sft.usbank.com
Open in
urlscan Pro
184.24.66.209
Public Scan
Effective URL: https://sft.usbank.com/WidgetSignon/login.html
Submission: On October 06 via automatic, source certstream-suspicious — Scanned from CA
Summary
TLS certificate: Issued by Entrust Certification Authority - L1M on June 27th 2024. Valid for: a year.
This is the only time sft.usbank.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 14 | 184.24.66.209 184.24.66.209 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2a04:4e42::649 2a04:4e42::649 | 54113 (FASTLY) (FASTLY) | |
2 | 23.212.250.27 23.212.250.27 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2600:1408:c40... 2600:1408:c400:38e::39f0 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
17 | 4 |
ASN16625 (AKAMAI-AS, US)
PTR: a184-24-66-209.deploy.static.akamaitechnologies.com
sft.usbank.com | |
onlinebanking.usbank.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-250-27.deploy.static.akamaitechnologies.com
api.usbank.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
usbank.com
1 redirects
sft.usbank.com onlinebanking.usbank.com — Cisco Umbrella Rank: 29818 api.usbank.com — Cisco Umbrella Rank: 27139 content.usbank.com — Cisco Umbrella Rank: 26848 |
1 MB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 791 |
31 KB |
17 | 2 |
Domain | Requested by | |
---|---|---|
7 | onlinebanking.usbank.com |
sft.usbank.com
onlinebanking.usbank.com |
7 | sft.usbank.com |
1 redirects
sft.usbank.com
|
2 | api.usbank.com |
onlinebanking.usbank.com
|
1 | content.usbank.com | |
1 | code.jquery.com |
sft.usbank.com
|
17 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.usbank.com Entrust Certification Authority - L1M |
2024-06-27 - 2025-06-27 |
a year | crt.sh |
*.jquery.com Sectigo ECC Domain Validation Secure Server CA |
2024-06-25 - 2025-06-25 |
a year | crt.sh |
api.usbank.com Entrust Certification Authority - L1M |
2024-06-27 - 2025-07-27 |
a year | crt.sh |
usb.usbank.com Entrust Certification Authority - L1M |
2024-06-27 - 2025-07-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sft.usbank.com/WidgetSignon/login.html
Frame ID: 45B6D55F8796EFDDB8B11A5226837A7A
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
U.S. Bank Secure File TransferPage URL History Show full URLs
-
https://sft.usbank.com/
HTTP 302
https://sft.usbank.com/WidgetSignon/login.html Page URL
Detected technologies
Akamai Bot Manager (Security) ExpandDetected patterns
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://sft.usbank.com/
HTTP 302
https://sft.usbank.com/WidgetSignon/login.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.html
sft.usbank.com/WidgetSignon/ Redirect Chain
|
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js
sft.usbank.com/WidgetSignon/resources/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.1.min.js
code.jquery.com/ |
88 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stylesheet.css
sft.usbank.com/WidgetSignon/resources/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
react.production.min.js
onlinebanking.usbank.com/auth/login/staticlibs/ |
12 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
react-dom.production.min.js
onlinebanking.usbank.com/auth/login/staticlibs/ |
116 KB 38 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
onlinebanking.usbank.com/auth/login/wmf/micro-app-loader/dist/umd/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
babel.min.js
onlinebanking.usbank.com/auth/login/staticlibs/ |
3 MB 581 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
USBankLogo.gif
sft.usbank.com/WidgetSignon/resources/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MastheadBkgd_Map.gif
sft.usbank.com/WidgetSignon/resources/ |
6 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.json
onlinebanking.usbank.com/auth/login/wmf/latest/ |
2 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
sft.usbank.com/ |
1 KB 2 KB |
Other
image/ico |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-d933db027df51c0f39f0.js
onlinebanking.usbank.com/auth/login/wmf/latest/ |
2 MB 439 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
config
api.usbank.com/authentication/customer-auth/app-config/v1/ |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HelveticaNeueLTW04-55Roman.woff2
content.usbank.com/content/dam/onlinebanking/common/static/fonts/ |
41 KB 42 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
api.usbank.com/authentication/customer-auth/app-config/v1/ |
2 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
416-5a8a2727f496b633feb0.js
onlinebanking.usbank.com/auth/login/wmf/latest/ |
414 KB 91 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
42 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| ssoMsgText string| ssoMsgType string| loginForm1 string| initPageParm object| tempElem string| ssoMsgOnly string| loginURL string| logoutURL string| changePwURL function| genTopErrorMsg function| gotoLogin function| logout function| initialize function| goBack function| addPwdPolicies function| openCopyrightNotice function| changePassword function| setUpMessage function| popupMessage function| initPage function| $ function| jQuery object| React object| ReactDOM function| DS object| Babel object| antiClickjack object| header object| configSettings function| onTransmitAuthorizationSuccess function| onTransmitAuthorizationFailure object| process object| USBAuthLoginModule object| webpackChunkUSBAuthLoginModule object| appDTimers object| com object| aesjs object| elliptic function| sha256 function| sha224 object| __XMSDK_PLUGINS string| ConfigAppID6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.usbank.com/ | Name: SSOTOKEN Value: |
|
.usbank.com/ | Name: SSOPP Value: |
|
sft.usbank.com/ | Name: FILEGATEWAY-PROD Value: !8Q9UuKpCoaGZWbnx0wUpoGuLuw+xd9GxzWlbfmkySepxlK54AM6Mofq8BeSl0SGaSn1rlrSV+oF9ow== |
|
.usbank.com/ | Name: _abck Value: 21888757ACDA9ED1C762108247AB33AD~-1~YAAQiWvcF9VxoVCSAQAAFEnSYwzu/3BEioZcix5ZWFiRY4JLBvjDuvA4mD78wgSmvm2zAo3ldoVhNzryikfXrESksKVvXzfMZcmpkoLXwBi5HKlEtwJuN3lMrS73B+P7U9k0cnE+tWMKkj4HbNdOPH2VySUdAE/cj+ct75hef3aw1DZVxZBZYuFg2zR4TG9f6L9QPJM++6UXzV6s/H/qbzlvuF7S4ZIq/wmXC9q21GhNDdc5KrKDTrIoeULZyZXECMZ23l0e5c8A09hHDgHiaYfHzB9JpYKVI4XA9hnBe8YNJWHJkBYW/3K5w2zXfscVm3xeXRsofHr7YdFrYcLebdmrBhRDmcTcfj5LUEco6PyAT8D9g+sI+UqNSj34iiHmc1UFFS8OcuHLqWu4a3eQNcGLjMmTL6PI07z2Yw==~-1~-1~-1 |
|
.usbank.com/ | Name: SspWebSessionId Value: A84c2a4aB44e878e4891 |
|
.usbank.com/ | Name: bm_sz Value: 0B84829284EDEB89BDFAF91B517A06EA~YAAQiWvcFwVyoVCSAQAAyUnSYxmF3OvEttzd9EgfTMSk3fxUMw7GIet7yV3ZSd+F6zAFTRh6iIARRdii/izDiy2SWtDciQ/+uOaFoNi3v/KCYNiITumxSdhi6t01WkWAojeThG1JLvntupiOoeH2MrkOrnTvPAwB3dClZKCNvSwezI76N8DtIjLTAqOsiAy46pnMzKVNnGGeDtcmxNv7WBExvdIGUuu2a5If1Bw3sRhkTqbZ73F8/b9pD6EfsgsyWS1Z4+lNDjl0RPrfIPsjp1YkEDn41EErZwFLN+J6gKSkB3zvZ2yTif1e9OXvWd+RaKOtyxYTOh4b/RCaSHeAwzfmFCVN2/eX5rxE7JWkvAmWIRs+WfVUinUEaonYvBiKPxkD+yAhHFa1kvaLEWvQ4kGllpo=~3420473~3687476 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.usbank.com
code.jquery.com
content.usbank.com
onlinebanking.usbank.com
sft.usbank.com
184.24.66.209
23.212.250.27
2600:1408:c400:38e::39f0
2a04:4e42::649
135e1c1ae2149a1dfff35b5a3944a676cc5cb44fd63707db5e500f5cfa8254a8
23f98395289b452c8a2dfa7c37dea3eb4573715371a25cb85350166238d083dc
2b2e408992c4f74ed7a8c4e57086bba49fe26ab8ca7341522962769f1b74c25e
2b4201117e562b5c8940f8dfa60c86a25372cf84d22388541f97736e4464d860
39b11e57638505b6f5670ab39710fd79a07f7e4b2d733abc56c94059cbd60002
472d35d9840c0383c4ae70f4139a6c597ee401c7d1449a9e9df5a29647ac6ebc
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
57e8fc81a892edfd40c4c04fc0bebc31566ef089291697c4dc58ec5fd4c59c8f
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
923861e968a292a581b28a42331827f9927ffbd404d5ba2da90aaa893bd48661
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a85c98aca7f14ff02c722538988491eca8a5541970f7be7112938b1e35083ee4
be7a2dbd8e1b36e2e50ef810483459e5d1569245dc4180dc7a64a65889328c03
c21e24565a91e86c9b2aff8708df0fa0dd50ececc698664adc1ec6abfa3cc768
f0d0bf9731f51367f0cafa9b577e7cc77c1532e7c66b27bd51f7c8bb670d05d6
fed9b508799ef6fd9deac50fd8b26068ed8b16acd84a3f6268ab09e729cada39