uat-unitrax.cibcmellon.com Open in urlscan Pro
199.43.146.155  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://uat-unitrax.cibcmellon.com/ Page URL
2. https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ uat-unitrax.cibcmellon.com/	405 B 1 KB	433ms 51ms	Document text/html	199.43.146.155 LNT-INFOTECH-FSTI
General Check archive.org Show headers Download Go to Full URL https://uat-unitrax.cibcmellon.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.43.146.155 , Canada, ASN17159 (LNT-INFOTECH-FSTI, CA), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Encoding gzip Content-Length 308 Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Content-Type text/html Date Thu, 11 Jul 2024 08:04:15 GMT ETag "195-4c302ef1f4f00" Keep-Alive timeout=180 Last-Modified Thu, 21 Jun 2012 22:21:16 GMT Permissions-Policy camera=(), fullscreen=(), geolocation=(), gyroscope=(), microphone=(), magnetometer=(), usb=() Referrer-Policy strict-origin-when-cross-origin Strict-Transport-Security max-age=31536000; includeSubDomains; preload Vary Accept-Encoding X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block
POST H/1.1	200 OK	Primary Request Login.jsp Show response uat-unitrax.cibcmellon.com/UnitraxWebDb/	20 KB 7 KB	211ms 210ms	Document text/html	199.43.146.155 LNT-INFOTECH-FSTI
General Check archive.org Show headers Download Go to Full URL https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.43.146.155 , Canada, ASN17159 (LNT-INFOTECH-FSTI, CA), Reverse DNS Software / Resource Hash 92f51b332ff20325a6d63900777e70d9b9c09a4122a677cab1dc25393eccac8d Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Content-Type application/x-www-form-urlencoded Origin https://uat-unitrax.cibcmellon.com Referer https://uat-unitrax.cibcmellon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Cache-Control no-cache="set-cookie, set-cookie2" Connection Keep-Alive Content-Encoding gzip Content-Language en-US Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Content-Type text/html; charset=ISO-8859-1 Date Thu, 11 Jul 2024 08:04:15 GMT Expires Thu, 01 Dec 1994 16:00:00 GMT Keep-Alive timeout=180 Permissions-Policy camera=(), fullscreen=(), geolocation=(), gyroscope=(), microphone=(), magnetometer=(), usb=() Referrer-Policy strict-origin-when-cross-origin Server-Timing dtRpid;desc="1408192675", dtTao;desc="1", dtSInfo;desc="0" Strict-Transport-Security max-age=31536000; includeSubDomains; preload Timing-Allow-Origin * Transfer-Encoding chunked Vary Accept-Encoding X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-OneAgent-JS-Injection true X-XSS-Protection 1; mode=block
GET H/1.1	404 Not Found	favicon.ico uat-unitrax.cibcmellon.com/	1 KB 1 KB	251ms 43ms	Other text/html	199.43.146.155 LNT-INFOTECH-FSTI
General Check archive.org Show headers Download Go to Full URL https://uat-unitrax.cibcmellon.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.43.146.155 , Canada, ASN17159 (LNT-INFOTECH-FSTI, CA), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://uat-unitrax.cibcmellon.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 11 Jul 2024 08:04:15 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload Connection Keep-Alive Content-Length 532 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Tue, 08 Jan 2013 19:49:02 GMT ETag "4c0-4d2cc3ccbe780" Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type text/html Permissions-Policy camera=(), fullscreen=(), geolocation=(), gyroscope=(), microphone=(), magnetometer=(), usb=() Accept-Ranges bytes Keep-Alive timeout=180
GET H/1.1	200 OK	jquery-unitrax.min.js Show response uat-unitrax.cibcmellon.com/UnitraxWebDb/js/common/	85 KB 31 KB	196ms 196ms	Script application/x-javascript	199.43.146.155 LNT-INFOTECH-FSTI
General Check archive.org Show headers Download Go to Full URL https://uat-unitrax.cibcmellon.com/UnitraxWebDb/js/common/jquery-unitrax.min.js Requested by Host: uat-unitrax.cibcmellon.com URL: https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.43.146.155 , Canada, ASN17159 (LNT-INFOTECH-FSTI, CA), Reverse DNS Software / Resource Hash 99e691fae5e88eb36bafb24758b35f0f990708295f8f2abe2221891e328f776a Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 11 Jul 2024 08:04:15 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload Transfer-Encoding chunked X-OneAgent-JS-Injection true Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Fri, 05 Jul 2024 06:54:56 GMT Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type application/x-javascript Content-Language en-US Cache-Control max-age=900 Permissions-Policy camera=(), fullscreen=(), geolocation=(), gyroscope=(), microphone=(), magnetometer=(), usb=() Keep-Alive timeout=180
GET		ruxitagentjs_ICANVfqru_10293240614115956.js uat-unitrax.cibcmellon.com/UnitraxWebDb/	0 0
GET H/1.1	200 OK	inputValidation.js Show response uat-unitrax.cibcmellon.com/UnitraxWebDb/js/common/	63 KB 14 KB	183ms 183ms	Script application/x-javascript	199.43.146.155 LNT-INFOTECH-FSTI
General Check archive.org Show headers Download Go to Full URL https://uat-unitrax.cibcmellon.com/UnitraxWebDb/js/common/inputValidation.js Requested by Host: uat-unitrax.cibcmellon.com URL: https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.43.146.155 , Canada, ASN17159 (LNT-INFOTECH-FSTI, CA), Reverse DNS Software / Resource Hash ba0e07167a11f8f8dc19a280a36fb28d9ff3a656ca3d4975e3aa7479012c88c9 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 11 Jul 2024 08:04:16 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload Transfer-Encoding chunked X-OneAgent-JS-Injection true Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Fri, 05 Jul 2024 06:54:58 GMT Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type application/x-javascript Content-Language en-US Cache-Control max-age=900 Permissions-Policy camera=(), fullscreen=(), geolocation=(), gyroscope=(), microphone=(), magnetometer=(), usb=() Keep-Alive timeout=180
GET H/1.1	200 OK	fp_AA.js Show response uat-unitrax.cibcmellon.com/UnitraxWebDb/js/mfa/	31 KB 9 KB	102ms 101ms	Script application/x-javascript	199.43.146.155 LNT-INFOTECH-FSTI
General Check archive.org Show headers Download Go to Full URL https://uat-unitrax.cibcmellon.com/UnitraxWebDb/js/mfa/fp_AA.js Requested by Host: uat-unitrax.cibcmellon.com URL: https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.43.146.155 , Canada, ASN17159 (LNT-INFOTECH-FSTI, CA), Reverse DNS Software / Resource Hash 76908495042d93811f4c3287a1945cfd74662b7dc06fe92cd42a036972a404b8 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 11 Jul 2024 08:04:16 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload Transfer-Encoding chunked X-OneAgent-JS-Injection true Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Fri, 05 Jul 2024 06:54:48 GMT Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type application/x-javascript Content-Language en-US Cache-Control max-age=900 Permissions-Policy camera=(), fullscreen=(), geolocation=(), gyroscope=(), microphone=(), magnetometer=(), usb=() Keep-Alive timeout=180
GET H/1.1	200 OK	VA.js Show response uat-unitrax.cibcmellon.com/UnitraxWebDb/js/common/	8 KB 3 KB	107ms 107ms	Script application/x-javascript	199.43.146.155 LNT-INFOTECH-FSTI
General Check archive.org Show headers Download Go to Full URL https://uat-unitrax.cibcmellon.com/UnitraxWebDb/js/common/VA.js Requested by Host: uat-unitrax.cibcmellon.com URL: https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.43.146.155 , Canada, ASN17159 (LNT-INFOTECH-FSTI, CA), Reverse DNS Software / Resource Hash 90c69d34ca93f695b562941567f04df0442d148a5261e5dec262dc4370a10537 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 11 Jul 2024 08:04:16 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload Transfer-Encoding chunked X-OneAgent-JS-Injection true Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Fri, 05 Jul 2024 06:54:58 GMT Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type application/x-javascript Content-Language en-US Cache-Control max-age=900 Permissions-Policy camera=(), fullscreen=(), geolocation=(), gyroscope=(), microphone=(), magnetometer=(), usb=() Keep-Alive timeout=180
GET H/1.1	200 OK	CitiUnitrax_skin.css uat-unitrax.cibcmellon.com/UnitraxWebDb/theme/	38 KB 6 KB	192ms 191ms	Stylesheet text/css	199.43.146.155 LNT-INFOTECH-FSTI
General Check archive.org Show headers Download Go to Full URL https://uat-unitrax.cibcmellon.com/UnitraxWebDb/theme/CitiUnitrax_skin.css Requested by Host: uat-unitrax.cibcmellon.com URL: https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.43.146.155 , Canada, ASN17159 (LNT-INFOTECH-FSTI, CA), Reverse DNS Software / Resource Hash 43a318dcac79da0b027bbdd5a7d37279beff99d9e6a5920ecd69d8e4ad769976 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 11 Jul 2024 08:04:16 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload Transfer-Encoding chunked X-OneAgent-JS-Injection true Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Fri, 05 Jul 2024 06:54:28 GMT Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type text/css Content-Language en-US Cache-Control max-age=900 Permissions-Policy camera=(), fullscreen=(), geolocation=(), gyroscope=(), microphone=(), magnetometer=(), usb=() Keep-Alive timeout=180
GET H/1.1	200 OK	cookie.css uat-unitrax.cibcmellon.com/UnitraxWebDb/theme/	1 KB 1 KB	170ms 170ms	Stylesheet text/css	199.43.146.155 LNT-INFOTECH-FSTI
General Check archive.org Show headers Download Go to Full URL https://uat-unitrax.cibcmellon.com/UnitraxWebDb/theme/cookie.css Requested by Host: uat-unitrax.cibcmellon.com URL: https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.43.146.155 , Canada, ASN17159 (LNT-INFOTECH-FSTI, CA), Reverse DNS Software / Resource Hash 2ac9759045c4848c63b7dead5714adfae8320620ed5462bc7aad6206d9a4092e Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 11 Jul 2024 08:04:16 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload Transfer-Encoding chunked X-OneAgent-JS-Injection true Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Fri, 05 Jul 2024 06:54:28 GMT Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type text/css Content-Language en-US Cache-Control max-age=900 Permissions-Policy camera=(), fullscreen=(), geolocation=(), gyroscope=(), microphone=(), magnetometer=(), usb=() Keep-Alive timeout=180
GET H/1.1	200 OK	CitiUnitrax_contentArea.css uat-unitrax.cibcmellon.com/UnitraxWebDb/theme/	71 KB 11 KB	473ms 302ms	Stylesheet text/css	199.43.146.155 LNT-INFOTECH-FSTI
General Check archive.org Show headers Download Go to Full URL https://uat-unitrax.cibcmellon.com/UnitraxWebDb/theme/CitiUnitrax_contentArea.css Requested by Host: uat-unitrax.cibcmellon.com URL: https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.43.146.155 , Canada, ASN17159 (LNT-INFOTECH-FSTI, CA), Reverse DNS Software / Resource Hash 36bb965280d5c1b8106a652daec8b4fc6af462c2c3dcdbf50a0511c7556bc114 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 11 Jul 2024 08:04:16 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload Transfer-Encoding chunked X-OneAgent-JS-Injection true Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Fri, 05 Jul 2024 06:54:28 GMT Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type text/css Content-Language en-US Cache-Control max-age=900 Permissions-Policy camera=(), fullscreen=(), geolocation=(), gyroscope=(), microphone=(), magnetometer=(), usb=() Keep-Alive timeout=180
GET H/1.1	200 OK	lnT_logo_head.gif uat-unitrax.cibcmellon.com/UnitraxWebDb/theme/img/	2 KB 3 KB	70ms 69ms	Image image/gif	199.43.146.155 LNT-INFOTECH-FSTI
General Check archive.org Show headers Download Go to Show image Full URL https://uat-unitrax.cibcmellon.com/UnitraxWebDb/theme/img/lnT_logo_head.gif Requested by Host: uat-unitrax.cibcmellon.com URL: https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.43.146.155 , Canada, ASN17159 (LNT-INFOTECH-FSTI, CA), Reverse DNS Software / Resource Hash 4a436896ee407e2d092898616478151796121458adb6b2217f3a977c03d36b89 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 11 Jul 2024 08:04:17 GMT Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff Strict-Transport-Security max-age=31536000; includeSubDomains; preload Last-Modified Fri, 05 Jul 2024 06:55:02 GMT Referrer-Policy strict-origin-when-cross-origin X-Frame-Options SAMEORIGIN Content-Type image/gif Content-Language en-US X-OneAgent-JS-Injection true Permissions-Policy camera=(), fullscreen=(), geolocation=(), gyroscope=(), microphone=(), magnetometer=(), usb=() Connection Keep-Alive Keep-Alive timeout=180 Content-Length 2254 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	Unitrax_logo_head.gif uat-unitrax.cibcmellon.com/UnitraxWebDb/theme/img/	1 KB 2 KB	62ms 62ms	Image image/gif	199.43.146.155 LNT-INFOTECH-FSTI
General Check archive.org Show headers Download Go to Show image Full URL https://uat-unitrax.cibcmellon.com/UnitraxWebDb/theme/img/Unitrax_logo_head.gif Requested by Host: uat-unitrax.cibcmellon.com URL: https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.43.146.155 , Canada, ASN17159 (LNT-INFOTECH-FSTI, CA), Reverse DNS Software / Resource Hash 23b5dcea589026897b9f4325d646c47464af5b85f83aa8b9a5e3b6cc9b7801f1 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 11 Jul 2024 08:04:17 GMT Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff Strict-Transport-Security max-age=31536000; includeSubDomains; preload Last-Modified Fri, 05 Jul 2024 06:55:02 GMT Referrer-Policy strict-origin-when-cross-origin X-Frame-Options SAMEORIGIN Content-Type image/gif Content-Language en-US X-OneAgent-JS-Injection true Permissions-Policy camera=(), fullscreen=(), geolocation=(), gyroscope=(), microphone=(), magnetometer=(), usb=() Connection Keep-Alive Keep-Alive timeout=180 Content-Length 1456 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	Login_1px_left.jpg uat-unitrax.cibcmellon.com/UnitraxWebDb/theme/img/	516 B 1 KB	114ms 113ms	Image image/jpeg	199.43.146.155 LNT-INFOTECH-FSTI
General Check archive.org Show headers Download Go to Show image Full URL https://uat-unitrax.cibcmellon.com/UnitraxWebDb/theme/img/Login_1px_left.jpg Requested by Host: uat-unitrax.cibcmellon.com URL: https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.43.146.155 , Canada, ASN17159 (LNT-INFOTECH-FSTI, CA), Reverse DNS Software / Resource Hash 35797cbfd1e683f915b871e442be3441c260a20d5b09fb873d5e016f73f60039 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 11 Jul 2024 08:04:17 GMT Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-OneAgent-JS-Injection true Connection Keep-Alive Content-Length 516 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Fri, 05 Jul 2024 06:55:02 GMT X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type image/jpeg Content-Language en-US Permissions-Policy camera=(), fullscreen=(), geolocation=(), gyroscope=(), microphone=(), magnetometer=(), usb=() Keep-Alive timeout=180
GET H/1.1	200 OK	Login_1px_right.jpg uat-unitrax.cibcmellon.com/UnitraxWebDb/theme/img/	497 B 1 KB	116ms 52ms	Image image/jpeg	199.43.146.155 LNT-INFOTECH-FSTI
General Check archive.org Show headers Download Go to Show image Full URL https://uat-unitrax.cibcmellon.com/UnitraxWebDb/theme/img/Login_1px_right.jpg Requested by Host: uat-unitrax.cibcmellon.com URL: https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.43.146.155 , Canada, ASN17159 (LNT-INFOTECH-FSTI, CA), Reverse DNS Software / Resource Hash abf08ca9d7f516d70083fc72a243b7d9ad1064716ab3bc74224fb721ddf39f77 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 11 Jul 2024 08:04:17 GMT Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-OneAgent-JS-Injection true Connection Keep-Alive Content-Length 497 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Fri, 05 Jul 2024 06:55:02 GMT X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type image/jpeg Content-Language en-US Permissions-Policy camera=(), fullscreen=(), geolocation=(), gyroscope=(), microphone=(), magnetometer=(), usb=() Keep-Alive timeout=180
GET H/1.1	200 OK	spacer_bullet.gif uat-unitrax.cibcmellon.com/UnitraxWebDb/theme/img/	113 B 917 B	124ms 53ms	Image image/gif	199.43.146.155 LNT-INFOTECH-FSTI
General Check archive.org Show headers Download Go to Show image Full URL https://uat-unitrax.cibcmellon.com/UnitraxWebDb/theme/img/spacer_bullet.gif Requested by Host: uat-unitrax.cibcmellon.com URL: https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.43.146.155 , Canada, ASN17159 (LNT-INFOTECH-FSTI, CA), Reverse DNS Software / Resource Hash 846aaf054b809cedd43bc26732701e462e4232494e83a3d106b8ac4a38de3195 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 11 Jul 2024 08:04:17 GMT Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-OneAgent-JS-Injection true Connection Keep-Alive Content-Length 113 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Fri, 05 Jul 2024 06:55:04 GMT X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type image/gif Content-Language en-US Permissions-Policy camera=(), fullscreen=(), geolocation=(), gyroscope=(), microphone=(), magnetometer=(), usb=() Keep-Alive timeout=180

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

uat-unitrax.cibcmellon.com

URL

https://uat-unitrax.cibcmellon.com/UnitraxWebDb/ruxitagentjs_ICANVfqru_10293240614115956.js

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| setMessageArgs function| isFieldEditable function| getSelectionValue function| setCursorBusy function| setCursorNormal function| isSpecialCharExists function| isSpecialCharWildCardExists function| isSplCharExistForSplit function| isValidChars object| exceptionFieldsArr function| setExceptionFieldsArr function| isAllValidChars function| isWildChar function| isValidCharsForSplit function| IsEmpty function| isUpperCase function| isLowerCase function| checkMaxLength function| checkMinLength function| isValidateYN function| isValidDate function| validateDate function| isDateWithSlashes function| getDateWithoutSlashes function| getDateWithSlashes function| compareDates function| isFutureDate function| getCurrentDate function| checkDateFields function| isValidDate2 function| validateDateField function| numericCheck function| isNumeric function| isAlphaNumeric function| ValidateNumber function| checkMandatoryFields function| checkSearchFields function| allowedDecPlacesCheck function| checkDecimalFields function| isValidDecimal function| checkDigitsAfterDecimalPoint function| ValidateDecimal function| ValidateFloat function| ValidateSignFloat function| chkDecimal function| validateRateField function| isSinNotValid function| isValidateCurrency function| emailValidation function| isPhoneNumberValid function| setAutoCompleteOff function| setAutoCompleteOffEntirely function| confirmRowDelete function| ValidateArray function| toggelImageGroup function| setSpecialChar function| setMessageSearchCriteria function| setValueRequired function| setZeroPercentValueNotAllowed function| setNumericValueNeeded function| setMessageDateValid function| setDecPlacesMsg function| setOverflowMessage function| setValueOutOfRangeMsg function| setMessageConfirmation function| setMessageRecordSelection function| setMsgRecSelOnlyOne function| setDataAbsentMsg function| checkEnterKeyPressedForSave function| preventMultipleSubmitRequest function| validateSSNITINPattern function| validateEINPattern function| validateGIINPattern function| isValidInteger function| validateDecimalEntry function| setFocusACITDTLReview function| chckKeyPressForACITDTLReview function| setvalidErrMsg function| validateEntry function| parseLocalNum function| getDecimalSep function| isPastDate function| validateMMDD function| setEntryPositive function| checkPositiveEntry function| setComboActionMsg function| calcualteMonthsDifference function| calculateDaysDifference function| appendSlashesYYYYMMDD function| setpageNoNeeded function| setvalidPageNoNeeded function| FundReset function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint function| asyncpost_deviceprint function| characterToEscapeSequence function| escapeSequenceToCharacter function| getTheRealCharacter function| escapeUnescapeFormInputs object| htmlTag function| Set_Cookie function| Delete_Cookie function| setFocusForLoginFields boolean| showCookieBanner object| x object| y function| setAction string| focusArea function| getFocus function| checkKeycodePressedOnPage function| getFingerPrint object| plugin string| t

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			uat-unitrax.cibcmellon.com/	1969-12-31 23:59:59	Name: NID Value: !SoiJE46j8pjgMxgzEO1GMMVFo1lYdNAGncHEzEHMhwRuEsv3oWrxTMUsKrnatu1vKYQ9tLuWn5IORvpJ5m3VwIQm4mHGx2cCrG8SK28lCA==
			uat-unitrax.cibcmellon.com/	1969-12-31 23:59:59	Name: TS01e031e1 Value: 0158bde5a310b5356b9f2036e6c71e47cd94d737d4c1d21d991b07bf01c8b3d516779a7303ca20ccbcfef8ae92f2c5bb4fc83a727ec11832e20fc5604eaf780bad2269444d
			.cibcmellon.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_6_sn_6D0D018DEAD1BC4C64B491492C5F9D6F_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1
			.cibcmellon.com/	1969-12-31 23:59:59	Name: TS01a40d43 Value: 0158bde5a38029d217bd268fa1d7952f1b5a965e3cc1d21d991b07bf01c8b3d516779a7303ca20ccbcfef8ae92f2c5bb4fc83a727e58b11f3188d4bd94da3a2c490982a6f18143d70b79542f8b338d7f1b0490b725

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://uat-unitrax.cibcmellon.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://uat-unitrax.cibcmellon.com/UnitraxWebDb/Login.jsp Message: Refused to load the script 'https://uat-unitrax.cibcmellon.com/UnitraxWebDb/ruxitagentjs_ICANVfqru_10293240614115956.js' because it violates the following Content Security Policy directive: "script-src-elem 'nonce-di77XeC9SYZSmTcHhzVOs1UtZJ2XvYCTp+wBlsX5UVc'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

uat-unitrax.cibcmellon.com
uat-unitrax.cibcmellon.com
199.43.146.155
23b5dcea589026897b9f4325d646c47464af5b85f83aa8b9a5e3b6cc9b7801f1
2ac9759045c4848c63b7dead5714adfae8320620ed5462bc7aad6206d9a4092e
35797cbfd1e683f915b871e442be3441c260a20d5b09fb873d5e016f73f60039
36bb965280d5c1b8106a652daec8b4fc6af462c2c3dcdbf50a0511c7556bc114
43a318dcac79da0b027bbdd5a7d37279beff99d9e6a5920ecd69d8e4ad769976
4a436896ee407e2d092898616478151796121458adb6b2217f3a977c03d36b89
76908495042d93811f4c3287a1945cfd74662b7dc06fe92cd42a036972a404b8
846aaf054b809cedd43bc26732701e462e4232494e83a3d106b8ac4a38de3195
90c69d34ca93f695b562941567f04df0442d148a5261e5dec262dc4370a10537
92f51b332ff20325a6d63900777e70d9b9c09a4122a677cab1dc25393eccac8d
99e691fae5e88eb36bafb24758b35f0f990708295f8f2abe2221891e328f776a
abf08ca9d7f516d70083fc72a243b7d9ad1064716ab3bc74224fb721ddf39f77
ba0e07167a11f8f8dc19a280a36fb28d9ff3a656ca3d4975e3aa7479012c88c9