federation.usbank.com Open in urlscan Pro
170.135.184.73 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://profilemanager.response-element.com/app/main/home-bu
Effective URL:
https://federation.usbank.com/idp/SSO.saml2?SAMLRequest=lZHBTsMwEETvlfoPlu9JnKRFrZVEiuilUhFSAxy4OfZWtYjt4HUQn08wRdALEtfZeaPZ3Q...
Submission: On March 10 via manual (March 10th 2020, 10:31:51 am UTC) from US

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 39 HTTP transactions. The main IP is 170.135.184.73, located in United States and belongs to US-BANCORP, US. The main domain is federation.usbank.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on September 25th 2019. Valid for: 2 years.

This is the only time federation.usbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	198.12.26.106 198.12.26.106	393851 (CURTIS) (CURTIS)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1 1	198.12.26.181 198.12.26.181	393851 (CURTIS) (CURTIS)
1 1	198.12.26.33 198.12.26.33	393851 (CURTIS) (CURTIS)
16	170.135.184.73 170.135.184.73	3147 (US-BANCORP) (US-BANCORP)
39	4

22 198.12.26.106 (United States)

ASN393851 (CURTIS, US)

profilemanager.response-element.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.12.26.181 (United States) 1 redirects

ASN393851 (CURTIS, US)

marketingonesource-prod.response-element.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.12.26.33 (United States) 1 redirects

ASN393851 (CURTIS, US)

saml2.response-element.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 170.135.184.73 (United States)

ASN3147 (US-BANCORP, US)

federation.usbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	response-element.com 2 redirects profilemanager.response-element.com marketingonesource-prod.response-element.com saml2.response-element.com	10 MB
16	usbank.com federation.usbank.com	37 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
39	3

	Domain	Requested by
22	profilemanager.response-element.com	profilemanager.response-element.com
16	federation.usbank.com	profilemanager.response-element.com federation.usbank.com
1	saml2.response-element.com	1 redirects
1	marketingonesource-prod.response-element.com	1 redirects
1	www.googletagmanager.com	profilemanager.response-element.com
39	5

This site contains no links.

Subject Issuer	Validity	Valid
*.response-element.com GeoTrust TLS RSA CA G1	`2018-03-20` - `2020-06-22`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
federation.usbank.com Entrust Certification Authority - L1K	`2019-09-25` - `2021-09-25`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://federation.usbank.com/idp/SSO.saml2?SAMLRequest=lZHBTsMwEETvlfoPlu9JnKRFrZVEiuilUhFSAxy4OfZWtYjt4HUQn08wRdALEtfZeaPZ3QqFGYqRt1M42yO8ToCBvJvBIv%2Ba1HTyljuBGrkVBpAHybv27sCLlPHRu%2BCkG%2Bhv5m9EIIIP2llK9ruaaqXyXKmTWG3KXq7Krehv%2BkLkSm43PcsLtqbkCTzOQE1nfqYQJ9hbDMKGWWIFS1iZ5OwhZ7ws%2BLp8pmQ3r6GtCJE6hzAiz7ITKPBRSyfshX1JpTOZVmPWdfdprE5J%2B13v1lmcDPgO%2FJuW8Hg8%2FCRFb%2BoBx9kECQxgwIYY93nIC4JZK5E2ywUhVSR4rO6bf8ZU2RW9XFyE6681Hw%3D%3D&RelayState=kjTSJ1Mj3HQDPzPKysXeGeTQKj5dqeQgqFAdpzccyLuxEKYKZXVnLerq&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=OO6qEgwkJ9v%2BP06oEtJC3Bz4B4dxuW%2FxSOceYZwKyZfVFk8LegjEKAS4yfp6rVlgn%2BMq%2FNJEQJeluTZVEl0TmJo06qif98CJwW5svQ0erTKALgxiKtziOds%2F5n4iGJpCT1N7No%2Bz2fIfjciJBK8EwK7d8Qn0LittbcDjYVLuFxUBvQXKWsy1W5ck4nExxYtS28Z7lHMPt77KPydVr7WYV8eNnSvfsAW4a6KMOXCwbj8LYk0a400bPRqs3Mia98ZKehBnS0SOjJhbkpKC4r7WqNIX9ykZ%2BLHTfC6q5shnyNcQMopqPuYSWil48Oep16xvb5IE7vOrVQyqSE7CHRmrVA%3D%3D
Frame ID: 01BAC887209FED07E9A6E4E5EB34D6BA
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://profilemanager.response-element.com/app/main/home-bu Page URL
https://marketingonesource-prod.response-element.com/Plugins/ExternalAuth/ProfilerAuthenticatorWidget?ReturnURL=%2Fapp%2Fmain%2Fh... HTTP 302
https://saml2.response-element.com/AuthServices/SignIn?idp=USBank%3ASAML2.0%3APROD&ReturnUrl=%2fPlugins%2fExter... HTTP 302
https://federation.usbank.com/idp/SSO.saml2?SAMLRequest=lZHBTsMwEETvlfoPlu9JnKRFrZVEiuilUhFSAxy4OfZWtYjt4H... Page URL

Page Statistics

39
Requests

100 %
HTTPS

20 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

10597 kB
Transfer

10632 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://profilemanager.response-element.com/app/main/home-bu Page URL
https://marketingonesource-prod.response-element.com/Plugins/ExternalAuth/ProfilerAuthenticatorWidget?ReturnURL=%2Fapp%2Fmain%2Fhome-bu HTTP 302
https://saml2.response-element.com/AuthServices/SignIn?idp=USBank%3ASAML2.0%3APROD&ReturnUrl=%2fPlugins%2fExternalAuth%2fProfilerAuthenticatorWidget%3fReturnURL%3d%252Fapp%252Fmain%252Fhome-bu&ReturnURL=%2Fapp%2Fmain%2Fhome-bu HTTP 302
https://federation.usbank.com/idp/SSO.saml2?SAMLRequest=lZHBTsMwEETvlfoPlu9JnKRFrZVEiuilUhFSAxy4OfZWtYjt4HUQn08wRdALEtfZeaPZ3QqFGYqRt1M42yO8ToCBvJvBIv%2Ba1HTyljuBGrkVBpAHybv27sCLlPHRu%2BCkG%2Bhv5m9EIIIP2llK9ruaaqXyXKmTWG3KXq7Krehv%2BkLkSm43PcsLtqbkCTzOQE1nfqYQJ9hbDMKGWWIFS1iZ5OwhZ7ws%2BLp8pmQ3r6GtCJE6hzAiz7ITKPBRSyfshX1JpTOZVmPWdfdprE5J%2B13v1lmcDPgO%2FJuW8Hg8%2FCRFb%2BoBx9kECQxgwIYY93nIC4JZK5E2ywUhVSR4rO6bf8ZU2RW9XFyE6681Hw%3D%3D&RelayState=kjTSJ1Mj3HQDPzPKysXeGeTQKj5dqeQgqFAdpzccyLuxEKYKZXVnLerq&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=OO6qEgwkJ9v%2BP06oEtJC3Bz4B4dxuW%2FxSOceYZwKyZfVFk8LegjEKAS4yfp6rVlgn%2BMq%2FNJEQJeluTZVEl0TmJo06qif98CJwW5svQ0erTKALgxiKtziOds%2F5n4iGJpCT1N7No%2Bz2fIfjciJBK8EwK7d8Qn0LittbcDjYVLuFxUBvQXKWsy1W5ck4nExxYtS28Z7lHMPt77KPydVr7WYV8eNnSvfsAW4a6KMOXCwbj8LYk0a400bPRqs3Mia98ZKehBnS0SOjJhbkpKC4r7WqNIX9ykZ%2BLHTfC6q5shnyNcQMopqPuYSWil48Oep16xvb5IE7vOrVQyqSE7CHRmrVA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK home-bu Show response
profilemanager.response-element.com/app/main/ 1 KB
2 KB 623ms
113ms Document
text/html 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/app/main/home-bu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

4c7f81b8237c3224524741018c0c7f5563108719ebc3940b8c5d9fedb10177db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: profilemanager.response-element.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Length: 1434
Content-Type: text/html
Expires: -1
Last-Modified: Fri, 21 Feb 2020 14:10:32 GMT
Accept-Ranges: bytes
ETag: "1d5e8c0ad87799a"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Date: Tue, 10 Mar 2020 10:32:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 39ms
37ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-97651695-32

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/app/main/home-bu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed339887a915c2a172bd7fdd0b930314bdd2e12133954b1c9bd5e6df2ad57e4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 10:31:24 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28489
x-xss-protection: 0
last-modified: Tue, 10 Mar 2020 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Mar 2020 10:31:24 GMT

GET
H/1.1 200
OK styles.0ca2f6b37a7874672a96.css
profilemanager.response-element.com/ 594 KB
594 KB 111ms
110ms Stylesheet
text/css 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/styles.0ca2f6b37a7874672a96.css

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/app/main/home-bu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

a8da10cf4380e8652bde62b9985c31fc747d9b3e98d45f2e7b5199f40b175d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 10 Mar 2020 10:32:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 14:10:32 GMT
ETag: "1d5e8c0ad8e3a7a"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 607866
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK runtime.37d4fcd8f4eb1264a4f4.js Show response
profilemanager.response-element.com/ 29 KB
30 KB 333ms
112ms Script
application/javascript 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/runtime.37d4fcd8f4eb1264a4f4.js

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/app/main/home-bu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

2ff88155a50993bfd8ffe449fe7dcb7fdfc6e3fa0c3d6cef7dfc2aeed9dd44fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 10 Mar 2020 10:32:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 14:10:32 GMT
ETag: "1d5e8c0ad8709d1"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 30161
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK polyfills.b1228405f30c3615e3ac.js Show response
profilemanager.response-element.com/ 96 KB
96 KB 340ms
115ms Script
application/javascript 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/polyfills.b1228405f30c3615e3ac.js

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/app/main/home-bu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

58166de5cd0b8805e06abe8ced643c5c1f66508b2438110aeae4c35eda8acad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 10 Mar 2020 10:32:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 14:10:32 GMT
ETag: "1d5e8c0ad8603bc"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 98236
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK scripts.f6854887d3998eba0ad8.js Show response
profilemanager.response-element.com/ 2 MB
2 MB 356ms
121ms Script
application/javascript 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/scripts.f6854887d3998eba0ad8.js

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/app/main/home-bu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

7e8edf23df521fcaaf5a58b136be604fb9702835247ad8fe7464d276a7d597cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 10 Mar 2020 10:32:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 14:10:32 GMT
ETag: "1d5e8c0ada594b7"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2287799
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.aaae8f9467e8c2fa7c62.js Show response
profilemanager.response-element.com/ 4 MB
4 MB 372ms
126ms Script
application/javascript 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/main.aaae8f9467e8c2fa7c62.js

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/app/main/home-bu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

a38118f69002405f154ece2499077fc43938c0ce37b8d6ad0608b17e3c20f991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 10 Mar 2020 10:32:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 14:10:32 GMT
ETag: "1d5e8c0adb9ab04"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4118276
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK appconfig.production.json Show response
profilemanager.response-element.com/assets/ 342 B
639 B 124ms
124ms XHR
application/json 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/assets/appconfig.production.json

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/polyfills.b1228405f30c3615e3ac.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

f0c391c42fb2ff925faa7d4e59fe615e581edb85b5d8753dca51a381a86cf6ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Abp.TenantId: null
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Referer: https://profilemanager.response-element.com/app/main/home-bu
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

Date: Tue, 10 Mar 2020 10:32:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Apr 2019 12:09:42 GMT
ETag: "1d4ef96473e8656"
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Accept-Ranges: bytes
Content-Length: 342
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK GetAll Show response
profilemanager.response-element.com/AbpUserConfiguration/ 100 KB
100 KB 162ms
162ms XHR
application/json 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/AbpUserConfiguration/GetAll

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/polyfills.b1228405f30c3615e3ac.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

8632e1bd06b240c8d2550966e5abbfa1c26121c55ac1025511691a011e8e0d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Abp.TenantId: null
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Referer: https://profilemanager.response-element.com/app/main/home-bu
.AspNetCore.Culture: c=null|uic=null
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

Pragma: no-cache
Date: Tue, 10 Mar 2020 10:32:47 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK style.bundle.css
profilemanager.response-element.com/assets/metronic/dist/html/default/assets/demo/default/base/ 1 MB
1 MB 126ms
126ms Stylesheet
text/css 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/assets/metronic/dist/html/default/assets/demo/default/base/style.bundle.css

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/scripts.f6854887d3998eba0ad8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

1f4c27aada8f1ffb454d993e3ed1687590292ca1075443b16c774ea9b500ff93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 10 Mar 2020 10:32:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 14:10:38 GMT
ETag: "1d5e8c0b10d3d33"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1457715
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK primeng.datatable.css
profilemanager.response-element.com/assets/primeng/datatable/css/ 5 KB
5 KB 126ms
126ms Stylesheet
text/css 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/assets/primeng/datatable/css/primeng.datatable.css

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/scripts.f6854887d3998eba0ad8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

e5e216ababa1b5afdd989b7b3464ea6467c03b8b79206359f13af7cf5bea7580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 10 Mar 2020 10:32:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 14:10:34 GMT
ETag: "1d5e8c0aeb8bb18"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4632
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK primeng.datatable.css
profilemanager.response-element.com/assets/common/styles/themes/default/ 2 KB
2 KB 110ms
109ms Stylesheet
text/css 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/assets/common/styles/themes/default/primeng.datatable.css

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/scripts.f6854887d3998eba0ad8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

294f01b49817df6508afce64f5879960ac8f54da4508c02216045506639a7fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 10 Mar 2020 10:32:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 14:10:34 GMT
ETag: "1d5e8c0aeb8aff5"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1781
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK metronic-customize.css
profilemanager.response-element.com/assets/common/styles/ 4 KB
4 KB 117ms
117ms Stylesheet
text/css 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/assets/common/styles/metronic-customize.css

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/scripts.f6854887d3998eba0ad8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

183b27348566637eebd64e84b5cb83d0daa0f3eec7037fcc42db772128c154f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 10 Mar 2020 10:32:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 14:10:34 GMT
ETag: "1d5e8c0aeb8a68a"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 3978
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK metronic-customize.css
profilemanager.response-element.com/assets/common/styles/themes/default/ 6 KB
7 KB 142ms
141ms Stylesheet
text/css 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/assets/common/styles/themes/default/metronic-customize.css

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/scripts.f6854887d3998eba0ad8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

d877f1e9fb6b86155f313b92e2ff7eac66d7212a0d24a175ea2f09e08f648499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 10 Mar 2020 10:32:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 14:10:34 GMT
ETag: "1d5e8c0aeb8b1f4"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 6388
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK metronic-customize-angular.css
profilemanager.response-element.com/assets/common/styles/ 205 B
494 B 220ms
110ms Stylesheet
text/css 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/assets/common/styles/metronic-customize-angular.css

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/scripts.f6854887d3998eba0ad8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

4223d24d52ad630779faf2a3cddbf82a34a4c8e52f23ca5e36158ae2d43c43f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 10 Mar 2020 10:32:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 14:10:34 GMT
ETag: "1d5e8c0aeb8a9cd"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 205
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK metronic-customize-angular.css
profilemanager.response-element.com/assets/common/styles/themes/default/ 205 B
494 B 233ms
114ms Stylesheet
text/css 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/assets/common/styles/themes/default/metronic-customize-angular.css

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/scripts.f6854887d3998eba0ad8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

4223d24d52ad630779faf2a3cddbf82a34a4c8e52f23ca5e36158ae2d43c43f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 10 Mar 2020 10:32:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 14:10:34 GMT
ETag: "1d5e8c0aeb8a9cd"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 205
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK metronic-customize-top-menu.css
profilemanager.response-element.com/assets/common/styles/ 4 KB
4 KB 246ms
119ms Stylesheet
text/css 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/assets/common/styles/metronic-customize-top-menu.css

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/scripts.f6854887d3998eba0ad8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

f19bf170803b32b8e37ba64a9212ef56b97a993d2c1e7e05221e622f6bf399c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 10 Mar 2020 10:32:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 14:10:34 GMT
ETag: "1d5e8c0aeb8b91b"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4123
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK metronic-customize-top-menu.css
profilemanager.response-element.com/assets/common/styles/themes/default/ 2 KB
3 KB 260ms
116ms Stylesheet
text/css 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/assets/common/styles/themes/default/metronic-customize-top-menu.css

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/scripts.f6854887d3998eba0ad8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

f5ce845a1be6ce4807fd82d488a42f3d14b2e516f4779d28be64f9a0b5b15f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 10 Mar 2020 10:32:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 14:10:34 GMT
ETag: "1d5e8c0aeb8a0e3"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2531
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK GetCurrentLoginInformations Show response
profilemanager.response-element.com/api/services/app/Session/ 211 B
531 B 346ms
130ms XHR
application/json 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/api/services/app/Session/GetCurrentLoginInformations

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/polyfills.b1228405f30c3615e3ac.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

68d50492dd6b4356182de4b2f37bdfa8c97037778cb6cc0535c9a6f992cee6ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json
Accept: application/json
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Referer: https://profilemanager.response-element.com/app/main/home-bu
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

Pragma: no-cache
Date: Tue, 10 Mar 2020 10:32:47 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK 855.7d471c3d3d05a16e6358.js Show response
profilemanager.response-element.com/ 1 KB
2 KB 111ms
111ms Script
application/javascript 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/855.7d471c3d3d05a16e6358.js

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/runtime.37d4fcd8f4eb1264a4f4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

e47bc07fa4c1496ca1e8515383d546f4a48721870238b3522fb48918759ceba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 10 Mar 2020 10:32:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 14:10:32 GMT
ETag: "1d5e8c0ad87790f"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1295
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 0.30a6d266d9f0b19d4f90.js Show response
profilemanager.response-element.com/ 30 KB
31 KB 110ms
110ms Script
application/javascript 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/0.30a6d266d9f0b19d4f90.js

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/runtime.37d4fcd8f4eb1264a4f4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

e2b438d17f76bb4bb61f6e1d497a587fd5a1387dc3c70208e3ac8ee96802d0f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 10 Mar 2020 10:32:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 14:10:32 GMT
ETag: "1d5e8c0ad870507"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 30983
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1051.53c5d216ee89f9ac8c41.js Show response
profilemanager.response-element.com/ 2 MB
2 MB 129ms
128ms Script
application/javascript 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/1051.53c5d216ee89f9ac8c41.js

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/runtime.37d4fcd8f4eb1264a4f4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

92b9a9b7ad7e2bc9d171fc2b30823913c06a5f3775332d2eebec23d71564c5b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profilemanager.response-element.com/app/main/home-bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 10 Mar 2020 10:32:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Feb 2020 14:10:32 GMT
ETag: "1d5e8c0ad99b477"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2017399
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK GetNopExternalAuthUrl
profilemanager.response-element.com/api/services/app/Sso/ 200 B
520 B 143ms
142ms XHR
application/json 198.12.26.106
CURTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://profilemanager.response-element.com/api/services/app/Sso/GetNopExternalAuthUrl

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/polyfills.b1228405f30c3615e3ac.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

198.12.26.106 , United States, ASN393851 (CURTIS, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json
Accept: application/json
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Referer: https://profilemanager.response-element.com/app/main/home-bu
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

Pragma: no-cache
Date: Tue, 10 Mar 2020 10:32:51 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1

200
OK

Primary Request

Cookie set SSO.saml2 Show response
federation.usbank.com/idp/
Redirect Chain

https://marketingonesource-prod.response-element.com/Plugins/ExternalAuth/ProfilerAuthenticatorWidget?ReturnURL=%2Fapp%2Fmain%2Fhome-bu
https://saml2.response-element.com/AuthServices/SignIn?idp=USBank%3ASAML2.0%3APROD&ReturnUrl=%2fPlugins%2fExternalAuth%2fProfilerAuthenticatorWidget%3fReturnURL%3d%252Fapp%252Fmain%252Fhome-bu&Retu...
https://federation.usbank.com/idp/SSO.saml2?SAMLRequest=lZHBTsMwEETvlfoPlu9JnKRFrZVEiuilUhFSAxy4OfZWtYjt4HUQn08wRdALEtfZeaPZ3QqFGYqRt1M42yO8ToCBvJvBIv%2Ba1HTyljuBGrkVBpAHybv27sCLlPHRu%2BCkG%2Bhv5m9...

3 KB
4 KB

669ms
169ms

Document
text/html

170.135.184.73
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://federation.usbank.com/idp/SSO.saml2?SAMLRequest=lZHBTsMwEETvlfoPlu9JnKRFrZVEiuilUhFSAxy4OfZWtYjt4HUQn08wRdALEtfZeaPZ3QqFGYqRt1M42yO8ToCBvJvBIv%2Ba1HTyljuBGrkVBpAHybv27sCLlPHRu%2BCkG%2Bhv5m9EIIIP2llK9ruaaqXyXKmTWG3KXq7Krehv%2BkLkSm43PcsLtqbkCTzOQE1nfqYQJ9hbDMKGWWIFS1iZ5OwhZ7ws%2BLp8pmQ3r6GtCJE6hzAiz7ITKPBRSyfshX1JpTOZVmPWdfdprE5J%2B13v1lmcDPgO%2FJuW8Hg8%2FCRFb%2BoBx9kECQxgwIYY93nIC4JZK5E2ywUhVSR4rO6bf8ZU2RW9XFyE6681Hw%3D%3D&RelayState=kjTSJ1Mj3HQDPzPKysXeGeTQKj5dqeQgqFAdpzccyLuxEKYKZXVnLerq&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=OO6qEgwkJ9v%2BP06oEtJC3Bz4B4dxuW%2FxSOceYZwKyZfVFk8LegjEKAS4yfp6rVlgn%2BMq%2FNJEQJeluTZVEl0TmJo06qif98CJwW5svQ0erTKALgxiKtziOds%2F5n4iGJpCT1N7No%2Bz2fIfjciJBK8EwK7d8Qn0LittbcDjYVLuFxUBvQXKWsy1W5ck4nExxYtS28Z7lHMPt77KPydVr7WYV8eNnSvfsAW4a6KMOXCwbj8LYk0a400bPRqs3Mia98ZKehBnS0SOjJhbkpKC4r7WqNIX9ykZ%2BLHTfC6q5shnyNcQMopqPuYSWil48Oep16xvb5IE7vOrVQyqSE7CHRmrVA%3D%3D

Requested by

Host: profilemanager.response-element.com
URL: https://profilemanager.response-element.com/main.aaae8f9467e8c2fa7c62.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.73 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

Software

nginx /

Resource Hash

fe32d1d9e8cdeb65757849104052212c1c3211c20a333ce6aa063ef0d46d36d4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .us.bank-dns.com .usbank.com .futureAdvisor.com .box.com .box.net .access-online.com *.elanfinancialservices.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: federation.usbank.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://profilemanager.response-element.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://profilemanager.response-element.com/

Response headers

Server: nginx
Date: Tue, 10 Mar 2020 10:31:38 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3382
Connection: keep-alive
Referrer-Policy: origin
Content-Security-Policy: frame-ancestors 'self' *.us.bank-dns.com *.usbank.com *.futureAdvisor.com *.box.com *.box.net *.access-online.com *.elanfinancialservices.com
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: PF=1WUFV1leiIFTPFBBeTM5Qi92X4k1mbFSPskupusTzFct;Path=/;Secure;HttpOnly
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://federation.usbank.com/idp/SSO.saml2?SAMLRequest=lZHBTsMwEETvlfoPlu9JnKRFrZVEiuilUhFSAxy4OfZWtYjt4HUQn08wRdALEtfZeaPZ3QqFGYqRt1M42yO8ToCBvJvBIv%2Ba1HTyljuBGrkVBpAHybv27sCLlPHRu%2BCkG%2Bhv5m9EIIIP2llK9ruaaqXyXKmTWG3KXq7Krehv%2BkLkSm43PcsLtqbkCTzOQE1nfqYQJ9hbDMKGWWIFS1iZ5OwhZ7ws%2BLp8pmQ3r6GtCJE6hzAiz7ITKPBRSyfshX1JpTOZVmPWdfdprE5J%2B13v1lmcDPgO%2FJuW8Hg8%2FCRFb%2BoBx9kECQxgwIYY93nIC4JZK5E2ywUhVSR4rO6bf8ZU2RW9XFyE6681Hw%3D%3D&RelayState=kjTSJ1Mj3HQDPzPKysXeGeTQKj5dqeQgqFAdpzccyLuxEKYKZXVnLerq&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=OO6qEgwkJ9v%2BP06oEtJC3Bz4B4dxuW%2FxSOceYZwKyZfVFk8LegjEKAS4yfp6rVlgn%2BMq%2FNJEQJeluTZVEl0TmJo06qif98CJwW5svQ0erTKALgxiKtziOds%2F5n4iGJpCT1N7No%2Bz2fIfjciJBK8EwK7d8Qn0LittbcDjYVLuFxUBvQXKWsy1W5ck4nExxYtS28Z7lHMPt77KPydVr7WYV8eNnSvfsAW4a6KMOXCwbj8LYk0a400bPRqs3Mia98ZKehBnS0SOjJhbkpKC4r7WqNIX9ykZ%2BLHTfC6q5shnyNcQMopqPuYSWil48Oep16xvb5IE7vOrVQyqSE7CHRmrVA%3D%3D
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: Kentor.kjTSJ1Mj3HQDPzPKysXeGeTQKj5dqeQgqFAdpzccyLuxEKYKZXVnLerq=alNWT-j8rwUrAoTZyrAwJCp8aDSt_LrLlK2-YO8UXvYtR4ePD1RcVmA7zbNNj2KjNxas2cW6UtkKl_GVrijG37aG-Qz83wgO2E-RMeCwh1EMMndqRtwEVuqyEwAV6O5JU8IwtkKHb7dSJgV20KOxJmi9V7otGQCzLXLsZMiF3DtHa8MLSb8BBPlq-AQRjnlZEGADSXHfq6wJO3EVXAAvAI--gtt2QDqDk4JDoXNys4nfBlUfBvDr9JAChalUINaS; path=/; HttpOnly
X-Powered-By: ASP.NET
Date: Tue, 10 Mar 2020 10:32:53 GMT
Content-Length: 1068

GET
H/1.1 200
OK usb_layout.css
federation.usbank.com/assets/css/ 3 KB
3 KB 125ms
123ms Stylesheet
text/css 170.135.184.73
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://federation.usbank.com/assets/css/usb_layout.css

Requested by

Host: federation.usbank.com
URL: https://federation.usbank.com/idp/SSO.saml2?SAMLRequest=lZHBTsMwEETvlfoPlu9JnKRFrZVEiuilUhFSAxy4OfZWtYjt4HUQn08wRdALEtfZeaPZ3QqFGYqRt1M42yO8ToCBvJvBIv%2Ba1HTyljuBGrkVBpAHybv27sCLlPHRu%2BCkG%2Bhv5m9EIIIP2llK9ruaaqXyXKmTWG3KXq7Krehv%2BkLkSm43PcsLtqbkCTzOQE1nfqYQJ9hbDMKGWWIFS1iZ5OwhZ7ws%2BLp8pmQ3r6GtCJE6hzAiz7ITKPBRSyfshX1JpTOZVmPWdfdprE5J%2B13v1lmcDPgO%2FJuW8Hg8%2FCRFb%2BoBx9kECQxgwIYY93nIC4JZK5E2ywUhVSR4rO6bf8ZU2RW9XFyE6681Hw%3D%3D&RelayState=kjTSJ1Mj3HQDPzPKysXeGeTQKj5dqeQgqFAdpzccyLuxEKYKZXVnLerq&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=OO6qEgwkJ9v%2BP06oEtJC3Bz4B4dxuW%2FxSOceYZwKyZfVFk8LegjEKAS4yfp6rVlgn%2BMq%2FNJEQJeluTZVEl0TmJo06qif98CJwW5svQ0erTKALgxiKtziOds%2F5n4iGJpCT1N7No%2Bz2fIfjciJBK8EwK7d8Qn0LittbcDjYVLuFxUBvQXKWsy1W5ck4nExxYtS28Z7lHMPt77KPydVr7WYV8eNnSvfsAW4a6KMOXCwbj8LYk0a400bPRqs3Mia98ZKehBnS0SOjJhbkpKC4r7WqNIX9ykZ%2BLHTfC6q5shnyNcQMopqPuYSWil48Oep16xvb5IE7vOrVQyqSE7CHRmrVA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.73 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

Software

nginx /

Resource Hash

804e352d352d201497fa3427d83ad2e9f839c653649a812a70eb364e05c3b950

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .us.bank-dns.com .usbank.com .futureAdvisor.com .box.com .box.net .access-online.com *.elanfinancialservices.com

Request headers

Referer: https://federation.usbank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Content-Security-Policy: frame-ancestors 'self' *.us.bank-dns.com *.usbank.com *.futureAdvisor.com *.box.com *.box.net *.access-online.com *.elanfinancialservices.com
Referrer-Policy: origin
Last-Modified: Thu, 20 Sep 2012 18:33:24 GMT
Server: nginx
Date: Tue, 10 Mar 2020 10:31:39 GMT
Content-Type: text/css
Cache-Control: max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 2896

GET
H/1.1 200
OK usb_global.css
federation.usbank.com/assets/css/ 7 KB
8 KB 249ms
124ms Stylesheet
text/css 170.135.184.73
US-BANCORP

General

Check archive.org

Show headers Download Go to

Full URL

https://federation.usbank.com/assets/css/usb_global.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.73 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

Software

nginx /

Resource Hash

3315b2bf87107866501ac934df681bc18968425c6fd55bd2b2e4464e5bf427dd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .us.bank-dns.com .usbank.com .futureAdvisor.com .box.com .box.net .access-online.com *.elanfinancialservices.com

Request headers

Referer: https://federation.usbank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Content-Security-Policy: frame-ancestors 'self' *.us.bank-dns.com *.usbank.com *.futureAdvisor.com *.box.com *.box.net *.access-online.com *.elanfinancialservices.com
Referrer-Policy: origin
Last-Modified: Thu, 20 Sep 2012 15:51:16 GMT
Server: nginx
Date: Tue, 10 Mar 2020 10:31:39 GMT
Content-Type: text/css
Cache-Control: max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 7650

GET
H/1.1 404
Not Found usb_usbank_logo.gif
federation.usbank.com/idp/assets/images/ 2 KB
2 KB 347ms
119ms Image
text/html 170.135.184.73
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://federation.usbank.com/idp/assets/images/usb_usbank_logo.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.73 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

Software

nginx /

Resource Hash

6e5c1cbbc0871183d55f1ffa6341006e7b2a1c9f5661b9d71b3957b9f78ea276

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .us.bank-dns.com .usbank.com .futureAdvisor.com .box.com .box.net .access-online.com *.elanfinancialservices.com

Request headers

Referer: https://federation.usbank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Content-Security-Policy: frame-ancestors 'self' *.us.bank-dns.com *.usbank.com *.futureAdvisor.com *.box.com *.box.net *.access-online.com *.elanfinancialservices.com
Referrer-Policy: origin
Server: nginx
Date: Tue, 10 Mar 2020 10:31:39 GMT
Content-Type: text/html;charset=utf-8
Cache-Control: must-revalidate,no-cache,no-store
Connection: keep-alive
Content-Length: 1737
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 404
Not Found usb_banner1.gif
federation.usbank.com/idp/assets/images/ 2 KB
2 KB 363ms
130ms Image
text/html 170.135.184.73
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://federation.usbank.com/idp/assets/images/usb_banner1.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.73 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

Software

nginx /

Resource Hash

6e5c1cbbc0871183d55f1ffa6341006e7b2a1c9f5661b9d71b3957b9f78ea276

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .us.bank-dns.com .usbank.com .futureAdvisor.com .box.com .box.net .access-online.com *.elanfinancialservices.com

Request headers

Referer: https://federation.usbank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Content-Security-Policy: frame-ancestors 'self' *.us.bank-dns.com *.usbank.com *.futureAdvisor.com *.box.com *.box.net *.access-online.com *.elanfinancialservices.com
Referrer-Policy: origin
Server: nginx
Date: Tue, 10 Mar 2020 10:31:39 GMT
Content-Type: text/html;charset=utf-8
Cache-Control: must-revalidate,no-cache,no-store
Connection: keep-alive
Content-Length: 1737
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 404
Not Found usb_banner2.gif
federation.usbank.com/idp/assets/images/ 2 KB
2 KB 365ms
125ms Image
text/html 170.135.184.73
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://federation.usbank.com/idp/assets/images/usb_banner2.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.73 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

Software

nginx /

Resource Hash

6e5c1cbbc0871183d55f1ffa6341006e7b2a1c9f5661b9d71b3957b9f78ea276

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .us.bank-dns.com .usbank.com .futureAdvisor.com .box.com .box.net .access-online.com *.elanfinancialservices.com

Request headers

Referer: https://federation.usbank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Content-Security-Policy: frame-ancestors 'self' *.us.bank-dns.com *.usbank.com *.futureAdvisor.com *.box.com *.box.net *.access-online.com *.elanfinancialservices.com
Referrer-Policy: origin
Server: nginx
Date: Tue, 10 Mar 2020 10:31:39 GMT
Content-Type: text/html;charset=utf-8
Cache-Control: must-revalidate,no-cache,no-store
Connection: keep-alive
Content-Length: 1737
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 404
Not Found usb_NoLogoff.gif
federation.usbank.com/idp/assets/images/ 2 KB
2 KB 372ms
127ms Image
text/html 170.135.184.73
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://federation.usbank.com/idp/assets/images/usb_NoLogoff.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.73 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

Software

nginx /

Resource Hash

6e5c1cbbc0871183d55f1ffa6341006e7b2a1c9f5661b9d71b3957b9f78ea276

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .us.bank-dns.com .usbank.com .futureAdvisor.com .box.com .box.net .access-online.com *.elanfinancialservices.com

Request headers

Referer: https://federation.usbank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Content-Security-Policy: frame-ancestors 'self' *.us.bank-dns.com *.usbank.com *.futureAdvisor.com *.box.com *.box.net *.access-online.com *.elanfinancialservices.com
Referrer-Policy: origin
Server: nginx
Date: Tue, 10 Mar 2020 10:31:39 GMT
Content-Type: text/html;charset=utf-8
Cache-Control: must-revalidate,no-cache,no-store
Connection: keep-alive
Content-Length: 1737
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 404
Not Found usb_swoosh_nav.gif
federation.usbank.com/idp/assets/images/ 2 KB
2 KB 254ms
129ms Image
text/html 170.135.184.73
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://federation.usbank.com/idp/assets/images/usb_swoosh_nav.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.73 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

Software

nginx /

Resource Hash

6e5c1cbbc0871183d55f1ffa6341006e7b2a1c9f5661b9d71b3957b9f78ea276

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .us.bank-dns.com .usbank.com .futureAdvisor.com .box.com .box.net .access-online.com *.elanfinancialservices.com

Request headers

Referer: https://federation.usbank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Content-Security-Policy: frame-ancestors 'self' *.us.bank-dns.com *.usbank.com *.futureAdvisor.com *.box.com *.box.net *.access-online.com *.elanfinancialservices.com
Referrer-Policy: origin
Server: nginx
Date: Tue, 10 Mar 2020 10:31:39 GMT
Content-Type: text/html;charset=utf-8
Cache-Control: must-revalidate,no-cache,no-store
Connection: keep-alive
Content-Length: 1737
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 404
Not Found usb_swoosh_footer.gif
federation.usbank.com/idp/assets/images/ 2 KB
2 KB 122ms
122ms Image
text/html 170.135.184.73
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://federation.usbank.com/idp/assets/images/usb_swoosh_footer.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.73 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

Software

nginx /

Resource Hash

6e5c1cbbc0871183d55f1ffa6341006e7b2a1c9f5661b9d71b3957b9f78ea276

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .us.bank-dns.com .usbank.com .futureAdvisor.com .box.com .box.net .access-online.com *.elanfinancialservices.com

Request headers

Referer: https://federation.usbank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Content-Security-Policy: frame-ancestors 'self' *.us.bank-dns.com *.usbank.com *.futureAdvisor.com *.box.com *.box.net *.access-online.com *.elanfinancialservices.com
Referrer-Policy: origin
Server: nginx
Date: Tue, 10 Mar 2020 10:31:39 GMT
Content-Type: text/html;charset=utf-8
Cache-Control: must-revalidate,no-cache,no-store
Connection: keep-alive
Content-Length: 1737
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK usb_usbank_logo.gif
federation.usbank.com/assets/images/ 937 B
1 KB 251ms
127ms Image
image/gif 170.135.184.73
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://federation.usbank.com/assets/images/usb_usbank_logo.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.73 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

Software

nginx /

Resource Hash

4d0cf9b05904bdc160d5c63a1b0e8f8cffb65e6681882dd5052fc402c84b6c9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .us.bank-dns.com .usbank.com .futureAdvisor.com .box.com .box.net .access-online.com *.elanfinancialservices.com

Request headers

Referer: https://federation.usbank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Content-Security-Policy: frame-ancestors 'self' *.us.bank-dns.com *.usbank.com *.futureAdvisor.com *.box.com *.box.net *.access-online.com *.elanfinancialservices.com
Referrer-Policy: origin
Last-Modified: Thu, 01 Sep 2011 12:16:14 GMT
Server: nginx
Date: Tue, 10 Mar 2020 10:31:39 GMT
Content-Type: image/gif
Cache-Control: max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 937

GET
H/1.1 200
OK usb_banner1.gif
federation.usbank.com/assets/images/ 6 KB
6 KB 235ms
124ms Image
image/gif 170.135.184.73
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://federation.usbank.com/assets/images/usb_banner1.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.73 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

Software

nginx /

Resource Hash

eaa9b670dc18316a988fe59dab492b7a955bbef7370c08fa2acfa6a9876cef8d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .us.bank-dns.com .usbank.com .futureAdvisor.com .box.com .box.net .access-online.com *.elanfinancialservices.com

Request headers

Referer: https://federation.usbank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Content-Security-Policy: frame-ancestors 'self' *.us.bank-dns.com *.usbank.com *.futureAdvisor.com *.box.com *.box.net *.access-online.com *.elanfinancialservices.com
Referrer-Policy: origin
Last-Modified: Thu, 01 Sep 2011 12:16:14 GMT
Server: nginx
Date: Tue, 10 Mar 2020 10:31:39 GMT
Content-Type: image/gif
Cache-Control: max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 6085

GET
H/1.1 200
OK usb_banner2.gif
federation.usbank.com/assets/images/ 829 B
1 KB 327ms
117ms Image
image/gif 170.135.184.73
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://federation.usbank.com/assets/images/usb_banner2.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.73 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

Software

nginx /

Resource Hash

335d868df7b063d4cd03f8834dbed12402c23d59f4e18dd10f8786f8f911a1c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .us.bank-dns.com .usbank.com .futureAdvisor.com .box.com .box.net .access-online.com *.elanfinancialservices.com

Request headers

Referer: https://federation.usbank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Content-Security-Policy: frame-ancestors 'self' *.us.bank-dns.com *.usbank.com *.futureAdvisor.com *.box.com *.box.net *.access-online.com *.elanfinancialservices.com
Referrer-Policy: origin
Last-Modified: Thu, 01 Sep 2011 12:16:14 GMT
Server: nginx
Date: Tue, 10 Mar 2020 10:31:39 GMT
Content-Type: image/gif
Cache-Control: max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 829

GET
H/1.1 200
OK usb_NoLogoff.gif
federation.usbank.com/assets/images/ 197 B
620 B 210ms
118ms Image
image/gif 170.135.184.73
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://federation.usbank.com/assets/images/usb_NoLogoff.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.73 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

Software

nginx /

Resource Hash

5abd629946891e4ed77c985d3504d8ae945541e775807a0a180002e1d09dbd75

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .us.bank-dns.com .usbank.com .futureAdvisor.com .box.com .box.net .access-online.com *.elanfinancialservices.com

Request headers

Referer: https://federation.usbank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Content-Security-Policy: frame-ancestors 'self' *.us.bank-dns.com *.usbank.com *.futureAdvisor.com *.box.com *.box.net *.access-online.com *.elanfinancialservices.com
Referrer-Policy: origin
Last-Modified: Thu, 01 Sep 2011 12:16:14 GMT
Server: nginx
Date: Tue, 10 Mar 2020 10:31:39 GMT
Content-Type: image/gif
Cache-Control: max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 197

GET
H/1.1 200
OK usb_swoosh_nav.gif
federation.usbank.com/assets/images/ 333 B
756 B 240ms
122ms Image
image/gif 170.135.184.73
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://federation.usbank.com/assets/images/usb_swoosh_nav.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.73 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

Software

nginx /

Resource Hash

ab8e2bdafccba5818f444d84fade6a459799819124734e8c9e2b9e8e6b6460a4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .us.bank-dns.com .usbank.com .futureAdvisor.com .box.com .box.net .access-online.com *.elanfinancialservices.com

Request headers

Referer: https://federation.usbank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Content-Security-Policy: frame-ancestors 'self' *.us.bank-dns.com *.usbank.com *.futureAdvisor.com *.box.com *.box.net *.access-online.com *.elanfinancialservices.com
Referrer-Policy: origin
Last-Modified: Thu, 01 Sep 2011 12:16:14 GMT
Server: nginx
Date: Tue, 10 Mar 2020 10:31:39 GMT
Content-Type: image/gif
Cache-Control: max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 333

GET
H/1.1 200
OK usb_swoosh_footer.gif
federation.usbank.com/assets/images/ 299 B
722 B 243ms
126ms Image
image/gif 170.135.184.73
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://federation.usbank.com/assets/images/usb_swoosh_footer.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.73 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

Software

nginx /

Resource Hash

ad39c8bc7084ae3869c1278615389da76be12e2b43748e9e25bc2196e9fa0d39

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .us.bank-dns.com .usbank.com .futureAdvisor.com .box.com .box.net .access-online.com *.elanfinancialservices.com

Request headers

Referer: https://federation.usbank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Content-Security-Policy: frame-ancestors 'self' *.us.bank-dns.com *.usbank.com *.futureAdvisor.com *.box.com *.box.net *.access-online.com *.elanfinancialservices.com
Referrer-Policy: origin
Last-Modified: Thu, 01 Sep 2011 12:16:14 GMT
Server: nginx
Date: Tue, 10 Mar 2020 10:31:39 GMT
Content-Type: image/gif
Cache-Control: max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 299

GET
H/1.1 200
OK usb_banner_pad.gif
federation.usbank.com/assets/images/ 179 B
602 B 229ms
121ms Image
image/gif 170.135.184.73
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://federation.usbank.com/assets/images/usb_banner_pad.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.184.73 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

Software

nginx /

Resource Hash

629c002bde4226d2bea8085ddbb826e498121ed29ee9bb0d9556c6dd36d82f5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .us.bank-dns.com .usbank.com .futureAdvisor.com .box.com .box.net .access-online.com *.elanfinancialservices.com

Request headers

Referer: https://federation.usbank.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Content-Security-Policy: frame-ancestors 'self' *.us.bank-dns.com *.usbank.com *.futureAdvisor.com *.box.com *.box.net *.access-online.com *.elanfinancialservices.com
Referrer-Policy: origin
Last-Modified: Thu, 01 Sep 2011 12:16:14 GMT
Server: nginx
Date: Tue, 10 Mar 2020 10:31:39 GMT
Content-Type: image/gif
Cache-Control: max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 179

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			federation.usbank.com/	1969-12-31 23:59:59	Name: PF Value: 1WUFV1leiIFTPFBBeTM5Qi92X4k1mbFSPskupusTzFct

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://profilemanager.response-element.com/main.aaae8f9467e8c2fa7c62.js(Line 1) Message: ERROR Error: Uncaught (in promise): Error: No available storage method found. Error: No available storage method found. at https://profilemanager.response-element.com/main.aaae8f9467e8c2fa7c62.js:1:2854131 at t.invoke (https://profilemanager.response-element.com/polyfills.b1228405f30c3615e3ac.js:1:8064) at Object.onInvoke (https://profilemanager.response-element.com/main.aaae8f9467e8c2fa7c62.js:1:565539) at t.invoke (https://profilemanager.response-element.com/polyfills.b1228405f30c3615e3ac.js:1:8004) at e.run (https://profilemanager.response-element.com/polyfills.b1228405f30c3615e3ac.js:1:3241) at https://profilemanager.response-element.com/polyfills.b1228405f30c3615e3ac.js:1:14488 at t.invokeTask (https://profilemanager.response-element.com/polyfills.b1228405f30c3615e3ac.js:1:8748) at Object.onInvokeTask (https://profilemanager.response-element.com/main.aaae8f9467e8c2fa7c62.js:1:565451) at t.invokeTask (https://profilemanager.response-element.com/polyfills.b1228405f30c3615e3ac.js:1:8669) at e.runTask (https://profilemanager.response-element.com/polyfills.b1228405f30c3615e3ac.js:1:3932)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

federation.usbank.com
marketingonesource-prod.response-element.com
profilemanager.response-element.com
saml2.response-element.com
www.googletagmanager.com
170.135.184.73
198.12.26.106
198.12.26.181
198.12.26.33
2a00:1450:4001:81c::2008
183b27348566637eebd64e84b5cb83d0daa0f3eec7037fcc42db772128c154f2
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1f4c27aada8f1ffb454d993e3ed1687590292ca1075443b16c774ea9b500ff93
294f01b49817df6508afce64f5879960ac8f54da4508c02216045506639a7fe5
2ff88155a50993bfd8ffe449fe7dcb7fdfc6e3fa0c3d6cef7dfc2aeed9dd44fc
3315b2bf87107866501ac934df681bc18968425c6fd55bd2b2e4464e5bf427dd
335d868df7b063d4cd03f8834dbed12402c23d59f4e18dd10f8786f8f911a1c0
4223d24d52ad630779faf2a3cddbf82a34a4c8e52f23ca5e36158ae2d43c43f6
4c7f81b8237c3224524741018c0c7f5563108719ebc3940b8c5d9fedb10177db
4d0cf9b05904bdc160d5c63a1b0e8f8cffb65e6681882dd5052fc402c84b6c9c
58166de5cd0b8805e06abe8ced643c5c1f66508b2438110aeae4c35eda8acad2
5abd629946891e4ed77c985d3504d8ae945541e775807a0a180002e1d09dbd75
629c002bde4226d2bea8085ddbb826e498121ed29ee9bb0d9556c6dd36d82f5c
68d50492dd6b4356182de4b2f37bdfa8c97037778cb6cc0535c9a6f992cee6ec
6e5c1cbbc0871183d55f1ffa6341006e7b2a1c9f5661b9d71b3957b9f78ea276
7e8edf23df521fcaaf5a58b136be604fb9702835247ad8fe7464d276a7d597cd
804e352d352d201497fa3427d83ad2e9f839c653649a812a70eb364e05c3b950
8632e1bd06b240c8d2550966e5abbfa1c26121c55ac1025511691a011e8e0d97
92b9a9b7ad7e2bc9d171fc2b30823913c06a5f3775332d2eebec23d71564c5b2
a38118f69002405f154ece2499077fc43938c0ce37b8d6ad0608b17e3c20f991
a8da10cf4380e8652bde62b9985c31fc747d9b3e98d45f2e7b5199f40b175d03
ab8e2bdafccba5818f444d84fade6a459799819124734e8c9e2b9e8e6b6460a4
ad39c8bc7084ae3869c1278615389da76be12e2b43748e9e25bc2196e9fa0d39
d877f1e9fb6b86155f313b92e2ff7eac66d7212a0d24a175ea2f09e08f648499
e2b438d17f76bb4bb61f6e1d497a587fd5a1387dc3c70208e3ac8ee96802d0f2
e47bc07fa4c1496ca1e8515383d546f4a48721870238b3522fb48918759ceba8
e5e216ababa1b5afdd989b7b3464ea6467c03b8b79206359f13af7cf5bea7580
eaa9b670dc18316a988fe59dab492b7a955bbef7370c08fa2acfa6a9876cef8d
ed339887a915c2a172bd7fdd0b930314bdd2e12133954b1c9bd5e6df2ad57e4a
f0c391c42fb2ff925faa7d4e59fe615e581edb85b5d8753dca51a381a86cf6ea
f19bf170803b32b8e37ba64a9212ef56b97a993d2c1e7e05221e622f6bf399c0
f5ce845a1be6ce4807fd82d488a42f3d14b2e516f4779d28be64f9a0b5b15f53
fe32d1d9e8cdeb65757849104052212c1c3211c20a333ce6aa063ef0d46d36d4

federation.usbank.com Open in urlscan Pro 170.135.184.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

39 Requests

100 %HTTPS

20 %IPv6

3 Domains

5 Subdomains

4 IPs

2 Countries

10597 kBTransfer

10632 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

federation.usbank.com Open in urlscan Pro
170.135.184.73 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

20 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

10597 kB
Transfer

10632 kB
Size

1
Cookies

39 HTTP transactions
1 data transactions