uat-federation.usbank.com
Open in
urlscan Pro
2.17.177.4
Public Scan
Effective URL: https://uat-federation.usbank.com/idp/SSO.saml2?SAMLRequest=fZJLT%2BswEIX3%2FRXI%2BzxFm2bUVgoU7q1U2qopLNggN55Qi8QOHge4%2F%2F6mDm8J...
Submission: On September 09 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Entrust Certification Authority - L1M on June 26th 2024. Valid for: a year.
This is the only time uat-federation.usbank.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 3.20.118.146 3.20.118.146 | 16509 (AMAZON-02) (AMAZON-02) | |
11 | 2.17.177.4 2.17.177.4 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
3 | 2a02:26f0:e30... 2a02:26f0:e300:186::11a6 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 2 | 95.100.146.83 95.100.146.83 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 2 | 2a02:26f0:350... 2a02:26f0:3500:16::215:1495 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
16 | 4 |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-118-146.us-east-2.compute.amazonaws.com
usbank-sandbox.insightrdm.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-17-177-4.deploy.static.akamaitechnologies.com
uat-federation.usbank.com |
ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net | |
c.go-mpulse.net | |
0217991e.akstat.io |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-83.deploy.static.akamaitechnologies.com
trial-eum-clientnsv4-s.akamaihd.net | |
kd7qvtk7msjfgzw7dm5a-p48am1-ec1c0181b-clientnsv4-s.akamaihd.net |
ASN20940 (AKAMAI-ASN1, NL)
trial-eum-clienttons-s.akamaihd.net | |
fiaqjiaaliaaakqce3ydkaaacztn6gz2-p48am1-75bb39f4c-clienttons-s.akamaihd.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
usbank.com
uat-federation.usbank.com |
17 KB |
4 |
akamaihd.net
2 redirects
trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 4106 kd7qvtk7msjfgzw7dm5a-p48am1-ec1c0181b-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 4109 fiaqjiaaliaaakqce3ydkaaacztn6gz2-p48am1-75bb39f4c-clienttons-s.akamaihd.net |
1 KB |
2 |
go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 2168 c.go-mpulse.net — Cisco Umbrella Rank: 906 |
50 KB |
2 |
insightrdm.com
2 redirects
usbank-sandbox.insightrdm.com |
1 KB |
1 |
akstat.io
0217991e.akstat.io — Cisco Umbrella Rank: 118802 |
233 B |
16 | 5 |
Domain | Requested by | |
---|---|---|
11 | uat-federation.usbank.com |
uat-federation.usbank.com
|
2 | usbank-sandbox.insightrdm.com | 2 redirects |
1 | fiaqjiaaliaaakqce3ydkaaacztn6gz2-p48am1-75bb39f4c-clienttons-s.akamaihd.net | |
1 | trial-eum-clienttons-s.akamaihd.net | 1 redirects |
1 | kd7qvtk7msjfgzw7dm5a-p48am1-ec1c0181b-clientnsv4-s.akamaihd.net | |
1 | trial-eum-clientnsv4-s.akamaihd.net | 1 redirects |
1 | 0217991e.akstat.io |
s.go-mpulse.net
|
1 | c.go-mpulse.net |
s.go-mpulse.net
|
1 | s.go-mpulse.net |
uat-federation.usbank.com
|
16 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
uat.fed.usbank.com Entrust Certification Authority - L1M |
2024-06-26 - 2025-07-26 |
a year | crt.sh |
akstat.io DigiCert TLS RSA SHA256 2020 CA1 |
2024-07-31 - 2025-07-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://uat-federation.usbank.com/idp/SSO.saml2?SAMLRequest=fZJLT%2BswEIX3%2FRXI%2BzxFm2bUVgoU7q1U2qopLNggN55Qi8QOHge4%2F%2F6mDm8JRl6N5zs6Z%2BwJ8bpqIGvtQW3xsUWyg5OuXupKEbjLKWuNAs1JEiheI4EtIM%2BulhD7ITRGW13oin3Dfqc4ERorteqxxXzK1quL5frPYnUXx4kYp2E5CmMelSIdpUUkME3EsIyTdIQiSpI0Ho579AYNdTpT1smyQa9G1OJCkeXKdv0wPvXCtDu7aAjDMZwmtz0678JKxa3DD9Y2BEHQcuuVKNC4vt%2FSnqsHv9B1IEUT5PnaP6aLe4XNa%2FgzqYRU979n3vdDBH93u423Wee7XiR728W5VtTWaHI0T7LA6%2B3yky3nwyOuxF6%2F%2BFKRvD9YI2pnjUgHbObUJkd74FZgZkc71jxAR7tHAWqAJsHnkQ%2BogVXneTHf6EoW%2F1z%2FWJfa1Nz%2BHC3yI9eRwivdKGDNZZUJYZCIvetkVaWfzw1yi1NmTYvsJJgNejNfP%2BDsPw%3D%3D&RelayState=http%3A%2F%2Fusbank-sandbox.insightrdm.com%2Fsso%2F
Frame ID: 05E9F0545B5F27B8413D462BB6D7F45B
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
USBank Web Access Management:Authentication LoginPage URL History Show full URLs
-
https://usbank-sandbox.insightrdm.com/
HTTP 302
https://usbank-sandbox.insightrdm.com/sso/ HTTP 302
https://uat-federation.usbank.com/idp/SSO.saml2?SAMLRequest=fZJLT%2BswEIX3%2FRXI%2BzxFm2bUVgoU7q1U2qopLNggN55Q... Page URL
Detected technologies
Akamai Bot Manager (Security) ExpandDetected patterns
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://usbank-sandbox.insightrdm.com/
HTTP 302
https://usbank-sandbox.insightrdm.com/sso/ HTTP 302
https://uat-federation.usbank.com/idp/SSO.saml2?SAMLRequest=fZJLT%2BswEIX3%2FRXI%2BzxFm2bUVgoU7q1U2qopLNggN55Qi8QOHge4%2F%2F6mDm8JRl6N5zs6Z%2BwJ8bpqIGvtQW3xsUWyg5OuXupKEbjLKWuNAs1JEiheI4EtIM%2BulhD7ITRGW13oin3Dfqc4ERorteqxxXzK1quL5frPYnUXx4kYp2E5CmMelSIdpUUkME3EsIyTdIQiSpI0Ho579AYNdTpT1smyQa9G1OJCkeXKdv0wPvXCtDu7aAjDMZwmtz0678JKxa3DD9Y2BEHQcuuVKNC4vt%2FSnqsHv9B1IEUT5PnaP6aLe4XNa%2FgzqYRU979n3vdDBH93u423Wee7XiR728W5VtTWaHI0T7LA6%2B3yky3nwyOuxF6%2F%2BFKRvD9YI2pnjUgHbObUJkd74FZgZkc71jxAR7tHAWqAJsHnkQ%2BogVXneTHf6EoW%2F1z%2FWJfa1Nz%2BHC3yI9eRwivdKGDNZZUJYZCIvetkVaWfzw1yi1NmTYvsJJgNejNfP%2BDsPw%3D%3D&RelayState=http%3A%2F%2Fusbank-sandbox.insightrdm.com%2Fsso%2F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 13- https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p48am1ptf HTTP 302
- https://kd7qvtk7msjfgzw7dm5a-p48am1-ec1c0181b-clientnsv4-s.akamaihd.net/eum/results.txt
- https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p48am1ptf HTTP 302
- https://fiaqjiaaliaaakqce3ydkaaacztn6gz2-p48am1-75bb39f4c-clienttons-s.akamaihd.net/eum/results.txt
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
SSO.saml2
uat-federation.usbank.com/idp/ Redirect Chain
|
8 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usb_layout.css
uat-federation.usbank.com/assets/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usb_global.css
uat-federation.usbank.com/assets/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usb_usbank_logo.gif
uat-federation.usbank.com/assets/images/ |
937 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usb_banner1.gif
uat-federation.usbank.com/assets/images/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usb_banner2.gif
uat-federation.usbank.com/assets/images/ |
192 B 704 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usb_NoLogoff.gif
uat-federation.usbank.com/assets/images/ |
29 B 541 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usb_swoosh_nav.gif
uat-federation.usbank.com/assets/images/ |
159 B 672 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usb_swoosh_footer.gif
uat-federation.usbank.com/assets/images/ |
171 B 683 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PK2L3-TXFPF-78F9H-DVEHF-AJ9BU
s.go-mpulse.net/boomerang/ |
205 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usb_banner_pad.gif
uat-federation.usbank.com/assets/images/ |
41 B 578 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.json
c.go-mpulse.net/api/ |
778 B 942 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
uat-federation.usbank.com/ |
7 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
0217991e.akstat.io/ |
0 233 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
results.txt
kd7qvtk7msjfgzw7dm5a-p48am1-ec1c0181b-clientnsv4-s.akamaihd.net/eum/ Redirect Chain
|
8 B 312 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
results.txt
fiaqjiaaliaaakqce3ydkaaacztn6gz2-p48am1-75bb39f4c-clienttons-s.akamaihd.net/eum/ Redirect Chain
|
8 B 312 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| postOk function| postCancel function| postOnReturn function| setFocus object| BOOMR_mq string| BOOMR_API_key object| BOOMR function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression number| BOOMR_onload6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
usbank-sandbox.insightrdm.com/ | Name: PHPSESSID Value: lodgvqla8h6k83i5ua2lpff0n7 |
|
uat-federation.usbank.com/ | Name: ADRUM_BTa Value: R:0|g:ea637849-4b19-461f-8714-553ed027adb1|n:us-bank-testdev_0ca51855-0e84-4e7f-8ba5-87dab5c8e48f |
|
uat-federation.usbank.com/ | Name: SameSite Value: None |
|
uat-federation.usbank.com/ | Name: ADRUM_BT1 Value: R:0|i:3584032|e:9|t:1725897529152 |
|
uat-federation.usbank.com/ | Name: PF Value: 8Dh2o0u1FA5cbJXOyXVrPd |
|
.usbank.com/ | Name: ak_bmsc Value: 03023DB597F114F388B6ED86B7F8F58F~000000000000000000000000000000~YAAQpI8UAhys38GRAQAAB1iC1xlJpPZRb1zkE/qlO+OGn6W4icDEqytcjtsJo86WiqNV0t660RzDp5gzWgzrpst4CVUpLWeFZ4DecahzlukAQFTb9e4xv8qDXqwl2mRR5A2v0NDcDhKN+ULg9AsCOwwsNxFw0u1ePaYLDgvEDQYa1+L0CTNXB3Omy5QgYyjMoI3KrNXSgD2ZufuVdmJ3uck4xLInjK+1bt5ljoP/yiOxVUqzwkA3tA9c8dn7LhbhsPKqZSSlwrpR9ouciO70lYXdkhW2wdn3Ctj6ofihxtwK0otGiT/7hJrZJmD309i/Qo7DgyDczZT+pP6HcncgjhSq3ZQfrBiXoJDHZcW3R8BaF+pNAgi5VRy9bQw8+k9TyTCtug5b+7iukw== |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' *.us.bank-dns.com *.us.bank-dns.com:* *.usbank.com *.futureAdvisor.com *.box.com *.box.net *.access-online.com *.elanfinancialservices.com *.bookingbug.com *.wss-w.com *.service-now.com *.lightning.force.com *.my.salesforce.com *.simonmarkets.com *.edcast.com *sso.connect.pingidentity.com *.pscunow.com |
Strict-Transport-Security | max-age=31536000 |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0217991e.akstat.io
c.go-mpulse.net
fiaqjiaaliaaakqce3ydkaaacztn6gz2-p48am1-75bb39f4c-clienttons-s.akamaihd.net
kd7qvtk7msjfgzw7dm5a-p48am1-ec1c0181b-clientnsv4-s.akamaihd.net
s.go-mpulse.net
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
uat-federation.usbank.com
usbank-sandbox.insightrdm.com
2.17.177.4
2a02:26f0:3500:16::215:1495
2a02:26f0:e300:186::11a6
3.20.118.146
95.100.146.83
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
13cdabd902393eb932efe980f89b78fad664cacc755f2b8cdaf8b908fe72991b
260491b07b17d1aa2f1a0a59b2591045a5acc16d02cadf16b25ec4b4b6148c08
4d0cf9b05904bdc160d5c63a1b0e8f8cffb65e6681882dd5052fc402c84b6c9c
5fc659aae01c6603bd63f1e231856ddd148aea072e516e08132fea51ce3a621c
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
66fdc976191fdf52dde20caf8056421b8082abd622a2304d11d01e6668eebb66
6af2f4d41a2edc0c86a51f689aac5b3630232a298913ce49af57d49d71d97817
752a11881d2843270e2ce336ee576a5c516665901bbdca06ea9c884044a33e0e
9e70f9555677ae94712eda30e1b78b9f407e8835371fdc1d2eb06ab6badd48cb
d4089674a5d086338c2559e775a1f0dea2e6f77fb33074efe0808643bbb628b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc9a4d594320944665ca61da2c4cdd5ca98445955dac7c7172846bbc96598321