login-uat.fisglobal.com Open in urlscan Pro
80.67.82.40  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://uat-integrated-payables.usbank.com/ Page URL
2. https://login-uat.fisglobal.com/idp/USBankUAT?ClientID=usbank Page URL
3. https://login-uat.fisglobal.com/idp/USBankUAT/?ClientID=usbank Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response uat-integrated-payables.usbank.com/	3 KB 2 KB	577ms 349ms	Document text/html	2a02:26f0:480:d::210:f153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://uat-integrated-payables.usbank.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 6a99a41ff8dfe6724573a5067b572b83e73f8e405bb6e1a96707a90c1acdac74 Security Headers Name Value Content-Security-Policy style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com/jquery-3.5.1.min.js https://apis.google.com https://infinity.dev.fiscloudservices.com 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content; Strict-Transport-Security max-age=31536000 ; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 1423 content-security-policy style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com/jquery-3.5.1.min.js https://apis.google.com https://infinity.dev.fiscloudservices.com 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content; content-type text/html date Mon, 26 Jun 2023 21:33:37 GMT last-modified Tue, 25 Apr 2023 00:19:06 GMT strict-transport-security max-age=31536000 ; includeSubDomains vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/	7 KB 1 KB	132ms 47ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap Requested by Host: uat-integrated-payables.usbank.com URL: https://uat-integrated-payables.usbank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2170f04df3b7e03e3439440b22f30247a1ee0606d4a0253e159c8a725372ac8f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://uat-integrated-payables.usbank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 26 Jun 2023 21:33:37 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 26 Jun 2023 20:20:23 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 26 Jun 2023 21:33:37 GMT
GET H2	200	icon fonts.googleapis.com/	569 B 439 B	132ms 48ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: uat-integrated-payables.usbank.com URL: https://uat-integrated-payables.usbank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://uat-integrated-payables.usbank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 26 Jun 2023 21:33:37 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 26 Jun 2023 21:33:37 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 26 Jun 2023 21:33:37 GMT
GET H2	200	stylesheet.css uat-integrated-payables.usbank.com/	276 KB 40 KB	344ms 343ms	Stylesheet text/css	2a02:26f0:480:d::210:f153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://uat-integrated-payables.usbank.com/stylesheet.css Requested by Host: uat-integrated-payables.usbank.com URL: https://uat-integrated-payables.usbank.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash c52f832c87b622deed6b7b74d7a5b602e588c025bcc630f247cfbfeb3ccbf142 Security Headers Name Value Content-Security-Policy style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com/jquery-3.5.1.min.js https://apis.google.com https://infinity.dev.fiscloudservices.com 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content; Strict-Transport-Security max-age=31536000 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://uat-integrated-payables.usbank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers content-security-policy style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com/jquery-3.5.1.min.js https://apis.google.com https://infinity.dev.fiscloudservices.com 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content; content-encoding gzip date Mon, 26 Jun 2023 21:33:38 GMT last-modified Tue, 23 Aug 2022 14:49:38 GMT strict-transport-security max-age=31536000 ; includeSubDomains vary Accept-Encoding content-type text/css cache-control max-age=86361 accept-ranges bytes content-length 40828
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	148ms 17ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: uat-integrated-payables.usbank.com URL: https://uat-integrated-payables.usbank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer https://uat-integrated-payables.usbank.com/ Origin https://uat-integrated-payables.usbank.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Mon, 26 Jun 2023 21:33:37 GMT content-encoding gzip last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx etag W/"28feccc0-15d84" vary Accept-Encoding x-hw 1687815217.dop221.am5.t,1687815217.cds233.am5.hn,1687815217.cds312.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30879
GET H2	200	runtime.fc0ccb892920830e49ef.js Show response uat-integrated-payables.usbank.com/	2 KB 2 KB	288ms 287ms	Script application/javascript	2a02:26f0:480:d::210:f153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://uat-integrated-payables.usbank.com/runtime.fc0ccb892920830e49ef.js Requested by Host: uat-integrated-payables.usbank.com URL: https://uat-integrated-payables.usbank.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 4636b58d5d0eb2653e938d7eb490ffd9cd81484ff5fb47e60a34ca3e9200bb00 Security Headers Name Value Content-Security-Policy style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com/jquery-3.5.1.min.js https://apis.google.com https://infinity.dev.fiscloudservices.com 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content; Strict-Transport-Security max-age=31536000 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://uat-integrated-payables.usbank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers content-security-policy style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com/jquery-3.5.1.min.js https://apis.google.com https://infinity.dev.fiscloudservices.com 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content; content-encoding gzip date Mon, 26 Jun 2023 21:33:38 GMT last-modified Tue, 25 Apr 2023 00:12:52 GMT strict-transport-security max-age=31536000 ; includeSubDomains vary Accept-Encoding content-type application/javascript cache-control max-age=86388 accept-ranges bytes content-length 1321
GET H2	200	polyfills.8463b161c276004cb6f4.js Show response uat-integrated-payables.usbank.com/	58 KB 20 KB	366ms 366ms	Script application/javascript	2a02:26f0:480:d::210:f153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://uat-integrated-payables.usbank.com/polyfills.8463b161c276004cb6f4.js Requested by Host: uat-integrated-payables.usbank.com URL: https://uat-integrated-payables.usbank.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 7f8317b6d49b8ceec61d999109a363983011f395b2b4e94cff87467dfa9de711 Security Headers Name Value Content-Security-Policy style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com/jquery-3.5.1.min.js https://apis.google.com https://infinity.dev.fiscloudservices.com 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content; Strict-Transport-Security max-age=31536000 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://uat-integrated-payables.usbank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers content-security-policy style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com/jquery-3.5.1.min.js https://apis.google.com https://infinity.dev.fiscloudservices.com 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content; content-encoding gzip date Mon, 26 Jun 2023 21:33:38 GMT last-modified Tue, 25 Apr 2023 00:12:54 GMT strict-transport-security max-age=31536000 ; includeSubDomains vary Accept-Encoding content-type application/javascript cache-control max-age=86334 accept-ranges bytes content-length 19873
GET H2	200	scripts.cac4278b98b0ed3275d3.js Show response uat-integrated-payables.usbank.com/	88 KB 31 KB	305ms 305ms	Script application/javascript	2a02:26f0:480:d::210:f153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://uat-integrated-payables.usbank.com/scripts.cac4278b98b0ed3275d3.js Requested by Host: uat-integrated-payables.usbank.com URL: https://uat-integrated-payables.usbank.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 19a82c4cbc5648df24c7d26d25dfbc2cc4a4e3f28da14a551e0ebc2b2588ef2d Security Headers Name Value Content-Security-Policy style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com/jquery-3.5.1.min.js https://apis.google.com https://infinity.dev.fiscloudservices.com 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content; Strict-Transport-Security max-age=31536000 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://uat-integrated-payables.usbank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers content-security-policy style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com/jquery-3.5.1.min.js https://apis.google.com https://infinity.dev.fiscloudservices.com 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content; content-encoding gzip date Mon, 26 Jun 2023 21:33:38 GMT last-modified Tue, 25 Apr 2023 00:12:54 GMT strict-transport-security max-age=31536000 ; includeSubDomains vary Accept-Encoding content-type application/javascript cache-control max-age=86400 accept-ranges bytes content-length 31361
GET H2	200	main.c4f2b952227d31a9bf32.js Show response uat-integrated-payables.usbank.com/	2 MB 381 KB	364ms 363ms	Script application/javascript	2a02:26f0:480:d::210:f153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://uat-integrated-payables.usbank.com/main.c4f2b952227d31a9bf32.js Requested by Host: uat-integrated-payables.usbank.com URL: https://uat-integrated-payables.usbank.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 689bf1573967d6d0fd44c301f57af1952aec3a76aacfd8df1c6f4be610b1c434 Security Headers Name Value Content-Security-Policy style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com/jquery-3.5.1.min.js https://apis.google.com https://infinity.dev.fiscloudservices.com 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content; Strict-Transport-Security max-age=31536000 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://uat-integrated-payables.usbank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers content-security-policy style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com/jquery-3.5.1.min.js https://apis.google.com https://infinity.dev.fiscloudservices.com 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content; content-encoding gzip date Mon, 26 Jun 2023 21:33:38 GMT last-modified Tue, 25 Apr 2023 00:22:36 GMT strict-transport-security max-age=31536000 ; includeSubDomains vary Accept-Encoding content-type application/javascript cache-control max-age=86400 accept-ranges bytes
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	123ms 38ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://uat-integrated-payables.usbank.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 22 Jun 2023 22:16:07 GMT x-content-type-options nosniff age 343051 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Jun 2024 22:16:07 GMT
GET H2	200	IDP_Factory.json uat-integrated-payables.usbank.com/assets/data/	1 KB 1 KB	307ms 307ms	XHR application/json	2a02:26f0:480:d::210:f153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://uat-integrated-payables.usbank.com/assets/data/IDP_Factory.json Requested by Host: uat-integrated-payables.usbank.com URL: https://uat-integrated-payables.usbank.com/polyfills.8463b161c276004cb6f4.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com/jquery-3.5.1.min.js https://apis.google.com https://infinity.dev.fiscloudservices.com 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content; Strict-Transport-Security max-age=31536000 ; includeSubDomains Request headers Pragma no-cache Strict-Transport-Security max-age=86400; includeSubDomains accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 X-Frame-Options DENY Content-Type application/json Accept application/json, text/plain, */* Cache-Control no-cache, no-store, must-revalidate Referer https://uat-integrated-payables.usbank.com/ uuid 66aeadf8-7475-4215-8692-fbf16d50bc8b Expires 0 Response headers content-security-policy style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com/jquery-3.5.1.min.js https://apis.google.com https://infinity.dev.fiscloudservices.com 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content; content-encoding gzip date Mon, 26 Jun 2023 21:33:38 GMT last-modified Wed, 12 Apr 2023 21:26:12 GMT strict-transport-security max-age=31536000 ; includeSubDomains vary Accept-Encoding content-type application/json accept-ranges bytes content-length 495
GET H2	200	stylesheet.css uat-integrated-payables.usbank.com/assets/usbank/	3 KB 2 KB	125ms 125ms	Stylesheet text/html	2a02:26f0:480:d::210:f153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://uat-integrated-payables.usbank.com/assets/usbank/stylesheet.css?t=1687815218903 Requested by Host: uat-integrated-payables.usbank.com URL: https://uat-integrated-payables.usbank.com/main.c4f2b952227d31a9bf32.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com/jquery-3.5.1.min.js https://apis.google.com https://infinity.dev.fiscloudservices.com 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content; Strict-Transport-Security max-age=31536000 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://uat-integrated-payables.usbank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers content-security-policy style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com/jquery-3.5.1.min.js https://apis.google.com https://infinity.dev.fiscloudservices.com 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content; content-encoding gzip date Mon, 26 Jun 2023 21:33:39 GMT last-modified Tue, 25 Apr 2023 00:19:06 GMT strict-transport-security max-age=31536000 ; includeSubDomains vary Accept-Encoding content-type text/html cache-control max-age=86363 accept-ranges bytes content-length 1423
GET H2	200	USBankUAT login-uat.fisglobal.com/idp/	2 KB 3 KB	1331ms 612ms	Document text/html	80.67.82.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login-uat.fisglobal.com/idp/USBankUAT?ClientID=usbank Requested by Host: uat-integrated-payables.usbank.com URL: https://uat-integrated-payables.usbank.com/main.c4f2b952227d31a9bf32.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 80.67.82.40 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a80-67-82-40.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://uat-integrated-payables.usbank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://uat-integrated-payables.usbank.com/ cache-control no-store, no-cache, must-revalidate, proxy-revalidate, no-transform, max-age=0 content-encoding gzip content-length 970 content-type text/html date Mon, 26 Jun 2023 21:33:40 GMT expires Thu, 01 Jan 1970 00:00:00 GMT pragma no-cache server Unknown strict-transport-security max-age=31536000 ; includeSubDomains vary Accept-Encoding x-akamai-transformed 9 970 0 pmb=mTOE,1 x-content-type-options nosniff x-frame-options SAMEORIGIN x-ua-compatible IE=edge,chrome=1 x-xss-protection 1; mode=block
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/png
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	38ms 38ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://uat-integrated-payables.usbank.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 18:58:23 GMT x-content-type-options nosniff age 182115 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 23 Jun 2024 18:58:23 GMT
GET H2	200	Primary Request / Show response login-uat.fisglobal.com/idp/USBankUAT/	2 KB 2 KB	686ms 686ms	Document text/html	80.67.82.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login-uat.fisglobal.com/idp/USBankUAT/?ClientID=usbank Requested by Host: login-uat.fisglobal.com URL: https://login-uat.fisglobal.com/idp/USBankUAT?ClientID=usbank Protocol H2 Security TLS 1.3, , AES_256_GCM Server 80.67.82.40 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a80-67-82-40.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 23374e59df1188e4cb8c57d067637edd53b27b31ef10854aaae72f5685ef6b71 Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://login-uat.fisglobal.com/idp/USBankUAT?ClientID=usbank Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://login-uat.fisglobal.com/idp/USBankUAT?ClientID=usbank cache-control no-store, no-cache, must-revalidate, proxy-revalidate, no-transform, max-age=0 content-encoding gzip content-length 1091 content-type text/html;charset=UTF-8 date Mon, 26 Jun 2023 21:33:41 GMT expires Thu, 01 Jan 1970 00:00:00 GMT pragma no-cache server Unknown strict-transport-security max-age=31536000 ; includeSubDomains vary Accept-Encoding x-akamai-transformed 9 1023 0 pmb=mTOE,1 x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	styles.css login-uat.fisglobal.com/idp/static-ui/sp-dashboard-app/	1 MB 124 KB	1181ms 1180ms	Stylesheet text/css	80.67.82.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login-uat.fisglobal.com/idp/static-ui/sp-dashboard-app/styles.css?version=v5.5.0 Requested by Host: login-uat.fisglobal.com URL: https://login-uat.fisglobal.com/idp/USBankUAT/?ClientID=usbank Protocol H2 Security TLS 1.3, , AES_256_GCM Server 80.67.82.40 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a80-67-82-40.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 745902f534d5d5a70e04534f437b8bc9a8d4fb5c7008aa1d22b908c8eef8cc9c Security Headers Name Value Content-Security-Policy font-src 'unsafe-inline' 'self'; img-src data: 'self' h.online-metrix.net; script-src-elem 'unsafe-inline' 'self' www.google.com www.gstatic.com; script-src 'unsafe-eval' 'self'; style-src-attr 'unsafe-inline'; style-src-elem 'unsafe-inline' 'self'; style-src 'unsafe-inline' 'self' https:; object-src h.online-metrix.net; Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://login-uat.fisglobal.com/idp/USBankUAT/?ClientID=usbank User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma public content-security-policy font-src 'unsafe-inline' 'self'; img-src data: 'self' h.online-metrix.net; script-src-elem 'unsafe-inline' 'self' www.google.com www.gstatic.com; script-src 'unsafe-eval' 'self'; style-src-attr 'unsafe-inline'; style-src-elem 'unsafe-inline' 'self'; style-src 'unsafe-inline' 'self' https:; object-src h.online-metrix.net; content-encoding gzip x-content-type-options nosniff date Mon, 26 Jun 2023 21:33:42 GMT last-modified Mon, 20 Feb 2023 10:17:06 GMT server Unknown strict-transport-security max-age=31536000 ; includeSubDomains x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css cache-control public, max-age=15107 content-length 125984 x-xss-protection 1; mode=block expires Tue, 27 Jun 2023 01:45:29 GMT
GET H2	200	style.css login-uat.fisglobal.com/idp/static-ui/styles/	1 KB 1 KB	556ms 555ms	Stylesheet text/css	80.67.82.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login-uat.fisglobal.com/idp/static-ui/styles/style.css?version=v5.5.0 Requested by Host: login-uat.fisglobal.com URL: https://login-uat.fisglobal.com/idp/USBankUAT/?ClientID=usbank Protocol H2 Security TLS 1.3, , AES_256_GCM Server 80.67.82.40 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a80-67-82-40.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 89327d322f8af65e9a73d69d474ea5abe290f620a94ba87829c5e6a6560f5459 Security Headers Name Value Content-Security-Policy font-src 'unsafe-inline' 'self'; img-src data: 'self' h.online-metrix.net; script-src-elem 'unsafe-inline' 'self' www.google.com www.gstatic.com; script-src 'unsafe-eval' 'self'; style-src-attr 'unsafe-inline'; style-src-elem 'unsafe-inline' 'self'; style-src 'unsafe-inline' 'self' https:; object-src h.online-metrix.net; Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://login-uat.fisglobal.com/idp/USBankUAT/?ClientID=usbank User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma public content-security-policy font-src 'unsafe-inline' 'self'; img-src data: 'self' h.online-metrix.net; script-src-elem 'unsafe-inline' 'self' www.google.com www.gstatic.com; script-src 'unsafe-eval' 'self'; style-src-attr 'unsafe-inline'; style-src-elem 'unsafe-inline' 'self'; style-src 'unsafe-inline' 'self' https:; object-src h.online-metrix.net; content-encoding gzip x-content-type-options nosniff date Mon, 26 Jun 2023 21:33:42 GMT last-modified Mon, 20 Feb 2023 10:17:06 GMT server Unknown strict-transport-security max-age=31536000 ; includeSubDomains x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css cache-control public, max-age=15093 content-length 703 x-xss-protection 1; mode=block expires Tue, 27 Jun 2023 01:45:15 GMT
GET H2	200	runtime.js Show response login-uat.fisglobal.com/idp/static-ui/sp-dashboard-app/	2 KB 1 KB	1073ms 1073ms	Script application/javascript	80.67.82.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login-uat.fisglobal.com/idp/static-ui/sp-dashboard-app/runtime.js?version=v5.5.0&acf8ad16c7400477 Requested by Host: login-uat.fisglobal.com URL: https://login-uat.fisglobal.com/idp/USBankUAT/?ClientID=usbank Protocol H2 Security TLS 1.3, , AES_256_GCM Server 80.67.82.40 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a80-67-82-40.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 9787785b92e97193676006cc5b617fcee9cdd0cb117df7c4b8dfef6f7a2a6646 Security Headers Name Value Content-Security-Policy font-src 'unsafe-inline' 'self'; img-src data: 'self' h.online-metrix.net; script-src-elem 'unsafe-inline' 'self' www.google.com www.gstatic.com; script-src 'unsafe-eval' 'self'; style-src-attr 'unsafe-inline'; style-src-elem 'unsafe-inline' 'self'; style-src 'unsafe-inline' 'self' https:; object-src h.online-metrix.net; Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://login-uat.fisglobal.com/idp/USBankUAT/?ClientID=usbank User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma public content-security-policy font-src 'unsafe-inline' 'self'; img-src data: 'self' h.online-metrix.net; script-src-elem 'unsafe-inline' 'self' www.google.com www.gstatic.com; script-src 'unsafe-eval' 'self'; style-src-attr 'unsafe-inline'; style-src-elem 'unsafe-inline' 'self'; style-src 'unsafe-inline' 'self' https:; object-src h.online-metrix.net; content-encoding gzip x-content-type-options nosniff date Mon, 26 Jun 2023 21:33:42 GMT last-modified Mon, 20 Feb 2023 10:17:06 GMT server Unknown strict-transport-security max-age=31536000 ; includeSubDomains x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control public, max-age=15198 content-length 894 x-xss-protection 1; mode=block expires Tue, 27 Jun 2023 01:47:00 GMT
GET H2	200	polyfills.js Show response login-uat.fisglobal.com/idp/static-ui/sp-dashboard-app/	152 KB 52 KB	1224ms 1223ms	Script application/javascript	80.67.82.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login-uat.fisglobal.com/idp/static-ui/sp-dashboard-app/polyfills.js?version=v5.5.0&acf8ad16c7400477 Requested by Host: login-uat.fisglobal.com URL: https://login-uat.fisglobal.com/idp/USBankUAT/?ClientID=usbank Protocol H2 Security TLS 1.3, , AES_256_GCM Server 80.67.82.40 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a80-67-82-40.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 1b7092ce9f11825b3f4200c84a1fac6e6b2fbb8894128593b4a13a7f1c797686 Security Headers Name Value Content-Security-Policy font-src 'unsafe-inline' 'self'; img-src data: 'self' h.online-metrix.net; script-src-elem 'unsafe-inline' 'self' www.google.com www.gstatic.com; script-src 'unsafe-eval' 'self'; style-src-attr 'unsafe-inline'; style-src-elem 'unsafe-inline' 'self'; style-src 'unsafe-inline' 'self' https:; object-src h.online-metrix.net; Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://login-uat.fisglobal.com/idp/USBankUAT/?ClientID=usbank User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma public content-security-policy font-src 'unsafe-inline' 'self'; img-src data: 'self' h.online-metrix.net; script-src-elem 'unsafe-inline' 'self' www.google.com www.gstatic.com; script-src 'unsafe-eval' 'self'; style-src-attr 'unsafe-inline'; style-src-elem 'unsafe-inline' 'self'; style-src 'unsafe-inline' 'self' https:; object-src h.online-metrix.net; content-encoding gzip x-content-type-options nosniff date Mon, 26 Jun 2023 21:33:42 GMT last-modified Mon, 20 Feb 2023 10:17:06 GMT server Unknown strict-transport-security max-age=31536000 ; includeSubDomains x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control public, max-age=15214 content-length 52651 x-xss-protection 1; mode=block expires Tue, 27 Jun 2023 01:47:16 GMT
GET H2	200	main.js Show response login-uat.fisglobal.com/idp/static-ui/sp-dashboard-app/	1 MB 358 KB	1158ms 1158ms	Script application/javascript	80.67.82.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login-uat.fisglobal.com/idp/static-ui/sp-dashboard-app/main.js?version=v5.5.0&acf8ad16c7400477 Requested by Host: login-uat.fisglobal.com URL: https://login-uat.fisglobal.com/idp/USBankUAT/?ClientID=usbank Protocol H2 Security TLS 1.3, , AES_256_GCM Server 80.67.82.40 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a80-67-82-40.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash f9b101532145839313854f4d8577a98a3b204cb16af406d9c6066194a152c99d Security Headers Name Value Content-Security-Policy font-src 'unsafe-inline' 'self'; img-src data: 'self' h.online-metrix.net; script-src-elem 'unsafe-inline' 'self' www.google.com www.gstatic.com; script-src 'unsafe-eval' 'self'; style-src-attr 'unsafe-inline'; style-src-elem 'unsafe-inline' 'self'; style-src 'unsafe-inline' 'self' https:; object-src h.online-metrix.net; Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://login-uat.fisglobal.com/idp/USBankUAT/?ClientID=usbank User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma public content-security-policy font-src 'unsafe-inline' 'self'; img-src data: 'self' h.online-metrix.net; script-src-elem 'unsafe-inline' 'self' www.google.com www.gstatic.com; script-src 'unsafe-eval' 'self'; style-src-attr 'unsafe-inline'; style-src-elem 'unsafe-inline' 'self'; style-src 'unsafe-inline' 'self' https:; object-src h.online-metrix.net; content-encoding gzip x-content-type-options nosniff date Mon, 26 Jun 2023 21:33:42 GMT last-modified Mon, 20 Feb 2023 10:17:06 GMT server Unknown strict-transport-security max-age=31536000 ; includeSubDomains x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control public, max-age=15164 content-length 365571 x-xss-protection 1; mode=block expires Tue, 27 Jun 2023 01:46:26 GMT
GET H2	200	TJSs Show response login-uat.fisglobal.com/nzcXvvc3B7aB7_6IIubg/7hiVcDXN7waG/PVQiZgE/cEZSH1E/	200 KB 73 KB	405ms 404ms	Script application/javascript	80.67.82.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login-uat.fisglobal.com/nzcXvvc3B7aB7_6IIubg/7hiVcDXN7waG/PVQiZgE/cEZSH1E/TJSs Requested by Host: login-uat.fisglobal.com URL: https://login-uat.fisglobal.com/idp/USBankUAT/?ClientID=usbank Protocol H2 Security TLS 1.3, , AES_256_GCM Server 80.67.82.40 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a80-67-82-40.deploy.static.akamaitechnologies.com Software / Resource Hash 2f3d3ebc5c3834c6f1a6f30fb7d367dd50926e1c262e6f78c32e2fbc9c3726e7 Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://login-uat.fisglobal.com/idp/USBankUAT/?ClientID=usbank User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Mon, 26 Jun 2023 21:33:41 GMT content-encoding br strict-transport-security max-age=31536000 ; includeSubDomains last-modified Wed, 26 Apr 2023 15:12:29 GMT etag "0de70e25d67afe88b25a94d8a25973e3136b4cf62020eb61c69701ff052f36db" stored-attribute-sha-checksum 2f3d3ebc5c3834c6f1a6f30fb7d367dd50926e1c262e6f78c32e2fbc9c3726e7 content-type application/javascript cache-control max-age=21600 content-length 74215 expires Sun, 23 Jul 2023 06:15:45 GMT
POST		TJSs login-uat.fisglobal.com/nzcXvvc3B7aB7_6IIubg/7hiVcDXN7waG/PVQiZgE/cEZSH1E/	0 0
GET		current login-uat.fisglobal.com/idp/USBankUAT/rest/1.0/theme/	0 0
GET H2	200	source-sans-pro-regular.woff2 login-uat.fisglobal.com/idp/static-ui/sp-dashboard-app/	16 KB 16 KB	200ms 200ms	Font font/woff2	80.67.82.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login-uat.fisglobal.com/idp/static-ui/sp-dashboard-app/source-sans-pro-regular.woff2 Requested by Host: login-uat.fisglobal.com URL: https://login-uat.fisglobal.com/idp/static-ui/sp-dashboard-app/styles.css?version=v5.5.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 80.67.82.40 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a80-67-82-40.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199 Security Headers Name Value Content-Security-Policy font-src 'unsafe-inline' 'self'; img-src data: 'self' h.online-metrix.net; script-src-elem 'unsafe-inline' 'self' www.google.com www.gstatic.com; script-src 'unsafe-eval' 'self'; style-src-attr 'unsafe-inline'; style-src-elem 'unsafe-inline' 'self'; style-src 'unsafe-inline' 'self' https:; object-src h.online-metrix.net; Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://login-uat.fisglobal.com/idp/static-ui/sp-dashboard-app/styles.css?version=v5.5.0 Origin https://login-uat.fisglobal.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma public content-security-policy font-src 'unsafe-inline' 'self'; img-src data: 'self' h.online-metrix.net; script-src-elem 'unsafe-inline' 'self' www.google.com www.gstatic.com; script-src 'unsafe-eval' 'self'; style-src-attr 'unsafe-inline'; style-src-elem 'unsafe-inline' 'self'; style-src 'unsafe-inline' 'self' https:; object-src h.online-metrix.net; date Mon, 26 Jun 2023 21:33:43 GMT x-content-type-options nosniff strict-transport-security max-age=31536000 ; includeSubDomains last-modified Mon, 20 Feb 2023 10:17:06 GMT server Unknown x-frame-options SAMEORIGIN content-type font/woff2 cache-control max-age=2592000, public accept-ranges bytes content-length 16112 x-xss-protection 1; mode=block expires Wed, 26 Jul 2023 21:33:43 GMT
POST		TJSs login-uat.fisglobal.com/nzcXvvc3B7aB7_6IIubg/7hiVcDXN7waG/PVQiZgE/cEZSH1E/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

login-uat.fisglobal.com

URL

https://login-uat.fisglobal.com/nzcXvvc3B7aB7_6IIubg/7hiVcDXN7waG/PVQiZgE/cEZSH1E/TJSs

Domain

login-uat.fisglobal.com

URL

https://login-uat.fisglobal.com/idp/USBankUAT/rest/1.0/theme/current

Domain

login-uat.fisglobal.com

URL

https://login-uat.fisglobal.com/nzcXvvc3B7aB7_6IIubg/7hiVcDXN7waG/PVQiZgE/cEZSH1E/TJSs

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| _cf object| bmak string| _sdTrace

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			uat-integrated-payables.usbank.com/	1969-12-31 23:59:59	Name: ENCRYPT Value: 14b5a3d9f95598749c3d3141aebb61eb5445bab4673ef5e4aa040e37187f0a69b5b1ab0d
			.usbank.com/	1970-01-20 12:50:22	Name: ak_bmsc Value: 4D260105D23BB6561C48C75CF9EE9A32~000000000000000000000000000000~YAAQE/AQAuu7KN6IAQAAa2Kg+RSoI5pxjRfBO8Lz/T/X9K5pm6whug7hKI62H2+CRSnJafGk0y/M2cYPAQobZaGheHTD7Y+E+tDNK3Z2n0lsEMNC9n2rZNkgqWSbxPq6ppVuIQBZVqhvlA0xHDDPg2Y2itYkZfaiL5MrUB5fenYd9cfYj2Gg9Ew4NHZ1W5wW3DeARES7xErz+JoVhA4ObpoGoz6Akokju3HYMI4mTBJlV5BrTMbDiKuXG5h9lQUHZ532XnOVvFzSFaDiUeazr2vZ23HCNDoeYuTnJc+3JR6mg6bVjtCIskr+KGDT4gMK/ovI/25Htt1B9NGwQMuEpiJ56Rq6IWPsdThffxqpjwhx0x9FyI+slqQ+U8YzCeR6uxutY+8ROJt3yLZ67B9nKNE=
			.usbank.com/	1970-01-20 12:50:22	Name: bm_sv Value: A210A858D5A4C141597ED71C8FB6CC92~YAAQE/AQAvq7KN6IAQAAyGag+RT5rW7T1weJ7y48JFp/OR/qcx0oXCyL5g9cgd4KIJoh4LWpZcNXY5ehVj17ei5pZQaiCFkSa5B9bMI//p5EXgk4mcgiVBzGlQkTqTzUmTav6LjUV3okOva7du1frOZwiP2NvCD1/5EoujkraNAqo9N9vcUP8EfgXIeYpKAANIch6+Pr4Tm+rRdTR3A1nmjnAd75dUSc1yrM+WdTaT+Z/FtJLeybNnyeb1tlfB5M~1
			.fisglobal.com/	1970-01-20 12:50:22	Name: ak_bmsc Value: 0E70BFABADCBE49706F307C571632CA9~000000000000000000000000000000~YAAQJFJDUIQqAMSIAQAAQ2yg+RQoAa5tFDG78ighlduNpFXNnGJ7uwNw8OcEoNxhlyVtl62dTZu3iu5Ld5YAwjfJa33DLxKMapmVV9OKzf/yjX6IOgqmi92J8/QcilQ1UrGj6vYB9Ofl7Ov85Y7rhg1d4jG2Md6yM/GYLTcnYQp8+otQFpbNDxRbjUzlaK7nC++ol2mCwEdGGCU0eUA/v/TfcuMYXxU4t3GVl09/cq52MdPwq09vc3Ki1KkjhjSyS66lcKYbFW7/6T/KT6AA/nlYx4+01ZCBzycUIKUs6NtSrVEvTDAvH/KdpWShupXm0WjtAqZZzM0jck8iC6QOuAMsEoHg1QiJqpec7EguRY5N+/wyoeQnOaeTJr04NB2Wi5B9+lFFtmDFraO6927o
			.fisglobal.com/	1970-01-20 12:50:29	Name: bm_sz Value: 49F5804E2B6253078529189AB7324CF9~YAAQJFJDUIUqAMSIAQAAQ2yg+RSswqFtH04NAsmnx3OQD2YZtXJduMBr+qgfJHzsSVRGfwuWnxwPMpt0oARYT6VWubsV1IXDdyIFdjcMDO5elh24/Vk+2mXTTonyvkhBNJ2gpUGlo/vk/mPieqCSw3H1Q+ZAtMCV7WMZDbHy6DLpzBvLdZ+qN9IVOd8/pGUuQgHnSzL6i2V2bAhRNm3H978gN4sIDPMWLIR96AssIW8qx3ost7h1tzNFL72GtrLyVQFv+yNlnMag/VKuUpIb2C9FC/fny6FcQsm0cXLYXjprKGpEnKk=~3425841~3683380
			.fisglobal.com/	1970-01-20 12:50:22	Name: bm_sv Value: 84447DAF6EA915E0D4C5C68F825407E2~YAAQJFJDUJEqAMSIAQAAtnCg+RQPqekzKuGClQBVmi3iw/up8phTxkgXXTOVrr1QmTpO6HPVz6cwkx1PlXyKSmvWOcLZudxde5pq+n5P1B2ij0XFesi302JhuLlQ0x4JF4vwVjI6l5DVH//oYKppCfc/Vdcc3Vkoa/+lYyLaCmh3RenYjpMZTU0P78TmFWD8UnekRKnMuKS+5k8ZYY85oX3y8jAtVVnHZipdH8WNc7u+TEd20Ly42qO96Kj8ejPOy6Oe~1
			.fisglobal.com/	1970-01-20 21:35:51	Name: _abck Value: 4B2ADAA60C864F66DDB42CBD49AD58C2~-1~YAAQJFJDUJ4qAMSIAQAAyXKg+QpgruIvJWdYHOylG9GSJkvor47Gvwj6oPb+6WlPy5L1SMcAzef2XVu5D1COryZDg/CFk4swh3uBsm6HWNAWwb+SDKMb4jQsdpFOnh/N64xMIaoR5A42Ip969qjcfg8s7cFsqVn5Z77BJULvp+T5yZwaTrj7eM4zAR2hR/bhHXmjNQlOSZLJmiqqkUi+NMHrplZiY51XBHNTI4/bktZmW1cRxiIOAah4087Ytnrgz8qOZqhhomJz7SCk4IDuYOeM49qCv7va32GJar/gZ09QhiroJhTuds7ooLk5w5Eo11GTMbVCQFzmDLGzFwQHA5FuSv4N6Ao+hn+a9kCdVvcHvAGCBqfW/01KJ7i7b9wkbcteTnPMKy9b2UF8eA==~-1~-1~-1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://login-uat.fisglobal.com/idp/static-ui/sp-dashboard-app/main.js?version=v5.5.0&acf8ad16c7400477 Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com/jquery-3.5.1.min.js https://apis.google.com https://infinity.dev.fiscloudservices.com 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
login-uat.fisglobal.com
uat-integrated-payables.usbank.com
login-uat.fisglobal.com
2001:4de0:ac18::1:a:3a
2a00:1450:4001:80b::2003
2a00:1450:4001:827::200a
2a02:26f0:480:d::210:f153
80.67.82.40
19a82c4cbc5648df24c7d26d25dfbc2cc4a4e3f28da14a551e0ebc2b2588ef2d
1b7092ce9f11825b3f4200c84a1fac6e6b2fbb8894128593b4a13a7f1c797686
2170f04df3b7e03e3439440b22f30247a1ee0606d4a0253e159c8a725372ac8f
23374e59df1188e4cb8c57d067637edd53b27b31ef10854aaae72f5685ef6b71
2f3d3ebc5c3834c6f1a6f30fb7d367dd50926e1c262e6f78c32e2fbc9c3726e7
4636b58d5d0eb2653e938d7eb490ffd9cd81484ff5fb47e60a34ca3e9200bb00
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
689bf1573967d6d0fd44c301f57af1952aec3a76aacfd8df1c6f4be610b1c434
6a99a41ff8dfe6724573a5067b572b83e73f8e405bb6e1a96707a90c1acdac74
745902f534d5d5a70e04534f437b8bc9a8d4fb5c7008aa1d22b908c8eef8cc9c
7f8317b6d49b8ceec61d999109a363983011f395b2b4e94cff87467dfa9de711
89327d322f8af65e9a73d69d474ea5abe290f620a94ba87829c5e6a6560f5459
9787785b92e97193676006cc5b617fcee9cdd0cb117df7c4b8dfef6f7a2a6646
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
c52f832c87b622deed6b7b74d7a5b602e588c025bcc630f247cfbfeb3ccbf142
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9b101532145839313854f4d8577a98a3b204cb16af406d9c6066194a152c99d