bankcustomer.gov Open in urlscan Pro
199.83.40.55 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bankcustomer.gov/
Submission: On July 26 via automatic, source certstream-suspicious (July 26th 2024, 11:57:19 am UTC) — Scanned from GB

Summary HTTP 67 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 12 domains to perform 67 HTTP transactions. The main IP is 199.83.40.55, located in United States and belongs to OCCAS, US. The main domain is bankcustomer.gov.
TLS certificate: Issued by Entrust Certification Authority - L1K on November 6th 2023. Valid for: a year.

This is the only time bankcustomer.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	199.83.40.55 199.83.40.55	11724 (OCCAS) (OCCAS)
1	2600:9000:239... 2600:9000:2394:8c00:5:83ea:ba80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	3.69.16.83 3.69.16.83	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
67	12

35 199.83.40.55 (United States)

ASN11724 (OCCAS, US)

bankcustomer.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2394:8c00:5:83ea:ba80:93a1 (United States)

ASN16509 (AMAZON-02, US)

dap.digitalgov.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.16.83 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-16-83.eu-central-1.compute.amazonaws.com

50215.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	bankcustomer.gov bankcustomer.gov	410 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	11 KB
4	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 4547	40 KB
3	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 1452	72 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	281 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104
1	siteimproveanalytics.io 50215.global.siteimproveanalytics.io	149 B
1	google.com translate.google.com — Cisco Umbrella Rank: 2103	32 KB
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 8455	25 KB
1	digitalgov.gov dap.digitalgov.gov — Cisco Umbrella Rank: 8125	9 KB
0	google.com.hk Failed cse.google.com.hk Failed
0	helpwithmybank.gov Failed helpwithmybank.gov Failed
67	12

	Domain	Requested by
35	bankcustomer.gov	bankcustomer.gov
4	script.crazyegg.com	bankcustomer.gov script.crazyegg.com
3	translate.googleapis.com	translate.googleapis.com
3	www.gstatic.com	bankcustomer.gov www.gstatic.com
3	www.googletagmanager.com	bankcustomer.gov dap.digitalgov.gov www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com
1	fonts.gstatic.com	bankcustomer.gov
1	50215.global.siteimproveanalytics.io	bankcustomer.gov
1	translate.google.com	bankcustomer.gov
1	siteimproveanalytics.com	bankcustomer.gov
1	dap.digitalgov.gov	bankcustomer.gov
0	cse.google.com.hk Failed	bankcustomer.gov
0	helpwithmybank.gov Failed	bankcustomer.gov
67	13

This site contains links to these domains. Also see Links.

Domain
occcamp.servicenowservices.com
edie.fdic.gov
occ.gov
careers.occ.gov
www.banknet.gov
facebook.com
twitter.com
linkedin.com
youtube.com
www.occ.gov
www.usa.gov
www.treasury.gov

Subject Issuer	Validity	Valid
www.helpwithmybank.gov Entrust Certification Authority - L1K	`2023-11-06` - `2024-11-15`	a year	crt.sh
dap.digitalgov.gov Amazon RSA 2048 M03	`2024-06-06` - `2025-07-05`	a year	crt.sh
script.crazyegg.com E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
siteimproveanalytics.com WE1	`2024-06-21` - `2024-09-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.global.r1.siteimproveanalytics.io Amazon RSA 2048 M03	`2023-10-26` - `2024-11-23`	a year	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://bankcustomer.gov/
Frame ID: 38277F30DCE6F4CAF9B7333C1EDD856B
Requests: 66 HTTP requests in this frame

Frame: data://truncated
Frame ID: 643936E6E4579EEE7D4B6E688B771725
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HelpWithMyBank.gov – Get Answers to Your Banking Questions

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

82 %
HTTPS

82 %
IPv6

12
Domains

13
Subdomains

12
IPs

2
Countries

880 kB
Transfer

2553 kB
Size

8
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://occcamp.servicenowservices.com/csp?id=camp_check_case_status
Title: Check your complaint status →

Search URL Search Domain Scan URL

URL: https://edie.fdic.gov/
Title: Electronic Deposit Insurance Estimator

Search URL Search Domain Scan URL

URL: https://occ.gov/

Search URL Search Domain Scan URL

URL: https://careers.occ.gov/

Search URL Search Domain Scan URL

URL: https://www.banknet.gov/

Search URL Search Domain Scan URL

URL: https://facebook.com/pages/Washington-DC/US-Comptroller-of-the-Currency/213254918823

Search URL Search Domain Scan URL

URL: https://twitter.com/usocc

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/office-of-the-comptroller-of-the-currency

Search URL Search Domain Scan URL

URL: https://youtube.com/user/OCCChannel#p/c/2BAA3C3A20C2630E

Search URL Search Domain Scan URL

URL: https://occ.gov/rss/index-rss.html

Search URL Search Domain Scan URL

URL: https://www.occ.gov/about/policies/web-privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.usa.gov/
Title: USA.gov

Search URL Search Domain Scan URL

URL: https://www.occ.gov/about/policies/accessibility.html
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.treasury.gov/Pages/default.aspx
Title: Department of the Treasury

Search URL Search Domain Scan URL

URL: https://www.occ.gov/about/connect-with-us/foia/index-foia.html
Title: Freedom of Information Act (FOIA)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://cse.google.com/cse.js?cx=010201664924910455066:in0vdqojkr4 HTTP 0
https://cse.google.com.hk/url?sa=p&hl=zh-CN&pref=hkredirect&pval=yes&q=https://cse.google.com.hk/cse.js%3Fcx%3D010201664924910455066:in0vdqojkr4&ust=1721995032606254&usg=AOvVaw3I0Cp5s9GX8Ri3P3K9OaMt

67 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bankcustomer.gov/ 31 KB
9 KB 698ms
130ms Document
text/html 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to

Full URL

https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

02a3ad94a41a73a901f72ded3ce3f7a5f057f9a383f3f4d1c45da6384875f95f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Encoding: gzip
Content-Length: 7851
Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Content-Type: text/html
Date: Fri, 26 Jul 2024 11:56:39 GMT
Referrer-Policy: strict-origin
SERVER
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK OpenSans-Regular.woff2
bankcustomer.gov/fonts/open-sans/ 15 KB
16 KB 523ms
218ms Font
application/font-woff2 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to

Full URL

https://bankcustomer.gov/fonts/open-sans/OpenSans-Regular.woff2

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

b7578ca42610f4105c8116dfe1bebb8bdd898ae90e925a8fd506d1e3a6dc8a40

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
Origin: https://bankcustomer.gov
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:40 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 15092
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Jun 2020 20:49:12 GMT
SERVER
ETag: "05423ffb4bd61:0"
X-Frame-Options: deny
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK OpenSans-SemiBold.woff2
bankcustomer.gov/fonts/open-sans/ 15 KB
16 KB 795ms
466ms Font
application/font-woff2 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to

Full URL

https://bankcustomer.gov/fonts/open-sans/OpenSans-SemiBold.woff2

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

3043101cea881b42a150fa005eaa8e319fc3746b0f4fd2db61f876c6b6a9a9f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
Origin: https://bankcustomer.gov
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:40 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 15156
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Jun 2020 20:49:12 GMT
SERVER
ETag: "05423ffb4bd61:0"
X-Frame-Options: deny
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK OpenSans-Bold.woff2
bankcustomer.gov/fonts/open-sans/ 18 KB
19 KB 460ms
132ms Font
application/font-woff2 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to

Full URL

https://bankcustomer.gov/fonts/open-sans/OpenSans-Bold.woff2

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

64df94090f9ec47abfe5988890ed33bd73c8f0cf34cfecea4c300e567fb17e04

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
Origin: https://bankcustomer.gov
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:40 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 18120
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Jun 2020 20:49:12 GMT
SERVER
ETag: "05423ffb4bd61:0"
X-Frame-Options: deny
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK fa-solid-900.woff2
bankcustomer.gov/fonts/fontawesome/ 78 KB
80 KB 479ms
113ms Font
application/font-woff2 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to

Full URL

https://bankcustomer.gov/fonts/fontawesome/fa-solid-900.woff2

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

0bf1b8d8ac1b4ef0caea0db8cbe1b6a35f8a84a2f5fffa2421936cc11a1a91fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
Origin: https://bankcustomer.gov
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:40 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 80328
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 23 Jun 2020 21:11:59 GMT
SERVER
ETag: "34cbc3eea249d61:0"
X-Frame-Options: deny
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK uswds-init.min.js Show response
bankcustomer.gov/scripts/ 355 B
2 KB 792ms
369ms Script
application/javascript 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to

Full URL

https://bankcustomer.gov/scripts/uswds-init.min.js

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

b1b63c442be85d01ae078e4e3cd0f3c59fac30b2baa4e7bf59a94644f5f8ac2c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 11:56:40 GMT
Content-Length: 340
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Thu, 14 Apr 2022 19:21:54 GMT
SERVER
ETag: "eca0c1e63450d81:0"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK styles.css
bankcustomer.gov/css/ 651 KB
85 KB 124ms
120ms Stylesheet
text/css 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to

Full URL

https://bankcustomer.gov/css/styles.css

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

ee3cf57fd3b1c078135422045eeb5000c6de85cf0ac6b1c395246f98e4aedfe6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 11:56:39 GMT
Content-Length: 85523
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Thu, 25 Jul 2024 13:45:40 GMT
SERVER
ETag: "05ac6ef98deda1:0"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK cssgrid-ie10plus.css
bankcustomer.gov/css/ 62 KB
6 KB 421ms
136ms Stylesheet
text/css 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to

Full URL

https://bankcustomer.gov/css/cssgrid-ie10plus.css

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

a5ef132c39596abcc2e564e272eefdf5165297d0b581d29fa43b9a1e5240b58a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 11:56:40 GMT
Content-Length: 4290
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Thu, 25 Jul 2024 13:45:34 GMT
SERVER
ETag: "0d332ec98deda1:0"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK custom-styles.css
bankcustomer.gov/css/ 0
2 KB 491ms
202ms Stylesheet
text/css 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to

Full URL

https://bankcustomer.gov/css/custom-styles.css

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:40 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 0
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Jul 2024 06:32:09 GMT
SERVER
ETag: "ae2599b637dbda1:0"
X-Frame-Options: deny
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery.min.js Show response
bankcustomer.gov/scripts/ 85 KB
31 KB 796ms
305ms Script
application/javascript 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to

Full URL

https://bankcustomer.gov/scripts/jquery.min.js

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 11:56:40 GMT
Content-Length: 30446
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Jul 2024 06:32:09 GMT
SERVER
ETag: "80ba5bb637dbda1:0"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK hwmb.js Show response
bankcustomer.gov/scripts/ 10 KB
5 KB 945ms
151ms Script
application/javascript 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to

Full URL

https://bankcustomer.gov/scripts/hwmb.js

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

481a63a4b181cc917313cbfd4e5fe656b9c296280870870e3f2882d80945b678

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 11:56:40 GMT
Content-Length: 3860
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Thu, 25 Jul 2024 13:45:40 GMT
SERVER
ETag: "05ac6ef98deda1:0"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H2 200 Universal-Federated-Analytics-Min.js Show response
dap.digitalgov.gov/ 27 KB
9 KB 595ms
397ms Script
application/javascript 2600:9000:2394:8c00:5:83ea:ba80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=OCC
Requested by: Host: bankcustomer.gov
URL: https://bankcustomer.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:8c00:5:83ea:ba80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8a17a207f86b27f357193797a5151138de7f5f9686aa4a6138e4082914c8d89

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: m7NeZBrmXOG7i9AW8WYtOJ.ZwqXNhD2E
content-encoding: gzip
via: 1.1 7b80fdb7de25e1eb41eb907750147f34.cloudfront.net (CloudFront)
date: Thu, 25 Jul 2024 18:49:22 GMT
x-amz-cf-pop: AMS1-P2
age: 61640
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 18:47:23 GMT
server: AmazonS3
etag: W/"3f79f7120d56605b5fb6ee8993e18d7d"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: 8suqRMyoUKflo0MGmQMlJlQZd0lkwC1pltguHK-VD3nok_MUFyKsbw==

GET
H/1.1 200
OK google-analytics.js Show response
bankcustomer.gov/scripts/ 317 B
2 KB 115ms
115ms Script
application/javascript 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to

Full URL

https://bankcustomer.gov/scripts/google-analytics.js

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

b80566daaa784dc53dc9f9e36174bdea6faa889190940cab048e969ac23c7ef0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 11:56:40 GMT
Content-Length: 357
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Jul 2024 06:32:09 GMT
SERVER
ETag: "e0b8f2b637dbda1:0"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H2 200 5812.js Show response
script.crazyegg.com/pages/scripts/0012/ 7 KB
3 KB 196ms
55ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0012/5812.js
Requested by: Host: bankcustomer.gov
URL: https://bankcustomer.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dc8b2e91ba650027c5d34023e7c63eebc2dc389486dd35406b88419a75534cf

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 11:56:41 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 145539
cf-polished: origSize=6998
ce-version: 11.5.248
cf-bgj: minify
last-modified: Wed, 24 Jul 2024 19:31:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8a94353688eb76a4-LHR

GET us_flag_small.png
helpwithmybank.gov/images/c-clamp-images/ 0
0

GET
H/1.1 200
OK logo-occ.svg
bankcustomer.gov/images/c-clamp-images/hwmb/ 22 KB
8 KB 113ms
113ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/c-clamp-images/hwmb/logo-occ.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

3d6c1ba897cb0021c0ae3170b518ed3be483b560da8afff6264c732a28903f30

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 11:56:40 GMT
Content-Length: 6061
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Jul 2024 06:32:09 GMT
SERVER
ETag: "80ba5bb637dbda1:0"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK close.svg
bankcustomer.gov/images/c-clamp-images/ 495 B
2 KB 113ms
113ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/c-clamp-images/close.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

4b533eb734d44fe36838c1f03df0133e725b742bc97ed213f413d9e267410b99

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:40 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 495
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 15 Jun 2020 13:44:45 GMT
SERVER
ETag: "266f66211b43d61:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK us_flag_small.png
bankcustomer.gov/images/c-clamp-images/ 176 B
2 KB 109ms
109ms Image
image/png 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/c-clamp-images/us_flag_small.png

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

8a6f68dd8703ce4cb475c92fc1eefa84c41f4741ec4c6ca8403ef99b74b94d20

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:40 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 176
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 15 Jun 2020 13:44:46 GMT
SERVER
ETag: "66ac16221b43d61:0"
X-Frame-Options: deny
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-topic-bank-accnts.svg
bankcustomer.gov/images/ 2 KB
4 KB 122ms
121ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/icon-topic-bank-accnts.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

ed8e6708f2e4f1c9d0e6ad12b729eed0c72f528f97056baa0dc4d69bb8b91517

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:40 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 2338
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Jul 2024 06:32:09 GMT
SERVER
ETag: "947fe8b637dbda1:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-topic-branch-services.svg
bankcustomer.gov/images/ 2 KB
3 KB 122ms
122ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/icon-topic-branch-services.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

1c960d4f22663685d2e6e32476a3b68b070b8cb6f93116a2ca30a261bf140296

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:40 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 1897
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Jul 2024 06:32:09 GMT
SERVER
ETag: "eeb2aab637dbda1:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-topic-complaints.svg
bankcustomer.gov/images/ 2 KB
3 KB 548ms
474ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/icon-topic-complaints.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

318262af247ad0f4042f5ce8f06788d416d2d8598c6d40b65df07151afc3fa23

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:40 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 1848
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Jul 2024 06:32:10 GMT
SERVER
ETag: "e4e557b737dbda1:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-topic-covid-19.svg
bankcustomer.gov/images/ 20 KB
22 KB 550ms
475ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/icon-topic-covid-19.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

f20289f8474ebc7acc097cad758b6a002177e17ab8a72962a3712a201fdd1a74

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:40 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 20801
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Jul 2024 06:32:10 GMT
SERVER
ETag: "23b552b737dbda1:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-topic-credit-cards.svg
bankcustomer.gov/images/ 2 KB
4 KB 695ms
132ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/icon-topic-credit-cards.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

d29b3d8a925d6485da8b03a0977af362c3f088db5512a69f82a5fa747a2f1a23

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:41 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 2044
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Jul 2024 06:32:10 GMT
SERVER
ETag: "5de84cb737dbda1:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-topic-debt-n-credit.svg
bankcustomer.gov/images/ 5 KB
6 KB 805ms
108ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/icon-topic-debt-n-credit.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

a3a8df4233049f6de335427fedf96cae50b1fb146b6caddd783f73a6e47589ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:41 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 4822
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Jul 2024 06:32:10 GMT
SERVER
ETag: "b68630b737dbda1:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-topic-fraud-n-scams.svg
bankcustomer.gov/images/ 3 KB
5 KB 712ms
156ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/icon-topic-fraud-n-scams.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

0d8b9161e8778a9627e1cddb58fe555907f73339c2aa50d533c96c58d23aa046

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:41 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 3041
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Jul 2024 06:32:09 GMT
SERVER
ETag: "6ed5acb637dbda1:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-topic-gift-cards.svg
bankcustomer.gov/images/ 6 KB
8 KB 815ms
115ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/icon-topic-gift-cards.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

1e1cd0a755f010e868f646b78358a6b2496cda0aa00f2072d8acb5ff6245d8e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:41 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 6367
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Jul 2024 06:32:10 GMT
SERVER
ETag: "58defb737dbda1:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-topic-interest-rate.svg
bankcustomer.gov/images/ 6 KB
8 KB 552ms
436ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/icon-topic-interest-rate.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

39b0358f9def658218bf7d3f5cc5e435bb921ca2bd0f1b3eac4ea6db9c2b2c80

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:40 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 6186
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Jul 2024 06:32:09 GMT
SERVER
ETag: "f0f05db637dbda1:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-topic-investments.svg
bankcustomer.gov/images/ 2 KB
4 KB 728ms
170ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/icon-topic-investments.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

a5019c74e4b74b485fc40739ee9a2530b6d12239b8f0361d934f341713990af5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:41 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 2315
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Jul 2024 06:32:09 GMT
SERVER
ETag: "3a4ceeb637dbda1:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-topic-loan-n-mortgage.svg
bankcustomer.gov/images/ 2 KB
4 KB 550ms
474ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/icon-topic-loan-n-mortgage.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

69d6bc106ee203a1c01522ba15f9391aa742a5362b5f52b6ca00eff3765822e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:40 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 2016
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Jul 2024 06:32:10 GMT
SERVER
ETag: "405419b737dbda1:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-topic-personal-loans.svg
bankcustomer.gov/images/ 3 KB
4 KB 550ms
466ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/icon-topic-personal-loans.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

29a1c464aaa67ab8a23580c3a49d11e9935dec84a55365c3777c4f84cbc03bad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:40 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 2806
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 21 Jul 2024 06:32:09 GMT
SERVER
ETag: "4c9a90b637dbda1:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-contact-call.svg
bankcustomer.gov/images/c-clamp-images/hwmb/ 3 KB
5 KB 552ms
468ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/c-clamp-images/hwmb/icon-contact-call.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

f7524cc97ef211229dc987ab08396750e7fc7f6e1475170cc86dcbfb9c237816

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:40 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 3015
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 03 Aug 2020 15:09:05 GMT
SERVER
ETag: "133a817a869d61:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-contact-open-envelope.svg
bankcustomer.gov/images/c-clamp-images/hwmb/ 2 KB
4 KB 690ms
133ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/c-clamp-images/hwmb/icon-contact-open-envelope.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

18d868809f54fcf0ef7d4e6b61340a6fce6269a6c0e51132ac61fba52236e2fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:41 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 2512
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 03 Aug 2020 15:09:05 GMT
SERVER
ETag: "25ec807a869d61:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-contact-locked-file.svg
bankcustomer.gov/images/c-clamp-images/hwmb/ 3 KB
5 KB 718ms
159ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/c-clamp-images/hwmb/icon-contact-locked-file.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

005891bcccb7b7899e5eaa9a43fd2c43dbb860058fb237c87d6f45020ef9e76e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:41 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 2954
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 03 Aug 2020 15:09:05 GMT
SERVER
ETag: "48ec797a869d61:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET footer-occ-logo.svg
helpwithmybank.gov/images/c-clamp-images/hwmb/ 0
0

GET icon-footer-occ-donut.svg
helpwithmybank.gov/images/c-clamp-images/hwmb/ 0
0

GET icon-footer-occ-careers.svg
helpwithmybank.gov/images/c-clamp-images/hwmb/ 0
0

GET icon-footer-banknet.svg
helpwithmybank.gov/images/c-clamp-images/hwmb/ 0
0

GET icon-footer-hwmb-check.svg
helpwithmybank.gov/images/c-clamp-images/hwmb/ 0
0

GET icon-footer-social-fb.svg
helpwithmybank.gov/images/c-clamp-images/hwmb/ 0
0

GET icon-footer-social-twitter.svg
helpwithmybank.gov/images/c-clamp-images/hwmb/ 0
0

GET icon-footer-social-linkedin.svg
helpwithmybank.gov/images/c-clamp-images/hwmb/ 0
0

GET icon-footer-social-youtube.svg
helpwithmybank.gov/images/c-clamp-images/hwmb/ 0
0

GET icon-footer-social-rss.svg
helpwithmybank.gov/images/c-clamp-images/hwmb/ 0
0

GET
H2 200 siteanalyze_50215.js Show response
siteimproveanalytics.com/js/ 106 KB
25 KB 179ms
56ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_50215.js
Requested by: Host: bankcustomer.gov
URL: https://bankcustomer.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd6fa69ba9d85da8aadad524b9401b7e921ad855aa73131a7d66ed5049694c2a

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 11:56:41 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: FXX6T9PHKZA5X45F
age: 4750
alt-svc: h3=":443"; ma=86400
content-length: 25204
x-amz-id-2: +tS8yw9W7hlkADtFOt/b1GsDO01MDoRZpU2qfzoQ7d0v1iPZ3tTobx/+vVPxTpBIqigWpgWnoH0=
last-modified: Thu, 16 May 2024 12:56:09 GMT
server: cloudflare
etag: "c54b17aa2e4d4d579396bb7c33417f0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hGaIyJrEanEoUkTGxGgxgMjRnuMvB3Xbg%2Fh05t%2FgbZF524uAvwrRSJBkIngiWWYaeuqI2sJr5KWQDW6745JGH1x7pAkeQoyhjcUMzBvtj86HHdvxw%2FCoNUD8RmUE7QZ5Owjl8HWL%2FA6FBfwdRd9o5LbFz7xZpR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 8a943536b9a8631c-LHR

GET
H/1.1 200
OK uswds.min.js Show response
bankcustomer.gov/scripts/ 83 KB
25 KB 112ms
112ms Script
application/javascript 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to

Full URL

https://bankcustomer.gov/scripts/uswds.min.js

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

2b21a64023e5ee7605dd6f6a9602c39919ef3e7e57d3d35d1eeb463a150a3d4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 11:56:40 GMT
Content-Length: 24378
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Thu, 14 Apr 2022 19:21:55 GMT
SERVER
ETag: "804be9e63450d81:0"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK gcs-header.css
bankcustomer.gov/css/ 4 KB
3 KB 116ms
116ms Stylesheet
text/css 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to

Full URL

https://bankcustomer.gov/css/gcs-header.css

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/scripts/hwmb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

c9b1045c89fde20ce44dbe5170ac66b7fb0a7f294d33801ac5b9f5468d6c2bb7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 11:56:40 GMT
Content-Length: 1082
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Thu, 25 Jul 2024 13:45:34 GMT
SERVER
ETag: "0d332ec98deda1:0"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK gcs-header.js Show response
bankcustomer.gov/scripts/ 3 KB
3 KB 111ms
110ms Script
application/javascript 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to

Full URL

https://bankcustomer.gov/scripts/gcs-header.js

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/scripts/hwmb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

6e5ea4e23e91e832c13b2480fee814144efdbfc0b2069d4c799013602b89d4f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 11:56:41 GMT
Content-Length: 1262
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Thu, 25 Jul 2024 13:45:34 GMT
SERVER
ETag: "0d332ec98deda1:0"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
95 KB 550ms
72ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-62E4EH1JK2

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/scripts/google-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a32646fd909501e9afca50da6d9fb4085f75fd8a93f89a96dd61235a1d8363be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 11:56:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96929
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jul 2024 11:56:41 GMT

GET
H/1.1 200
OK info.svg
bankcustomer.gov/images/c-clamp-images/usa-icons/ 234 B
2 KB 677ms
112ms Image
image/svg+xml 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankcustomer.gov/images/c-clamp-images/usa-icons/info.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/css/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

5e3fe070eee9ca124d7591296c8052943d43d412aa25193284e7fde535180aa7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
Origin: https://bankcustomer.gov
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Jul 2024 11:56:41 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 234
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 28 Jun 2021 16:26:56 GMT
SERVER
ETag: "2fa85a693a6cd71:0"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK hwmb-translate.css
bankcustomer.gov/css/ 903 B
2 KB 552ms
137ms Stylesheet
text/css 199.83.40.55
OCCAS

General

Check archive.org

Show headers Download Go to

Full URL

https://bankcustomer.gov/css/hwmb-translate.css

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/scripts/hwmb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.83.40.55 , United States, ASN11724 (OCCAS, US),

Reverse DNS

Software

Resource Hash

4e0fa171c9ad0f9754e6feb47586db013adcd2cabb7a4efb1538447b85cd7854

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self' *.google.com *.googlesyndication.com; font-src 'self' occ.gov *.occ.gov *.occ.treas.gov; img-src 'self' data: occ.gov *.occ.gov *.occ.treas.gov helpwithmybank.gov *.helpwithmybank.gov *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.ytimg.com *.siteimproveanalytics.io *.sharethis.com; style-src 'self' 'unsafe-inline' occ.gov *.occ.gov *.occ.treas.gov *.google.com *.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov *.occ.gov *.occ.treas.gov dap.digitalgov.gov *.google-analytics.com *.googletagmanager.com *.google.com *.googleapis.com *.gstatic.com *.googleadservices.com siteimproveanalytics.com *.addthis.com *.crazyegg.com *.sharethis.com; connect-src 'self' occ.gov *.occ.gov *.occ.treas.gov *.google-analytics.com *.googleapis.com *.withgoogle.com stats.g.doubleclick.net *.crazyegg.com *.sharethis.com;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Jul 2024 11:56:41 GMT
Content-Length: 549
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Thu, 25 Jul 2024 13:45:40 GMT
SERVER
ETag: "153c2af098deda1:0"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: no-store
Accept-Ranges: bytes

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 91 KB
32 KB 488ms
71ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/scripts/hwmb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

500d34bd6fa9f28a2fb205efe61d2de5151c58818836cbefc08eb6fdbca598f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jul 2024 11:56:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bankcustomer.gov.json Show response
script.crazyegg.com/pages/data-scripts/0012/5812/site/ 15 KB
2 KB 578ms
172ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0012/5812/site/bankcustomer.gov.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0012/5812.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f09e3fe500b73477f37876c7c6024ed367925d8657c5e5a87d04c30df5b5323

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 11:56:41 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 26 Jul 2024 11:56:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.248
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a94353979b2bd91-LHR
content-length: 2100

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
93 KB 106ms
106ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L

Requested by

Host: dap.digitalgov.gov
URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=OCC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f22d67b08198f71df53a89cd006cbb60537d471804ccf4fe19f526ff41b58fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 11:56:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jul 2024 11:56:41 GMT

GET
H2 200 image.aspx
50215.global.siteimproveanalytics.io/ 34 B
149 B 606ms
281ms Image
image/gif 3.69.16.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://50215.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fbankcustomer.gov%2F&title=HelpWithMyBank.gov%20%E2%80%93%20Get%20Answers%20to%20Your%20Banking%20Questions&res=1600x1200&accountid=50215&rt=2324&prev=57efadf0-d751-78aa-5fdf-cf3539bbfcdc&luid=fba5f5c6-fa70-f686-79e1-1a000d89a037&rnd=39625
Requested by: Host: bankcustomer.gov
URL: https://bankcustomer.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.16.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-16-83.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 26 Jul 2024 11:56:42 GMT
cache-control: max-age=0
content-length: 34
expires: Fri, 26 Jul 2024 11:56:42 UTC

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=Ohg/d=0/rs=AN8SPfocrRO-f5jO91h2UqcrdJsFzeCmQQ/ 22 KB
5 KB 503ms
310ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=Ohg/d=0/rs=AN8SPfocrRO-f5jO91h2UqcrdJsFzeCmQQ/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.zh_CN.AnhO6c1pSsE.O/am=Ohg/d=1/rs=AN8SPfrN4-hydbAyUe37Weip3avfQdxzAg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 17:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 07:26:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Jul 2025 17:18:10 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.zh_CN.AnhO6c1pSsE.O/am=AIA/d=1/exm=el_conf/ed=1/rs=AN8SPfpM6JEtzpmKVMYqVZKirRR2DEmhzw/ 207 KB
72 KB 535ms
269ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.zh_CN.AnhO6c1pSsE.O/am=AIA/d=1/exm=el_conf/ed=1/rs=AN8SPfpM6JEtzpmKVMYqVZKirRR2DEmhzw/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.zh_CN.AnhO6c1pSsE.O/am=Ohg/d=1/rs=AN8SPfrN4-hydbAyUe37Weip3avfQdxzAg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa621f86f1702a9fdea1b016714fd8aad913c0457cc1a26732367491f58bd504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73148
x-xss-protection: 0
last-modified: Wed, 24 Jul 2024 21:12:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Jul 2025 18:52:31 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 482ms
314ms Fetch
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-62E4EH1JK2&gtm=45je47p0h2v894699953za200&_p=1721995001327&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753~99312314&cid=1104959407.1721995002&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721995001&sct=1&seg=0&dl=https%3A%2F%2Fbankcustomer.gov%2F&dt=HelpWithMyBank.gov%20%E2%80%93%20Get%20Answers%20to%20Your%20Banking%20Questions&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2454
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-62E4EH1JK2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jul 2024 11:56:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bankcustomer.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
93 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-62E4EH1JK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35af0c7ebdd1fb55f708d9febc8b673869f263cdbba372dfbed00453c31db3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 11:56:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95188
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jul 2024 11:56:42 GMT

GET
H2 200 e6d4bbd189416f28ba52ba0047055e76.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 102 KB
35 KB 46ms
46ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/e6d4bbd189416f28ba52ba0047055e76.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0012/5812.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2bcc0fa7e534fe231f0fa369388236f88973705460b36c3ec1b3f8490f8f614

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 11:56:42 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 12 Jul 2024 16:41:59 GMT
server: cloudflare
age: 271942
cf-polished: origSize=104482
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 8a94353a9c9776a4-LHR

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 431ms
313ms Fetch
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CSLL4ZEK4L&gtm=45je47o0v9131934939za200zb894699953&_p=1721995001327&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=1104959407.1721995002&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fbankcustomer.gov%2F&dt=HelpWithMyBank.gov%20%E2%80%93%20Get%20Answers%20to%20Your%20Banking%20Questions&sid=1721995002&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.agency=OCC&ep.subagency=BANKCUSTOMER.GOV&ep.site_topic=unspecified%3Abankcustomer.gov&ep.site_platform=unspecified%3Abankcustomer.gov&ep.script_source=https%3A%2F%2Fdap.digitalgov.gov%2Funiversal-federated-analytics-min.js&ep.version=20240712%20v8.2%20-%20ga4&ep.protocol=https%3A&ep.using_parallel_tracker=no&tfd=2505
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jul 2024 11:56:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bankcustomer.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bankcustomer.gov.json Show response
script.crazyegg.com/pages/data-scripts/0012/5812/sampling/ 1020 B
428 B 656ms
656ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0012/5812/sampling/bankcustomer.gov.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/e6d4bbd189416f28ba52ba0047055e76.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8af6af51e7dde4d7c7e29ff7297ebee4dcc1135b304008e0ba81c5b1ed0b0a4

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 11:56:42 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 26 Jul 2024 11:56:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.248
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a94353d2eb3bd91-LHR
content-length: 318

GET

url
cse.google.com.hk/
Redirect Chain

https://cse.google.com/cse.js?cx=010201664924910455066:in0vdqojkr4
https://cse.google.com.hk/url?sa=p&hl=zh-CN&pref=hkredirect&pval=yes&q=https://cse.google.com.hk/cse.js%3Fcx%3D010201664924910455066:in0vdqojkr4&ust=1721995032606254&usg=AOvVaw3I0Cp5s9GX8Ri3P3K9OaMt

0
0

GET
H2 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
4 KB 224ms
42ms Image
image/svg+xml 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 10:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Jul 2025 10:13:22 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 41ms
40ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: bankcustomer.gov
URL: https://bankcustomer.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bankcustomer.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 19:09:56 GMT
x-content-type-options: nosniff
age: 60406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 910
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 25 Jul 2025 19:09:56 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 54ms
53ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=Ohg/d=0/rs=AN8SPfocrRO-f5jO91h2UqcrdJsFzeCmQQ/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=Ohg/d=0/rs=AN8SPfocrRO-f5jO91h2UqcrdJsFzeCmQQ/m=el_main_css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 06:09:21 GMT
x-content-type-options: nosniff
age: 20841
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 26 Jul 2025 06:09:21 GMT

GET
DATA 200
OK truncated
/ Frame 6439 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6439 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 log Show response
translate.googleapis.com/element/ 131 B
152 B 55ms
54ms Fetch
text/plain 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.zh_CN.AnhO6c1pSsE.O/am=AIA/d=1/exm=el_conf/ed=1/rs=AN8SPfpM6JEtzpmKVMYqVZKirRR2DEmhzw/m=el_main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Content-Encoding: gzip
Referer: https://bankcustomer.gov/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/binary

Response headers

date: Fri, 26 Jul 2024 11:56:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bankcustomer.gov
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 200 log
translate.googleapis.com/element/ Frame 0
0 259ms
56ms Preflight
text/plain 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://bankcustomer.gov
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://bankcustomer.gov
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 26 Jul 2024 11:56:52 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: helpwithmybank.gov
URL: https://helpwithmybank.gov/images/c-clamp-images/us_flag_small.png

Domain: helpwithmybank.gov
URL: https://helpwithmybank.gov/images/c-clamp-images/hwmb/footer-occ-logo.svg

Domain: helpwithmybank.gov
URL: https://helpwithmybank.gov/images/c-clamp-images/hwmb/icon-footer-occ-donut.svg

Domain: helpwithmybank.gov
URL: https://helpwithmybank.gov/images/c-clamp-images/hwmb/icon-footer-occ-careers.svg

Domain: helpwithmybank.gov
URL: https://helpwithmybank.gov/images/c-clamp-images/hwmb/icon-footer-banknet.svg

Domain: helpwithmybank.gov
URL: https://helpwithmybank.gov/images/c-clamp-images/hwmb/icon-footer-hwmb-check.svg

Domain: helpwithmybank.gov
URL: https://helpwithmybank.gov/images/c-clamp-images/hwmb/icon-footer-social-fb.svg

Domain: helpwithmybank.gov
URL: https://helpwithmybank.gov/images/c-clamp-images/hwmb/icon-footer-social-twitter.svg

Domain: helpwithmybank.gov
URL: https://helpwithmybank.gov/images/c-clamp-images/hwmb/icon-footer-social-linkedin.svg

Domain: helpwithmybank.gov
URL: https://helpwithmybank.gov/images/c-clamp-images/hwmb/icon-footer-social-youtube.svg

Domain: helpwithmybank.gov
URL: https://helpwithmybank.gov/images/c-clamp-images/hwmb/icon-footer-social-rss.svg

Domain: cse.google.com.hk
URL: https://cse.google.com.hk/url?sa=p&hl=zh-CN&pref=hkredirect&pval=yes&q=https://cse.google.com.hk/cse.js%3Fcx%3D010201664924910455066:in0vdqojkr4&ust=1721995032606254&usg=AOvVaw3I0Cp5s9GX8Ri3P3K9OaMt

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bankcustomer.gov/	1970-01-21 07:55:55	Name: nmstat Value: 57efadf0-d751-78aa-5fdf-cf3539bbfcdc
.bankcustomer.gov/	1970-01-21 07:55:55	Name: _ga_62E4EH1JK2 Value: GS1.1.1721995001.1.0.1721995001.0.0.0
.bankcustomer.gov/	1970-01-21 07:55:55	Name: _ga Value: GA1.1.1104959407.1721995002
.bankcustomer.gov/	1970-01-21 07:55:55	Name: _ga_CSLL4ZEK4L Value: GS1.1.1721995002.1.0.1721995002.0.0.0
bankcustomer.gov/	1969-12-31 23:59:59	Name: OCC_Encrypted_Cookie Value: !kHMlswszbD7fXfnZijWHJ1vS5aqU4p0EyPc0MHMUUOOKDHZWnn0JQRBby65osMjsL5soGNblRXJ6KpA=
.google.com/	1970-01-21 02:43:26	Name: NID Value: 516=olt-7UauaZYRfgA-F6NAfdcddXij-9odrHdVoAAZ8A3L9JSuikGGIx-NrXy5vK5H1cVqBLSwROltJI_jzRuYDFbysMj7qv3Ju0xNBdgWaSFRkqMuLsqhIygUhfkgTDwTqEhZo3Cd2BL-VWsOS_Xwen8FLMZZgssSKHvna2nIJ8HpblGCUNs0
.bankcustomer.gov/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.bankcustomer.gov/	1969-12-31 23:59:59	Name: cebs Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://translate.googleapis.com/ Message: Refused to frame '' because it violates the following Content Security Policy directive: "frame-src 'self' .google.com .googlesyndication.com".
security	error	URL: https://bankcustomer.gov/ Message: Refused to load the script 'https://cse.google.com.hk/url?sa=p&hl=zh-CN&pref=hkredirect&pval=yes&q=https://cse.google.com.hk/cse.js%3Fcx%3D010201664924910455066:in0vdqojkr4&ust=1721995032606254&usg=AOvVaw3I0Cp5s9GX8Ri3P3K9OaMt' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com *.sharethis.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network	error	URL: https://helpwithmybank.gov/images/c-clamp-images/hwmb/footer-occ-logo.svg Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://helpwithmybank.gov/images/c-clamp-images/us_flag_small.png Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://helpwithmybank.gov/images/c-clamp-images/hwmb/icon-footer-occ-donut.svg Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://helpwithmybank.gov/images/c-clamp-images/hwmb/icon-footer-occ-careers.svg Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://helpwithmybank.gov/images/c-clamp-images/hwmb/icon-footer-banknet.svg Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://helpwithmybank.gov/images/c-clamp-images/hwmb/icon-footer-hwmb-check.svg Message: Failed to load resource: net::ERR_CONNECTION_CLOSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self' .google.com .googlesyndication.com; font-src 'self' occ.gov .occ.gov .occ.treas.gov; img-src 'self' data: occ.gov .occ.gov .occ.treas.gov helpwithmybank.gov .helpwithmybank.gov .google.com .googletagmanager.com .google-analytics.com .googleapis.com .gstatic.com .ytimg.com .siteimproveanalytics.io .sharethis.com; style-src 'self' 'unsafe-inline' occ.gov .occ.gov .occ.treas.gov .google.com .gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: occ.gov .occ.gov .occ.treas.gov dap.digitalgov.gov .google-analytics.com .googletagmanager.com .google.com .googleapis.com .gstatic.com .googleadservices.com siteimproveanalytics.com .addthis.com .crazyegg.com .sharethis.com; connect-src 'self' occ.gov .occ.gov .occ.treas.gov .google-analytics.com .googleapis.com .withgoogle.com stats.g.doubleclick.net .crazyegg.com *.sharethis.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

50215.global.siteimproveanalytics.io
bankcustomer.gov
cse.google.com.hk
dap.digitalgov.gov
fonts.gstatic.com
helpwithmybank.gov
script.crazyegg.com
siteimproveanalytics.com
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
cse.google.com.hk
helpwithmybank.gov
199.83.40.55
2600:9000:2394:8c00:5:83ea:ba80:93a1
2606:4700::6813:9308
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a06:98c1:3121::3
3.69.16.83
005891bcccb7b7899e5eaa9a43fd2c43dbb860058fb237c87d6f45020ef9e76e
02a3ad94a41a73a901f72ded3ce3f7a5f057f9a383f3f4d1c45da6384875f95f
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
0bf1b8d8ac1b4ef0caea0db8cbe1b6a35f8a84a2f5fffa2421936cc11a1a91fc
0d8b9161e8778a9627e1cddb58fe555907f73339c2aa50d533c96c58d23aa046
18d868809f54fcf0ef7d4e6b61340a6fce6269a6c0e51132ac61fba52236e2fd
1c960d4f22663685d2e6e32476a3b68b070b8cb6f93116a2ca30a261bf140296
1e1cd0a755f010e868f646b78358a6b2496cda0aa00f2072d8acb5ff6245d8e8
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
29a1c464aaa67ab8a23580c3a49d11e9935dec84a55365c3777c4f84cbc03bad
2b21a64023e5ee7605dd6f6a9602c39919ef3e7e57d3d35d1eeb463a150a3d4c
3043101cea881b42a150fa005eaa8e319fc3746b0f4fd2db61f876c6b6a9a9f5
318262af247ad0f4042f5ce8f06788d416d2d8598c6d40b65df07151afc3fa23
35af0c7ebdd1fb55f708d9febc8b673869f263cdbba372dfbed00453c31db3f0
39b0358f9def658218bf7d3f5cc5e435bb921ca2bd0f1b3eac4ea6db9c2b2c80
3d6c1ba897cb0021c0ae3170b518ed3be483b560da8afff6264c732a28903f30
3dc8b2e91ba650027c5d34023e7c63eebc2dc389486dd35406b88419a75534cf
481a63a4b181cc917313cbfd4e5fe656b9c296280870870e3f2882d80945b678
4b533eb734d44fe36838c1f03df0133e725b742bc97ed213f413d9e267410b99
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e0fa171c9ad0f9754e6feb47586db013adcd2cabb7a4efb1538447b85cd7854
500d34bd6fa9f28a2fb205efe61d2de5151c58818836cbefc08eb6fdbca598f7
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5e3fe070eee9ca124d7591296c8052943d43d412aa25193284e7fde535180aa7
5f09e3fe500b73477f37876c7c6024ed367925d8657c5e5a87d04c30df5b5323
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
64df94090f9ec47abfe5988890ed33bd73c8f0cf34cfecea4c300e567fb17e04
69d6bc106ee203a1c01522ba15f9391aa742a5362b5f52b6ca00eff3765822e7
6e5ea4e23e91e832c13b2480fee814144efdbfc0b2069d4c799013602b89d4f5
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
8a6f68dd8703ce4cb475c92fc1eefa84c41f4741ec4c6ca8403ef99b74b94d20
a32646fd909501e9afca50da6d9fb4085f75fd8a93f89a96dd61235a1d8363be
a3a8df4233049f6de335427fedf96cae50b1fb146b6caddd783f73a6e47589ec
a5019c74e4b74b485fc40739ee9a2530b6d12239b8f0361d934f341713990af5
a5ef132c39596abcc2e564e272eefdf5165297d0b581d29fa43b9a1e5240b58a
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
b1b63c442be85d01ae078e4e3cd0f3c59fac30b2baa4e7bf59a94644f5f8ac2c
b7578ca42610f4105c8116dfe1bebb8bdd898ae90e925a8fd506d1e3a6dc8a40
b80566daaa784dc53dc9f9e36174bdea6faa889190940cab048e969ac23c7ef0
c8a17a207f86b27f357193797a5151138de7f5f9686aa4a6138e4082914c8d89
c9b1045c89fde20ce44dbe5170ac66b7fb0a7f294d33801ac5b9f5468d6c2bb7
d29b3d8a925d6485da8b03a0977af362c3f088db5512a69f82a5fa747a2f1a23
d2bcc0fa7e534fe231f0fa369388236f88973705460b36c3ec1b3f8490f8f614
d8af6af51e7dde4d7c7e29ff7297ebee4dcc1135b304008e0ba81c5b1ed0b0a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
ed8e6708f2e4f1c9d0e6ad12b729eed0c72f528f97056baa0dc4d69bb8b91517
ee3cf57fd3b1c078135422045eeb5000c6de85cf0ac6b1c395246f98e4aedfe6
f20289f8474ebc7acc097cad758b6a002177e17ab8a72962a3712a201fdd1a74
f22d67b08198f71df53a89cd006cbb60537d471804ccf4fe19f526ff41b58fee
f7524cc97ef211229dc987ab08396750e7fc7f6e1475170cc86dcbfb9c237816
fa621f86f1702a9fdea1b016714fd8aad913c0457cc1a26732367491f58bd504
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fd6fa69ba9d85da8aadad524b9401b7e921ad855aa73131a7d66ed5049694c2a

bankcustomer.gov Open in urlscan Pro 199.83.40.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

67 Requests

82 %HTTPS

82 %IPv6

12 Domains

13 Subdomains

12 IPs

2 Countries

880 kBTransfer

2553 kBSize

8 Cookies

15 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bankcustomer.gov Open in urlscan Pro
199.83.40.55 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

82 %
HTTPS

82 %
IPv6

12
Domains

13
Subdomains

12
IPs

2
Countries

880 kB
Transfer

2553 kB
Size

8
Cookies

67 HTTP transactions
2 data transactions