urlscan.io logo urlscan.io
SecurityTrails logo

secure.osb.bank Open in urlscan Pro
52.189.66.201  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure.osb.bank/
Submission: On May 05 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 29 HTTP transactions. The main IP is 52.189.66.201, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is secure.osb.bank.
TLS certificate: Issued by R3 on April 13th 2021. Valid for: 3 months.
This is the only time secure.osb.bank was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 52.189.66.201 8075 (MICROSOFT...)
2 13.86.62.194 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
29 5
Domain Requested by
25 secure.osb.bank secure.osb.bank
2 getsentry-production.banno.com secure.osb.bank
1 stats.g.doubleclick.net secure.osb.bank
1 www.google-analytics.com secure.osb.bank
29 4

This site contains no links.

Subject Issuer Validity Valid
online.banno-production.com
R3		 2021-04-13 -
2021-07-12		 3 months crt.sh
getsentry-production.banno.com
R3		 2021-03-19 -
2021-06-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://secure.osb.bank/
Frame ID: 77B5259B276074222CF67EA92EB654B0
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

29
Requests

14 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

482 kB
Transfer

1159 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secure.osb.bank/ 		51 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
594f82b6c9721f95c869fb48cf79309281bdbfa404f04d181ed0c64107582048
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-2RhCPip6WJiGEgL9yhIQiTe85H4Gqz05jQy5XT+5iV4=' 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'none'; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com; child-src 'self'; font-src https: data:; frame-ancestors 'none'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://getsentry-production.banno.com wss://secure.osb.bank; manifest-src 'self'; worker-src 'self'; report-uri https://getsentry.banno-tools.com/api/2/security/?sentry_key=e7dd91cbbd044257977d999a9c5709f5;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:method
GET
:authority
secure.osb.bank
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-ua-compatible
IE=edge
link
</js/banno-web-1fb1bdc7.js>; rel=modulepreload,</js/bannoweb-login-1fb1bdc7.js>; rel=modulepreload,</js/bannoweb-login-consent-1fb1bdc7.js>; rel=modulepreload,</js/standalone-app-189d4b4c.js>; rel=modulepreload
cache-control
public, no-cache
x-frame-options
DENY
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
content-security-policy
default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-2RhCPip6WJiGEgL9yhIQiTe85H4Gqz05jQy5XT+5iV4=' 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'none'; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com; child-src 'self'; font-src https: data:; frame-ancestors 'none'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://getsentry-production.banno.com wss://secure.osb.bank; manifest-src 'self'; worker-src 'self'; report-uri https://getsentry.banno-tools.com/api/2/security/?sentry_key=e7dd91cbbd044257977d999a9c5709f5;
etag
W/"cd16-qYKzvOGL9Gw1Gk1nneUwJaXKcCs"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
banno-web-1fb1bdc7.js
secure.osb.bank/js/ 		150 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/js/banno-web-1fb1bdc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d74d5837c3232741ef7fbdd39d6ea958a5e99f2ab344d3eb6c9dc5fe1d3da7eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/js/banno-web-1fb1bdc7.js
pragma
no-cache
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.osb.bank
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:45 GMT
content-encoding
br
etag
W/"8824-xIvkdFOiEHMGWZfIMdB1u8YlzRw"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-length
34852
x-ua-compatible
IE=edge
bannoweb-login-1fb1bdc7.js
secure.osb.bank/js/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/js/bannoweb-login-1fb1bdc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
496d0fe8317c3a686610b843f4f5c97d3198eea6e79e1738946f774eb5d2b456
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/js/bannoweb-login-1fb1bdc7.js
pragma
no-cache
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.osb.bank
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:45 GMT
content-encoding
br
etag
W/"3303-WOr/9zcJ5meSGDrtL+Wiyr6NUKo"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-length
13059
x-ua-compatible
IE=edge
bannoweb-login-consent-1fb1bdc7.js
secure.osb.bank/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/js/bannoweb-login-consent-1fb1bdc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
04bc1abf1d9c770bc86f0614d996f45128619020f1babb206227541b7712e5c0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/js/bannoweb-login-consent-1fb1bdc7.js
pragma
no-cache
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.osb.bank
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:45 GMT
content-encoding
br
etag
W/"721-7U05imjspbyAcjXjywWSnpY6Wg4"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-length
1825
x-ua-compatible
IE=edge
standalone-app-189d4b4c.js
secure.osb.bank/js/ 		467 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/js/standalone-app-189d4b4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
37cb271ebb6b5acff02639a14b31d160642768dab55ab48ac004a9e2447c798b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/js/standalone-app-189d4b4c.js
pragma
no-cache
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.osb.bank
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:45 GMT
content-encoding
br
etag
W/"1d09e-k+wfG4MU2zc1pabO0uOlr12jXrM"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-length
118942
x-ua-compatible
IE=edge
analytics-6df1787c4b.js
secure.osb.bank/js/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/js/analytics-6df1787c4b.js
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/js/standalone-app-189d4b4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/js/analytics-6df1787c4b.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
content-encoding
br
etag
W/"4466-hkr615GTV4lGYx+TX5iIr6WzR40"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-length
17510
x-ua-compatible
IE=edge
bdd02d90-b256-11ea-a63f-4e59ba7d84a1
secure.osb.bank/a/consumer/api/offline-status/institutions/ 		44 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/a/consumer/api/offline-status/institutions/bdd02d90-b256-11ea-a63f-4e59ba7d84a1
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/js/standalone-app-189d4b4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c010ef100f270e30dcf54d8c864e0ca78fb4f3829fe47e064c3d2d94cea5a1d2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-2RhCPip6WJiGEgL9yhIQiTe85H4Gqz05jQy5XT+5iV4=' 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'none'; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com; child-src 'self'; font-src https: data:; frame-ancestors 'none'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://getsentry-production.banno.com wss://secure.osb.bank; manifest-src 'self'; worker-src 'self'; report-uri https://getsentry.banno-tools.com/api/2/security/?sentry_key=e7dd91cbbd044257977d999a9c5709f5;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/a/consumer/api/offline-status/institutions/bdd02d90-b256-11ea-a63f-4e59ba7d84a1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
content-type
application/json
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
content-encoding
gzip
referrer-policy
origin-when-cross-origin
etag
W/"b0c5-ZtigVz6kbVR2l/f5UE9O67/3+vU"
x-frame-options
DENY
content-type
text/html; charset=utf-8
cache-control
public, no-cache
content-security-policy
default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-2RhCPip6WJiGEgL9yhIQiTe85H4Gqz05jQy5XT+5iV4=' 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'none'; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com; child-src 'self'; font-src https: data:; frame-ancestors 'none'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://getsentry-production.banno.com wss://secure.osb.bank; manifest-src 'self'; worker-src 'self'; report-uri https://getsentry.banno-tools.com/api/2/security/?sentry_key=e7dd91cbbd044257977d999a9c5709f5;
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-ua-compatible
IE=edge
bannoweb-shared-icons-aced1413.js
secure.osb.bank/js/ 		655 B
522 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/js/bannoweb-shared-icons-aced1413.js
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a5da7122683ef4bf017a08e65d16fc226901e21f43aa35043595f592485b11ce
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/js/bannoweb-shared-icons-aced1413.js
pragma
no-cache
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
content-encoding
br
etag
W/"126-JoCitTP2B8WDnU91fYfIuqCJZgU"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-length
294
x-ua-compatible
IE=edge
jha-icon-clock-53eef329.js
secure.osb.bank/js/ 		519 B
522 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/js/jha-icon-clock-53eef329.js
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ed458929787d7c77bb9fc72a0fa51cbc0d411fcf7fe032c915700d7f3c50c976
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/js/jha-icon-clock-53eef329.js
pragma
no-cache
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
content-encoding
br
etag
W/"126-DYVdDqLIRX2b9cVmhKhWDUTtkI4"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-length
294
x-ua-compatible
IE=edge
jha-icon-circle-warning-outline-a9f3ba59.js
secure.osb.bank/js/ 		691 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/js/jha-icon-circle-warning-outline-a9f3ba59.js
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cae3261af54db8b925235eb54f7dbcaab2eea7e065753fc3a03ea575019e6ec8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/js/jha-icon-circle-warning-outline-a9f3ba59.js
pragma
no-cache
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
content-encoding
br
etag
W/"160-dTXSPaodDTFQ1n7iBnBtYatWS6k"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-length
352
x-ua-compatible
IE=edge
jha-icon-close-738ab61e.js
secure.osb.bank/js/ 		540 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/js/jha-icon-close-738ab61e.js
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9d14256296a78228e27f2f3f5c2640a203b16429a99b6a63df33b0ef8ae047af
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/js/jha-icon-close-738ab61e.js
pragma
no-cache
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
content-encoding
br
etag
W/"116-fmjRBn+8fxg7TrW75fkyMAz0C+U"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-length
278
x-ua-compatible
IE=edge
jha-toast-d8639987.js
secure.osb.bank/js/ 		2 KB
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/js/jha-toast-d8639987.js
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
084fc5d970cbb08804617c3de4be598442d1cdef320d2c736da7b92a44b370d1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/js/jha-toast-d8639987.js
pragma
no-cache
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
content-encoding
br
etag
W/"276-ww+zW+zs0fNFDPR4gZ68yyFBSs4"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-length
630
x-ua-compatible
IE=edge
validate
secure.osb.bank/a/consumer/api/auth/ 		44 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/a/consumer/api/auth/validate
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/js/standalone-app-189d4b4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c010ef100f270e30dcf54d8c864e0ca78fb4f3829fe47e064c3d2d94cea5a1d2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-2RhCPip6WJiGEgL9yhIQiTe85H4Gqz05jQy5XT+5iV4=' 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'none'; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com; child-src 'self'; font-src https: data:; frame-ancestors 'none'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://getsentry-production.banno.com wss://secure.osb.bank; manifest-src 'self'; worker-src 'self'; report-uri https://getsentry.banno-tools.com/api/2/security/?sentry_key=e7dd91cbbd044257977d999a9c5709f5;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/a/consumer/api/auth/validate
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
content-type
application/json
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
content-encoding
gzip
referrer-policy
origin-when-cross-origin
etag
W/"b0c5-ZtigVz6kbVR2l/f5UE9O67/3+vU"
x-frame-options
DENY
content-type
text/html; charset=utf-8
cache-control
public, no-cache
content-security-policy
default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-2RhCPip6WJiGEgL9yhIQiTe85H4Gqz05jQy5XT+5iV4=' 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'none'; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com; child-src 'self'; font-src https: data:; frame-ancestors 'none'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://getsentry-production.banno.com wss://secure.osb.bank; manifest-src 'self'; worker-src 'self'; report-uri https://getsentry.banno-tools.com/api/2/security/?sentry_key=e7dd91cbbd044257977d999a9c5709f5;
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-ua-compatible
IE=edge
jha-icon-chevron-left-811fcda4.js
secure.osb.bank/js/ 		495 B
498 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/js/jha-icon-chevron-left-811fcda4.js
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f62a67811831e26feffd6fa0e1cec3331178e0b9287e6bf26d2fad192452539b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/js/jha-icon-chevron-left-811fcda4.js
pragma
no-cache
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
content-encoding
br
etag
W/"10d-7aiWJWmzEk+Di+kM/1PAhI89Lio"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-length
269
x-ua-compatible
IE=edge
jha-icon-lock-bf6ddd3c.js
secure.osb.bank/js/ 		658 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/js/jha-icon-lock-bf6ddd3c.js
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fa1bd8ee735ceb92c4aa0d07b276d858b51bb92af921547fd25eb1473778724c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/js/jha-icon-lock-bf6ddd3c.js
pragma
no-cache
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
content-encoding
br
etag
W/"15d-m49afurxAfK1dUlNKkWHlDpsL4A"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-length
349
x-ua-compatible
IE=edge
jha-icon-warning-outline-fea59172.js
secure.osb.bank/js/ 		854 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/js/jha-icon-warning-outline-fea59172.js
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e4504d524c5a4fdf13997dc3d9e56ae644bfec9ef273afcbb0e66fda5e7598a2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/js/jha-icon-warning-outline-fea59172.js
pragma
no-cache
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
content-encoding
br
etag
W/"1a4-/NMykeSlzgdawdf5cvtS7MuY+Go"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-length
420
x-ua-compatible
IE=edge
oklahoma-state-bank-background-landscape-039e78bf.png
secure.osb.bank/images/fi-assets/oklahoma-state-bank/ 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.osb.bank/images/fi-assets/oklahoma-state-bank/oklahoma-state-bank-background-landscape-039e78bf.png
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b16d3fde4cb6c0c3ad219abfcf5fd4cf0ce38b5d2ed4340ad273e0ff9535b5e0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/images/fi-assets/oklahoma-state-bank/oklahoma-state-bank-background-landscape-039e78bf.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
last-modified
Mon, 03 May 2021 17:43:04 GMT
etag
W/"2ec17-17933538c40"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
191511
x-ua-compatible
IE=edge
/
getsentry-production.banno.com/api/2/store/ 		26 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://getsentry-production.banno.com/api/2/store/?sentry_version=7&sentry_client=bannoweb/1.0&sentry_key=e7dd91cbbd044257977d999a9c5709f5&sentry_timestamp=1620228346&sentry_data=%7B%22project%22%3A2%2C%22logger%22%3A%22bannoweb%22%2C%22platform%22%3A%22javascript%22%2C%22level%22%3A%22error%22%2C%22request%22%3A%7B%22url%22%3A%22https%3A%2F%2Fsecure.osb.bank%2F%22%2C%22headers%22%3A%7B%22User-Agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%7D%7D%2C%22message%22%3A%22HTTP%20error%20status%3A%20404%22%2C%22extra%22%3A%7B%22method%22%3A%22GET%22%2C%22url%22%3A%22https%3A%2F%2Fsecure.osb.bank%2Fa%2Fconsumer%2Fapi%2Foffline-status%2Finstitutions%2Fbdd02d90-b256-11ea-a63f-4e59ba7d84a1%22%2C%22stack%22%3A%22Error%3A%20HTTP%20error%20status%3A%20404%5Cn%20%20%20%20at%20yn.pU%20(https%3A%2F%2Fsecure.osb.bank%2Fjs%2Fstandalone-app-189d4b4c.js%3A405%3A223)%5Cn%20%20%20%20at%20XMLHttpRequest.la.onload%20(https%3A%2F%2Fsecure.osb.bank%2Fjs%2Fstandalone-app-189d4b4c.js%3A402%3A238)%22%2C%22institution-id%22%3A%22bdd02d90-b256-11ea-a63f-4e59ba7d84a1%22%2C%22institution-name%22%3A%22Oklahoma%20State%20Bank%22%7D%2C%22release%22%3A%221.1573.0%22%2C%22exception%22%3A%7B%22values%22%3A%5B%7B%22type%22%3A%22Error%22%2C%22value%22%3A%22HTTP%20error%20status%3A%20404%22%2C%22stacktrace%22%3A%7B%22frames%22%3A%5B%7B%22filename%22%3A%22%2Fjs%2Fstandalone-app-189d4b4c.js%22%2C%22function%22%3A%22XMLHttpRequest.la.onload%22%2C%22args%22%3A%5B%5D%2C%22lineno%22%3A402%2C%22colno%22%3A238%2C%22in_app%22%3Afalse%7D%2C%7B%22filename%22%3A%22%2Fjs%2Fstandalone-app-189d4b4c.js%22%2C%22function%22%3A%22yn.pU%22%2C%22args%22%3A%5B%5D%2C%22lineno%22%3A405%2C%22colno%22%3A223%2C%22in_app%22%3Afalse%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/js/standalone-app-189d4b4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.86.62.194 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
x-content-type-options
nosniff
x-sentry-id
b50b6d12cd52493ea3cc259ad674db0f
vary
Accept-Language, Cookie
content-length
26
x-xss-protection
1; mode=block
allow
GET, POST, HEAD, OPTIONS
last-modified
Wed, 05 May 2021 15:25:46 GMT
x-frame-options
deny
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, HEAD, OPTIONS
content-language
en
access-control-allow-origin
https://secure.osb.bank
access-control-expose-headers
X-Sentry-Error, Retry-After
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
access-control-allow-headers
X-Sentry-Auth, X-Requested-With, Origin, Accept, Content-Type, Authentication, Authorization
expires
Wed, 05 May 2021 15:25:46 GMT
bdd02d90-b256-11ea-a63f-4e59ba7d84a1
secure.osb.bank/a/consumer/api/institutions/ 		44 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/a/consumer/api/institutions/bdd02d90-b256-11ea-a63f-4e59ba7d84a1
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/js/standalone-app-189d4b4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c010ef100f270e30dcf54d8c864e0ca78fb4f3829fe47e064c3d2d94cea5a1d2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-2RhCPip6WJiGEgL9yhIQiTe85H4Gqz05jQy5XT+5iV4=' 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'none'; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com; child-src 'self'; font-src https: data:; frame-ancestors 'none'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://getsentry-production.banno.com wss://secure.osb.bank; manifest-src 'self'; worker-src 'self'; report-uri https://getsentry.banno-tools.com/api/2/security/?sentry_key=e7dd91cbbd044257977d999a9c5709f5;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
_ga=GA1.2.2001459880.1620228346; _gid=GA1.2.798354877.1620228346
:path
/a/consumer/api/institutions/bdd02d90-b256-11ea-a63f-4e59ba7d84a1
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
content-encoding
gzip
referrer-policy
origin-when-cross-origin
etag
W/"b0c5-ZtigVz6kbVR2l/f5UE9O67/3+vU"
x-frame-options
DENY
content-type
text/html; charset=utf-8
cache-control
public, no-cache
content-security-policy
default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-2RhCPip6WJiGEgL9yhIQiTe85H4Gqz05jQy5XT+5iV4=' 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'none'; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com; child-src 'self'; font-src https: data:; frame-ancestors 'none'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://getsentry-production.banno.com wss://secure.osb.bank; manifest-src 'self'; worker-src 'self'; report-uri https://getsentry.banno-tools.com/api/2/security/?sentry_key=e7dd91cbbd044257977d999a9c5709f5;
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-ua-compatible
IE=edge
jha-icon-fingerprint-outline-79a57b1d.js
secure.osb.bank/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/js/jha-icon-fingerprint-outline-79a57b1d.js
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
797ef095ba194d2e15f4ca2e6f8b6295d05b8ca9d968d8a344bc1117e6b7f6a9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-fetch-mode
cors
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
script
cookie
_ga=GA1.2.2001459880.1620228346; _gid=GA1.2.798354877.1620228346
:path
/js/jha-icon-fingerprint-outline-79a57b1d.js
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
content-encoding
br
etag
W/"473-KC/Hd2b9+EhmYX8D+zRHfFO4eUY"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-length
1139
x-ua-compatible
IE=edge
jha-icon-star-fill-41c0ca80.js
secure.osb.bank/js/ 		561 B
545 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/js/jha-icon-star-fill-41c0ca80.js
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
233164923a79b5aa56f147526c3868ac419b4778c822cf75e9a802c570cdf43c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-fetch-mode
cors
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
script
cookie
_ga=GA1.2.2001459880.1620228346; _gid=GA1.2.798354877.1620228346
:path
/js/jha-icon-star-fill-41c0ca80.js
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
content-encoding
br
etag
W/"13c-c+/N5NOcWns2PafPT6MzhX+1aBI"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-length
316
x-ua-compatible
IE=edge
jha-icon-form-outline-49aeb647.js
secure.osb.bank/js/ 		1 KB
718 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/js/jha-icon-form-outline-49aeb647.js
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
676af0990109bb1e44f29208c3164a0e465e03df2e376eeb1486339648899db1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-fetch-mode
cors
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
script
cookie
_ga=GA1.2.2001459880.1620228346; _gid=GA1.2.798354877.1620228346
:path
/js/jha-icon-form-outline-49aeb647.js
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
content-encoding
br
etag
W/"1ea-Q/zPJmOy28SQLKVzE2vRviA2BrM"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-length
490
x-ua-compatible
IE=edge
jha-icon-life-preserver-outline-5d7cf83d.js
secure.osb.bank/js/ 		1 KB
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/js/jha-icon-life-preserver-outline-5d7cf83d.js
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ec381d8efc029fecc5dc01115c021e235028f37e8705ca96355bb3d830a064a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-fetch-mode
cors
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
script
cookie
_ga=GA1.2.2001459880.1620228346; _gid=GA1.2.798354877.1620228346
:path
/js/jha-icon-life-preserver-outline-5d7cf83d.js
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
content-encoding
br
etag
W/"25e-WIn4eZWAiPEeLDCgf3l5+Fk/dFI"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-length
606
x-ua-compatible
IE=edge
oklahoma-state-bank-logo-4806e3a2.png
secure.osb.bank/images/fi-assets/oklahoma-state-bank/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.osb.bank/images/fi-assets/oklahoma-state-bank/oklahoma-state-bank-logo-4806e3a2.png
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc0d025df8761bebd56d66abec10f99bbf41d1aa88f34bf4fef9488243696507
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/images/fi-assets/oklahoma-state-bank/oklahoma-state-bank-logo-4806e3a2.png
pragma
no-cache
cookie
_ga=GA1.2.2001459880.1620228346; _gid=GA1.2.798354877.1620228346
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.osb.bank
referer
https://secure.osb.bank/login
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://secure.osb.bank/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
last-modified
Mon, 03 May 2021 17:43:05 GMT
etag
W/"70a7-17933539028"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
28839
x-ua-compatible
IE=edge
roboto-regular-webfont.woff2
secure.osb.bank/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/fonts/roboto-regular-webfont.woff2
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-fetch-mode
cors
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
_ga=GA1.2.2001459880.1620228346; _gid=GA1.2.798354877.1620228346
:path
/fonts/roboto-regular-webfont.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
last-modified
Mon, 03 May 2021 11:56:04 GMT
etag
W/"3bf0-1793215dc20"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
font/woff2
cache-control
public, no-cache
accept-ranges
bytes
content-length
15344
x-ua-compatible
IE=edge
roboto-medium-webfont.woff2
secure.osb.bank/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.osb.bank/fonts/roboto-medium-webfont.woff2
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.66.201 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-fetch-mode
cors
origin
https://secure.osb.bank
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
_ga=GA1.2.2001459880.1620228346; _gid=GA1.2.798354877.1620228346
:path
/fonts/roboto-medium-webfont.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.osb.bank
referer
https://secure.osb.bank/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://secure.osb.bank
Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
last-modified
Mon, 03 May 2021 11:56:04 GMT
etag
W/"3cc0-1793215dc20"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
font/woff2
cache-control
public, no-cache
accept-ranges
bytes
content-length
15552
x-ua-compatible
IE=edge
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
collect
www.google-analytics.com/j/ 		4 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=739290857&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.osb.bank%2F&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Login%20%C2%B7%20Oklahoma%20State%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAAC~&jid=497993508&gjid=1027999257&cid=2001459880.1620228346&tid=UA-44924824-4&_gid=798354877.1620228346&_r=1&_slc=1&cd1=Browser&z=382939528
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/js/analytics-6df1787c4b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 15:25:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.osb.bank
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-44924824-4&cid=2001459880.1620228346&jid=497993508&gjid=1027999257&_gid=798354877.1620228346&_u=aEBAAEAAAAAAAC~&z=1031325755
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/js/analytics-6df1787c4b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 05 May 2021 15:25:46 GMT
content-type
text/plain
access-control-allow-origin
https://secure.osb.bank
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
getsentry-production.banno.com/api/2/store/ 		26 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://getsentry-production.banno.com/api/2/store/?sentry_version=7&sentry_client=bannoweb/1.0&sentry_key=e7dd91cbbd044257977d999a9c5709f5&sentry_timestamp=1620228346&sentry_data=%7B%22project%22%3A2%2C%22logger%22%3A%22bannoweb%22%2C%22platform%22%3A%22javascript%22%2C%22level%22%3A%22error%22%2C%22request%22%3A%7B%22url%22%3A%22https%3A%2F%2Fsecure.osb.bank%2Flogin%22%2C%22headers%22%3A%7B%22User-Agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%7D%7D%2C%22message%22%3A%22HTTP%20error%20status%3A%20404%22%2C%22extra%22%3A%7B%22method%22%3A%22GET%22%2C%22url%22%3A%22https%3A%2F%2Fsecure.osb.bank%2Fa%2Fconsumer%2Fapi%2Finstitutions%2Fbdd02d90-b256-11ea-a63f-4e59ba7d84a1%22%2C%22stack%22%3A%22Error%3A%20HTTP%20error%20status%3A%20404%5Cn%20%20%20%20at%20yn.pU%20(https%3A%2F%2Fsecure.osb.bank%2Fjs%2Fstandalone-app-189d4b4c.js%3A405%3A223)%5Cn%20%20%20%20at%20XMLHttpRequest.la.onload%20(https%3A%2F%2Fsecure.osb.bank%2Fjs%2Fstandalone-app-189d4b4c.js%3A402%3A238)%22%2C%22institution-id%22%3A%22bdd02d90-b256-11ea-a63f-4e59ba7d84a1%22%2C%22institution-name%22%3A%22Oklahoma%20State%20Bank%22%7D%2C%22release%22%3A%221.1573.0%22%2C%22exception%22%3A%7B%22values%22%3A%5B%7B%22type%22%3A%22Error%22%2C%22value%22%3A%22HTTP%20error%20status%3A%20404%22%2C%22stacktrace%22%3A%7B%22frames%22%3A%5B%7B%22filename%22%3A%22%2Fjs%2Fstandalone-app-189d4b4c.js%22%2C%22function%22%3A%22XMLHttpRequest.la.onload%22%2C%22args%22%3A%5B%5D%2C%22lineno%22%3A402%2C%22colno%22%3A238%2C%22in_app%22%3Afalse%7D%2C%7B%22filename%22%3A%22%2Fjs%2Fstandalone-app-189d4b4c.js%22%2C%22function%22%3A%22yn.pU%22%2C%22args%22%3A%5B%5D%2C%22lineno%22%3A405%2C%22colno%22%3A223%2C%22in_app%22%3Afalse%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: secure.osb.bank
URL: https://secure.osb.bank/js/standalone-app-189d4b4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.86.62.194 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.osb.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:46 GMT
x-content-type-options
nosniff
x-sentry-id
0c6ee7139eca4db5aed68a2f2094769d
vary
Accept-Language, Cookie
content-length
26
x-xss-protection
1; mode=block
allow
GET, POST, HEAD, OPTIONS
last-modified
Wed, 05 May 2021 15:25:46 GMT
x-frame-options
deny
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, HEAD, OPTIONS
content-language
en
access-control-allow-origin
https://secure.osb.bank
access-control-expose-headers
X-Sentry-Error, Retry-After
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
access-control-allow-headers
X-Sentry-Auth, X-Requested-With, Origin, Accept, Content-Type, Authentication, Authorization
expires
Wed, 05 May 2021 15:25:46 GMT

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| imprt_ object| banno string| mitekWorkerPath string| GoogleAnalyticsObject function| ga object| ShadyCSS function| JSCompiler_renameProperty function| pzb function| dDb function| cDb function| fRa function| gGb function| sGb function| eMb function| hMb function| mGb function| wFb function| izb function| hAb function| vFb function| vBb function| mzb function| zCb function| aAa function| vj function| hC function| oMb function| qQa function| vyb function| syb function| pGb function| dSa function| yyb function| gea function| avb function| fMb function| gMb function| ud function| xFb function| oGb function| kMb function| qpa function| lMb function| aEb function| iTa function| pAb function| apa function| fxb function| ivb function| kRa function| zW function| wzb function| dEb function| cEb function| zDb function| zxb object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| jIb function| zSa function| iIb function| lIb function| pMb function| lKb function| vHb function| aMb function| xzb function| aAb function| bea function| zzb function| iSa function| kSa function| pQa function| wza function| yzb function| eEb function| gEb function| gs function| nJb function| jLb function| rJb function| gKb

3 Cookies

Domain/Path Name / Value
.osb.bank/ Name: _gat
Value: 1
.osb.bank/ Name: _gid
Value: GA1.2.798354877.1620228346
.osb.bank/ Name: _ga
Value: GA1.2.2001459880.1620228346

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-2RhCPip6WJiGEgL9yhIQiTe85H4Gqz05jQy5XT+5iV4=' 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'none'; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com; child-src 'self'; font-src https: data:; frame-ancestors 'none'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://getsentry-production.banno.com wss://secure.osb.bank; manifest-src 'self'; worker-src 'self'; report-uri https://getsentry.banno-tools.com/api/2/security/?sentry_key=e7dd91cbbd044257977d999a9c5709f5;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

getsentry-production.banno.com
secure.osb.bank
stats.g.doubleclick.net
www.google-analytics.com
13.86.62.194
2a00:1450:4001:828::200e
2a00:1450:400c:c04::9a
52.189.66.201
04bc1abf1d9c770bc86f0614d996f45128619020f1babb206227541b7712e5c0
084fc5d970cbb08804617c3de4be598442d1cdef320d2c736da7b92a44b370d1
233164923a79b5aa56f147526c3868ac419b4778c822cf75e9a802c570cdf43c
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
37cb271ebb6b5acff02639a14b31d160642768dab55ab48ac004a9e2447c798b
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
496d0fe8317c3a686610b843f4f5c97d3198eea6e79e1738946f774eb5d2b456
594f82b6c9721f95c869fb48cf79309281bdbfa404f04d181ed0c64107582048
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ec381d8efc029fecc5dc01115c021e235028f37e8705ca96355bb3d830a064a
676af0990109bb1e44f29208c3164a0e465e03df2e376eeb1486339648899db1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
797ef095ba194d2e15f4ca2e6f8b6295d05b8ca9d968d8a344bc1117e6b7f6a9
9d14256296a78228e27f2f3f5c2640a203b16429a99b6a63df33b0ef8ae047af
a5da7122683ef4bf017a08e65d16fc226901e21f43aa35043595f592485b11ce
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b16d3fde4cb6c0c3ad219abfcf5fd4cf0ce38b5d2ed4340ad273e0ff9535b5e0
c010ef100f270e30dcf54d8c864e0ca78fb4f3829fe47e064c3d2d94cea5a1d2
cae3261af54db8b925235eb54f7dbcaab2eea7e065753fc3a03ea575019e6ec8
d74d5837c3232741ef7fbdd39d6ea958a5e99f2ab344d3eb6c9dc5fe1d3da7eb
dc0d025df8761bebd56d66abec10f99bbf41d1aa88f34bf4fef9488243696507
e4504d524c5a4fdf13997dc3d9e56ae644bfec9ef273afcbb0e66fda5e7598a2
ed458929787d7c77bb9fc72a0fa51cbc0d411fcf7fe032c915700d7f3c50c976
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f62a67811831e26feffd6fa0e1cec3331178e0b9287e6bf26d2fad192452539b
fa1bd8ee735ceb92c4aa0d07b276d858b51bb92af921547fd25eb1473778724c