urlscan.io logo urlscan.io
SecurityTrails logo

compliance.texasfirst.bank Open in urlscan Pro
34.111.11.106  Public Scan

Go To Rescan Add Verdict Report
URL: https://compliance.texasfirst.bank/
Submission: On November 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 14 HTTP transactions. The main IP is 34.111.11.106, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is compliance.texasfirst.bank.
TLS certificate: Issued by R11 on November 22nd 2024. Valid for: 3 months.
This is the only time compliance.texasfirst.bank was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 34.111.11.106 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
14 5
5    34.111.11.106 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 106.11.111.34.bc.googleusercontent.com
compliance.texasfirst.bank
1    2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:816::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4006:81f::201b (United States)

ASN15169 (GOOGLE, US)
storage.googleapis.com
3    2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
5 texasfirst.bank
compliance.texasfirst.bank
553 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
storage.googleapis.com — Cisco Umbrella Rank: 314
18 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
176 KB
14 4
Domain Requested by
5 compliance.texasfirst.bank compliance.texasfirst.bank
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 storage.googleapis.com compliance.texasfirst.bank
2 www.googletagmanager.com compliance.texasfirst.bank
www.googletagmanager.com
1 fonts.googleapis.com compliance.texasfirst.bank
14 5

This site contains no links.

Subject Issuer Validity Valid
*.riskscout.com
R11		 2024-11-22 -
2025-02-20		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
storage.googleapis.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://compliance.texasfirst.bank/
Frame ID: 49D0367E73FD878898E08422C9A1E813
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in - Texas First Bank Portal

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

14
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

768 kB
Transfer

1135 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
compliance.texasfirst.bank/ 		5 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://compliance.texasfirst.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.11.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.11.111.34.bc.googleusercontent.com
Software
/
Resource Hash
1be119e5685767ddfaafca4c6ff994999a4fa34aa9133eec8622b74fb82983af
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob: https://www.google.com https://announcekit.app https://cdn.announcekit.app https://www.recaptcha.net; connect-src 'self' wss://widget-mediator.zopim.com/ wss://*.zendesk.com https://*.zendesk.com https://ekr.zdassets.com https://*.appcues.com https://*.appcues.net https://www.google-analytics.com https://maps.googleapis.com wss://*.appcues.net wss://*.appcues.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com https://*.ingest-lr.com https://api.explo.co https://data.explo.co https://data1.explo.co https://appsignal-endpoint.net 'nonce-OIJCSGCUuTSyIM1Z+uSCEA=='; default-src 'self' blob: https://assets.verileaf.io https://assets-qa.verileaf.io https://assets.riskscout.com https://assets-qa.riskscout.com https://static.zdassets.com https://ekr.zdassets.com https://ekr.zendesk.com https://verileaf.zendesk.com https://*.zopim.com https://zendesk-eu.my.sentry.io wss://verileaf.zendesk.com wss://*.zopim.com; font-src 'self' https://assets.verileaf.io https://assets-qa.verileaf.io https://assets.riskscout.com https://assets-qa.riskscout.com https://*.zendesk.com https://fonts.gstatic.com; frame-src 'self' https://announcekit.app https://*.appcues.com https://www.recaptcha.net https://www.loom.com; img-src 'self' https: data: blob: https://assets.verileaf.io https://assets-qa.verileaf.io https://assets.riskscout.com https://assets-qa.riskscout.com https://*.zendesk.com https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com; object-src 'none'; script-src 'self' https://static.zdassets.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.ingest-lr.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com https://cdn.ingest-lr.co https://assets.verileaf.io https://assets-qa.verileaf.io https://assets.riskscout.com https://assets-qa.riskscout.com https://www.recaptcha.net https://www.gstatic.com https://polyfill.io https://maps.googleapis.com https://www.googletagmanager.com https://cdn.announcekit.app https://www.recaptcha.net https://api.explo.co https://data.explo.co https://data1.explo.co https://*.zendesk.com https://*.appcues.com https://*.appcues.net 'nonce-OIJCSGCUuTSyIM1Z+uSCEA=='; style-src 'self' 'unsafe-inline' https://assets.verileaf.io https://assets-qa.verileaf.io https://assets.riskscout.com https://assets-qa.riskscout.com https://*.zendesk.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com https://*.explo.co https://unpkg.com; worker-src 'self' blob:; base-uri 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=0, private, must-revalidate
content-length
4741
content-security-policy
child-src 'self' blob: https://www.google.com https://announcekit.app https://cdn.announcekit.app https://www.recaptcha.net; connect-src 'self' wss://widget-mediator.zopim.com/ wss://*.zendesk.com https://*.zendesk.com https://ekr.zdassets.com https://*.appcues.com https://*.appcues.net https://www.google-analytics.com https://maps.googleapis.com wss://*.appcues.net wss://*.appcues.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com https://*.ingest-lr.com https://api.explo.co https://data.explo.co https://data1.explo.co https://appsignal-endpoint.net 'nonce-OIJCSGCUuTSyIM1Z+uSCEA=='; default-src 'self' blob: https://assets.verileaf.io https://assets-qa.verileaf.io https://assets.riskscout.com https://assets-qa.riskscout.com https://static.zdassets.com https://ekr.zdassets.com https://ekr.zendesk.com https://verileaf.zendesk.com https://*.zopim.com https://zendesk-eu.my.sentry.io wss://verileaf.zendesk.com wss://*.zopim.com; font-src 'self' https://assets.verileaf.io https://assets-qa.verileaf.io https://assets.riskscout.com https://assets-qa.riskscout.com https://*.zendesk.com https://fonts.gstatic.com; frame-src 'self' https://announcekit.app https://*.appcues.com https://www.recaptcha.net https://www.loom.com; img-src 'self' https: data: blob: https://assets.verileaf.io https://assets-qa.verileaf.io https://assets.riskscout.com https://assets-qa.riskscout.com https://*.zendesk.com https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com; object-src 'none'; script-src 'self' https://static.zdassets.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.ingest-lr.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com https://cdn.ingest-lr.co https://assets.verileaf.io https://assets-qa.verileaf.io https://assets.riskscout.com https://assets-qa.riskscout.com https://www.recaptcha.net https://www.gstatic.com https://polyfill.io https://maps.googleapis.com https://www.googletagmanager.com https://cdn.announcekit.app https://www.recaptcha.net https://api.explo.co https://data.explo.co https://data1.explo.co https://*.zendesk.com https://*.appcues.com https://*.appcues.net 'nonce-OIJCSGCUuTSyIM1Z+uSCEA=='; style-src 'self' 'unsafe-inline' https://assets.verileaf.io https://assets-qa.verileaf.io https://assets.riskscout.com https://assets-qa.riskscout.com https://*.zendesk.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com https://*.explo.co https://unpkg.com; worker-src 'self' blob:; base-uri 'self'
content-type
text/html; charset=utf-8
date
Sat, 23 Nov 2024 04:03:58 GMT
etag
W/"1be119e5685767ddfaafca4c6ff99499"
link
<https://compliance.texasfirst.bank/vite/assets/login-fd92dc0d.js>; rel=modulepreload; as=script; crossorigin=anonymous; nopush,<https://compliance.texasfirst.bank/vite/assets/popper-1462643e.css>; rel=preload; as=style; nopush
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=63072000; includeSubDomains
vary
Origin
via
1.1 google
x-cloud-trace-context
0f51132ebc23b9eacd828558f6c83be6/11197671537026227224;o=0
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-rack-cors
miss; no-origin
x-request-id
b5d60136-c528-4163-b8c7-161f73a896f1
x-robots-tag
none
x-runtime
0.019442
x-xss-protection
0
login-fd92dc0d.js
compliance.texasfirst.bank/vite/assets/ 		43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compliance.texasfirst.bank/vite/assets/login-fd92dc0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.11.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.11.111.34.bc.googleusercontent.com
Software
/
Resource Hash
1dc40637bfcfe3ee961d0c384c94adc569598e639123e5f2ba2cc14cb0129e6d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://compliance.texasfirst.bank
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public, max-age=172800
x-rack-cors
miss; no-origin
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43807
date
Sat, 23 Nov 2024 04:03:59 GMT
last-modified
Fri, 15 Nov 2024 16:01:52 GMT
content-type
application/javascript
vary
Origin
popper-1462643e.css
compliance.texasfirst.bank/vite/assets/ 		424 KB
424 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://compliance.texasfirst.bank/vite/assets/popper-1462643e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.11.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.11.111.34.bc.googleusercontent.com
Software
/
Resource Hash
1462643e964303db578059077e05218aa514c248cfc4c4ca60c4f12ab78f0d7b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://compliance.texasfirst.bank/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public, max-age=172800
x-rack-cors
miss; no-origin
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
433823
date
Sat, 23 Nov 2024 04:03:59 GMT
last-modified
Fri, 15 Nov 2024 16:01:52 GMT
content-type
text/css
vary
Origin
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&display=swap
Requested by
Host: compliance.texasfirst.bank
URL: https://compliance.texasfirst.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0f8e711fc0e7836611be497783bb5114ef51658af2ce19141ed21e1dbb074b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://compliance.texasfirst.bank/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 23 Nov 2024 04:03:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 04:03:59 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 23 Nov 2024 04:03:59 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
js
www.googletagmanager.com/gtag/ 		223 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-167629260-1
Requested by
Host: compliance.texasfirst.bank
URL: https://compliance.texasfirst.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
95dc6ddb1dcd055cd8580d4e58c7e29ef0ba3e2556d28a222a6dd5f2d5ba28b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://compliance.texasfirst.bank/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 23 Nov 2024 04:03:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 04:03:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 23 Nov 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
81595
x-xss-protection
0
server
Google Tag Manager
popper-49ed1c63.js
compliance.texasfirst.bank/vite/assets/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compliance.texasfirst.bank/vite/assets/popper-49ed1c63.js
Requested by
Host: compliance.texasfirst.bank
URL: https://compliance.texasfirst.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.11.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.11.111.34.bc.googleusercontent.com
Software
/
Resource Hash
12f767256b25666883ce9f883061427b999f48573e923d0d6efa9d6f82ffbf34
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://compliance.texasfirst.bank
Referer
https://compliance.texasfirst.bank/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public, max-age=172800
x-rack-cors
miss; no-origin
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20423
date
Sat, 23 Nov 2024 04:03:59 GMT
last-modified
Fri, 15 Nov 2024 16:01:52 GMT
content-type
application/javascript
vary
Origin
bootstrap.esm-a0b478a4.js
compliance.texasfirst.bank/vite/assets/ 		59 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compliance.texasfirst.bank/vite/assets/bootstrap.esm-a0b478a4.js
Requested by
Host: compliance.texasfirst.bank
URL: https://compliance.texasfirst.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.11.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.11.111.34.bc.googleusercontent.com
Software
/
Resource Hash
465894f89c6cfa4c51fe4e6679582994b56ef77e46ed66b758546725e9d21c80
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://compliance.texasfirst.bank
Referer
https://compliance.texasfirst.bank/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public, max-age=172800
x-rack-cors
miss; no-origin
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60055
date
Sat, 23 Nov 2024 04:03:59 GMT
last-modified
Fri, 15 Nov 2024 16:01:52 GMT
content-type
application/javascript
vary
Origin
def9aba421059ef7d04d0095242a6b57.png
storage.googleapis.com/vericore-prod-public-store/institution/f8cc3339-f685-4fb3-978f-d2d8428c5e3c/logo/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/vericore-prod-public-store/institution/f8cc3339-f685-4fb3-978f-d2d8428c5e3c/logo/def9aba421059ef7d04d0095242a6b57.png
Requested by
Host: compliance.texasfirst.bank
URL: https://compliance.texasfirst.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
93301b3b9a3d469387eb1d7b6b375f058b49eb44cb6260c0c678dd0120183bdf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://compliance.texasfirst.bank/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=4I/y3g==, md5=rqrZwYInTkkwQaWtMtp3Yw==
etag
"aeaad9c182274e493041a5ad32da7763"
x-goog-stored-content-encoding
identity
expires
Sat, 23 Nov 2024 05:03:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
13554
date
Sat, 23 Nov 2024 04:03:59 GMT
last-modified
Wed, 20 Sep 2023 20:30:43 GMT
content-type
image/png
x-guploader-uploadid
AFiumC4kjpQ30CZx43FWlezd56h20R6koSPc6p62PBwpk4x9UemDbEqQ7Fjb0CXFTBilpWkMxOdiYRk7IA
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1695241843728845
content-length
13554
server
UploadServer
js
www.googletagmanager.com/gtag/ 		274 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1F4L8SBJF4&l=dataLayer&cx=c&gtm=457e4bk0za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-167629260-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5bc5a34c0c9415fe55066399428cf0dddecf352d6f63e809331e10889f26ad13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://compliance.texasfirst.bank/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 23 Nov 2024 04:03:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 04:03:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98135
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-167629260-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://compliance.texasfirst.bank/

Response headers

content-encoding
gzip
age
5418
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 23 Nov 2024 04:33:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 02:33:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
def9aba421059ef7d04d0095242a6b57.png
storage.googleapis.com/vericore-prod-public-store/institution/f8cc3339-f685-4fb3-978f-d2d8428c5e3c/logo/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/vericore-prod-public-store/institution/f8cc3339-f685-4fb3-978f-d2d8428c5e3c/logo/def9aba421059ef7d04d0095242a6b57.png
Requested by
Host: compliance.texasfirst.bank
URL: https://compliance.texasfirst.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
93301b3b9a3d469387eb1d7b6b375f058b49eb44cb6260c0c678dd0120183bdf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://compliance.texasfirst.bank/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=4I/y3g==, md5=rqrZwYInTkkwQaWtMtp3Yw==
etag
"aeaad9c182274e493041a5ad32da7763"
x-goog-stored-content-encoding
identity
expires
Sat, 23 Nov 2024 05:03:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
13554
date
Sat, 23 Nov 2024 04:03:59 GMT
last-modified
Wed, 20 Sep 2023 20:30:43 GMT
content-type
image/png
x-guploader-uploadid
AFiumC4kjpQ30CZx43FWlezd56h20R6koSPc6p62PBwpk4x9UemDbEqQ7Fjb0CXFTBilpWkMxOdiYRk7IA
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1695241843728845
content-length
13554
server
UploadServer
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1F4L8SBJF4&gtm=45je4bk0v9112126332za200&_p=1732334639419&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=638502418.1732334640&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1732334639&sct=1&seg=0&dl=https%3A%2F%2Fcompliance.texasfirst.bank%2F&dt=Log%20in%20-%20Texas%20First%20Bank%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1414
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1F4L8SBJF4&l=dataLayer&cx=c&gtm=457e4bk0za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://compliance.texasfirst.bank/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://compliance.texasfirst.bank
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 04:03:59 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/j/ 		1 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=467951448&t=pageview&_s=1&dl=https%3A%2F%2Fcompliance.texasfirst.bank%2F&ul=en-us&de=UTF-8&dt=Log%20in%20-%20Texas%20First%20Bank%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=683845445&gjid=1316064250&cid=638502418.1732334640&tid=UA-167629260-1&_gid=293600169.1732334640&_r=1&gtm=457e4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&z=1642305922
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://compliance.texasfirst.bank/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 04:04:00 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://compliance.texasfirst.bank
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
8bf3f4d9b09a8df14349622f14613ed0.png
storage.googleapis.com/vericore-prod-public-store/institution/f8cc3339-f685-4fb3-978f-d2d8428c5e3c/badge/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/vericore-prod-public-store/institution/f8cc3339-f685-4fb3-978f-d2d8428c5e3c/badge/8bf3f4d9b09a8df14349622f14613ed0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5db930d6199c051cac3fff6070d6e853eac35983b55c2144ce3df92f37c92f95

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://compliance.texasfirst.bank/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=PK3FOQ==, md5=JC1a3Ln4PZ+PZ7Vzkcb2Pw==
etag
"242d5adcb9f83d9f8f67b57391c6f63f"
x-goog-stored-content-encoding
identity
expires
Sat, 23 Nov 2024 05:04:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
3121
date
Sat, 23 Nov 2024 04:04:00 GMT
last-modified
Wed, 20 Sep 2023 20:30:43 GMT
content-type
image/png
x-guploader-uploadid
AFiumC7JopILEIAA6rEyS6OdUTnrvAVzmJwwSj_Cnb6ww4QAjC2AfvSjxMKqawenh_ya8tC7al0t_Mpqnw
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1695241843784765
content-length
3121
server
UploadServer

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| google_tag_manager object| google_tag_data object| dataLayer function| gtag string| GoogleAnalyticsObject function| ga number| uidEvent object| regeneratorRuntime object| gaGlobal object| gaplugins object| gaData

6 Cookies

Domain/Path Name / Value
compliance.texasfirst.bank/ Name: CSRF-TOKEN
Value: Alp1oDFyBTjoxPWEN-r6tAYuoJiwRdl6xTvcfHZV8dA5C-LYN1psb-i2RjHHhvLCbb8Mj9EcZrTHdaWB4dgZsA
compliance.texasfirst.bank/ Name: _vericore_session
Value: b7f6ecfa5fe9d8c462b30004575d8d3d
.texasfirst.bank/ Name: _ga_1F4L8SBJF4
Value: GS1.1.1732334639.1.0.1732334639.0.0.0
.texasfirst.bank/ Name: _ga
Value: GA1.2.638502418.1732334640
.texasfirst.bank/ Name: _gid
Value: GA1.2.293600169.1732334640
.texasfirst.bank/ Name: _gat_gtag_UA_167629260_1
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy child-src 'self' blob: https://www.google.com https://announcekit.app https://cdn.announcekit.app https://www.recaptcha.net; connect-src 'self' wss://widget-mediator.zopim.com/ wss://*.zendesk.com https://*.zendesk.com https://ekr.zdassets.com https://*.appcues.com https://*.appcues.net https://www.google-analytics.com https://maps.googleapis.com wss://*.appcues.net wss://*.appcues.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com https://*.lr-in-prod.com https://*.lr-ingest.com https://*.ingest-lr.com https://api.explo.co https://data.explo.co https://data1.explo.co https://appsignal-endpoint.net 'nonce-OIJCSGCUuTSyIM1Z+uSCEA=='; default-src 'self' blob: https://assets.verileaf.io https://assets-qa.verileaf.io https://assets.riskscout.com https://assets-qa.riskscout.com https://static.zdassets.com https://ekr.zdassets.com https://ekr.zendesk.com https://verileaf.zendesk.com https://*.zopim.com https://zendesk-eu.my.sentry.io wss://verileaf.zendesk.com wss://*.zopim.com; font-src 'self' https://assets.verileaf.io https://assets-qa.verileaf.io https://assets.riskscout.com https://assets-qa.riskscout.com https://*.zendesk.com https://fonts.gstatic.com; frame-src 'self' https://announcekit.app https://*.appcues.com https://www.recaptcha.net https://www.loom.com; img-src 'self' https: data: blob: https://assets.verileaf.io https://assets-qa.verileaf.io https://assets.riskscout.com https://assets-qa.riskscout.com https://*.zendesk.com https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com; object-src 'none'; script-src 'self' https://static.zdassets.com https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.ingest-lr.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com https://cdn.ingest-lr.co https://assets.verileaf.io https://assets-qa.verileaf.io https://assets.riskscout.com https://assets-qa.riskscout.com https://www.recaptcha.net https://www.gstatic.com https://polyfill.io https://maps.googleapis.com https://www.googletagmanager.com https://cdn.announcekit.app https://www.recaptcha.net https://api.explo.co https://data.explo.co https://data1.explo.co https://*.zendesk.com https://*.appcues.com https://*.appcues.net 'nonce-OIJCSGCUuTSyIM1Z+uSCEA=='; style-src 'self' 'unsafe-inline' https://assets.verileaf.io https://assets-qa.verileaf.io https://assets.riskscout.com https://assets-qa.riskscout.com https://*.zendesk.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com https://*.explo.co https://unpkg.com; worker-src 'self' blob:; base-uri 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0