urlscan.io logo urlscan.io
SecurityTrails logo

sft.elavon.com Open in urlscan Pro
104.102.50.216  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://filegateway.elavon.com/
Effective URL: https://sft.elavon.com/ELAWidgetSignon/login.html
Submission: On September 01 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 15 HTTP transactions. The main IP is 104.102.50.216, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is sft.elavon.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on April 21st 2023. Valid for: a year.
This is the only time sft.elavon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 170.135.187.21 203 (CENTURYLI...)
1 6 104.102.50.216 16625 (AKAMAI-AS)
1 2001:4de0:ac1... 20446 (STACKPATH...)
6 184.31.91.238 16625 (AKAMAI-AS)
2 95.101.111.184 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
15 5
1    170.135.187.21 (Cincinnati, United States)

ASN203 (CENTURYLINK-LEGACY-LVLT-203, US)
filegateway.elavon.com
6    104.102.50.216 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-50-216.deploy.static.akamaitechnologies.com
sft.elavon.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
6    184.31.91.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-91-238.deploy.static.akamaitechnologies.com
onlinebanking.usbank.com
2    95.101.111.184 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-184.deploy.static.akamaitechnologies.com
api.usbank.com
1    2a02:26f0:3500:88d::39f0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
content.usbank.com
Apex Domain
Subdomains		 Transfer
9 usbank.com
onlinebanking.usbank.com — Cisco Umbrella Rank: 32213
api.usbank.com — Cisco Umbrella Rank: 29126
content.usbank.com — Cisco Umbrella Rank: 26024
1 MB
7 elavon.com
filegateway.elavon.com
sft.elavon.com
30 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 733
30 KB
15 3
Domain Requested by
6 onlinebanking.usbank.com sft.elavon.com
onlinebanking.usbank.com
6 sft.elavon.com 1 redirects sft.elavon.com
2 api.usbank.com onlinebanking.usbank.com
1 content.usbank.com
1 code.jquery.com sft.elavon.com
1 filegateway.elavon.com 1 redirects
15 6

This site contains no links.

Subject Issuer Validity Valid
one.elavon.com
Entrust Certification Authority - L1M		 2023-04-21 -
2024-05-21		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
www.usbank.com
Entrust Certification Authority - L1M		 2023-01-24 -
2024-01-24		 a year crt.sh
api.usbank.com
Entrust Certification Authority - L1M		 2023-04-05 -
2024-05-05		 a year crt.sh
usb.usbank.com
Entrust Certification Authority - L1M		 2023-04-05 -
2024-04-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sft.elavon.com/ELAWidgetSignon/login.html
Frame ID: 7883C016E3C7BB759991321DA5528B3F
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Elavon Secure File Transfer

Page URL History Show full URLs

  1. https://filegateway.elavon.com/ HTTP 302
    https://sft.elavon.com/ HTTP 302
    https://sft.elavon.com/ELAWidgetSignon/login.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

6
Subdomains

5
IPs

3
Countries

1297 kB
Transfer

5714 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://filegateway.elavon.com/ HTTP 302
    https://sft.elavon.com/ HTTP 302
    https://sft.elavon.com/ELAWidgetSignon/login.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.html
sft.elavon.com/ELAWidgetSignon/
Redirect Chain
  • https://filegateway.elavon.com/
  • https://sft.elavon.com/
  • https://sft.elavon.com/ELAWidgetSignon/login.html
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sft.elavon.com/ELAWidgetSignon/login.html
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
104.102.50.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-50-216.deploy.static.akamaitechnologies.com
Software
HTTP Server /
Resource Hash
677704d0dd59624536a90c92ffa9ed66f5cb98f2168eb28849bd67be6fb17fab
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-length
3284
content-security-policy
upgrade-insecure-requests
content-type
text/html;charset=utf-8
date
Fri, 01 Sep 2023 14:34:26 GMT
referrer-policy
no-referrer-when-downgrade
server
HTTP Server
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-akamai-transformed
9 11055 0 pmb=mTOE,1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
0
content-security-policy
upgrade-insecure-requests
date
Fri, 01 Sep 2023 14:34:26 GMT
location
/ELAWidgetSignon/login.html
referrer-policy
no-referrer-when-downgrade
server
HTTP Server
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
login.js
sft.elavon.com/ELAWidgetSignon/resources/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sft.elavon.com/ELAWidgetSignon/resources/login.js
Requested by
Host: sft.elavon.com
URL: https://sft.elavon.com/ELAWidgetSignon/login.html
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
104.102.50.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-50-216.deploy.static.akamaitechnologies.com
Software
HTTP Server /
Resource Hash
d2672696620513da8a554d135f3191d1e0514954bec97991cace804faf596992
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sft.elavon.com/ELAWidgetSignon/login.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
HTTP Server
date
Fri, 01 Sep 2023 14:34:26 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
10292
x-xss-protection
1; mode=block
jquery-3.6.1.min.js
code.jquery.com/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: sft.elavon.com
URL: https://sft.elavon.com/ELAWidgetSignon/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sft.elavon.com/ELAWidgetSignon/login.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 14:34:26 GMT
content-encoding
gzip
last-modified
Fri, 26 Aug 2022 17:36:05 GMT
server
nginx
etag
W/"63090485-15e40"
vary
Accept-Encoding
x-hw
1693578866.dop109.fr8.t,1693578866.cds051.fr8.hn,1693578866.cds258.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30957
stylesheet.css
sft.elavon.com/ELAWidgetSignon/resources/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sft.elavon.com/ELAWidgetSignon/resources/stylesheet.css
Requested by
Host: sft.elavon.com
URL: https://sft.elavon.com/ELAWidgetSignon/login.html
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
104.102.50.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-50-216.deploy.static.akamaitechnologies.com
Software
HTTP Server /
Resource Hash
23f98395289b452c8a2dfa7c37dea3eb4573715371a25cb85350166238d083dc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sft.elavon.com/ELAWidgetSignon/login.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
content-encoding
gzip
server
HTTP Server
date
Fri, 01 Sep 2023 14:34:26 GMT
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
1719
x-xss-protection
1; mode=block
react.production.min.js
onlinebanking.usbank.com/auth/login/staticlibs/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.usbank.com/auth/login/staticlibs/react.production.min.js
Requested by
Host: sft.elavon.com
URL: https://sft.elavon.com/ELAWidgetSignon/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.31.91.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-91-238.deploy.static.akamaitechnologies.com
Software
none / Express
Resource Hash
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sft.elavon.com/ELAWidgetSignon/login.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding
gzip
date
Fri, 01 Sep 2023 14:34:26 GMT
last-modified
Sat, 19 Aug 2023 07:02:35 GMT
server
none
x-powered-by
Express
etag
W/"30af-18a0c9a52f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
x-envoy-upstream-service-time
2
accept-ranges
bytes
content-length
4898
react-dom.production.min.js
onlinebanking.usbank.com/auth/login/staticlibs/ 		116 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.usbank.com/auth/login/staticlibs/react-dom.production.min.js
Requested by
Host: sft.elavon.com
URL: https://sft.elavon.com/ELAWidgetSignon/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.31.91.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-91-238.deploy.static.akamaitechnologies.com
Software
none / Express
Resource Hash
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sft.elavon.com/ELAWidgetSignon/login.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding
gzip
date
Fri, 01 Sep 2023 14:34:26 GMT
last-modified
Sat, 19 Aug 2023 07:02:39 GMT
server
none
x-powered-by
Express
etag
W/"1cf80-18a0c9a6298"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
x-envoy-upstream-service-time
3
accept-ranges
bytes
content-length
38049
index.js
onlinebanking.usbank.com/auth/login/wmf/micro-app-loader/dist/umd/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.usbank.com/auth/login/wmf/micro-app-loader/dist/umd/index.js
Requested by
Host: sft.elavon.com
URL: https://sft.elavon.com/ELAWidgetSignon/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.31.91.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-91-238.deploy.static.akamaitechnologies.com
Software
none / Express
Resource Hash
923861e968a292a581b28a42331827f9927ffbd404d5ba2da90aaa893bd48661
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sft.elavon.com/ELAWidgetSignon/login.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding
gzip
date
Fri, 01 Sep 2023 14:34:26 GMT
last-modified
Sat, 19 Aug 2023 07:02:47 GMT
server
none
x-powered-by
Express
etag
W/"ada-18a0c9a81d8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
x-envoy-upstream-service-time
2
accept-ranges
bytes
content-length
1370
babel.min.js
onlinebanking.usbank.com/auth/login/staticlibs/ 		3 MB
569 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.usbank.com/auth/login/staticlibs/babel.min.js
Requested by
Host: sft.elavon.com
URL: https://sft.elavon.com/ELAWidgetSignon/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.31.91.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-91-238.deploy.static.akamaitechnologies.com
Software
none / Express
Resource Hash
ddd518b42fbecb43fc064aa5d5a99d37735405d6dc2e246113008ec43f8f4c7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sft.elavon.com/ELAWidgetSignon/login.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding
gzip
date
Fri, 01 Sep 2023 14:34:26 GMT
last-modified
Sat, 19 Aug 2023 07:02:43 GMT
server
none
x-powered-by
Express
etag
W/"2a861b-18a0c9a7238"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
x-envoy-upstream-service-time
2
accept-ranges
bytes
content-length
582176
ElavonLogo.gif
sft.elavon.com/ELAWidgetSignon/resources/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sft.elavon.com/ELAWidgetSignon/resources/ElavonLogo.gif
Requested by
Host: sft.elavon.com
URL: https://sft.elavon.com/ELAWidgetSignon/login.html
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
104.102.50.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-50-216.deploy.static.akamaitechnologies.com
Software
HTTP Server /
Resource Hash
aaa2d2253f427b5c0ec8d2c3b4bd2420152a77820f402c7ec71d416002dd9769
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sft.elavon.com/ELAWidgetSignon/login.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
HTTP Server
date
Fri, 01 Sep 2023 14:34:26 GMT
x-frame-options
SAMEORIGIN
content-type
image/gif; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
4574
x-xss-protection
1; mode=block
MastheadBkgd_Map.gif
sft.elavon.com/ELAWidgetSignon/resources/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sft.elavon.com/ELAWidgetSignon/resources/MastheadBkgd_Map.gif
Requested by
Host: sft.elavon.com
URL: https://sft.elavon.com/ELAWidgetSignon/resources/stylesheet.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
104.102.50.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-50-216.deploy.static.akamaitechnologies.com
Software
HTTP Server /
Resource Hash
c21e24565a91e86c9b2aff8708df0fa0dd50ececc698664adc1ec6abfa3cc768
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sft.elavon.com/ELAWidgetSignon/resources/stylesheet.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
HTTP Server
date
Fri, 01 Sep 2023 14:34:27 GMT
x-frame-options
SAMEORIGIN
content-type
image/gif; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
6516
x-xss-protection
1; mode=block
manifest.json
onlinebanking.usbank.com/auth/login/wmf/latest/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.usbank.com/auth/login/wmf/latest/manifest.json
Requested by
Host: onlinebanking.usbank.com
URL: https://onlinebanking.usbank.com/auth/login/wmf/micro-app-loader/dist/umd/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.31.91.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-91-238.deploy.static.akamaitechnologies.com
Software
none / Express
Resource Hash
36db1660d83dea5d9cbd671e2b9fa0846b54c35604f824c3c0a6780f5ef46e6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sft.elavon.com/ELAWidgetSignon/login.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
date
Fri, 01 Sep 2023 14:34:27 GMT
last-modified
Sat, 19 Aug 2023 07:02:05 GMT
server
none
x-powered-by
Express
etag
W/"49f-18a0c99ddc8"
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
x-envoy-upstream-service-time
1
accept-ranges
bytes
content-length
1183
main-30560a9ddc888d7a30d5.js
onlinebanking.usbank.com/auth/login/wmf/latest/ 		3 MB
578 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinebanking.usbank.com/auth/login/wmf/latest/main-30560a9ddc888d7a30d5.js
Requested by
Host: onlinebanking.usbank.com
URL: https://onlinebanking.usbank.com/auth/login/wmf/micro-app-loader/dist/umd/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.31.91.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-91-238.deploy.static.akamaitechnologies.com
Software
none / Express
Resource Hash
de0d9a1138f4f3be83d0e4df67c65cbe8fd8320a8849df566037487d998d6280
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sft.elavon.com/ELAWidgetSignon/login.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding
gzip
date
Fri, 01 Sep 2023 14:34:27 GMT
last-modified
Sat, 19 Aug 2023 07:02:05 GMT
server
none
x-powered-by
Express
etag
W/"2a0eee-18a0c99ddc8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
x-envoy-upstream-service-time
1
accept-ranges
bytes
content-length
591303
config
api.usbank.com/authentication/customer-auth/app-config/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usbank.com/authentication/customer-auth/app-config/v1/config
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
ak,app-id,app-version,channel-id,correlation-id,interaction-id,tenant-id
Access-Control-Request-Method
GET
Origin
https://sft.elavon.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin, ak, app-id, tenant-id, channel-id, app-version, correlation-id, interaction-id, remember-me-token
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://sft.elavon.com
access-control-max-age
86400
content-length
123
content-security-policy
default-src 'self';
content-type
application/json
date
Fri, 01 Sep 2023 14:34:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
HelveticaNeueLTW04-55Roman.woff2
content.usbank.com/content/dam/onlinebanking/common/static/fonts/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://content.usbank.com/content/dam/onlinebanking/common/static/fonts/HelveticaNeueLTW04-55Roman.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:3500:88d::39f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
f0d0bf9731f51367f0cafa9b577e7cc77c1532e7c66b27bd51f7c8bb670d05d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://sft.elavon.com/
Origin
https://sft.elavon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 14:34:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Jun 2023 09:34:26 GMT
server
Apache
etag
"a58c-5ff192c4c0c80"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=84600
content-disposition
attachment; filename="HelveticaNeueLTW04-55Roman.woff2"
accept-ranges
bytes
content-length
42380
x-xss-protection
1
config
api.usbank.com/authentication/customer-auth/app-config/v1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.usbank.com/authentication/customer-auth/app-config/v1/config
Requested by
Host: onlinebanking.usbank.com
URL: https://onlinebanking.usbank.com/auth/login/wmf/latest/main-30560a9ddc888d7a30d5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
41e279b8d06e90fe85b4c2f281fd4ac7b74cbf51fd8507e837a21838e50d541d
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Correlation-ID
8cdd27c0-8627-4dd4-93c1-8e2ced8ed4fc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
AK
I3tA8IAyBk5Ux9954BZn5t3ePcnHBoxw
Accept
application/json, text/plain, */*
Referer
https://sft.elavon.com/ELAWidgetSignon/login.html
App-ID
SterlingFileGateway
Tenant-ID
USB
Channel-ID
web
Interaction-ID
478f789a-8dd3-4f96-8e2a-5fc1fc39b6f9
App-Version
1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self';
correlation-id
8cdd27c0-8627-4dd4-93c1-8e2ced8ed4fc
date
Fri, 01 Sep 2023 14:34:28 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
x-envoy-upstream-service-time
12
content-length
1061

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| ssoMsgText string| ssoMsgTitle string| ssoMsgType string| loginForm1 undefined| chgPwdForm string| initPageParm undefined| pwdPolicyExists undefined| timeout undefined| fromPage undefined| userId object| tempElem undefined| isRedirecting string| ssoMsgOnly string| loginURL string| logoutURL string| changePwURL function| genTopErrorMsg function| gotoLogin function| logout function| initialize function| goBack function| addPwdPolicies function| openCopyrightNotice function| changePassword function| setUpMessage function| popupMessage function| initPage function| $ function| jQuery object| React object| ReactDOM function| DS object| Babel object| antiClickjack object| header object| configSettings function| onTransmitAuthorizationSuccess function| onTransmitAuthorizationFailure string| appNameForSiteCat string| uxNameForSiteCat string| clientNameForSiteCat string| appDynamicsKey object| process object| USBAuthLoginModule object| webpackChunkUSBAuthLoginModule object| appDTimers object| com object| aesjs object| elliptic function| sha256 function| sha224 object| __XMSDK_PLUGINS string| ConfigAppID

8 Cookies

Domain/Path Name / Value
filegateway.elavon.com/ Name: OBC-MFSSTERLINGELAVON
Value: !H1+xCpfL49VDosqeXDCLPHpe6eLxhr+d6btdRU6iWc+i3d9fudmIVOby239m+uD8V/yLSl2U1j6R
.elavon.com/ Name: SSOTOKEN
Value:
.elavon.com/ Name: SSOPP
Value:
sft.elavon.com/ Name: OBC-MFSSTERLINGELAVON
Value: !AQCVC/IptghfdNyeXDCLPHpe6eLxhhAEFe4Vysm0okiDDxrnNIzRTHOocPgrj5bHlMD9yjVB2nYC
.elavon.com/ Name: _abck
Value: 7EF456D5D5D0FE48EE0F2E8F02F34412~-1~YAAQhPAQAvLFGEqKAQAAQK4qUQrICJuiI1CIQ6hJ/F69tXwi10enl0/b1WdZsNcaYCphUzhnGj33GDdNMPqW+lU6KApYXsmt66TxXTHEaeQ5UQJgSu/LhfJBt0kjTsYPvNl6QuPmio/FUklc+TcTtREKcFeIG8IOVGO4l3HNPmYLf5VgQ6oC1yNfzxWuzIAF9ZmLdSa5RTApTKcd9GlHhKKP47MFn6Y4PwDXCoHgoymX17YMqIJhzx7FQ4GFOOAdTAMzFGeN/DXGAJWeldY3oSigm6e2h1zfYg70BSV/11J5LTIeZPEXRtoIJ256uPDHrjCXeg0q2wxqKu7ci2BhaFOnfPkRu+3oXSYGui3KQOEvv0STVdHj3MTUHkY=~-1~-1~-1
.elavon.com/ Name: bm_sz
Value: 3E835DBF8F26122B8F8996A2E323C02F~YAAQhPAQAvPFGEqKAQAAQK4qURTE/qMJOqKSouszJokshfff+xxfve+/8Mqxsw8HUpzckccTA9upYTJTNxSx4cXKTGNjVLUk4TZOv614+Rf5HX9HOfLTza1a3nQHeas8IWvcScqyDIU+C7t8qVIyHZGxGJSUYO1rXIg/V7zPPt3kLwNB9ZR81zYwWSVae+hWJPH4WkFWY/YRHz5kq9mSep9tf5OBVtbYoa50VdDcBlWlcUhcIc/IbcNe7Q8gMXlK8OFOk1ufQ9mU4ObcRSPoP7lObLMINQDW2uRuP/Cb6dHqzVk=~4604738~3356470
.elavon.com/ Name: SspWebSessionId
Value: F3C33b6a1cC5Ea8aAfFd
.elavon.com/ Name: ak_bmsc
Value: 0625260CD3AF7D9EE3BEF2455EEBE478~000000000000000000000000000000~YAAQhPAQAj/GGEqKAQAA/64qURQ8KErfGWxITPb6kc6t6bV3fOfKL3pX+Mq1unjVFc3cfvcmX2GUg067rKQjFfCEADGQoNZIeIKkC1cdWZHmRplxjAuEelhVDcqsgcUix/S78FXJb2uWJNj1aPHef+WuVMkZ7h/Qr/SoohJJzYrhbb2+CqkuAePzR9VYGGGuik+Q4vfg/L70uoXSbF1m7MvdXd6Pg6dh7vO5lCbL5QQIfBdH6VO9DZGGb8dsJCfY3HPGC5/R319gC2ZJI7Ph47AKGClgaHcZm8dA+t+hd3J15WQQ0YwXSF6gKwcXJe2bz79Z9KyjI+yRVWvzrkhgSOoPZh5xOVF/NKIGWGYLIFis5BYm10K+0TSg3RJBJe5/EMlrw2W0VTws

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block