fedsso.bankofamerica.com Open in urlscan Pro
171.161.146.123 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://citrixsec.sedgwick.com/logon/LogonPoint/tmindex.html
Effective URL:
https://fedsso.bankofamerica.com/idp/MpJaa_oadBa/resumeSAML20/idp/startSSO.ping
Submission Tags: @phishunt_io
Submission: On December 15 via api (December 15th 2021, 11:38:19 pm UTC) from DE — Scanned from DE

Summary HTTP 47 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 47 HTTP transactions. The main IP is 171.161.146.123, located in United States and belongs to BANKAMERICA, US. The main domain is fedsso.bankofamerica.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on June 8th 2021. Valid for: a year.

This is the only time fedsso.bankofamerica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	204.16.25.113 204.16.25.113	30680 (FISCOM-CO...) (FISCOM-COLO5-JAX-FL)
2 13	171.161.146.123 171.161.146.123	10794 (BANKAMERICA) (BANKAMERICA)
47	3

35 204.16.25.113 (United States)

ASN30680 (FISCOM-COLO5-JAX-FL, US)
PTR: sip.sedgwick.com

citrixsec.sedgwick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 171.161.146.123 (United States) 2 redirects

ASN10794 (BANKAMERICA, US)
PTR: fedsso-pf-rtx-ext-vip.bankofamerica.com

fedsso.bankofamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	sedgwick.com citrixsec.sedgwick.com	1 MB
13	bankofamerica.com 2 redirects fedsso.bankofamerica.com	613 KB
47	2

	Domain	Requested by
35	citrixsec.sedgwick.com	citrixsec.sedgwick.com
13	fedsso.bankofamerica.com	2 redirects fedsso.bankofamerica.com
47	2

This site contains links to these domains. Also see Links.

Domain
pns.bankofamerica.com
password.bankofamerica.com

Subject Issuer	Validity	Valid
citrixsec.sedgwick.com Sectigo RSA Organization Validation Secure Server CA	`2021-01-11` - `2022-01-11`	a year	crt.sh
fedsso.bankofamerica.com Entrust Certification Authority - L1M	`2021-06-08` - `2022-06-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://fedsso.bankofamerica.com/idp/MpJaa_oadBa/resumeSAML20/idp/startSSO.ping
Frame ID: 0D86B60D859CD5EF627FEF4630C905AD
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bank of America: Sign On

Page URL History Show full URLs

https://citrixsec.sedgwick.com/logon/LogonPoint/tmindex.html Page URL
https://citrixsec.sedgwick.com/nf/auth/doSaml?act=SAML-ADFS;nf=;wv=0 Page URL
https://fedsso.bankofamerica.com/idp/startSSO.ping?PartnerSpId=https%3A%2F%2Fcitrixsec.sedgwick.com HTTP 302
https://fedsso.bankofamerica.com/idp/oadBa/resumeSAML20/idp/startSSO.ping Page URL
https://fedsso.bankofamerica.com/idp/oadBa/resumeSAML20/idp/startSSO.ping HTTP 302
https://fedsso.bankofamerica.com/idp/MpJaa_oadBa/resumeSAML20/idp/startSSO.ping Page URL

Page Statistics

47
Requests

98 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1890 kB
Transfer

1905 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://pns.bankofamerica.com/pnservices/getid.jsp
Title: Get Standard ID (opens in a new window)

Search URL Search Domain Scan URL

URL: https://password.bankofamerica.com/
Title: Manage Password (opens in a new window)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://citrixsec.sedgwick.com/logon/LogonPoint/tmindex.html Page URL
https://citrixsec.sedgwick.com/nf/auth/doSaml?act=SAML-ADFS;nf=;wv=0 Page URL
https://fedsso.bankofamerica.com/idp/startSSO.ping?PartnerSpId=https%3A%2F%2Fcitrixsec.sedgwick.com HTTP 302
https://fedsso.bankofamerica.com/idp/oadBa/resumeSAML20/idp/startSSO.ping Page URL
https://fedsso.bankofamerica.com/idp/oadBa/resumeSAML20/idp/startSSO.ping HTTP 302
https://fedsso.bankofamerica.com/idp/MpJaa_oadBa/resumeSAML20/idp/startSSO.ping Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://fedsso.bankofamerica.com/idp/startSSO.ping?PartnerSpId=https%3A%2F%2Fcitrixsec.sedgwick.com HTTP 302
https://fedsso.bankofamerica.com/idp/oadBa/resumeSAML20/idp/startSSO.ping

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK tmindex.html Show response
citrixsec.sedgwick.com/logon/LogonPoint/ 42 KB
42 KB 614ms
133ms Document
text/html 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/tmindex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

fe5dbf002c035921b1cab7d379e14cf5edc5924db724ab988971415a2fa29c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 15 Dec 2021 23:38:11 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Last-Modified: Sat, 26 Dec 2020 18:38:04 GMT
ETag: "a674-5b762575ddb00"
Accept-Ranges: bytes
Content-Length: 42612
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload

GET
H/1.1 200
OK jquery.min.js Show response
citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/ 104 KB
105 KB 370ms
130ms Script
application/javascript 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/jquery.min.js

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/tmindex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

17894fd466e348bf2eb59d183e390f786da76f1797665eca71d0fd51d095932a

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:12 GMT
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 106504
X-Citrix-Application: Receiver for Web
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:17:10 GMT
Server: Apache
ETag: "1a008-5b762e332f980"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98

GET
H/1.1 200
OK jquery-ui.min.js Show response
citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/ 246 KB
246 KB 391ms
131ms Script
application/javascript 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/jquery-ui.min.js

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/tmindex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

9d280b53a4d980fedaeed18ff0c49bfa575d7100268cc8b9a7e44b5edc404bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:12 GMT
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 251704
X-Citrix-Application: Receiver for Web
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:17:19 GMT
Server: Apache
ETag: "3d738-5b762e3bc4dc0"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97

GET
H/1.1 200
OK jquery.ui.touch-punch.min.js Show response
citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/ 1 KB
2 KB 392ms
131ms Script
application/javascript 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/jquery.ui.touch-punch.min.js

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/tmindex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

ba4e6af952ad38ed336e34950ac7dd236db7238c315418431a53263a84760305

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:12 GMT
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1097
X-Citrix-Application: Receiver for Web
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:17:25 GMT
Server: Apache
ETag: "449-5b762e417db40"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96

GET
H/1.1 200
OK jquery-migrate.min.js Show response
citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/ 8 KB
9 KB 392ms
130ms Script
application/javascript 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/jquery-migrate.min.js

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/tmindex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

128c510c9d60eea7ad93b3d1122a3a20b49e3ada4ff468026ca7642799a477a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:12 GMT
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 8406
X-Citrix-Application: Receiver for Web
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:17:22 GMT
Server: Apache
ETag: "20d6-5b762e3ea1480"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100

GET
H/1.1 200
OK init.js Show response
citrixsec.sedgwick.com/logon/LogonPoint/ 6 KB
6 KB 393ms
131ms Script
application/javascript 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/init.js

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/tmindex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

5ee8bea3319e50bd1a4a9842d1cc9d8770d41fb98866eac9ebedfacc6df66e38

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:12 GMT
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 5650
X-Citrix-Application: Receiver for Web
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 18:38:04 GMT
Server: Apache
ETag: "1612-5b762575ddb00"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99

GET
H/1.1 200
OK hammer.min.js Show response
citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/ 19 KB
20 KB 396ms
133ms Script
application/javascript 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/hammer.min.js

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/tmindex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

75169f9c62b4bc6d546c9b59ee59d0c93ae3f88437777cc0a3e67c254f13a382

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:12 GMT
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 19853
X-Citrix-Application: Receiver for Web
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:17:29 GMT
Server: Apache
ETag: "4d8d-5b762e454e440"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98

GET
H/1.1 200
OK jquery.dotdotdot.min.js Show response
citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/ 6 KB
7 KB 524ms
132ms Script
application/javascript 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/jquery.dotdotdot.min.js

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/tmindex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

0ccc391385db07d263046d352e64c23fb5721461637a83ef097f975b409e6d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:12 GMT
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 6484
X-Citrix-Application: Receiver for Web
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:17:32 GMT
Server: Apache
ETag: "1954-5b762e482ab00"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97

GET
H/1.1 200
OK velocity.min.js Show response
citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/ 33 KB
34 KB 524ms
131ms Script
application/javascript 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/velocity.min.js

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/tmindex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

9bbbee2c65b74a02eede62ca5a340a0b873e50282dc26db4aeb3a6a587cc1d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:12 GMT
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 34210
X-Citrix-Application: Receiver for Web
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:17:38 GMT
Server: Apache
ETag: "85a2-5b762e4de3880"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96

GET
H/1.1 200
OK slick.min.js Show response
citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/ 38 KB
38 KB 524ms
131ms Script
application/javascript 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/slick.min.js

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/tmindex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

e7a5de833705f4384adfad5a78792fb0ad0641cbb04f0f088b7f71d73c685f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:12 GMT
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 38584
X-Citrix-Application: Receiver for Web
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:17:43 GMT
Server: Apache
ETag: "96b8-5b762e52a83c0"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=95

GET
H/1.1 200
OK elliptic.min.js Show response
citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/ 130 KB
130 KB 656ms
131ms Script
application/javascript 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/elliptic.min.js

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/tmindex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

e641716d3c8723716d19c048160365ff2b843136fe3477b27bdc4399d212e49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:12 GMT
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 132775
X-Citrix-Application: Receiver for Web
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:17:52 GMT
Server: Apache
ETag: "206a7-5b762e5b3d800"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=94

GET
H/1.1 200
OK wspinner@2x.gif
citrixsec.sedgwick.com/logon/LogonPoint/receiver/images/common/ 2 KB
3 KB 132ms
132ms Image
image/gif 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/images/common/wspinner@2x.gif

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/tmindex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

111ce0995fd5170b4289d22d9bac264ffba149c4eda9377a5403423a22d3b76c

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:13 GMT
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:16:23 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
ETag: "8af-5b762e065cfc0"
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
Content-Type: image/gif
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=94
Content-Length: 2223
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK ctxs.core.min.js Show response
citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/ 109 KB
109 KB 130ms
130ms Script
application/javascript 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/ctxs.core.min.js

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/tmindex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

ffbe0c243cfa5e019d77b8cb747869af798d27d5184000fd6e3891dd68cba356

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:13 GMT
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 111374
X-Citrix-Application: Receiver for Web
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:16:35 GMT
Server: Apache
ETag: "1b30e-5b762e11ceac0"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=93

GET
H/1.1 200
OK ctxs.webui.min.js Show response
citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/ 275 KB
275 KB 131ms
130ms Script
application/javascript 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/ctxs.webui.min.js

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/tmindex.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

7ed4911fb90ee288b962b78aa6e89eeca7e3fc635006f84e33633e96cd69fe36

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:13 GMT
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 281195
X-Citrix-Application: Receiver for Web
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:16:44 GMT
Server: Apache
ETag: "44a6b-5b762e1a63f00"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99

GET
H/1.1 200
OK ctxs.large-ui.min.css
citrixsec.sedgwick.com/logon/LogonPoint/receiver/css/ 78 KB
78 KB 132ms
132ms Stylesheet
text/css 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/css/ctxs.large-ui.min.css

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/init.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

1bb3451cb39f87b51cd7ca0a5254456d48bf3b24df3a61ba8a0bfb7c2b34bea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:13 GMT
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:16:38 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
ETag: "136c4-5b762e14ab180"
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=92
Content-Length: 79556
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK theme.css
citrixsec.sedgwick.com/logon/themes/Default/css/ 19 B
594 B 133ms
132ms Stylesheet
text/css 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/themes/Default/css/theme.css

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/init.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

333daa0016c8f43fee52866ce762f53717031f88f20312f3be0cfc43665babc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:13 GMT
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 18:37:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
ETag: "13-5b76257118fc0"
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 19
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK style.css
citrixsec.sedgwick.com/logon/LogonPoint/custom/ 738 B
1 KB 132ms
132ms Stylesheet
text/css 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/custom/style.css

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/init.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

2edb669dfed3b5cd526966d3a589fd7bd2b59dd4a5d26f90a72c162de460977f

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:13 GMT
Referrer-Policy: no-referrer
Last-Modified: Mon, 13 May 2019 18:27:04 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
ETag: "2e2-588c91021ae00"
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=95
Content-Length: 738
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK script.js Show response
citrixsec.sedgwick.com/logon/LogonPoint/custom/ 921 B
2 KB 133ms
133ms Script
application/javascript 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/custom/script.js

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/init.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

99fd16dec5a3b8fb22a04d013f237817d3440cbdb828d7e6a3652d3691cade31

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:13 GMT
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 921
X-Citrix-Application: Receiver for Web
Referrer-Policy: no-referrer
Last-Modified: Mon, 13 May 2019 18:27:04 GMT
Server: Apache
ETag: "399-588c91021ae00"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=93

GET
H/1.1 200
OK strings.en.js Show response
citrixsec.sedgwick.com/logon/LogonPoint/custom/ 438 B
1 KB 132ms
132ms Script
application/javascript 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/custom/strings.en.js

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/init.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

a5366bdf12ecdd7ff4c87d34ec238717b0c1864598ace0fbd94a5f73f151060f

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:13 GMT
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 438
X-Citrix-Application: Receiver for Web
Referrer-Policy: no-referrer
Last-Modified: Mon, 13 May 2019 18:27:04 GMT
Server: Apache
ETag: "1b6-588c91021ae00"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98

POST
H/1.1 200
OK Configuration Show response
citrixsec.sedgwick.com/logon/LogonPoint/Home/ 2 KB
3 KB 130ms
129ms XHR
application/vnd.citrix.authenticateresponse-1+xml 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/Home/Configuration

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Resource Hash

9bd04a71a507d1a99b20bb0d5ee7cc42150970309c69477f56975f39a5fd3197

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-Citrix-IsUsingHTTPS: Yes

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
Cache-control: no-cache, no-store, must-revalidate
Content-Length: 2379
X-Citrix-Application: Receiver for Web
Content-Type: application/vnd.citrix.authenticateresponse-1+xml;charset=utf-8

GET
H/1.1 200
OK actionSprite.png
citrixsec.sedgwick.com/logon/LogonPoint/receiver/images/1x/ 2 KB
3 KB 133ms
132ms Image
image/png 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/images/1x/actionSprite.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

036e7a57f8bb75895d2d35b27913f555589881a2e7cda51f1de01a351425ffba

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:13 GMT
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:16:23 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
ETag: "95a-5b762e065cfc0"
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
Content-Type: image/png
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 2394
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK folder_template.png
citrixsec.sedgwick.com/logon/LogonPoint/receiver/images/1x/ 432 B
967 B 131ms
131ms Image
image/png 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/images/1x/folder_template.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

5886f57d6a5eab166a00523fcc6963edafb009029e3ec6092f6ea79da4cd6ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:13 GMT
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:16:23 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
ETag: "1b0-5b762e065cfc0"
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
Content-Type: image/png
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=91
Content-Length: 432
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK viewSprite.png
citrixsec.sedgwick.com/logon/LogonPoint/receiver/images/1x/ 3 KB
4 KB 130ms
130ms Image
image/png 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/images/1x/viewSprite.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

85d7dde124874210870bb7d3526f56ba3dc4b54ef4572855946f3905233c1455

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:13 GMT
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:16:23 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
ETag: "c5f-5b762e065cfc0"
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
Content-Type: image/png
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=92
Content-Length: 3167
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK strings.en.json Show response
citrixsec.sedgwick.com/logon/LogonPoint/custom/ 4 KB
4 KB 132ms
131ms XHR
application/json 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/custom/strings.en.json

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

1548de1657820f2674aad7218c33718c00470e4b2c0d4d2725ec7a99acb69e9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-Citrix-IsUsingHTTPS: Yes

Response headers

Date: Wed, 15 Dec 2021 23:38:13 GMT
Referrer-Policy: no-referrer
Last-Modified: Mon, 17 May 2021 19:00:04 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
ETag: "f0a-5c28b3382b500"
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
Content-Type: application/json
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=90
Content-Length: 3850
X-Content-Type-Options: nosniff
X-Citrix-Application: Receiver for Web

GET
H/1.1 200
OK nsg-epa.js Show response
citrixsec.sedgwick.com/logon/LogonPoint/plugins/ns-gateway/ 38 KB
39 KB 131ms
131ms Script
application/javascript 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/plugins/ns-gateway/nsg-epa.js

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/ctxs.core.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

7bb91a0409731cae099033cb46136219afa8621bdfccd263e291ae0de08a246a

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:14 GMT
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 39067
X-Citrix-Application: Receiver for Web
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:16:37 GMT
Server: Apache
ETag: "989b-5b762e13b6f40"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=89

GET
H/1.1 200
OK nsg-setclient.js Show response
citrixsec.sedgwick.com/logon/LogonPoint/plugins/ns-gateway/ 74 KB
74 KB 133ms
133ms Script
application/javascript 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/plugins/ns-gateway/nsg-setclient.js

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/ctxs.core.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

55f9d88db62cb3b2fd83adc83d094d97cf5f0ac78b37361f41972774e1e5d543

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:14 GMT
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 75472
X-Citrix-Application: Receiver for Web
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:16:32 GMT
Server: Apache
ETag: "126d0-5b762e0ef2400"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96

GET
H/1.1 200
OK ns-nfactor.js Show response
citrixsec.sedgwick.com/logon/LogonPoint/plugins/ns-gateway/ 33 KB
33 KB 131ms
131ms Script
application/javascript 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/plugins/ns-gateway/ns-nfactor.js

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/ctxs.core.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

91350071ed89e2fe2c344b1c3459707b0e0de2be1b84c090a5898ecddbed39aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:14 GMT
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 33374
X-Citrix-Application: Receiver for Web
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:16:37 GMT
Server: Apache
ETag: "825e-5b762e13b6f40"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0 must-revalidate
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=91

GET
H/1.1 200
OK List Show response
citrixsec.sedgwick.com/cgi/Resources/ 22 B
292 B 130ms
130ms XHR
text/plain 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL: https://citrixsec.sedgwick.com/cgi/Resources/List
Requested by: Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),
Reverse DNS: sip.sedgwick.com
Software: /
Resource Hash: da38e4f7d8d357e2c820a08d4874c9b9882fbd315f075d8ce710278f18a52fb7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
CitrixWebReceiver-Authenticate: reason="notoken", location="/cgi/GetAuthMethods"
Content-Length: 22
X-Citrix-Application: Receiver for Web
Content-Type: text/plain

GET
H/1.1 200
OK citrixgateway_logo_white.png
citrixsec.sedgwick.com/vpn/media/ 2 KB
3 KB 133ms
132ms Image
image/png 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citrixsec.sedgwick.com/vpn/media/citrixgateway_logo_white.png

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/css/ctxs.large-ui.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

4a2cae9a9c5a586f2bd5dc6140e34cac6b18be6b617c602a4a48321452c18c1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:14 GMT
Referrer-Policy: no-referrer
Last-Modified: Sun, 17 Jan 2021 07:32:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
ETag: "8fc-5b9139bebeac0"
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
Content-Type: image/png
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=90
Content-Length: 2300
X-Content-Type-Options: nosniff

POST
H/1.1 200
OK List Show response
citrixsec.sedgwick.com/logon/LogonPoint/Resources/ 22 B
292 B 131ms
131ms XHR
text/plain 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL: https://citrixsec.sedgwick.com/logon/LogonPoint/Resources/List
Requested by: Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),
Reverse DNS: sip.sedgwick.com
Software: /
Resource Hash: da38e4f7d8d357e2c820a08d4874c9b9882fbd315f075d8ce710278f18a52fb7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
X-Citrix-IsUsingHTTPS: Yes
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
CitrixWebReceiver-Authenticate: reason="notoken", location="/cgi/GetAuthMethods"
Content-Length: 22
X-Citrix-Application: Receiver for Web
Content-Type: text/plain

GET
H/1.1 200
OK getECdetails Show response
citrixsec.sedgwick.com/nf/auth/ 23 B
293 B 130ms
130ms XHR
application/json 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/nf/auth/getECdetails

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Resource Hash

e6ee73b614d8bf5e6f57075e71d261039de73b70f4412d5dfc8a7f8c1bc2a2ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload

Request headers

Accept: */*
Referer
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-Citrix-IsUsingHTTPS: Yes

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
Cache-control: no-cache, no-store, must-revalidate
Content-Length: 23
X-Citrix-Application: Receiver for Web
Content-Type: application/json;charset=utf-8

POST
H/1.1 200
OK GetAuthMethods
citrixsec.sedgwick.com/cgi/ 143 B
447 B 130ms
130ms XHR
application/vnd.citrix.authenticateresponse-1+xml 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/cgi/GetAuthMethods

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-Citrix-IsUsingHTTPS: Yes

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
Cache-control: no-cache, no-store, must-revalidate
Content-Length: 143
X-Citrix-Application: Receiver for Web
Content-Type: application/vnd.citrix.authenticateresponse-1+xml;charset=utf-8

POST
H/1.1 200
OK getAuthenticationRequirements.do
citrixsec.sedgwick.com/nf/auth/ 316 B
620 B 134ms
134ms XHR
application/vnd.citrix.authenticateresponse-1+xml 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/nf/auth/getAuthenticationRequirements.do

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload

Request headers

X-Citrix-AM-LabelTypes: none, plain, heading, information, warning, error, confirmation, image, nsg-epa, nsg-epa-failure, nsg-login-label, tlogin-failure-msg, nsg-tlogin-heading, nsg-tlogin-single-res, nsg-tlogin-multi-res, nsg-tlogin, nsg-login-heading, nsg-fullvpn, nsg-l20n, nsg-l20n-error, certauth-failure-msg, dialogue-label, nsg-change-pass-assistive-text, nsg_confirmation, nsg_kba_registration_heading, nsg_email_registration_heading, nsg_kba_validation_question, nsg_sspr_success, nf-manage-otp
X-Citrix-IsUsingHTTPS: Yes
Accept-Language: de-DE,de;q=0.9
Accept: application/xml, text/xml, */*; q=0.01
Referer
X-Citrix-AM-CredentialTypes: none, username, domain, password, newpassword, passcode, savecredentials, textcredential, webview, nsg-epa, negotiate, nsg_push, nsg_push_otp, nf_sspr_rem, nsg-x1, nsg-setclient, nsg-eula, nsg-tlogin, nsg-fullvpn, nsg-hidden, nsg-auth-failure, nsg-auth-success, nsg-epa-success, nsg-l20n, GoBack, nf-recaptcha, ns-dialogue, nf-gw-test, nsg_qrcode, nsg_manageotp
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
Cache-control: no-cache, no-store, must-revalidate
Content-Length: 316
X-Citrix-Application: Receiver for Web
Content-Type: application/vnd.citrix.authenticateresponse-1+xml;charset=utf-8

GET
H/1.1 200
OK doSaml
citrixsec.sedgwick.com/nf/auth/ 6 KB
7 KB 134ms
134ms Document
text/html 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixsec.sedgwick.com/nf/auth/doSaml?act=SAML-ADFS;nf=;wv=0

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/ctxs.webui.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
Connection: close
Content-Length: 6189
Cache-control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html

GET
H/1.1 200
OK ReceiverFullScreenBackground.jpg
citrixsec.sedgwick.com/logon/LogonPoint/receiver/images/common/ 35 KB
0 132ms
132ms Image
image/jpeg 204.16.25.113
FISCOM-COLO5-JAX-FL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/images/common/ReceiverFullScreenBackground.jpg

Requested by

Host: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/css/ctxs.large-ui.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.16.25.113 , United States, ASN30680 (FISCOM-COLO5-JAX-FL, US),

Reverse DNS

sip.sedgwick.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:15 GMT
Referrer-Policy: no-referrer
Last-Modified: Sat, 26 Dec 2020 19:16:23 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
ETag: "c676-5b762e065cfc0"
Strict-Transport-Security: max-age=4294967294; includeSubDomains; preload
Content-Type: image/jpeg
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=89
Content-Length: 50806
X-Content-Type-Options: nosniff

GET citrixgateway_logo_white.png
citrixsec.sedgwick.com/vpn/media/ 0
0

GET
H/1.1

401
Unauthorized

startSSO.ping Show response
fedsso.bankofamerica.com/idp/oadBa/resumeSAML20/idp/
Redirect Chain

https://fedsso.bankofamerica.com/idp/startSSO.ping?PartnerSpId=https%3A%2F%2Fcitrixsec.sedgwick.com
https://fedsso.bankofamerica.com/idp/oadBa/resumeSAML20/idp/startSSO.ping

316 B
2 KB

367ms
367ms

Document
text/html

171.161.146.123
BANKAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://fedsso.bankofamerica.com/idp/oadBa/resumeSAML20/idp/startSSO.ping

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.161.146.123 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

fedsso-pf-rtx-ext-vip.bankofamerica.com

Software

Resource Hash

493d04e44c370ecf8f591b6cab9a973f6d886c461fa2910f4682efd782d1cb6d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; img-src 'self' data: 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; connect-src 'self' 'unsafe-inline' wss: .ml.com .bankofamerica.com .baml.com.bluematrix.com .thomsonreuters.com .sentieo.com; frame-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; font-src 'self' 'unsafe-inline' data: .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://citrixsec.sedgwick.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://citrixsec.sedgwick.com/

Response headers

Date: Wed, 15 Dec 2021 23:38:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload
Referrer-Policy: origin
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
WWW-Authenticate: Negotiate
Content-Length: 316
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; img-src 'self' data: 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; connect-src 'self' 'unsafe-inline' wss: *.ml.com *.bankofamerica.com *.baml.com*.bluematrix.com *.thomsonreuters.com *.sentieo.com; frame-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; font-src 'self' 'unsafe-inline' data: *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expect-CT: max-age=3600, enforce
X-Frame-Options: SAMEORIGIN
Keep-Alive: timeout=5, max=19999
Connection: Keep-Alive

Redirect headers

Date: Wed, 15 Dec 2021 23:38:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload
Referrer-Policy: origin
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
Location: https://fedsso.bankofamerica.com/idp/oadBa/resumeSAML20/idp/startSSO.ping
Content-Length: 0
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; img-src 'self' data: 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; connect-src 'self' 'unsafe-inline' wss: *.ml.com *.bankofamerica.com *.baml.com*.bluematrix.com *.thomsonreuters.com *.sentieo.com; frame-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; font-src 'self' 'unsafe-inline' data: *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expect-CT: max-age=3600, enforce
X-Frame-Options: SAMEORIGIN
Keep-Alive: timeout=5, max=20000
Connection: Keep-Alive

GET
H/1.1

200
OK

Primary Request startSSO.ping Show response
fedsso.bankofamerica.com/idp/MpJaa_oadBa/resumeSAML20/idp/
Redirect Chain

https://fedsso.bankofamerica.com/idp/oadBa/resumeSAML20/idp/startSSO.ping
https://fedsso.bankofamerica.com/idp/MpJaa_oadBa/resumeSAML20/idp/startSSO.ping

8 KB
9 KB

396ms
395ms

Document
text/html

171.161.146.123
BANKAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://fedsso.bankofamerica.com/idp/MpJaa_oadBa/resumeSAML20/idp/startSSO.ping

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.161.146.123 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

fedsso-pf-rtx-ext-vip.bankofamerica.com

Software

Resource Hash

5bbe02b3c27c0d0366f28d20128473062423a38fa6a57ee70296872860507836

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; img-src 'self' data: 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; connect-src 'self' 'unsafe-inline' wss: .ml.com .bankofamerica.com .baml.com.bluematrix.com .thomsonreuters.com .sentieo.com; frame-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; font-src 'self' 'unsafe-inline' data: .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fedsso.bankofamerica.com/idp/oadBa/resumeSAML20/idp/startSSO.ping

Response headers

Date: Wed, 15 Dec 2021 23:38:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload
Referrer-Policy: origin
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Frame-Options: DENY
Content-Length: 7815
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; img-src 'self' data: 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; connect-src 'self' 'unsafe-inline' wss: *.ml.com *.bankofamerica.com *.baml.com*.bluematrix.com *.thomsonreuters.com *.sentieo.com; frame-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; font-src 'self' 'unsafe-inline' data: *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expect-CT: max-age=3600, enforce
Keep-Alive: timeout=5, max=19997
Connection: Keep-Alive

Redirect headers

Date: Wed, 15 Dec 2021 23:38:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload
Referrer-Policy: origin
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
WWW-Authenticate: Negotiate
Location: https://fedsso.bankofamerica.com/idp/MpJaa_oadBa/resumeSAML20/idp/startSSO.ping
Content-Length: 0
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; img-src 'self' data: 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; connect-src 'self' 'unsafe-inline' wss: *.ml.com *.bankofamerica.com *.baml.com*.bluematrix.com *.thomsonreuters.com *.sentieo.com; frame-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; font-src 'self' 'unsafe-inline' data: *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expect-CT: max-age=3600, enforce
Keep-Alive: timeout=5, max=19998
Connection: Keep-Alive

GET
H/1.1 200
OK custom.css
fedsso.bankofamerica.com/assets/sso/css/ 336 KB
338 KB 132ms
132ms Stylesheet
text/css 171.161.146.123
BANKAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://fedsso.bankofamerica.com/assets/sso/css/custom.css

Requested by

Host: fedsso.bankofamerica.com
URL: https://fedsso.bankofamerica.com/idp/MpJaa_oadBa/resumeSAML20/idp/startSSO.ping

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.161.146.123 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

fedsso-pf-rtx-ext-vip.bankofamerica.com

Software

Resource Hash

5b1aa720d0f27536e50848c653deb9d552302a72716f4e00affe02e48306dbd6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; img-src 'self' data: 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; connect-src 'self' 'unsafe-inline' wss: .ml.com .bankofamerica.com .baml.com.bluematrix.com .thomsonreuters.com .sentieo.com; frame-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; font-src 'self' 'unsafe-inline' data: .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fedsso.bankofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:17 GMT
Referrer-Policy: origin
Last-Modified: Mon, 15 Nov 2021 17:22:32 GMT
Expect-CT: max-age=3600, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: max-age=0, must-revalidate
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; img-src 'self' data: 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; connect-src 'self' 'unsafe-inline' wss: *.ml.com *.bankofamerica.com *.baml.com*.bluematrix.com *.thomsonreuters.com *.sentieo.com; frame-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; font-src 'self' 'unsafe-inline' data: *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com
Connection: Keep-Alive
Content-Type: text/css
Keep-Alive: timeout=5, max=19996
Content-Length: 344266
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main-v2.css
fedsso.bankofamerica.com/assets/sso/css/ 9 KB
11 KB 392ms
134ms Stylesheet
text/css 171.161.146.123
BANKAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://fedsso.bankofamerica.com/assets/sso/css/main-v2.css

Requested by

Host: fedsso.bankofamerica.com
URL: https://fedsso.bankofamerica.com/idp/MpJaa_oadBa/resumeSAML20/idp/startSSO.ping

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.161.146.123 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

fedsso-pf-rtx-ext-vip.bankofamerica.com

Software

Resource Hash

6e2d628058e4cc34871378e947908fd1699f9eea5aec28c1195dab46c0c76ba2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; img-src 'self' data: 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; connect-src 'self' 'unsafe-inline' wss: .ml.com .bankofamerica.com .baml.com.bluematrix.com .thomsonreuters.com .sentieo.com; frame-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; font-src 'self' 'unsafe-inline' data: .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fedsso.bankofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:17 GMT
Referrer-Policy: origin
Last-Modified: Mon, 15 Nov 2021 17:22:32 GMT
Expect-CT: max-age=3600, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: max-age=0, must-revalidate
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; img-src 'self' data: 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; connect-src 'self' 'unsafe-inline' wss: *.ml.com *.bankofamerica.com *.baml.com*.bluematrix.com *.thomsonreuters.com *.sentieo.com; frame-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; font-src 'self' 'unsafe-inline' data: *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com
Connection: Keep-Alive
Content-Type: text/css
Keep-Alive: timeout=5, max=20000
Content-Length: 9194
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK urlmunger.js Show response
fedsso.bankofamerica.com/assets/sso/js/ 2 KB
4 KB 397ms
136ms Script
application/javascript 171.161.146.123
BANKAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://fedsso.bankofamerica.com/assets/sso/js/urlmunger.js

Requested by

Host: fedsso.bankofamerica.com
URL: https://fedsso.bankofamerica.com/idp/MpJaa_oadBa/resumeSAML20/idp/startSSO.ping

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.161.146.123 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

fedsso-pf-rtx-ext-vip.bankofamerica.com

Software

Resource Hash

dd140cd58ef404f5000c4630a30b579380f93c24ecf592291ad9ecee0d392e49

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; img-src 'self' data: 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; connect-src 'self' 'unsafe-inline' wss: .ml.com .bankofamerica.com .baml.com.bluematrix.com .thomsonreuters.com .sentieo.com; frame-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; font-src 'self' 'unsafe-inline' data: .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fedsso.bankofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:17 GMT
Referrer-Policy: origin
Last-Modified: Mon, 15 Nov 2021 17:22:32 GMT
Expect-CT: max-age=3600, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: max-age=0, must-revalidate
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; img-src 'self' data: 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; connect-src 'self' 'unsafe-inline' wss: *.ml.com *.bankofamerica.com *.baml.com*.bluematrix.com *.thomsonreuters.com *.sentieo.com; frame-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; font-src 'self' 'unsafe-inline' data: *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com
Connection: Keep-Alive
Content-Type: application/javascript
Keep-Alive: timeout=5, max=20000
Content-Length: 2534
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bofa-logo-new.svg
fedsso.bankofamerica.com/assets/sso/images/ 7 KB
9 KB 386ms
132ms Image
image/svg+xml 171.161.146.123
BANKAMERICA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fedsso.bankofamerica.com/assets/sso/images/bofa-logo-new.svg

Requested by

Host: fedsso.bankofamerica.com
URL: https://fedsso.bankofamerica.com/idp/MpJaa_oadBa/resumeSAML20/idp/startSSO.ping

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.161.146.123 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

fedsso-pf-rtx-ext-vip.bankofamerica.com

Software

Resource Hash

4f43956ff1e3bf9d7e9c3d3a135a3c9c8d4d39dc69a334bec02926448c1e7ef5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; img-src 'self' data: 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; connect-src 'self' 'unsafe-inline' wss: .ml.com .bankofamerica.com .baml.com.bluematrix.com .thomsonreuters.com .sentieo.com; frame-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; font-src 'self' 'unsafe-inline' data: .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fedsso.bankofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:18 GMT
Referrer-Policy: origin
Last-Modified: Mon, 15 Nov 2021 17:22:32 GMT
Expect-CT: max-age=3600, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: max-age=0, must-revalidate
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; img-src 'self' data: 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; connect-src 'self' 'unsafe-inline' wss: *.ml.com *.bankofamerica.com *.baml.com*.bluematrix.com *.thomsonreuters.com *.sentieo.com; frame-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; font-src 'self' 'unsafe-inline' data: *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com
Connection: Keep-Alive
Content-Type: image/svg+xml
Keep-Alive: timeout=5, max=19998
Content-Length: 7544
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
fedsso.bankofamerica.com/assets/sso/jslib/jQuery/3.5.1/ 87 KB
89 KB 133ms
132ms Script
application/javascript 171.161.146.123
BANKAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://fedsso.bankofamerica.com/assets/sso/jslib/jQuery/3.5.1/jquery-3.5.1.min.js

Requested by

Host: fedsso.bankofamerica.com
URL: https://fedsso.bankofamerica.com/idp/MpJaa_oadBa/resumeSAML20/idp/startSSO.ping

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.161.146.123 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

fedsso-pf-rtx-ext-vip.bankofamerica.com

Software

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; img-src 'self' data: 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; connect-src 'self' 'unsafe-inline' wss: .ml.com .bankofamerica.com .baml.com.bluematrix.com .thomsonreuters.com .sentieo.com; frame-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; font-src 'self' 'unsafe-inline' data: .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fedsso.bankofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:18 GMT
Referrer-Policy: origin
Last-Modified: Mon, 15 Nov 2021 17:22:32 GMT
Expect-CT: max-age=3600, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: max-age=0, must-revalidate
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; img-src 'self' data: 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; connect-src 'self' 'unsafe-inline' wss: *.ml.com *.bankofamerica.com *.baml.com*.bluematrix.com *.thomsonreuters.com *.sentieo.com; frame-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; font-src 'self' 'unsafe-inline' data: *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com
Connection: Keep-Alive
Content-Type: application/javascript
Keep-Alive: timeout=5, max=19999
Content-Length: 89476
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK popper.min.js Show response
fedsso.bankofamerica.com/assets/sso/jslib/jQuery/3.5.1/ 18 KB
20 KB 139ms
139ms Script
application/javascript 171.161.146.123
BANKAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://fedsso.bankofamerica.com/assets/sso/jslib/jQuery/3.5.1/popper.min.js

Requested by

Host: fedsso.bankofamerica.com
URL: https://fedsso.bankofamerica.com/idp/MpJaa_oadBa/resumeSAML20/idp/startSSO.ping

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.161.146.123 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

fedsso-pf-rtx-ext-vip.bankofamerica.com

Software

Resource Hash

a9dd7bbfe22d33e4a3efa2564c3374512177cfcf4b7224e5061b9fa36d77c676

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; img-src 'self' data: 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; connect-src 'self' 'unsafe-inline' wss: .ml.com .bankofamerica.com .baml.com.bluematrix.com .thomsonreuters.com .sentieo.com; frame-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; font-src 'self' 'unsafe-inline' data: .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fedsso.bankofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:18 GMT
Referrer-Policy: origin
Last-Modified: Mon, 15 Nov 2021 17:22:32 GMT
Expect-CT: max-age=3600, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: max-age=0, must-revalidate
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; img-src 'self' data: 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; connect-src 'self' 'unsafe-inline' wss: *.ml.com *.bankofamerica.com *.baml.com*.bluematrix.com *.thomsonreuters.com *.sentieo.com; frame-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; font-src 'self' 'unsafe-inline' data: *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com
Connection: Keep-Alive
Content-Type: application/javascript
Keep-Alive: timeout=5, max=19995
Content-Length: 18508
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
fedsso.bankofamerica.com/assets/sso/jslib/bootstrap/4.6/ 82 KB
84 KB 134ms
133ms Script
application/javascript 171.161.146.123
BANKAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://fedsso.bankofamerica.com/assets/sso/jslib/bootstrap/4.6/bootstrap.bundle.min.js

Requested by

Host: fedsso.bankofamerica.com
URL: https://fedsso.bankofamerica.com/idp/MpJaa_oadBa/resumeSAML20/idp/startSSO.ping

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.161.146.123 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

fedsso-pf-rtx-ext-vip.bankofamerica.com

Software

Resource Hash

b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; img-src 'self' data: 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; connect-src 'self' 'unsafe-inline' wss: .ml.com .bankofamerica.com .baml.com.bluematrix.com .thomsonreuters.com .sentieo.com; frame-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; font-src 'self' 'unsafe-inline' data: .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fedsso.bankofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:18 GMT
Referrer-Policy: origin
Last-Modified: Mon, 15 Nov 2021 17:22:32 GMT
Expect-CT: max-age=3600, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: max-age=0, must-revalidate
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; img-src 'self' data: 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; connect-src 'self' 'unsafe-inline' wss: *.ml.com *.bankofamerica.com *.baml.com*.bluematrix.com *.thomsonreuters.com *.sentieo.com; frame-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; font-src 'self' 'unsafe-inline' data: *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com
Connection: Keep-Alive
Content-Type: application/javascript
Keep-Alive: timeout=5, max=19999
Content-Length: 84378
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Connections.woff
fedsso.bankofamerica.com/assets/sso/fonts/connections/ 41 KB
42 KB 258ms
132ms Font
application/font-woff 171.161.146.123
BANKAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://fedsso.bankofamerica.com/assets/sso/fonts/connections/Connections.woff

Requested by

Host: fedsso.bankofamerica.com
URL: https://fedsso.bankofamerica.com/assets/sso/css/main-v2.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.161.146.123 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

fedsso-pf-rtx-ext-vip.bankofamerica.com

Software

Resource Hash

91eda04cd92aa5d10e8ad20151c60ffde44eaed5729e2e2279de864858590ae2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; img-src 'self' data: 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; connect-src 'self' 'unsafe-inline' wss: .ml.com .bankofamerica.com .baml.com.bluematrix.com .thomsonreuters.com .sentieo.com; frame-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; font-src 'self' 'unsafe-inline' data: .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fedsso.bankofamerica.com/
Origin: https://fedsso.bankofamerica.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:18 GMT
Referrer-Policy: origin
Last-Modified: Mon, 15 Nov 2021 17:22:32 GMT
Expect-CT: max-age=3600, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: max-age=0, must-revalidate
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; img-src 'self' data: 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; connect-src 'self' 'unsafe-inline' wss: *.ml.com *.bankofamerica.com *.baml.com*.bluematrix.com *.thomsonreuters.com *.sentieo.com; frame-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; font-src 'self' 'unsafe-inline' data: *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com
Connection: Keep-Alive
Content-Type: application/font-woff
Keep-Alive: timeout=5, max=19994
Content-Length: 41744
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK brand-icons.ttf
fedsso.bankofamerica.com/assets/sso/fonts/connections/ 16 KB
0 391ms
142ms Font
application/x-font-ttf 171.161.146.123
BANKAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://fedsso.bankofamerica.com/assets/sso/fonts/connections/brand-icons.ttf?a4g4ix

Requested by

Host: fedsso.bankofamerica.com
URL: https://fedsso.bankofamerica.com/assets/sso/css/custom.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.161.146.123 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

fedsso-pf-rtx-ext-vip.bankofamerica.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; img-src 'self' data: 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; connect-src 'self' 'unsafe-inline' wss: .ml.com .bankofamerica.com .baml.com.bluematrix.com .thomsonreuters.com .sentieo.com; frame-src 'self' 'unsafe-inline' .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com; font-src 'self' 'unsafe-inline' data: .ml.com .bankofamerica.com .baml.com .bluematrix.com .thomsonreuters.com .sentieo.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fedsso.bankofamerica.com/
Origin: https://fedsso.bankofamerica.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 23:38:18 GMT
Referrer-Policy: origin
Last-Modified: Mon, 15 Nov 2021 17:22:32 GMT
Expect-CT: max-age=3600, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: max-age=0, must-revalidate
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; img-src 'self' data: 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; connect-src 'self' 'unsafe-inline' wss: *.ml.com *.bankofamerica.com *.baml.com*.bluematrix.com *.thomsonreuters.com *.sentieo.com; frame-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com; font-src 'self' 'unsafe-inline' data: *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.sentieo.com
Connection: Keep-Alive
Content-Type: application/x-font-ttf
Keep-Alive: timeout=5, max=20000
Content-Length: 59728
X-XSS-Protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: citrixsec.sedgwick.com
URL: https://citrixsec.sedgwick.com/vpn/media/citrixgateway_logo_white.png

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fedsso.bankofamerica.com/	1969-12-31 23:59:59	Name: bac_persist Value: 3982831013.24515.0000
.bankofamerica.com/	1970-01-27 06:38:31	Name: _bofalid Value: H/Cywvz3nIrKmhEJ6fhcIWjRmbPCAaUaKwVPEQtK+zk=
fedsso.bankofamerica.com/	1969-12-31 23:59:59	Name: PF Value: fmq9TqdooT8zinpPkVYxE6ZOc3jjphBVhQsmyw7OH4oX
.fedsso.bankofamerica.com/	1969-12-31 23:59:59	Name: TS0196f782 Value: 01894c4cce73d32b8054cd582ee68cefbf098192f0d207d09c5e91c4b31665494b5c51d395a5d175f950a7d403c50fb855ca180847713be6e8f4d2b76ddf44e0da5fa5074d25d724c6084d3385330b333bf473203525cdd3ce910148be9d85dcdf0d6b4b72

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://citrixsec.sedgwick.com/logon/LogonPoint/receiver/js/external/jquery.min.js(Line 200) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
network	error	URL: https://fedsso.bankofamerica.com/idp/oadBa/resumeSAML20/idp/startSSO.ping Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
security	error	URL: https://fedsso.bankofamerica.com/idp/oadBa/resumeSAML20/idp/startSSO.ping Message: The source list for the Content Security Policy directive 'connect-src' contains an invalid source: '.baml.com.bluematrix.com'. It will be ignored.
security	error	URL: https://fedsso.bankofamerica.com/idp/MpJaa_oadBa/resumeSAML20/idp/startSSO.ping Message: The source list for the Content Security Policy directive 'connect-src' contains an invalid source: '.baml.com.bluematrix.com'. It will be ignored.
security	error	URL: https://fedsso.bankofamerica.com/idp/MpJaa_oadBa/resumeSAML20/idp/startSSO.ping(Line 17) Message: X-Frame-Options may only be set via an HTTP header sent along with a document. It may not be set inside <meta>.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=4294967294; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

citrixsec.sedgwick.com
fedsso.bankofamerica.com
citrixsec.sedgwick.com
171.161.146.123
204.16.25.113
036e7a57f8bb75895d2d35b27913f555589881a2e7cda51f1de01a351425ffba
0ccc391385db07d263046d352e64c23fb5721461637a83ef097f975b409e6d60
111ce0995fd5170b4289d22d9bac264ffba149c4eda9377a5403423a22d3b76c
128c510c9d60eea7ad93b3d1122a3a20b49e3ada4ff468026ca7642799a477a2
1548de1657820f2674aad7218c33718c00470e4b2c0d4d2725ec7a99acb69e9c
17894fd466e348bf2eb59d183e390f786da76f1797665eca71d0fd51d095932a
1bb3451cb39f87b51cd7ca0a5254456d48bf3b24df3a61ba8a0bfb7c2b34bea4
2edb669dfed3b5cd526966d3a589fd7bd2b59dd4a5d26f90a72c162de460977f
333daa0016c8f43fee52866ce762f53717031f88f20312f3be0cfc43665babc0
493d04e44c370ecf8f591b6cab9a973f6d886c461fa2910f4682efd782d1cb6d
4a2cae9a9c5a586f2bd5dc6140e34cac6b18be6b617c602a4a48321452c18c1c
4f43956ff1e3bf9d7e9c3d3a135a3c9c8d4d39dc69a334bec02926448c1e7ef5
55f9d88db62cb3b2fd83adc83d094d97cf5f0ac78b37361f41972774e1e5d543
5886f57d6a5eab166a00523fcc6963edafb009029e3ec6092f6ea79da4cd6ae0
5b1aa720d0f27536e50848c653deb9d552302a72716f4e00affe02e48306dbd6
5bbe02b3c27c0d0366f28d20128473062423a38fa6a57ee70296872860507836
5ee8bea3319e50bd1a4a9842d1cc9d8770d41fb98866eac9ebedfacc6df66e38
6e2d628058e4cc34871378e947908fd1699f9eea5aec28c1195dab46c0c76ba2
75169f9c62b4bc6d546c9b59ee59d0c93ae3f88437777cc0a3e67c254f13a382
7bb91a0409731cae099033cb46136219afa8621bdfccd263e291ae0de08a246a
7ed4911fb90ee288b962b78aa6e89eeca7e3fc635006f84e33633e96cd69fe36
85d7dde124874210870bb7d3526f56ba3dc4b54ef4572855946f3905233c1455
91350071ed89e2fe2c344b1c3459707b0e0de2be1b84c090a5898ecddbed39aa
91eda04cd92aa5d10e8ad20151c60ffde44eaed5729e2e2279de864858590ae2
99fd16dec5a3b8fb22a04d013f237817d3440cbdb828d7e6a3652d3691cade31
9bbbee2c65b74a02eede62ca5a340a0b873e50282dc26db4aeb3a6a587cc1d95
9bd04a71a507d1a99b20bb0d5ee7cc42150970309c69477f56975f39a5fd3197
9d280b53a4d980fedaeed18ff0c49bfa575d7100268cc8b9a7e44b5edc404bd4
a5366bdf12ecdd7ff4c87d34ec238717b0c1864598ace0fbd94a5f73f151060f
a9dd7bbfe22d33e4a3efa2564c3374512177cfcf4b7224e5061b9fa36d77c676
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
ba4e6af952ad38ed336e34950ac7dd236db7238c315418431a53263a84760305
da38e4f7d8d357e2c820a08d4874c9b9882fbd315f075d8ce710278f18a52fb7
dd140cd58ef404f5000c4630a30b579380f93c24ecf592291ad9ecee0d392e49
e641716d3c8723716d19c048160365ff2b843136fe3477b27bdc4399d212e49f
e6ee73b614d8bf5e6f57075e71d261039de73b70f4412d5dfc8a7f8c1bc2a2ce
e7a5de833705f4384adfad5a78792fb0ad0641cbb04f0f088b7f71d73c685f3b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe5dbf002c035921b1cab7d379e14cf5edc5924db724ab988971415a2fa29c68
ffbe0c243cfa5e019d77b8cb747869af798d27d5184000fd6e3891dd68cba356

fedsso.bankofamerica.com Open in urlscan Pro 171.161.146.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

47 Requests

98 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

1890 kBTransfer

1905 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fedsso.bankofamerica.com Open in urlscan Pro
171.161.146.123 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1890 kB
Transfer

1905 kB
Size

4
Cookies

47 HTTP transactions
0 data transactions