qa.cfinslogin.com Open in urlscan Pro
172.64.155.7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dctqa-fed.cfins.com/
Effective URL:
https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
Submission: On March 25 via api (March 25th 2024, 2:45:43 pm UTC) from US — Scanned from US

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 18 HTTP transactions. The main IP is 172.64.155.7, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is qa.cfinslogin.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2023. Valid for: a year.

This is the only time qa.cfinslogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.64.153.75 172.64.153.75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.234.204.36 3.234.204.36	14618 (AMAZON-AES) (AMAZON-AES)
17	172.64.155.7 172.64.155.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.217.92.214 52.217.92.214	16509 (AMAZON-02) (AMAZON-02)
18	2

1 172.64.153.75 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dctqa-fed.cfins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.234.204.36 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-204-36.compute-1.amazonaws.com

dctqa-fed.cfins.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.64.155.7 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

qa.cfinslogin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.92.214 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	cfinslogin.com qa.cfinslogin.com	454 KB
1	amazonaws.com s3.amazonaws.com	28 KB
1	cfins.digital 1 redirects dctqa-fed.cfins.digital	256 B
1	cfins.com 1 redirects dctqa-fed.cfins.com	353 B
18	4

	Domain	Requested by
17	qa.cfinslogin.com	qa.cfinslogin.com
1	s3.amazonaws.com	qa.cfinslogin.com
1	dctqa-fed.cfins.digital	1 redirects
1	dctqa-fed.cfins.com	1 redirects
18	4

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-11` - `2024-06-09`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-02-08` - `2025-01-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
Frame ID: EA60965D30895CF7613D9DB30ED5AACA
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

C&F Universal Login

Page URL History Show full URLs

https://dctqa-fed.cfins.com/ HTTP 301
https://dctqa-fed.cfins.digital/default.aspx HTTP 302
https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

482 kB
Transfer

1944 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dctqa-fed.cfins.com/ HTTP 301
https://dctqa-fed.cfins.digital/default.aspx HTTP 302
https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request deQw8BQTAY Show response
qa.cfinslogin.com/
Redirect Chain

https://dctqa-fed.cfins.com/
https://dctqa-fed.cfins.digital/default.aspx
https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx

4 KB
3 KB

824ms
454ms

Document
text/html

172.64.155.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd1f89d46380fba4787a064bff49e745a3b55937daad3091611bed1c4d584c01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 869faf778fc71815-EWR
content-encoding: gzip
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: *.googleapis.com *.google.com *.gstatic.com *.ggpht.com *.cfins.io *.amazoncognito.com;object-src 'self' https: *.cfins.io;script-src 'self' 'unsafe-eval' https: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.amazoncognito.com;connect-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.logrocket.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lr-in-prod *.amazoncognito.com;media-src 'self' https: *.cfins.io;worker-src 'self' https: blob: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
content-type: text/html
date: Mon, 25 Mar 2024 14:45:34 GMT
last-modified: Wed, 07 Feb 2024 19:17:51 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-id: rngR4qVijEoM2tXEA02q6jQRUv27xOWw_jolUuKrKdsHjXJwkyC7xw==
x-amz-cf-pop: JFK52-P2
x-amz-id-2: HWToxYtkZ4cpAGYiqecUnPyRGFNXqbIDCCMnYr6le0OFQqD9cKUwiwQ+RsQf+c8MJpR8IRUwyHc=
x-amz-request-id: B8ABYAVTWYKMJGEN
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private
content-length: 210
content-type: text/html; charset=utf-8
date: Mon, 25 Mar 2024 14:45:33 GMT
location: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 044a0512949f71cd.css
qa.cfinslogin.com/_next/static/css/ 508 KB
56 KB 374ms
327ms Stylesheet
text/css 172.64.155.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.cfinslogin.com/_next/static/css/044a0512949f71cd.css

Requested by

Host: qa.cfinslogin.com
URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6dc13520cdb83555e6dc814c8b3591ab3f9c62285e24ef4a1b0df6e2a38e8a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
Origin: https://qa.cfinslogin.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 14:45:34 GMT
content-encoding: gzip
via: 1.1 e6b4dbead926e5325f87837a8678a68a.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK52-P2
x-amz-request-id: A2ZT0NHVMGHJ8W3H
x-amz-server-side-encryption: AES256
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: *.googleapis.com *.google.com *.gstatic.com *.ggpht.com *.cfins.io *.amazoncognito.com;object-src 'self' https: *.cfins.io;script-src 'self' 'unsafe-eval' https: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.amazoncognito.com;connect-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.logrocket.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lr-in-prod *.amazoncognito.com;media-src 'self' https: *.cfins.io;worker-src 'self' https: blob: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
x-cache: Miss from cloudfront
x-amz-id-2: Fah04dyQWJhOsLBDieRyC+I+jRKCQ6fFsL5Zm00uT1HYMisJWykM3GTqMg5GIlz/iEFA8+Oq71Y=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Feb 2024 19:17:51 GMT
server: cloudflare
etag: W/"7ca4db7d3e85a9e54d10e1a523587f81"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: https://qa.cfinslogin.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 869faf7abb931815-EWR
x-amz-cf-id: sR6jR95pGNFE4OKwGeRKS_XQ7aiB1_7Iy25ynJfNuFjlrM582IsLpw==
expires: Mon, 25 Mar 2024 18:45:34 GMT

GET
H2 200 webpack-87b3a303122f2f0d.js Show response
qa.cfinslogin.com/_next/static/chunks/ 2 KB
1 KB 425ms
379ms Script
text/javascript 172.64.155.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.cfinslogin.com/_next/static/chunks/webpack-87b3a303122f2f0d.js

Requested by

Host: qa.cfinslogin.com
URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2a3f44664be740ccb425beebcab1271a3626f4fb16ddffbe8b9d8580de0ac40

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
Origin: https://qa.cfinslogin.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 14:45:34 GMT
content-encoding: gzip
via: 1.1 c3084b8da81c3551ffa5c6179e9f6140.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK52-P2
x-amz-request-id: 7ZCHEAE1GQJT4ZV2
x-amz-server-side-encryption: AES256
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: *.googleapis.com *.google.com *.gstatic.com *.ggpht.com *.cfins.io *.amazoncognito.com;object-src 'self' https: *.cfins.io;script-src 'self' 'unsafe-eval' https: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.amazoncognito.com;connect-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.logrocket.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lr-in-prod *.amazoncognito.com;media-src 'self' https: *.cfins.io;worker-src 'self' https: blob: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
x-cache: Hit from cloudfront
x-amz-id-2: mo9UvMv/Gx5H0spLBSNNavZTFRCeILyN5GFFm8aoUpE3j6oSa4TO81+CFqQX2KVqPQ4ejpfkgkg=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Feb 2024 19:17:51 GMT
server: cloudflare
etag: W/"c1fcb00a42ac338fc4597bafcd85e529"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://qa.cfinslogin.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 869faf7abb951815-EWR
x-amz-cf-id: y8O768F6bndZfBJWVVRd3j3420z-fZ_RmxeKI-FaJc1U3RoS9pn8OA==
expires: Mon, 25 Mar 2024 18:45:34 GMT

GET
H2 200 framework-6956cc2a6f4190cb.js Show response
qa.cfinslogin.com/_next/static/chunks/ 138 KB
45 KB 104ms
85ms Script
text/javascript 172.64.155.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.cfinslogin.com/_next/static/chunks/framework-6956cc2a6f4190cb.js

Requested by

Host: qa.cfinslogin.com
URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3315c6335be525a5f4850e90581a143ced0d2a75f02b5c085d528e84dbfe81e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
Origin: https://qa.cfinslogin.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 14:45:34 GMT
content-encoding: gzip
via: 1.1 ab8bcd9c092f618064e495d01acbd726.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK52-P2
x-amz-request-id: 7ZCNF55DRKKKNW87
x-amz-server-side-encryption: AES256
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: *.googleapis.com *.google.com *.gstatic.com *.ggpht.com *.cfins.io *.amazoncognito.com;object-src 'self' https: *.cfins.io;script-src 'self' 'unsafe-eval' https: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.amazoncognito.com;connect-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.logrocket.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lr-in-prod *.amazoncognito.com;media-src 'self' https: *.cfins.io;worker-src 'self' https: blob: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
x-cache: Hit from cloudfront
x-amz-id-2: RQknkQseFdf2vktk2uQWr0Nu32jt5NlHeCeuWUmnAenKGpqQXxJ/M1avYUAGYCXQzF24YBcm8gk=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Feb 2024 19:17:51 GMT
server: cloudflare
etag: W/"7a4c22c9112f5a5b5ae05a4fa8228900"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://qa.cfinslogin.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 869faf7abb971815-EWR
x-amz-cf-id: fFR2g_CZDv3PbLr7sS3YtetDsdHZ5tddJmXApYX9PxglwD5psmCh2w==
expires: Mon, 25 Mar 2024 18:45:34 GMT

GET
H2 200 main-82ea9a55b2a1a711.js Show response
qa.cfinslogin.com/_next/static/chunks/ 107 KB
32 KB 158ms
139ms Script
text/javascript 172.64.155.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.cfinslogin.com/_next/static/chunks/main-82ea9a55b2a1a711.js

Requested by

Host: qa.cfinslogin.com
URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96b7d6e4e960c089d44a2cf9a00311af33b6a466cec05b7ae571b23308244aca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
Origin: https://qa.cfinslogin.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 14:45:34 GMT
content-encoding: gzip
via: 1.1 e2730004afe9197a527c2569a0e0d39a.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK52-P2
x-amz-request-id: 7ZCZBZGZ21QY54F2
x-amz-server-side-encryption: AES256
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: *.googleapis.com *.google.com *.gstatic.com *.ggpht.com *.cfins.io *.amazoncognito.com;object-src 'self' https: *.cfins.io;script-src 'self' 'unsafe-eval' https: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.amazoncognito.com;connect-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.logrocket.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lr-in-prod *.amazoncognito.com;media-src 'self' https: *.cfins.io;worker-src 'self' https: blob: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
x-cache: Hit from cloudfront
x-amz-id-2: aN/h+2qWuTsmMRTWY0r4YMwp/n3RALeUCNM6wxT4kFxvNS5zoffEpMKZZMFA7cGZLH9yfX88eU8=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Feb 2024 19:17:51 GMT
server: cloudflare
etag: W/"ec697f2b6196fc73f55d39444038c70a"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://qa.cfinslogin.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 869faf7abb991815-EWR
x-amz-cf-id: 1fGoGDxah2ELDQaHAhO1-fg3Z-IX73PghwF7OUZt7qXq6-DKpmFo_g==
expires: Mon, 25 Mar 2024 18:45:34 GMT

GET
H2 200 _app-73d3c89e8a4ffc55.js Show response
qa.cfinslogin.com/_next/static/chunks/pages/ 638 B
664 B 345ms
326ms Script
text/javascript 172.64.155.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.cfinslogin.com/_next/static/chunks/pages/_app-73d3c89e8a4ffc55.js

Requested by

Host: qa.cfinslogin.com
URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6a0a19567d43fdd64ec57fae0104e303a1be441dc11c3f5fb8f053ae41818df

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
Origin: https://qa.cfinslogin.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 14:45:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 65302a67852221313e65b936cd8d6b68.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: *.googleapis.com *.google.com *.gstatic.com *.ggpht.com *.cfins.io *.amazoncognito.com;object-src 'self' https: *.cfins.io;script-src 'self' 'unsafe-eval' https: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.amazoncognito.com;connect-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.logrocket.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lr-in-prod *.amazoncognito.com;media-src 'self' https: *.cfins.io;worker-src 'self' https: blob: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
x-amz-cf-pop: JFK52-P2
x-amz-request-id: 7ZCQRSZEM5SH8DS1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-id-2: iMwIApENZxeAAnlnmNlsLP4OCaH2kVWDUKFHY5507jB7V4vSEjlJ3EF23056UK8x89kR+7QJGUg=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Feb 2024 19:17:51 GMT
server: cloudflare
etag: W/"c98c608a574f0ca3b18d4e87ec9ea0ca"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://qa.cfinslogin.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 869faf7acb9a1815-EWR
x-amz-cf-id: 8PXNBjjoLJSLuANOpvPIfTkzGoetcgOduFpIJjC9fMQEVmGnMdK2kw==
expires: Mon, 25 Mar 2024 18:45:34 GMT

GET
H2 200 889-d1e0913eeb3c4ed5.js Show response
qa.cfinslogin.com/_next/static/chunks/ 251 KB
74 KB 355ms
337ms Script
text/javascript 172.64.155.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.cfinslogin.com/_next/static/chunks/889-d1e0913eeb3c4ed5.js

Requested by

Host: qa.cfinslogin.com
URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bdbb7a5ae136cad9e3873ad7d7aaa6732fe11e2a02aabe81572274f1c875cf9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
Origin: https://qa.cfinslogin.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 14:45:34 GMT
content-encoding: gzip
via: 1.1 0bec03027031f991ae9cc48b95f1b35c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK52-P2
x-amz-request-id: 7ZCSH5E5FE5NWDAZ
x-amz-server-side-encryption: AES256
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: *.googleapis.com *.google.com *.gstatic.com *.ggpht.com *.cfins.io *.amazoncognito.com;object-src 'self' https: *.cfins.io;script-src 'self' 'unsafe-eval' https: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.amazoncognito.com;connect-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.logrocket.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lr-in-prod *.amazoncognito.com;media-src 'self' https: *.cfins.io;worker-src 'self' https: blob: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
x-cache: Hit from cloudfront
x-amz-id-2: /FOgpkBgDfTlLphamVELjaGvcXNoAnA4rgcxkjhZtEmM4Mvh98uCFAryNVbCnupmu+uzmOevim0=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Feb 2024 19:17:51 GMT
server: cloudflare
etag: W/"8c544f779e7c13ffe4530db2a63f3fd0"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://qa.cfinslogin.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 869faf7acb9b1815-EWR
x-amz-cf-id: NMrngSIosL7LwTVHA1OG7y_ZHglPKfKQB3xHyN9N5dluIc2GP5FfRw==
expires: Mon, 25 Mar 2024 18:45:34 GMT

GET
H2 200 375-e466cbf3681ec247.js Show response
qa.cfinslogin.com/_next/static/chunks/ 471 KB
127 KB 119ms
101ms Script
text/javascript 172.64.155.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.cfinslogin.com/_next/static/chunks/375-e466cbf3681ec247.js

Requested by

Host: qa.cfinslogin.com
URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c427d4e7ad06fa76fb1bab4ebd6259b85b116690570267b12bee0ac06cd5df17

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
Origin: https://qa.cfinslogin.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 14:45:34 GMT
content-encoding: gzip
via: 1.1 19f6dea8d52f4770f090ce0929599570.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK52-P2
x-amz-request-id: 7ZCRHMK8WCQMMKDK
x-amz-server-side-encryption: AES256
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: *.googleapis.com *.google.com *.gstatic.com *.ggpht.com *.cfins.io *.amazoncognito.com;object-src 'self' https: *.cfins.io;script-src 'self' 'unsafe-eval' https: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.amazoncognito.com;connect-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.logrocket.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lr-in-prod *.amazoncognito.com;media-src 'self' https: *.cfins.io;worker-src 'self' https: blob: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
x-cache: Hit from cloudfront
x-amz-id-2: 30Y7XZCypqVYsUGx9HifMT+z1c6SwXjU+82EKT7guuxr5A5YZWDmAETbJK1ckCw6JlZ0gq8UEgU=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Feb 2024 19:17:51 GMT
server: cloudflare
etag: W/"873f3bfe2c3afa2b53c8b4db0d7ccc9c"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://qa.cfinslogin.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 869faf7acb9c1815-EWR
x-amz-cf-id: kVfsZEbp4OlXrexQ4N9DQxOFIR97Q5eQAAUwJ7c8-HW_jaJwOV9NXw==
expires: Mon, 25 Mar 2024 18:45:34 GMT

GET
H2 200 %5Bid%5D-baba00bdf6354575.js Show response
qa.cfinslogin.com/_next/static/chunks/pages/ 24 KB
7 KB 151ms
133ms Script
text/javascript 172.64.155.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.cfinslogin.com/_next/static/chunks/pages/%5Bid%5D-baba00bdf6354575.js

Requested by

Host: qa.cfinslogin.com
URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad4c940cf47f2e1d31884ed70a263667bbe54961153ce09b98948b8abd6d89d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
Origin: https://qa.cfinslogin.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 14:45:34 GMT
content-encoding: gzip
via: 1.1 dd0e76eb9b3ff90ab87e33f1490318e8.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK52-P2
x-amz-request-id: 7ZCY6VB1PGQMK1V1
x-amz-server-side-encryption: AES256
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: *.googleapis.com *.google.com *.gstatic.com *.ggpht.com *.cfins.io *.amazoncognito.com;object-src 'self' https: *.cfins.io;script-src 'self' 'unsafe-eval' https: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.amazoncognito.com;connect-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.logrocket.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lr-in-prod *.amazoncognito.com;media-src 'self' https: *.cfins.io;worker-src 'self' https: blob: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
x-cache: Hit from cloudfront
x-amz-id-2: 4rDWqff9sSfALKA8nCxZPiVu99vysOUpfvHyTdPIRGBi/62jEGiPdcgD8gvUqCfLPQjitHy8vWI=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Feb 2024 19:17:51 GMT
server: cloudflare
etag: W/"a60da8b39befd00b09277e635bb2c744"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://qa.cfinslogin.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 869faf7acb9e1815-EWR
x-amz-cf-id: XOeL1k1e8nzTDrXEjFRWIPi2GqfgsDlsb5uScAnK6xtdXEvia62Y4A==
expires: Mon, 25 Mar 2024 18:45:34 GMT

GET
H2 200 _buildManifest.js Show response
qa.cfinslogin.com/_next/static/f1DfqTb-BM_xbqd9nFgmM/ 642 B
655 B 121ms
104ms Script
text/javascript 172.64.155.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.cfinslogin.com/_next/static/f1DfqTb-BM_xbqd9nFgmM/_buildManifest.js

Requested by

Host: qa.cfinslogin.com
URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27587a84d298c6c7f12a3db5a490543e583417a5a516a7398693e1dd323bca12

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
Origin: https://qa.cfinslogin.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 14:45:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 c723324ff3815a0e30df3eecba242152.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: *.googleapis.com *.google.com *.gstatic.com *.ggpht.com *.cfins.io *.amazoncognito.com;object-src 'self' https: *.cfins.io;script-src 'self' 'unsafe-eval' https: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.amazoncognito.com;connect-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.logrocket.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lr-in-prod *.amazoncognito.com;media-src 'self' https: *.cfins.io;worker-src 'self' https: blob: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
x-amz-cf-pop: JFK52-P2
x-amz-request-id: 7ZCXVP9HC2JJW3SV
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-id-2: nUjtRBJEgXeZtn+klkQhx8N8bmP3GcYQYsAq4Si+S1TIXtxzMzyfzGiYkCoBl6dmYasf4buTOfw=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Feb 2024 19:17:51 GMT
server: cloudflare
etag: W/"5313639f4c7ea70270aa63ecbd7a275c"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://qa.cfinslogin.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 869faf7acb9f1815-EWR
x-amz-cf-id: -5jhTMJ5jx0OrYH3fC8LRv1DM96_-Hf18YyO4YXH9WSqe6D7dOhePg==
expires: Mon, 25 Mar 2024 18:45:34 GMT

GET
H2 200 _ssgManifest.js Show response
qa.cfinslogin.com/_next/static/f1DfqTb-BM_xbqd9nFgmM/ 77 B
354 B 200ms
183ms Script
text/javascript 172.64.155.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.cfinslogin.com/_next/static/f1DfqTb-BM_xbqd9nFgmM/_ssgManifest.js

Requested by

Host: qa.cfinslogin.com
URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
Origin: https://qa.cfinslogin.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 14:45:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3b25d3847d37119898f877230ee8f426.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: *.googleapis.com *.google.com *.gstatic.com *.ggpht.com *.cfins.io *.amazoncognito.com;object-src 'self' https: *.cfins.io;script-src 'self' 'unsafe-eval' https: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.amazoncognito.com;connect-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.logrocket.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lr-in-prod *.amazoncognito.com;media-src 'self' https: *.cfins.io;worker-src 'self' https: blob: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
x-amz-cf-pop: JFK52-P2
x-amz-request-id: 7ZCYXZHAFDFR0HG0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-id-2: PmCujoxMlEWI/fcnp14IwkJ6QPoe9oj0bdqV7BBJRGjj2v8/nLt4i6PP7PNk1N2nkNpJ1MimedI=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Feb 2024 19:17:51 GMT
server: cloudflare
etag: W/"b6652df95db52feb4daf4eca35380933"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: https://qa.cfinslogin.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 869faf7acba01815-EWR
x-amz-cf-id: 4t2jL-62XDYPVOAPBAcvs_d08xg3IRuXKc5M6SpSA1JRWxUMSqtnOw==
expires: Mon, 25 Mar 2024 18:45:34 GMT

GET
H/1.1 200
OK cf-logo-blue.svg
s3.amazonaws.com/com.cfins.logos/ 27 KB
28 KB 163ms
71ms Image
image/svg+xml 52.217.92.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/com.cfins.logos/cf-logo-blue.svg
Requested by: Host: qa.cfinslogin.com
URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.92.214 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fdb162cb2d86cff0339ed3bcf0272cf8ebf962bd386c6d7cc11e5936f37c2dee

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qa.cfinslogin.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 25 Mar 2024 14:45:35 GMT
Last-Modified: Wed, 10 Apr 2019 18:59:37 GMT
Server: AmazonS3
x-amz-request-id: 4Z1SH4VSAX70AW5K
ETag: "25678c9be49e9584772f21d85ffd1062"
x-amz-server-side-encryption: AES256
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 27814
x-amz-id-2: oWgt0tj7F6SlIXClWq7i4cBiKoNV5ypTxKzWwx2wsbOnyvgkML29v92j+sKK0GHn/lc775llIQs=

GET
H2 200 login_bg_gradient_1.svg
qa.cfinslogin.com/ 37 KB
8 KB 128ms
125ms Image
image/svg+xml 172.64.155.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qa.cfinslogin.com/login_bg_gradient_1.svg

Requested by

Host: qa.cfinslogin.com
URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d78da734226bd68e647185e0614e647058315610a35ac09fc7e415d7ed4fd9b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 14:45:35 GMT
content-encoding: gzip
via: 1.1 79985f6b7b9f366996e2a85ef814999e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK52-P2
x-amz-request-id: 7ZCMSNGX56HNA3QX
x-amz-server-side-encryption: AES256
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: *.googleapis.com *.google.com *.gstatic.com *.ggpht.com *.cfins.io *.amazoncognito.com;object-src 'self' https: *.cfins.io;script-src 'self' 'unsafe-eval' https: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.amazoncognito.com;connect-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.logrocket.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lr-in-prod *.amazoncognito.com;media-src 'self' https: *.cfins.io;worker-src 'self' https: blob: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
x-cache: Hit from cloudfront
x-amz-id-2: RrKa5QRsQ2FE++BP3YXdjzugDvaBlSlfWF1Qb70npNkbWYrLquuLcOnLUxCtWZTmw6yIbvBrK3U=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Feb 2024 19:17:51 GMT
server: cloudflare
etag: W/"b97b54a5a44aa16af7c456a4c7eb44af"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 869faf7d3dec1815-EWR
x-amz-cf-id: eBJ4Jv2XYsVCzVujXDPxHwumLMeDqxuR7QbJD6PoUrkv0axlIqfoxA==
expires: Mon, 25 Mar 2024 18:45:35 GMT

GET
H2 200 login_bg_figure_1.svg
qa.cfinslogin.com/ 129 KB
24 KB 93ms
91ms Image
image/svg+xml 172.64.155.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qa.cfinslogin.com/login_bg_figure_1.svg

Requested by

Host: qa.cfinslogin.com
URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2de07e076f1a4b8eb920f7a6aaf01ee64ec30444cd1ed7078e93857c1734c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 14:45:34 GMT
content-encoding: gzip
via: 1.1 edcde1a12cafce029607be0b1782d4aa.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK52-P2
x-amz-request-id: 7ZCY52JN09CWA085
x-amz-server-side-encryption: AES256
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: *.googleapis.com *.google.com *.gstatic.com *.ggpht.com *.cfins.io *.amazoncognito.com;object-src 'self' https: *.cfins.io;script-src 'self' 'unsafe-eval' https: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.amazoncognito.com;connect-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.logrocket.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lr-in-prod *.amazoncognito.com;media-src 'self' https: *.cfins.io;worker-src 'self' https: blob: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
x-cache: Hit from cloudfront
x-amz-id-2: LDsJ9O45rgxs1LAWxfQLnD19rwWD7HvzzpjG0Pbby9+egXUbUYP+ga/uM3ud1NTC8wSFl7rD/VU=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Feb 2024 19:17:51 GMT
server: cloudflare
etag: W/"0aefe750f3c16b2495d87b358b019384"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 869faf7d3ded1815-EWR
x-amz-cf-id: VWanLdnQC4TUP7iTy9cacYnV88ge60JCrBBxCSq38pKxrlmq63FHHg==
expires: Mon, 25 Mar 2024 18:45:34 GMT

GET
H2 200 login_bg_figure_3.svg
qa.cfinslogin.com/ 160 KB
42 KB 95ms
94ms Image
image/svg+xml 172.64.155.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qa.cfinslogin.com/login_bg_figure_3.svg

Requested by

Host: qa.cfinslogin.com
URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60c2e73b4f7ca8c5eee94105a5eae112ae610a05d9efde0e45fe0ba1ea7af4e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 14:45:34 GMT
content-encoding: gzip
via: 1.1 edcde1a12cafce029607be0b1782d4aa.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK52-P2
x-amz-request-id: A2ZK54PTAZYE56KC
x-amz-server-side-encryption: AES256
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: *.googleapis.com *.google.com *.gstatic.com *.ggpht.com *.cfins.io *.amazoncognito.com;object-src 'self' https: *.cfins.io;script-src 'self' 'unsafe-eval' https: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.amazoncognito.com;connect-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.logrocket.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lr-in-prod *.amazoncognito.com;media-src 'self' https: *.cfins.io;worker-src 'self' https: blob: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
x-cache: Miss from cloudfront
x-amz-id-2: rFDx5DigNVaQJVTe0Ndb7796dprGtbewj/hCdsbg5W4AKPRrvdKevQDgoaFtkXfzfyNmXo799yQ=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Feb 2024 19:17:51 GMT
server: cloudflare
etag: W/"a6a6303b3c1c0fa05d430a684f6c197b"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 869faf7d3dee1815-EWR
x-amz-cf-id: Nh81_DClYvI-M2W9hz9XkTpuc58BzkAN7QKBagbiUIxyhNrrA-iCTA==
expires: Mon, 25 Mar 2024 18:45:34 GMT

GET
H2 200 login_bg_figure_2.svg
qa.cfinslogin.com/ 69 KB
19 KB 101ms
100ms Image
image/svg+xml 172.64.155.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qa.cfinslogin.com/login_bg_figure_2.svg

Requested by

Host: qa.cfinslogin.com
URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc3ebc3e0598134bbcefa54174c04a3011578860b761f4d8a4f1190388f61415

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 14:45:34 GMT
content-encoding: gzip
via: 1.1 c723324ff3815a0e30df3eecba242152.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK52-P2
x-amz-request-id: A2ZTXTYB4ZNS9641
x-amz-server-side-encryption: AES256
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: *.googleapis.com *.google.com *.gstatic.com *.ggpht.com *.cfins.io *.amazoncognito.com;object-src 'self' https: *.cfins.io;script-src 'self' 'unsafe-eval' https: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.amazoncognito.com;connect-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.logrocket.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lr-in-prod *.amazoncognito.com;media-src 'self' https: *.cfins.io;worker-src 'self' https: blob: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
x-cache: Miss from cloudfront
x-amz-id-2: GUhaP5MnQEpDHOGccJ8xEYK9+16ub5l9ZXA4QG527GY0XXXvmL68yXgG0JHxWPM5+2r2Q/iM0NQ=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Feb 2024 19:17:51 GMT
server: cloudflare
etag: W/"b5f7ee7a588aac1f084a4c6ca7c2811d"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 869faf7d3def1815-EWR
x-amz-cf-id: xKz6tl2SEawdXXrTTElufc6SkUd7aFH7CBC-ICQ5KTy1iIdAEnOq9w==
expires: Mon, 25 Mar 2024 18:45:34 GMT

GET
H2 200 favicon.ico
qa.cfinslogin.com/ 13 KB
14 KB 84ms
83ms Other
image/vnd.microsoft.icon 172.64.155.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.cfinslogin.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

585f7768530708948c5b7e36bdbd8ff7a50c7f2139ff9f488011b8fb16a8834e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 14:45:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 bffa19ead06e9ee83bebfec5c8e05aa4.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: *.googleapis.com *.google.com *.gstatic.com *.ggpht.com *.cfins.io *.amazoncognito.com;object-src 'self' https: *.cfins.io;script-src 'self' 'unsafe-eval' https: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.amazoncognito.com;connect-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.logrocket.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lr-in-prod *.amazoncognito.com;media-src 'self' https: *.cfins.io;worker-src 'self' https: blob: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
x-amz-cf-pop: JFK52-P2
x-amz-request-id: 7ZCVERCG5JSVQQM7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-id-2: FHBsDcPELPDsFiR6DB9LH5VlKOmeYzV640jM1OmX6Xe30d6cDjedQ7yhQaY4ldX6LLFcqB0RcjA=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Feb 2024 19:17:51 GMT
server: cloudflare
etag: W/"fb8b28a90be0862561cedd93119d45ff"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=14400
cf-ray: 869faf7f380e1815-EWR
x-amz-cf-id: SYBaxwYX0_HKtrPGW1qBybMjSJoJ8KarkesfAQJRqi_QyxXHelNGdA==
expires: Mon, 25 Mar 2024 18:45:35 GMT

POST
H2 200 getAppDetails Show response
qa.cfinslogin.com/ulogin/api/ 899 B
2 KB 209ms
209ms XHR
application/json 172.64.155.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.cfinslogin.com/ulogin/api/getAppDetails

Requested by

Host: qa.cfinslogin.com
URL: https://qa.cfinslogin.com/_next/static/chunks/889-d1e0913eeb3c4ed5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dce61885eae875d3668cfdf2b38417e25fb195ba0ad9d64683607695663f22c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx
x-api-key: BV3zaSv4875fpcTFtvXGn6HUWmDhZxf83a5NxBNa
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 14:45:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 ac80986150818f9f0ab3b6abae9b03e0.cloudfront.net (CloudFront), 1.1 edcde1a12cafce029607be0b1782d4aa.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amzn-remapped-content-length: 899
x-content-type-options: nosniff
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: *.googleapis.com *.google.com *.gstatic.com *.ggpht.com *.cfins.io *.amazoncognito.com;object-src 'self' https: *.cfins.io;script-src 'self' 'unsafe-eval' https: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.amazoncognito.com;connect-src 'self' https: *.googleapis.com *.google.com *.cfins.io *.logrocket.io *.lr-ingest.io *.logrocket.com *.lr-in.com *.lr-in-prod *.amazoncognito.com;media-src 'self' https: *.cfins.io;worker-src 'self' https: blob: *.googleapis.com *.google.com *.cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
x-amz-cf-pop: JFK52-P4, JFK52-P2
x-permitted-cross-domain-policies: none
x-amzn-requestid: 3d8a118f-01e2-4a98-9d6a-99e97faea340
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
content-encoding: gzip
cross-origin-resource-policy: same-origin
x-amz-apigw-id: VMMicFnVoAMENsQ=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"383-j5pYIfxCPUr/K6wJYytC8nxibF8"
x-amzn-trace-id: Root=1-66018e0f-2cf244726b51f2414b1166be;Parent=0cf2a17f93153f35;Sampled=0;lineage=9379da20:0
vary: Origin, Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://qa.cfinslogin.com
origin-agent-cluster: ?1
x-download-options: noopen
access-control-allow-credentials: true
cf-ray: 869faf7f48171815-EWR
x-amz-cf-id: 6CX2C0KMTsxc8QtSL6Ol-seIfdfkbwhuqiRFNKBPIkmPxXTP7Nu31A==

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cfins.com/	1970-01-20 19:22:59	Name: __cf_bm Value: Oq5EHasUplCRWPtXDSlAF6UHSUvPe1MVcmuuwtQKEDw-1711377933-1.0.1.1-06U5DYzwhJf8L_eqdaJg2icRUeKNmX5z8KBzVSX_MHFDH1BLdjd.TLgdtGWWWrvG2HiYPMwlVZMq3c3z_LcgvA
			dctqa-fed.cfins.digital/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: jttbptfkskjvfeum35lnza02

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://qa.cfinslogin.com/deQw8BQTAY?callbackUrl=https://dctqa-fed.cfins.digital/default.aspx Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: content: https: blob: .googleapis.com .google.com .gstatic.com .ggpht.com .cfins.io .amazoncognito.com;object-src 'self' https: .cfins.io;script-src 'self' 'unsafe-eval' https: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com .amazoncognito.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;frame-src 'self' https: .googleapis.com .google.com .cfins.io .amazoncognito.com;connect-src 'self' https: .googleapis.com .google.com .cfins.io .logrocket.io .lr-ingest.io .logrocket.com .lr-in.com .lr-in-prod .amazoncognito.com;media-src 'self' https: .cfins.io;worker-src 'self' https: blob: .googleapis.com .google.com .cfins.io cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com *.amazoncognito.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dctqa-fed.cfins.com
dctqa-fed.cfins.digital
qa.cfinslogin.com
s3.amazonaws.com
172.64.153.75
172.64.155.7
3.234.204.36
52.217.92.214
0dce61885eae875d3668cfdf2b38417e25fb195ba0ad9d64683607695663f22c
27587a84d298c6c7f12a3db5a490543e583417a5a516a7398693e1dd323bca12
3315c6335be525a5f4850e90581a143ced0d2a75f02b5c085d528e84dbfe81e1
4bdbb7a5ae136cad9e3873ad7d7aaa6732fe11e2a02aabe81572274f1c875cf9
585f7768530708948c5b7e36bdbd8ff7a50c7f2139ff9f488011b8fb16a8834e
60c2e73b4f7ca8c5eee94105a5eae112ae610a05d9efde0e45fe0ba1ea7af4e5
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
96b7d6e4e960c089d44a2cf9a00311af33b6a466cec05b7ae571b23308244aca
bad4c940cf47f2e1d31884ed70a263667bbe54961153ce09b98948b8abd6d89d
bd1f89d46380fba4787a064bff49e745a3b55937daad3091611bed1c4d584c01
c427d4e7ad06fa76fb1bab4ebd6259b85b116690570267b12bee0ac06cd5df17
c6a0a19567d43fdd64ec57fae0104e303a1be441dc11c3f5fb8f053ae41818df
d78da734226bd68e647185e0614e647058315610a35ac09fc7e415d7ed4fd9b8
dc3ebc3e0598134bbcefa54174c04a3011578860b761f4d8a4f1190388f61415
ee2de07e076f1a4b8eb920f7a6aaf01ee64ec30444cd1ed7078e93857c1734c9
f2a3f44664be740ccb425beebcab1271a3626f4fb16ddffbe8b9d8580de0ac40
f6dc13520cdb83555e6dc814c8b3591ab3f9c62285e24ef4a1b0df6e2a38e8a3
fdb162cb2d86cff0339ed3bcf0272cf8ebf962bd386c6d7cc11e5936f37c2dee

qa.cfinslogin.com Open in urlscan Pro 172.64.155.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

2 IPs

1 Countries

482 kBTransfer

1944 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

2 Cookies

3 Console Messages

Security Headers

Indicators

qa.cfinslogin.com Open in urlscan Pro
172.64.155.7 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

482 kB
Transfer

1944 kB
Size

2
Cookies

18 HTTP transactions
0 data transactions