urlscan.io logo urlscan.io
SecurityTrails logo

my.oakstarbank.com Open in urlscan Pro
52.189.66.201  Public Scan

Go To Rescan Add Verdict Report
URL: https://my.oakstarbank.com/
Submission: On July 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 36 HTTP transactions. The main IP is 52.189.66.201, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is my.oakstarbank.com.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on July 28th 2021. Valid for: a year.
This is the only time my.oakstarbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
33 52.189.66.201 8075 (MICROSOFT...)
1 13.86.62.194 8075 (MICROSOFT...)
1 2a00:1450:401... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
36 5
Apex Domain
Subdomains		 Transfer
33 oakstarbank.com
my.oakstarbank.com
367 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 138
441 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 69
410 B
1 banno-tools.com
getsentry.banno-tools.com — Cisco Umbrella Rank: 632339
569 B
36 4
Domain Requested by
33 my.oakstarbank.com my.oakstarbank.com
1 stats.g.doubleclick.net my.oakstarbank.com
1 www.google-analytics.com my.oakstarbank.com
1 getsentry.banno-tools.com my.oakstarbank.com
36 4

This site contains no links.

Subject Issuer Validity Valid
my.oakstarbank.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-28 -
2022-07-28		 a year crt.sh
getsentry.banno-tools.com
R3		 2022-07-12 -
2022-10-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://my.oakstarbank.com/
Frame ID: 3141B83307ED9C4282718E4AC0BE9A36
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login ยท OakStar Bank

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

36
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

368 kB
Transfer

861 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
my.oakstarbank.com/ 		80 KB
81 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5cdc1cb9d08b5907d9774a3cea5f70a85523b70b1986be0f50de369a2da3b73e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-zyehUjanl02f25L6IaXADmHk1LsjQ4487lCKSB+D0Ig=' 'sha256-7iFrvfSFzT83s+AuKSIVC8Mqp/Ii6wxhw8IJayAxO8g=' 'sha256-QM2/PQ5QetJIu/5IwYVFJ1SnDeYpYkFDCtFNrMLLNt0=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self'; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://apim.autobooks.co http://localhost:8080; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://getsentry-production.banno.com wss://my.oakstarbank.com; manifest-src 'self'; worker-src 'self'; report-uri https://getsentry.banno-tools.com/api/2/security/?sentry_key=e7dd91cbbd044257977d999a9c5709f5;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, no-cache
content-length
81864
content-security-policy
default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-zyehUjanl02f25L6IaXADmHk1LsjQ4487lCKSB+D0Ig=' 'sha256-7iFrvfSFzT83s+AuKSIVC8Mqp/Ii6wxhw8IJayAxO8g=' 'sha256-QM2/PQ5QetJIu/5IwYVFJ1SnDeYpYkFDCtFNrMLLNt0=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self'; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://apim.autobooks.co http://localhost:8080; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://getsentry-production.banno.com wss://my.oakstarbank.com; manifest-src 'self'; worker-src 'self'; report-uri https://getsentry.banno-tools.com/api/2/security/?sentry_key=e7dd91cbbd044257977d999a9c5709f5;
content-type
text/html; charset=utf-8
date
Wed, 13 Jul 2022 14:25:22 GMT
etag
W/"13fc8-m9vpaCBuEps9/w3zhhdpOIKVaOw"
permissions-policy
document-domain=()
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
/
getsentry.banno-tools.com/api/2/security/ 		0
569 B 		Other
General
Check archive.org
Download Go to
Full URL
https://getsentry.banno-tools.com/api/2/security/?sentry_key=e7dd91cbbd044257977d999a9c5709f5
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.86.62.194 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.oakstarbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
x-content-type-options
nosniff
vary
Accept-Language, Cookie
content-length
0
x-xss-protection
1; mode=block
allow
GET, POST, HEAD, OPTIONS
last-modified
Wed, 13 Jul 2022 14:25:22 GMT
x-frame-options
deny
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, HEAD, OPTIONS
content-language
de
access-control-allow-origin
https://my.oakstarbank.com
access-control-expose-headers
X-Sentry-Error, Retry-After
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-type
application/javascript
access-control-allow-headers
X-Sentry-Auth, X-Requested-With, Origin, Accept, Content-Type, Authentication, Authorization
expires
Wed, 13 Jul 2022 14:25:22 GMT
standalone-app-10fd0aa3.js
my.oakstarbank.com/js/ 		311 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/standalone-app-10fd0aa3.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f5c15c768d7854dbcde221ab9fc98fe2fe2f2122730cb38154d76d33bd31e1df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"1260a-l8515tQoBr7Fuwk4WLwOuQ5OCIs"
content-length
75274
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
banno-web-c4d5cab8.js
my.oakstarbank.com/js/ 		188 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/banno-web-c4d5cab8.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
206d898c962f435b0d3b1e270f63f09511cd2f3779e5e4804421f53b608779a6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"9f72-Ez5Ocfnx5Gn4jFHC7k/XTU46Mq8"
content-length
40818
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
client-shared-a055673a.js
my.oakstarbank.com/js/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/client-shared-a055673a.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
081732733d7669b450af486389c740427ce9825e78c0878448e5708486956778
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"16de-o0OivLqEL2WNnEElVG2Juozzno0"
content-length
5854
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
bd22c266-ec46-4d92-b47b-118400037118
my.oakstarbank.com/a/consumer/api/offline-status/institutions/ 		19 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/a/consumer/api/offline-status/institutions/bd22c266-ec46-4d92-b47b-118400037118
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/js/standalone-app-10fd0aa3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9a2777991cecbc933f020541136e28a7768bde3f4787a9d498838b095221e70a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
x-b3-traceid
a2577eac0d909350
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
x-b3-spanid
a2577eac0d909350
x-b3-sampled
1
content-length
19
x-request-id
d7366300bbe2d32e26ad942dab188daa
analytics-d40531c5e9.js
my.oakstarbank.com/js/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/analytics-d40531c5e9.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/js/standalone-app-10fd0aa3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.oakstarbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"45c2-irbWbFqu/GjM/thJqt+Jg+vGOPA"
content-length
17858
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
bannoweb-shared-icons-1d5684e1.js
my.oakstarbank.com/js/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/bannoweb-shared-icons-1d5684e1.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
908c157fd354cdad06d60acb4a5ffbd741fb428ec3bdc4ae0531c9ac577b9162
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"ac1-VbcB8UrZRhCqCt4/5kYfFgeHuEc"
content-length
2753
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
jha-icon-clock-1f2dc366.js
my.oakstarbank.com/js/ 		724 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/jha-icon-clock-1f2dc366.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
48c5b1e16f8ac95664d34ccafdcf4125e2cfdd91ef900376b843ce9c06d522c0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"174-Q2/NwnyvOJha48e3gPF4OZprMhU"
content-length
372
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
jha-icon-circle-warning-e5af4aa3.js
my.oakstarbank.com/js/ 		727 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/jha-icon-circle-warning-e5af4aa3.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c5d9ca53d1975db6198119593e41e885bed7a2b6b32ee5de41c0a7314c5c8fe1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"171-vuqtHOvXOWoz1VhUBtGuqcdehhA"
content-length
369
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
jha-icon-close-addf8af9.js
my.oakstarbank.com/js/ 		652 B
542 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/jha-icon-close-addf8af9.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f38be90033c604e76c255ec1ccbd1d4fffa6e2c41acf0d57b491671a20fca466
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"14e-st6LT7ZG5/6A3RMWvlXBxSww/UA"
content-length
334
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
jha-icon-2fa-d992ae70.js
my.oakstarbank.com/js/ 		824 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/jha-icon-2fa-d992ae70.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f3d7b028390f5836deac50c19249e38fad159296784aada042bd5d2b0b1a847f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"1b7-pJRYIDvkAf2fT/uJc5CrI9HBU18"
content-length
439
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
jha-icon-message-786d1487.js
my.oakstarbank.com/js/ 		758 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/jha-icon-message-786d1487.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
682b5aea4cffc6232bbdb7a20c038152b92e98309ea326d9b0c098594ca0e513
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"17b-fbtQP0/0gjXie7RKp1nSBWI3NWE"
content-length
379
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
jha-icon-mail-9ce1831b.js
my.oakstarbank.com/js/ 		676 B
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/jha-icon-mail-9ce1831b.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
21a671b7847f4cf86ee7fc6988076492233e47dc8c5b5823ca4ac1bade6c878c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"182-fLuUfw2tITv07SQQmxie25cvrWg"
content-length
386
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
jha-icon-authy-adcdecb9.js
my.oakstarbank.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/jha-icon-authy-adcdecb9.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
42aff980cd18beaf688d2b7a3d2678192576cd32060f1366a6166e9a35bfcdc6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"400-e4WOYiLmjCMo5eIeyk8KOGyiaVk"
content-length
1024
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
jha-icon-mobile-7b72b70d.js
my.oakstarbank.com/js/ 		726 B
566 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/jha-icon-mobile-7b72b70d.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6e1ba01f20b4fa1737b63eb0520e2b826c5237afa0e116a018e459f42d1e98ad
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"165-pi4/fHKwXVvGCNjqRmJoghDQESE"
content-length
357
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
jha-icon-2fa-device-6beef983.js
my.oakstarbank.com/js/ 		1 KB
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/jha-icon-2fa-device-6beef983.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ef2fb2977a1a9fba7a6d7900a62a8da13f998fa7612f3c9cadb4baf53f606008
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"258-6vY+Ay8syXhFiO0mXVsqfTX4h0c"
content-length
600
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
jha-icon-chevron-back-6b6a1f82.js
my.oakstarbank.com/js/ 		1014 B
670 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/jha-icon-chevron-back-6b6a1f82.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0b3d0d2dc570b9a9848a4ed6232d87ef6d92f4fdd97452db75f7c0a48f568281
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"1ce-pOHB9A/tBVIyXniQTokEiFY2wmE"
content-length
462
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
jha-icon-hacker-4458e6f5.js
my.oakstarbank.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/jha-icon-hacker-4458e6f5.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
23b0995adf917bb596aa921b34dba14ae44d1e12ec3b33b10ec8c2720eb13f2f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"5d9-+bAAZ77WXMQI8sxcyMhs8UGKCTE"
content-length
1497
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
jha-icon-lock-5e0cccef.js
my.oakstarbank.com/js/ 		799 B
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/jha-icon-lock-5e0cccef.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a331ba7d33cd424380cab67a49fb507342aab0b7f7df6f892bf7f7fcaf2e0932
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"1a2-j8LDd23lF4ax5CAOJAnyAH91yRE"
content-length
418
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
jha-icon-warning-81ddb676.js
my.oakstarbank.com/js/ 		890 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/jha-icon-warning-81ddb676.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
89c3d562b0746d0e6e8ca2c913067726557474a5cc3d5f8aa89efd0774733247
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"1d2-qgyNDZLkgYgcxPmuzRW2dQNfeF8"
content-length
466
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
validate
my.oakstarbank.com/a/consumer/api/auth/ 		35 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/a/consumer/api/auth/validate
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/js/standalone-app-10fd0aa3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
22e4f998890bcc485adc0f9e83d70edd17a86d42d302102c69fc56abb693f54a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
x-b3-traceid
7a248eb08bff39fe
etag
W/"23-ATmLY09ifNaJU/EjcumWoH0oQ5U"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/html; charset=utf-8
x-b3-spanid
7a248eb08bff39fe
x-b3-sampled
1
content-length
35
x-request-id
0bd92b0154e7824d4815ec8ec59d2ae7
oakstar-bank-background-landscape-0058a8e7.png
my.oakstarbank.com/images/fi-assets/oakstar-bank/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.oakstarbank.com/images/fi-assets/oakstar-bank/oakstar-bank-background-landscape-0058a8e7.png
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7fd36cc9d2ad8fb3d78dde5ae651bedd0fc1cef9eed46b87f4df44dd1140a551
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.oakstarbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:22 GMT
last-modified
Tue, 12 Jul 2022 20:43:54 GMT
etag
W/"b4f3-181f4276f10"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
46323
bd22c266-ec46-4d92-b47b-118400037118
my.oakstarbank.com/a/consumer/api/institutions/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/a/consumer/api/institutions/bd22c266-ec46-4d92-b47b-118400037118
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/js/standalone-app-10fd0aa3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
54cbfc1256448737cce27ae936f40fe37d5ea4ae6e92ae847f8c277b47faf6ed
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json

Response headers

date
Wed, 13 Jul 2022 14:25:23 GMT
x-b3-traceid
71513f3bd4c4900e
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
x-b3-spanid
71513f3bd4c4900e
x-b3-sampled
1
content-length
40819
x-request-id
225f59e1f8a569f4cf85ca3292334897
bannoweb-login-8080633e.js
my.oakstarbank.com/js/ 		51 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/bannoweb-login-8080633e.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
463e588584dc6197d747f400ff71ac52377ff2f3838c157f2b83f0b08eecbad8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:23 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"3535-rVRfbCxcd0M6vqGsszf6uaL7elI"
content-length
13621
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
jha-icon-star-fill-fea10f50.js
my.oakstarbank.com/js/ 		718 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/jha-icon-star-fill-fea10f50.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b194725fcdca4c573ca18a75df50faaa6c98f4f9d334638a80dc582916d3ff68
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:23 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"180-/HllYXdY6lfVF2PXunSg86trEoI"
content-length
384
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
jha-icon-fingerprint-9bf5f39d.js
my.oakstarbank.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/jha-icon-fingerprint-9bf5f39d.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6aae25f5078ea5b77970c4e4f5bf20fc45283038e3e4ed44b440073c2e7d5b14
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:23 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"6c3-yYhx33/sFU42x6xPu/PBwHmbHoA"
content-length
1731
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
bannoweb-change-password-form-6f8f89ac.js
my.oakstarbank.com/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/bannoweb-change-password-form-6f8f89ac.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6c1f4c46ef8efedb3c72771cdb6775d20906641568a906feecc822efa3d3bd2e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:23 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"c27-46HuW3Q2xlXcWnf51wjIvQ99xGQ"
content-length
3111
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
jha-icon-form-04b9a4c2.js
my.oakstarbank.com/js/ 		1 KB
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/jha-icon-form-04b9a4c2.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6582cdedc3524aee7df9b7e86f1cee6abb84b619d8498dd90e333febd12da66e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:23 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"200-NAt9lypPSZTy874DVu3KtayFLB0"
content-length
512
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
jha-icon-life-preserver-24424ad3.js
my.oakstarbank.com/js/ 		1 KB
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/js/jha-icon-life-preserver-24424ad3.js
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
82b22a2a08753fbd48e21afda3cd9590d9f8a264fdbd0e5c5ba7576ecdb1cd70
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:23 GMT
content-encoding
br
cache-control
public, max-age=31536000
etag
W/"276-3DFD0n6fcUBGw4voqtfLtyrYfpY"
content-length
630
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
time
my.oakstarbank.com/a/consumer/api/v0/login/ 		13 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/a/consumer/api/v0/login/time
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/js/standalone-app-10fd0aa3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
29aeda0441cbb588804a5354ae64570d7d334440f5248ff5f7c6c0f2bfcc2146
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/login
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json

Response headers

date
Wed, 13 Jul 2022 14:25:23 GMT
x-b3-traceid
cc4e115e6ab36efa
etag
W/"d-U/dgkZC3uqurd75eeJXXhFk6SKc"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-store, no-cache
x-b3-spanid
1782db1cc3e7c59c
x-b3-parentspanid
cc4e115e6ab36efa
x-b3-sampled
1
content-length
13
x-request-id
007d82ffdc775fe3909277422fdcdd40
oakstar-bank-logo-d61f3040.png
my.oakstarbank.com/images/fi-assets/oakstar-bank/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.oakstarbank.com/images/fi-assets/oakstar-bank/oakstar-bank-logo-d61f3040.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
97559a63a1e3f5d9261b729a007c247ddd0249f150aea04f396773375a4effa8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.oakstarbank.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:23 GMT
last-modified
Tue, 12 Jul 2022 20:43:54 GMT
etag
W/"32ba-181f4276f10"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12986
collect
www.google-analytics.com/j/ 		4 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=544555926&t=pageview&_s=1&dl=https%3A%2F%2Fmy.oakstarbank.com%2F&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Login%20%C2%B7%20OakStar%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAAC~&jid=360265144&gjid=1886202762&cid=119509965.1657722323&tid=UA-44924824-4&_gid=1838242465.1657722323&_r=1&_slc=1&cd1=Browser&z=1591594427
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/js/analytics-d40531c5e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80f::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://my.oakstarbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 14:25:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://my.oakstarbank.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
roboto-regular-webfont.woff2
my.oakstarbank.com/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/fonts/roboto-regular-webfont.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/
Origin
https://my.oakstarbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 14:25:23 GMT
last-modified
Tue, 12 Jul 2022 20:48:36 GMT
etag
W/"3bf0-181f42bbca0"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
font/woff2
cache-control
public, no-cache
accept-ranges
bytes
content-length
15344
collect
stats.g.doubleclick.net/j/ 		1 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-44924824-4&cid=119509965.1657722323&jid=360265144&gjid=1886202762&_gid=1838242465.1657722323&_u=aEBAAEAAAAAAAC~&z=1280954962
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/js/analytics-d40531c5e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://my.oakstarbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 13 Jul 2022 14:25:23 GMT
content-type
text/plain
access-control-allow-origin
https://my.oakstarbank.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
online-cookie-migration
my.oakstarbank.com/a/consumer/api/login/ 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.oakstarbank.com/a/consumer/api/login/online-cookie-migration
Requested by
Host: my.oakstarbank.com
URL: https://my.oakstarbank.com/js/standalone-app-10fd0aa3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.oakstarbank.com/login
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json

Response headers

date
Wed, 13 Jul 2022 14:25:23 GMT
x-b3-traceid
f0f09dda14572c91
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-origin
*
cache-control
private, no-store, no-cache
x-b3-spanid
e17ac4dd011b9256
x-b3-parentspanid
7401ca05bc0ce620
x-b3-sampled
1
x-envoy-upstream-service-time
0
x-request-id
82a278aa26c68a892c7d024e88df782b
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| imprt_ object| banno function| JSCompiler_renameProperty function| g3b function| smc function| aIa string| mitekWorkerPath function| f9b function| hta function| pnc function| ejc function| fVb function| cjc function| vjc function| rec object| ShadyCSS string| GoogleAnalyticsObject function| ga function| k9b function| aa function| nUb function| uic function| nAa function| fPb function| dnc function| ka function| lIa function| ye function| s6b function| td function| t7b function| rSb function| vic function| hfc function| ufc function| vG function| xhc function| zkc function| eec function| djc function| fg function| j0a function| dgc function| cWb function| ejb function| wjc function| inb function| k5b function| sic function| v function| i5b function| zic function| ppb function| dnb function| cBa function| i2b function| hia function| kub object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| sX function| oVb function| uUb function| pUa function| rUb function| vtb function| pjb function| qIb function| cwb function| ySb function| rIb function| uXb function| peb function| cUb function| sfc function| slc function| imc function| ajc function| r3a function| csb function| nec function| enb function| tjc function| zob function| wya function| wkc function| oOa function| ii function| bUb function| onb function| aFb function| yTb function| zQb function| lVa

4 Cookies

Domain/Path Name / Value
my.oakstarbank.com/ Name: deviceId
Value: online-16c05bdc-30e7-4b1f-a36f-a1a7074f8594
.oakstarbank.com/ Name: _ga
Value: GA1.2.119509965.1657722323
.oakstarbank.com/ Name: _gid
Value: GA1.2.1838242465.1657722323
.oakstarbank.com/ Name: _gat
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://my.oakstarbank.com/a/consumer/api/auth/validate
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-zyehUjanl02f25L6IaXADmHk1LsjQ4487lCKSB+D0Ig=' 'sha256-7iFrvfSFzT83s+AuKSIVC8Mqp/Ii6wxhw8IJayAxO8g=' 'sha256-QM2/PQ5QetJIu/5IwYVFJ1SnDeYpYkFDCtFNrMLLNt0=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self'; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://apim.autobooks.co http://localhost:8080; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://getsentry-production.banno.com wss://my.oakstarbank.com; manifest-src 'self'; worker-src 'self'; report-uri https://getsentry.banno-tools.com/api/2/security/?sentry_key=e7dd91cbbd044257977d999a9c5709f5;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

getsentry.banno-tools.com
my.oakstarbank.com
stats.g.doubleclick.net
www.google-analytics.com
13.86.62.194
2a00:1450:400c:c06::9c
2a00:1450:4014:80f::200e
52.189.66.201
081732733d7669b450af486389c740427ce9825e78c0878448e5708486956778
0b3d0d2dc570b9a9848a4ed6232d87ef6d92f4fdd97452db75f7c0a48f568281
206d898c962f435b0d3b1e270f63f09511cd2f3779e5e4804421f53b608779a6
21a671b7847f4cf86ee7fc6988076492233e47dc8c5b5823ca4ac1bade6c878c
22e4f998890bcc485adc0f9e83d70edd17a86d42d302102c69fc56abb693f54a
23b0995adf917bb596aa921b34dba14ae44d1e12ec3b33b10ec8c2720eb13f2f
29aeda0441cbb588804a5354ae64570d7d334440f5248ff5f7c6c0f2bfcc2146
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42aff980cd18beaf688d2b7a3d2678192576cd32060f1366a6166e9a35bfcdc6
463e588584dc6197d747f400ff71ac52377ff2f3838c157f2b83f0b08eecbad8
48c5b1e16f8ac95664d34ccafdcf4125e2cfdd91ef900376b843ce9c06d522c0
54cbfc1256448737cce27ae936f40fe37d5ea4ae6e92ae847f8c277b47faf6ed
5cdc1cb9d08b5907d9774a3cea5f70a85523b70b1986be0f50de369a2da3b73e
6582cdedc3524aee7df9b7e86f1cee6abb84b619d8498dd90e333febd12da66e
682b5aea4cffc6232bbdb7a20c038152b92e98309ea326d9b0c098594ca0e513
6aae25f5078ea5b77970c4e4f5bf20fc45283038e3e4ed44b440073c2e7d5b14
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c1f4c46ef8efedb3c72771cdb6775d20906641568a906feecc822efa3d3bd2e
6e1ba01f20b4fa1737b63eb0520e2b826c5237afa0e116a018e459f42d1e98ad
7fd36cc9d2ad8fb3d78dde5ae651bedd0fc1cef9eed46b87f4df44dd1140a551
82b22a2a08753fbd48e21afda3cd9590d9f8a264fdbd0e5c5ba7576ecdb1cd70
89c3d562b0746d0e6e8ca2c913067726557474a5cc3d5f8aa89efd0774733247
908c157fd354cdad06d60acb4a5ffbd741fb428ec3bdc4ae0531c9ac577b9162
97559a63a1e3f5d9261b729a007c247ddd0249f150aea04f396773375a4effa8
9a2777991cecbc933f020541136e28a7768bde3f4787a9d498838b095221e70a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a331ba7d33cd424380cab67a49fb507342aab0b7f7df6f892bf7f7fcaf2e0932
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b194725fcdca4c573ca18a75df50faaa6c98f4f9d334638a80dc582916d3ff68
c5d9ca53d1975db6198119593e41e885bed7a2b6b32ee5de41c0a7314c5c8fe1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2fb2977a1a9fba7a6d7900a62a8da13f998fa7612f3c9cadb4baf53f606008
f38be90033c604e76c255ec1ccbd1d4fffa6e2c41acf0d57b491671a20fca466
f3d7b028390f5836deac50c19249e38fad159296784aada042bd5d2b0b1a847f
f5c15c768d7854dbcde221ab9fc98fe2fe2f2122730cb38154d76d33bd31e1df