firstunitedbank.screenstepslive.com Open in urlscan Pro
2606:4700::6812:1c26  Public Scan

Submitted URL: https://howto.firstunitedbank.com/
Effective URL: https://firstunitedbank.screenstepslive.com/login
Submission: On January 09 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 2606:4700::6812:1c26, located in United States and belongs to CLOUDFLARENET, US. The main domain is firstunitedbank.screenstepslive.com.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on September 11th 2023. Valid for: a year.
This is the only time firstunitedbank.screenstepslive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 3
Apex Domain
Subdomains
Transfer
4 screensteps.com
assets.screensteps.com — Cisco Umbrella Rank: 718525
media.screensteps.com — Cisco Umbrella Rank: 452641
182 KB
2 screenstepslive.com
firstunitedbank.screenstepslive.com
3 KB
1 firstunitedbank.com
howto.firstunitedbank.com
704 B
5 3
Domain Requested by
3 assets.screensteps.com firstunitedbank.screenstepslive.com
2 firstunitedbank.screenstepslive.com 1 redirects
1 media.screensteps.com firstunitedbank.screenstepslive.com
1 howto.firstunitedbank.com 1 redirects
5 4

This site contains links to these domains. Also see Links.

Domain
howto.firstunitedbank.com
Subject Issuer Validity Valid
*.screenstepslive.com
Sectigo ECC Domain Validation Secure Server CA
2023-09-11 -
2024-09-15
a year crt.sh
screensteps.com
Cloudflare Inc ECC CA-3
2023-10-06 -
2024-10-05
a year crt.sh

This page contains 1 frames:

Primary Page: https://firstunitedbank.screenstepslive.com/login
Frame ID: D6FEC15E31246832B01031C9AFCCC352
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

First United Bank: Login

Page URL History Show full URLs

  1. https://howto.firstunitedbank.com/ HTTP 302
    https://firstunitedbank.screenstepslive.com/sessions/authenticate_child_domain?space_id=24941 HTTP 302
    https://firstunitedbank.screenstepslive.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-controller

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

5
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

184 kB
Transfer

567 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://howto.firstunitedbank.com/ HTTP 302
    https://firstunitedbank.screenstepslive.com/sessions/authenticate_child_domain?space_id=24941 HTTP 302
    https://firstunitedbank.screenstepslive.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
firstunitedbank.screenstepslive.com/
Redirect Chain
  • https://howto.firstunitedbank.com/
  • https://firstunitedbank.screenstepslive.com/sessions/authenticate_child_domain?space_id=24941
  • https://firstunitedbank.screenstepslive.com/login
3 KB
2 KB
Document
General
Full URL
https://firstunitedbank.screenstepslive.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a93ab198e71f72cfe82399b078686c880a6c7c64178a77539644aa7f1028dd00
Security Headers
Name Value
Content-Security-Policy
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
842df5ff6b655d50-FRA
content-encoding
br
content-security-policy
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 16:12:17 GMT
link
<https://assets.screensteps.com/assets/login-4530c017cc80e241c05a91e13eaba3540adadd45.css>; rel=preload; as=style; nopush,<https://assets.screensteps.com/assets/jquery-52fe3aea445e6c4445cd5194006622bbaeef1026.js>; rel=preload; as=script; nopush
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
1cdccbf9-96ef-4279-bbfb-7ef34cd2bae8
x-runtime
0.036937
x-xss-protection
0

Redirect headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
842df5fc893e5d50-FRA
content-security-policy
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 16:12:17 GMT
location
https://firstunitedbank.screenstepslive.com/login
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
967a134b-09a8-4fe0-af22-67c7dd840bd8
x-runtime
0.024076
x-xss-protection
0
login-4530c017cc80e241c05a91e13eaba3540adadd45.css
assets.screensteps.com/assets/
20 KB
4 KB
Stylesheet
General
Full URL
https://assets.screensteps.com/assets/login-4530c017cc80e241c05a91e13eaba3540adadd45.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6324c0b54f4ca9ba1d87b19703a2fd4232d88de5525752837d3a7cf37c351e5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstunitedbank.screenstepslive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 16:12:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 06 Jan 2024 19:35:09 GMT
server
cloudflare
age
30196
etag
W/"6599ab6d-4f8e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=1728000
cf-ray
842df600bfba9a1d-FRA
expires
Mon, 29 Jan 2024 16:12:17 GMT
jquery-52fe3aea445e6c4445cd5194006622bbaeef1026.js
assets.screensteps.com/assets/
87 KB
31 KB
Script
General
Full URL
https://assets.screensteps.com/assets/jquery-52fe3aea445e6c4445cd5194006622bbaeef1026.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstunitedbank.screenstepslive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 16:12:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Dec 2023 18:04:19 GMT
server
cloudflare
age
1122506
etag
W/"658b15a3-15d84"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1728000
cf-ray
842df600bfbb9a1d-FRA
expires
Mon, 29 Jan 2024 16:12:17 GMT
application-411c6e6abd3054104de114ed907f71c2f3ba9efa.js
assets.screensteps.com/assets/
450 KB
139 KB
Script
General
Full URL
https://assets.screensteps.com/assets/application-411c6e6abd3054104de114ed907f71c2f3ba9efa.js
Requested by
Host: firstunitedbank.screenstepslive.com
URL: https://firstunitedbank.screenstepslive.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40a975777aa4a3e17131fde7e287f9cacb1dc811612b072ea262e1d6b1082e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstunitedbank.screenstepslive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 16:12:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Dec 2023 18:04:18 GMT
server
cloudflare
age
1050527
etag
W/"658b15a2-706d9"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1728000
cf-ray
842df600efdc9a1d-FRA
expires
Mon, 29 Jan 2024 16:12:17 GMT
MicrosoftTeams-image%20%281%29.png
media.screensteps.com/logos/16573/
7 KB
7 KB
Image
General
Full URL
https://media.screensteps.com/logos/16573/MicrosoftTeams-image%20%281%29.png
Requested by
Host: firstunitedbank.screenstepslive.com
URL: https://firstunitedbank.screenstepslive.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
100ab5709122b4f5dbdd77ca9c4b1968a42a9ba19ce8d76158eccf5eb8c58dcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://firstunitedbank.screenstepslive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 16:12:17 GMT
x-amz-version-id
jaYMAqeWU2DuL9eBVwpS4tmBTIWgfWvv
cf-cache-status
MISS
x-amz-request-id
9NX1EQQS4J6P2FNQ
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
content-length
7240
x-amz-id-2
YboxykoOhE2tt/5Tc4HdG7OVp9DhBk+v4hboE82uMk4vLiqvGgTtdTKgxIduX4xjkk/OTGfu274=
last-modified
Tue, 19 Dec 2023 15:32:30 GMT
server
cloudflare
etag
"be852eafb684c4267670fb41382da5f5"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
842df600becd9293-FRA
expires
Tue, 09 Jan 2024 20:12:17 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery object| lazySizes function| setImmediate function| clearImmediate object| Turbo object| Stimulus object| screenStepsWorkflowState

2 Cookies

Domain/Path Name / Value
howto.firstunitedbank.com/ Name: _ss_live_session
Value: PI0b3uU4T3nDZkK7vaByvfflhTChT%2BDUM%2Fp5pi%2BC%2B9Q9qbfyvZ9zIxyBMzgKxcP6%2FwmJBHQH5Q%2FdjhDYTNalY0A922fXdVjzQoJRceaouqlhxHeqpqvVjsn7hm5Uq3pOHYegjkWET60yXAbpxUEXq6JpJa8Bns9BnxPns%2FV0aDI7fmEComJ%2FS%2FK0o%2FKLvC2GSXTRiUEFACJdy2k8--S3UkorPQg%2BlCeiT8--AIX7b2Y7%2Br254FwYgasJtg%3D%3D
firstunitedbank.screenstepslive.com/ Name: _ss_live_session
Value: wBQqxXxqvRAPySjQTNN6KduqG%2B9USifih9taSBZe6jymq7nc7ut09rloz63AAOl1%2FFoyLlBOzKmQjlMNPIPoez1p5cCyRz5LtddPB8buUhZwzlQ%2BvcW0Sw4zGJzY0vcxcKhKI7uYjvstgRNxdz2reII7E%2BV2l1th1hXZaGJEvZuT8rve93vHUF443lqGx7uZIIWwlyRyV2WmgmUb1uNF8DHS80isH%2BWdUmIJJA7hsiKkyjNnT9HMtDwRU2LlDXe%2B5NAq6lciRT1QWjVAP9L9S5soa6r5mUD%2BNec4T4loawPeHnq6eeoFg9LRYCEf%2BVWrGhcgwkvTiGBZb%2BPCmEZHB97Fi3s0hz4zb2rpdbryOheO2mWeVDl5Y4M4kCOt%2F9J1ZLmRjQMX0g%2FvDwIFQkeKGGzswjnrpKTuZCcA89jnvWiKyqp%2BtmQgwTLyT5Du2wkc--syRIv2I4SseJafiD--JSdZkgf2lhsKMthwmze49A%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0