151f0bee653474e1c2c3173ef30b104fd Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://go.manhattanbank.bank/login accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 content-type application/json Response headers date Wed, 20 Dec 2023 17:31:35 GMT strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid 372690710e4300ed6518c4b832e278b3 etag W/"9e-o3NE6Fc+ju9tiM/w4Nic1vzv9N0" content-type application/json; charset=utf-8 cache-control private, no-store, no-cache x-b3-spanid 400dd89c4fbc0df1 x-b3-sampled 1 content-length 158 x-request-id 3d277a388f55e28a6e95fb1f9a41e0b9

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| imprt_ object| banno object| ShadyCSS string| mitekWorkerPath object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions function| m9a function| f4b function| tS function| hv function| rbb function| gSc function| lwc function| uxc function| cSc function| iwb function| uyc function| eRc function| v function| imc function| qWa function| dn function| ga function| mfb function| n6b function| zn function| u8b function| tic function| afc function| tpa function| p5b function| qCc function| xUb function| jsc function| zyc function| am function| qzc function| k5b function| wyc function| uTa function| qZ function| jia function| a0 function| pLa function| nDa function| msc function| oZ function| c0a function| tga function| qE function| nda function| og function| w0a function| ixa function| wc function| qtc function| uS function| mDc function| pUa function| fnb function| r8b function| oPb function| eDb function| qvb

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			go.manhattanbank.bank/	1970-01-21 01:50:29	Name: deviceId Value: online-7073fafd-6548-40df-99d0-f4310a80d66c
			go.manhattanbank.bank/	1970-01-21 01:50:29	Name: mp_5ad87dc510a720035bac28b0d20a2df5_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18c8848679c43c-067de767c699af-693d5753-1d4c00-18c8848679c43c%22%2C%22%24device_id%22%3A%20%2218c8848679c43c-067de767c699af-693d5753-1d4c00-18c8848679c43c%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22institutionId%22%3A%20%22d29c0d50-1566-11e8-980f-0adf1aff7f9e%22%2C%22institutionName%22%3A%20%22Manhattan%20Bank%22%2C%22userAgent%22%3A%20%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36%22%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
network	error	URL: https://go.manhattanbank.bank/a/consumer/api/auth/validate Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-r8zoNCMsusI92VvYBwu0GlXizSKnaTF/PP+PuHgaxZY=' 'sha256-PEeEcSzfpPyKA0sBW7zJs5MZU5WS+zHItyqmX8nfriA=' 'sha256-2QyxVYHBvVfBrEk3LUHSGIPEVe9RkqOPCqMQ1v4chtw=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-wffdQe+e9p2H3+CYs+rpy2bkhUYGvVuUMzi6lHMRi8M=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://go.manhattanbank.bank; manifest-src 'self'; worker-src 'self';
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

go.manhattanbank.bank
52.189.66.201
21fe1faed67b4d528e5633bfd8594930e1793062a6c17a76c2343137ef64b2b5
3223aedc5ee861d37c7d9fa2de41bed04aca36bdb985550ea488147d61ba202a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fafb3716c3f7e00c3c82c1b442dc6b8e036cb991c621ab1239e01e4b4b27089
43b727e0af69a57c5a4037333942a08bded51e6658f5920a8d28caa9963d7d01
4af915b0314c47c3fd286fb229f66b8beacb2ea1dacbf762981e45e89534f06e
4e5d60785dd34516ecb2cd8337819f8e62f0900ec03fea8ec31efbcb4de81423
5275c5b526cc8bc796d9fe75adfcff01773660090288704180e8566972380a34
5ecc185eedee654a16be139976b76be8170527b1a3c8c31d4459fadd155a4f2d
742ee65c97734962bfff26cf8f0050e976b6134e6fd28cd00bb64b7215d5c86a
7bf3c0009aae4d2a64fc72cebca747915fbafb65885c9f23df77245b05a32351
86e4f609602acbf10497ee3b2c21e25903470f684d67b1bcc93ef2aa5655ff12
a0e21a082a5ee1686bd15ad0d14cb1a02c2ba841195dc0aa408318de63c04b83
a189a05d111b870ad9e5e679f2c67ad151f0bee653474e1c2c3173ef30b104fd
a83e40382d2850567fd9ff4badc0e6f11af0a763e8727238c1aaa6bcbe68ee0e
bdbf1c1b735b09d5cdd6e0d87b5a3db5f5334f23e13dfe29e2ceb3d687e02716
d709cca4227b6bcd39899d02728ec4c8c6e781b0a9a7859ce164d843fd796b12
deb199bdf9e6e7e5fd31568916079db9c882afa2526efa4042cf512a593b6a59
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629