Submitted URL: https://my.luzernebank.com/
Effective URL: https://my.luzernebank.com/login
Submission: On July 26 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 31 HTTP transactions. The main IP is 35.225.70.12, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is my.luzernebank.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on August 14th 2023. Valid for: a year.
This is the only time my.luzernebank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
31 35.225.70.12 396982 (GOOGLE-CL...)
31 2
Apex Domain
Subdomains
Transfer
31 luzernebank.com
my.luzernebank.com
373 KB
31 1
Domain Requested by
31 my.luzernebank.com my.luzernebank.com
31 1

This site contains no links.

Subject Issuer Validity Valid
my.luzernebank.com
GeoTrust TLS RSA CA G1
2023-08-14 -
2024-08-13
a year crt.sh

This page contains 1 frames:

Primary Page: https://my.luzernebank.com/login
Frame ID: BF16856577FE4071E2953241D52F648B
Requests: 32 HTTP requests in this frame

Screenshot

Page Title

Login · Luzerne Bank

Page URL History Show full URLs

  1. https://my.luzernebank.com/ Page URL
  2. https://my.luzernebank.com/login Page URL

Page Statistics

31
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

373 kB
Transfer

1666 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://my.luzernebank.com/ Page URL
  2. https://my.luzernebank.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
my.luzernebank.com/
87 KB
17 KB
Document
General
Full URL
https://my.luzernebank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
44f60b8d10abddf6a16634b2fdf667125a5eef6ea0bbfe1c12cd9da820321dfb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-4lQVzUpP74bBOCRcSN5QHtSwfcZRXnF1upVyHd7sJ/w=' 'sha256-slMG96LGJvfCDa/4TgCISru2dyv1Y9V2tYRzu7kddng=' 'sha256-c4p3GN18mp3vTXHsJI2lB3JOYhqThAKf1CWHWgnAxbE=' 'sha256-XgLxN6dWCALTUroZXXb+XjBrDSSzOikOVgxfPPTaT+U=' 'sha256-jqWCQz4uH30U4R/ENDE7OD/7r3fNnLJ6B41IBE2LmWI=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-JeoGs+lRuASycIlD3uysSbRGM9JImUgbovlzR85rwu0=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://banno.com https://*.banno.com https://*.googleusercontent.com https://assets.thisisbud.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src blob: 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://clientstream.launchdarkly.com https://app.launchdarkly.com wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.luzernebank.com; manifest-src 'self'; worker-src 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-length
16031
content-security-policy
default-src 'none'; script-src 'unsafe-inline' 'sha256-4lQVzUpP74bBOCRcSN5QHtSwfcZRXnF1upVyHd7sJ/w=' 'sha256-slMG96LGJvfCDa/4TgCISru2dyv1Y9V2tYRzu7kddng=' 'sha256-c4p3GN18mp3vTXHsJI2lB3JOYhqThAKf1CWHWgnAxbE=' 'sha256-XgLxN6dWCALTUroZXXb+XjBrDSSzOikOVgxfPPTaT+U=' 'sha256-jqWCQz4uH30U4R/ENDE7OD/7r3fNnLJ6B41IBE2LmWI=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-JeoGs+lRuASycIlD3uysSbRGM9JImUgbovlzR85rwu0=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://banno.com https://*.banno.com https://*.googleusercontent.com https://assets.thisisbud.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src blob: 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://clientstream.launchdarkly.com https://app.launchdarkly.com wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.luzernebank.com; manifest-src 'self'; worker-src 'self';
content-type
text/html; charset=utf-8
date
Fri, 26 Jul 2024 19:57:10 GMT
permissions-policy
document-domain=()
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-sampled
1
x-b3-spanid
0000000000000000
x-b3-traceid
00000000000000000000000000000000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
c5d4fe1a262c486c736987b886758c54
roboto-medium-webfont-ea04e4ff.woff2
my.luzernebank.com/fonts/
15 KB
15 KB
Font
General
Full URL
https://my.luzernebank.com/fonts/roboto-medium-webfont-ea04e4ff.woff2
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/
Origin
https://my.luzernebank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:10 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
accept-ranges
bytes
content-length
15552
x-request-id
c2d249294437882e11d845441f97a1ee
standalone-app-a05f1942.js
my.luzernebank.com/js/
122 KB
35 KB
Script
General
Full URL
https://my.luzernebank.com/js/standalone-app-a05f1942.js
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
9a1978f0309d70d0f62598527b2729190552dee2eca8cee162f715ba7d82a702
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
Origin
https://my.luzernebank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:10 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
content-length
35046
x-request-id
34b65bc14470f68340582959a7039a72
banno-web-f579843c.js
my.luzernebank.com/js/
464 KB
100 KB
Script
General
Full URL
https://my.luzernebank.com/js/banno-web-f579843c.js
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
dc8c46628766d630e6d4625a826a2cb201a0b32fbc183bbc6ea578e7e6e2b905
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
Origin
https://my.luzernebank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:10 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
content-length
101588
x-request-id
1b4252cc77f6f142bce0deb03d8e9bb8
luzerne-bank-logo-364e7e5e.png
my.luzernebank.com/images/fi-assets/luzerne-bank/
17 KB
17 KB
Image
General
Full URL
https://my.luzernebank.com/images/fi-assets/luzerne-bank/luzerne-bank-logo-364e7e5e.png
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
395b4f82c0fc366a026945f73ae3aca94b4a8e2ebc30c6f7c49d2c010630bafe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:10 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
accept-ranges
bytes
content-length
17174
x-request-id
4cedf130436354a0ef15a66fa95d7463
jha-icon-circle-warning-d33cc2b3.js
my.luzernebank.com/js/
735 B
664 B
Script
General
Full URL
https://my.luzernebank.com/js/jha-icon-circle-warning-d33cc2b3.js
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/js/banno-web-f579843c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
f898a30e6f0edcdcc67bcdd3efc7a654280beb15ac725b061b1dc9c4f2670504
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/js/banno-web-f579843c.js
Origin
https://my.luzernebank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
content-length
377
x-request-id
51674821f31461abdf140b5363626178
bannoweb-background-hero-ba087be1.js
my.luzernebank.com/js/
820 B
669 B
Script
General
Full URL
https://my.luzernebank.com/js/bannoweb-background-hero-ba087be1.js
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/js/banno-web-f579843c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
d5a5bf828ccdbcec8ac4efc315b78d1cd22744350c1ba26c1870f17533f119f8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/js/banno-web-f579843c.js
Origin
https://my.luzernebank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
content-length
382
x-request-id
7061ccb98d174f5d281061057ddaaa92
validate
my.luzernebank.com/a/consumer/api/auth/
0
0
Fetch
General
Full URL
https://my.luzernebank.com/a/consumer/api/auth/validate
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/js/standalone-app-a05f1942.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
8acdcc63e6897d246174241a2943fd5d
traceparent
00-8acdcc63e6897d246174241a2943fd5d-45440101fe4cbd4d-01
x-b3-spanid
45440101fe4cbd4d
x-b3-sampled
1
content-length
0
x-request-id
161ae0237849b0a5ad0da06c91747ebf
luzerne-bank-favicon-6746e812.ico
my.luzernebank.com/images/fi-assets/luzerne-bank/
33 KB
33 KB
Other
General
Full URL
https://my.luzernebank.com/images/fi-assets/luzerne-bank/luzerne-bank-favicon-6746e812.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
bd9f4fd4eb8ab682922e4923e5bae3999304ffa710947faaf769a9ec63170df7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
image/x-icon
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
accept-ranges
bytes
content-length
33310
x-request-id
8a365411aaebe35c21a1f2c28723a112
luzerne-bank-background-landscape-fcee727b.png
my.luzernebank.com/images/fi-assets/luzerne-bank/
12 KB
13 KB
Image
General
Full URL
https://my.luzernebank.com/images/fi-assets/luzerne-bank/luzerne-bank-background-landscape-fcee727b.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
accept-ranges
bytes
content-length
12605
x-request-id
86167b26484e22e065a8f4f5eae8d315
d9a019b9-edae-4aad-a3e5-4c031f36d7f3
my.luzernebank.com/a/consumer/api/institutions/
44 KB
44 KB
Fetch
General
Full URL
https://my.luzernebank.com/a/consumer/api/institutions/d9a019b9-edae-4aad-a3e5-4c031f36d7f3
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/js/standalone-app-a05f1942.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
b4f924ffd3381c34df89e770a30e935f
traceparent
00-b4f924ffd3381c34df89e770a30e935f-b6e3751d7d93686c-01
content-type
application/json
x-b3-spanid
b6e3751d7d93686c
x-b3-sampled
1
content-length
45101
x-request-id
ee4d324a77e9691c17b9d7096bbf5972
Primary Request login
my.luzernebank.com/
87 KB
17 KB
Document
General
Full URL
https://my.luzernebank.com/login
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/js/banno-web-f579843c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
1f0998f501ba55b646fa55b907c8e1b66214c132fc74fca1401dc5b993b32786
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-4lQVzUpP74bBOCRcSN5QHtSwfcZRXnF1upVyHd7sJ/w=' 'sha256-slMG96LGJvfCDa/4TgCISru2dyv1Y9V2tYRzu7kddng=' 'sha256-c4p3GN18mp3vTXHsJI2lB3JOYhqThAKf1CWHWgnAxbE=' 'sha256-XgLxN6dWCALTUroZXXb+XjBrDSSzOikOVgxfPPTaT+U=' 'sha256-7nyAkc84L+irxBleGAkQAgRDKI++A7Z8U1H5aPz3ljs=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-JeoGs+lRuASycIlD3uysSbRGM9JImUgbovlzR85rwu0=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://banno.com https://*.banno.com https://*.googleusercontent.com https://assets.thisisbud.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src blob: 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://clientstream.launchdarkly.com https://app.launchdarkly.com wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.luzernebank.com; manifest-src 'self'; worker-src 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://my.luzernebank.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-length
15991
content-security-policy
default-src 'none'; script-src 'unsafe-inline' 'sha256-4lQVzUpP74bBOCRcSN5QHtSwfcZRXnF1upVyHd7sJ/w=' 'sha256-slMG96LGJvfCDa/4TgCISru2dyv1Y9V2tYRzu7kddng=' 'sha256-c4p3GN18mp3vTXHsJI2lB3JOYhqThAKf1CWHWgnAxbE=' 'sha256-XgLxN6dWCALTUroZXXb+XjBrDSSzOikOVgxfPPTaT+U=' 'sha256-7nyAkc84L+irxBleGAkQAgRDKI++A7Z8U1H5aPz3ljs=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-JeoGs+lRuASycIlD3uysSbRGM9JImUgbovlzR85rwu0=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://banno.com https://*.banno.com https://*.googleusercontent.com https://assets.thisisbud.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src blob: 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://clientstream.launchdarkly.com https://app.launchdarkly.com wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.luzernebank.com; manifest-src 'self'; worker-src 'self';
content-type
text/html; charset=utf-8
date
Fri, 26 Jul 2024 19:57:11 GMT
permissions-policy
document-domain=()
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-sampled
1
x-b3-spanid
0000000000000000
x-b3-traceid
00000000000000000000000000000000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
3b7b37d081a6852a8e8c7fccd155d16d
roboto-medium-webfont-ea04e4ff.woff2
my.luzernebank.com/fonts/
15 KB
0
Font
General
Full URL
https://my.luzernebank.com/fonts/roboto-medium-webfont-ea04e4ff.woff2
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/login
Origin
https://my.luzernebank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:10 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
accept-ranges
bytes
content-length
15552
x-request-id
c2d249294437882e11d845441f97a1ee
standalone-app-a05f1942.js
my.luzernebank.com/js/
122 KB
0
Script
General
Full URL
https://my.luzernebank.com/js/standalone-app-a05f1942.js
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
9a1978f0309d70d0f62598527b2729190552dee2eca8cee162f715ba7d82a702
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
Origin
https://my.luzernebank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:10 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
content-length
35046
x-request-id
34b65bc14470f68340582959a7039a72
banno-web-f579843c.js
my.luzernebank.com/js/
464 KB
0
Script
General
Full URL
https://my.luzernebank.com/js/banno-web-f579843c.js
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
dc8c46628766d630e6d4625a826a2cb201a0b32fbc183bbc6ea578e7e6e2b905
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
Origin
https://my.luzernebank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:10 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
content-length
101588
x-request-id
1b4252cc77f6f142bce0deb03d8e9bb8
luzerne-bank-logo-364e7e5e.png
my.luzernebank.com/images/fi-assets/luzerne-bank/
17 KB
0
Image
General
Full URL
https://my.luzernebank.com/images/fi-assets/luzerne-bank/luzerne-bank-logo-364e7e5e.png
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
395b4f82c0fc366a026945f73ae3aca94b4a8e2ebc30c6f7c49d2c010630bafe

Request headers

Referer
https://my.luzernebank.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:10 GMT
x-b3-traceid
00000000000000000000000000000000
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
accept-ranges
bytes
content-length
17174
x-request-id
4cedf130436354a0ef15a66fa95d7463
jha-icon-circle-warning-d33cc2b3.js
my.luzernebank.com/js/
735 B
0
Script
General
Full URL
https://my.luzernebank.com/js/jha-icon-circle-warning-d33cc2b3.js
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/js/banno-web-f579843c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
f898a30e6f0edcdcc67bcdd3efc7a654280beb15ac725b061b1dc9c4f2670504
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/js/banno-web-f579843c.js
Origin
https://my.luzernebank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
content-length
377
x-request-id
51674821f31461abdf140b5363626178
bannoweb-background-hero-ba087be1.js
my.luzernebank.com/js/
820 B
0
Script
General
Full URL
https://my.luzernebank.com/js/bannoweb-background-hero-ba087be1.js
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/js/banno-web-f579843c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
d5a5bf828ccdbcec8ac4efc315b78d1cd22744350c1ba26c1870f17533f119f8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/js/banno-web-f579843c.js
Origin
https://my.luzernebank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
content-length
382
x-request-id
7061ccb98d174f5d281061057ddaaa92
luzerne-bank-favicon-6746e812.ico
my.luzernebank.com/images/fi-assets/luzerne-bank/
33 KB
0
Other
General
Full URL
https://my.luzernebank.com/images/fi-assets/luzerne-bank/luzerne-bank-favicon-6746e812.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
bd9f4fd4eb8ab682922e4923e5bae3999304ffa710947faaf769a9ec63170df7

Request headers

Referer
https://my.luzernebank.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
x-b3-traceid
00000000000000000000000000000000
content-type
image/x-icon
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
accept-ranges
bytes
content-length
33310
x-request-id
8a365411aaebe35c21a1f2c28723a112
jha-icon-form-644eaf87.js
my.luzernebank.com/js/
1 KB
801 B
Script
General
Full URL
https://my.luzernebank.com/js/jha-icon-form-644eaf87.js
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/js/banno-web-f579843c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
63a56e2c926ce23a9b898c75e8eeaba30bc22dc408664393b1a354d73d871651
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/js/banno-web-f579843c.js
Origin
https://my.luzernebank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
content-length
514
x-request-id
c846edf9fd1ee4f6cc8fcc5b93229998
jha-icon-life-preserver-cec70bc9.js
my.luzernebank.com/js/
1 KB
915 B
Script
General
Full URL
https://my.luzernebank.com/js/jha-icon-life-preserver-cec70bc9.js
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/js/banno-web-f579843c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
93289e754588ce490fd69ec60fbd70d4bbbe910d598764b9b018ddc66718c315
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/js/banno-web-f579843c.js
Origin
https://my.luzernebank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
content-length
628
x-request-id
ce9e5266e79c1b3aebaa4b8b4d69d2ce
time
my.luzernebank.com/a/consumer/api/v0/login/
13 B
363 B
Fetch
General
Full URL
https://my.luzernebank.com/a/consumer/api/v0/login/time
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/js/standalone-app-a05f1942.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
9c5ba3ef33491d50118cd227e24526afbbc2230d857398c3869bb0aa1fbd0c4c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
6be696d57dab1719b3e67d4b1b9667ab
traceparent
00-6be696d57dab1719b3e67d4b1b9667ab-9be687359ae5bdad-01
etag
W/"d-BtY1YuDaNvqMPW0SSULHFihNBmY"
content-type
application/json; charset=utf-8
cache-control
private, no-store, no-cache
x-b3-spanid
9be687359ae5bdad
x-b3-sampled
1
content-length
13
x-request-id
b9ff5bcdcb74281c66af28f506b7c1c9
jha-icon-warning-a9a090da.js
my.luzernebank.com/js/
898 B
733 B
Script
General
Full URL
https://my.luzernebank.com/js/jha-icon-warning-a9a090da.js
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/js/banno-web-f579843c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
59bf7f7ec95330fdc8b094a69ff152777676f510cb047226ac6518b0c8bb9064
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/js/banno-web-f579843c.js
Origin
https://my.luzernebank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
content-length
446
x-request-id
a5b21b24ff63c677a17488f075e57ae1
d9a019b9-edae-4aad-a3e5-4c031f36d7f3
my.luzernebank.com/a/consumer/api/institutions/
44 KB
44 KB
Fetch
General
Full URL
https://my.luzernebank.com/a/consumer/api/institutions/d9a019b9-edae-4aad-a3e5-4c031f36d7f3
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/js/standalone-app-a05f1942.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
b5a13deaf6a6a1e5cc252de02e11568481ad91464312ae88cbd53bec6b09e472
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
7b71890b10b710e6feb24d2a21ebb99f
traceparent
00-7b71890b10b710e6feb24d2a21ebb99f-e63f9fff18936fb7-01
content-type
application/json
x-b3-spanid
e63f9fff18936fb7
x-b3-sampled
1
content-length
45101
x-request-id
8536097ad2e2a6941872eb78c01662f6
time
my.luzernebank.com/a/consumer/api/v0/login/
13 B
360 B
Fetch
General
Full URL
https://my.luzernebank.com/a/consumer/api/v0/login/time
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/js/standalone-app-a05f1942.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
5e48d3027b945df5296a2ba166a83d353bff3318619150eb58cab48243967676
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
5f24c4e6d140ba84331d6f7adf80627b
traceparent
00-5f24c4e6d140ba84331d6f7adf80627b-e0417d4fcc5e3dba-01
etag
W/"d-PyUI/DLCO8Js6TBZTjooPkYhB00"
content-type
application/json; charset=utf-8
cache-control
private, no-store, no-cache
x-b3-spanid
e0417d4fcc5e3dba
x-b3-sampled
1
content-length
13
x-request-id
40c8419f1da9e9c503a11e2d65a9e2e6
mixpanel-15034837.js
my.luzernebank.com/js/
55 KB
17 KB
Script
General
Full URL
https://my.luzernebank.com/js/mixpanel-15034837.js
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/js/banno-web-f579843c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
4f0a72d6d081b47e42a77c17f8963910feb9c3092660411b0b5e0197cfb5cad7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/js/banno-web-f579843c.js
Origin
https://my.luzernebank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
content-length
17249
x-request-id
ab6b63b736ee3af6eb986eb46fb92f0c
d9a019b9-edae-4aad-a3e5-4c031f36d7f3
my.luzernebank.com/a/consumer/api/offline-status/institutions/
20 B
316 B
Fetch
General
Full URL
https://my.luzernebank.com/a/consumer/api/offline-status/institutions/d9a019b9-edae-4aad-a3e5-4c031f36d7f3
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/js/standalone-app-a05f1942.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
bdbf1c1b735b09d5cdd6e0d87b5a3db5f5334f23e13dfe29e2ceb3d687e02716
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
dd6edc1d3aa1542f47d4474007b9bef5
traceparent
00-dd6edc1d3aa1542f47d4474007b9bef5-239a4b88f05b48c2-01
content-type
application/json
x-b3-spanid
239a4b88f05b48c2
x-envoy-upstream-service-time
0
x-b3-sampled
1
content-length
20
x-request-id
52a2086671b92982c675965e2f4054b8
client-shared-070cfa89.js
my.luzernebank.com/js/
146 B
413 B
Script
General
Full URL
https://my.luzernebank.com/js/client-shared-070cfa89.js
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/js/banno-web-f579843c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
93eb319a5d696bff4e10d9b4f73bf3ed7aabd0b22e47ca9527c3e53a4c923540
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/js/banno-web-f579843c.js
Origin
https://my.luzernebank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
content-length
126
x-request-id
efc9dde9372eca2458b0cf87c8c3d04a
luzerne-bank-background-landscape-fcee727b.png
my.luzernebank.com/images/fi-assets/luzerne-bank/
12 KB
0
Image
General
Full URL
https://my.luzernebank.com/images/fi-assets/luzerne-bank/luzerne-bank-background-landscape-fcee727b.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
9f1b2b78585839fbfc4270a099d3a577fad2c55afba26fbcb83c19c1e8725006
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
accept-ranges
bytes
content-length
12605
x-request-id
86167b26484e22e065a8f4f5eae8d315
roboto-regular-webfont-06db651c.woff2
my.luzernebank.com/fonts/
15 KB
15 KB
Font
General
Full URL
https://my.luzernebank.com/fonts/roboto-regular-webfont-06db651c.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/login
Origin
https://my.luzernebank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
00000000000000000000000000000000
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
x-b3-spanid
0000000000000000
x-b3-sampled
1
accept-ranges
bytes
content-length
15344
x-request-id
4e1b25998e149724b51f6ebba78a95a2
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
start
my.luzernebank.com/a/consumer/api/login/assertion/
155 B
502 B
Fetch
General
Full URL
https://my.luzernebank.com/a/consumer/api/login/assertion/start
Requested by
Host: my.luzernebank.com
URL: https://my.luzernebank.com/js/standalone-app-a05f1942.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.70.225.35.bc.googleusercontent.com
Software
/
Resource Hash
a01d5227aba60fc4005ab0058437442510115a6946d4a02e6ae95cbb5496d3f5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://my.luzernebank.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 26 Jul 2024 19:57:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-b3-traceid
a01d010032e9035cc2d574a04fdd6f7f
traceparent
00-a01d010032e9035cc2d574a04fdd6f7f-1cc0c8473cec490f-01
etag
W/"9b-pMPKFrBp0hdNgadOXk8w8Tl7/xc"
content-type
application/json; charset=utf-8
cache-control
private, no-store, no-cache
x-b3-spanid
1cc0c8473cec490f
x-b3-sampled
1
content-length
155
x-request-id
3a192562d2c28c4fd9896520ddf34d59

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| hasImportSupport object| banno string| mitekWorkerPath object| ShadyCSS object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions function| mab function| rWc function| cV function| wl function| lNa function| xUc function| eXc function| eWc function| v function| ioc function| dDc function| v4 function| aqc function| myb function| vl function| gxb function| uqc function| qrc function| qhb function| g1a function| yn function| ga function| lxc function| sQc function| tVc function| iwc function| pVb function| gpc function| nPb function| qxc function| ji function| mAc function| j8b function| gwc function| tAa function| eV function| vka function| u2 function| xNa function| wIa function| hWc function| nL function| bJa function| aka function| qL function| au function| zf function| g3a function| kya function| fc function| vWc function| hI function| vDc function| jpb function| amc function| kqc function| bwb function| vpc

2 Cookies

Domain/Path Name / Value
my.luzernebank.com/ Name: deviceId
Value: online-68d012ae-e404-4842-b42d-991ba3b379d7
my.luzernebank.com/ Name: mp_5ad87dc510a720035bac28b0d20a2df5_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A190f09e692324a-004f5cf838dbe-11462c6f-1d4c00-190f09e692324a%22%2C%22%24device_id%22%3A%20%22190f09e692324a-004f5cf838dbe-11462c6f-1d4c00-190f09e692324a%22%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fmy.luzernebank.com%2F%22%2C%22%24initial_referring_domain%22%3A%20%22my.luzernebank.com%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fmy.luzernebank.com%2F%22%2C%22%24initial_referring_domain%22%3A%20%22my.luzernebank.com%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22institutionId%22%3A%20%22d9a019b9-edae-4aad-a3e5-4c031f36d7f3%22%2C%22institutionName%22%3A%20%22Luzerne%20Bank%22%2C%22userAgent%22%3A%20%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36%22%7D

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
network error URL: https://my.luzernebank.com/a/consumer/api/auth/validate
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-4lQVzUpP74bBOCRcSN5QHtSwfcZRXnF1upVyHd7sJ/w=' 'sha256-slMG96LGJvfCDa/4TgCISru2dyv1Y9V2tYRzu7kddng=' 'sha256-c4p3GN18mp3vTXHsJI2lB3JOYhqThAKf1CWHWgnAxbE=' 'sha256-XgLxN6dWCALTUroZXXb+XjBrDSSzOikOVgxfPPTaT+U=' 'sha256-jqWCQz4uH30U4R/ENDE7OD/7r3fNnLJ6B41IBE2LmWI=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-JeoGs+lRuASycIlD3uysSbRGM9JImUgbovlzR85rwu0=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://banno.com https://*.banno.com https://*.googleusercontent.com https://assets.thisisbud.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src blob: 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://clientstream.launchdarkly.com https://app.launchdarkly.com wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.luzernebank.com; manifest-src 'self'; worker-src 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

my.luzernebank.com
35.225.70.12
1f0998f501ba55b646fa55b907c8e1b66214c132fc74fca1401dc5b993b32786
395b4f82c0fc366a026945f73ae3aca94b4a8e2ebc30c6f7c49d2c010630bafe
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44f60b8d10abddf6a16634b2fdf667125a5eef6ea0bbfe1c12cd9da820321dfb
4f0a72d6d081b47e42a77c17f8963910feb9c3092660411b0b5e0197cfb5cad7
59bf7f7ec95330fdc8b094a69ff152777676f510cb047226ac6518b0c8bb9064
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e48d3027b945df5296a2ba166a83d353bff3318619150eb58cab48243967676
63a56e2c926ce23a9b898c75e8eeaba30bc22dc408664393b1a354d73d871651
93289e754588ce490fd69ec60fbd70d4bbbe910d598764b9b018ddc66718c315
93eb319a5d696bff4e10d9b4f73bf3ed7aabd0b22e47ca9527c3e53a4c923540
9a1978f0309d70d0f62598527b2729190552dee2eca8cee162f715ba7d82a702
9c5ba3ef33491d50118cd227e24526afbbc2230d857398c3869bb0aa1fbd0c4c
9f1b2b78585839fbfc4270a099d3a577fad2c55afba26fbcb83c19c1e8725006
a01d5227aba60fc4005ab0058437442510115a6946d4a02e6ae95cbb5496d3f5
b5a13deaf6a6a1e5cc252de02e11568481ad91464312ae88cbd53bec6b09e472
bd9f4fd4eb8ab682922e4923e5bae3999304ffa710947faaf769a9ec63170df7
bdbf1c1b735b09d5cdd6e0d87b5a3db5f5334f23e13dfe29e2ceb3d687e02716
d5a5bf828ccdbcec8ac4efc315b78d1cd22744350c1ba26c1870f17533f119f8
dc8c46628766d630e6d4625a826a2cb201a0b32fbc183bbc6ea578e7e6e2b905
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f898a30e6f0edcdcc67bcdd3efc7a654280beb15ac725b061b1dc9c4f2670504