Submitted URL: https://login.waflower.mgsreops.com/
Effective URL: https://login.ccmp.eu/uxlogin/ux/login/
Submission: On October 09 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 45.60.124.199, located in United States and belongs to INCAPSULA, US. The main domain is login.ccmp.eu.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on August 29th 2024. Valid for: a year.
This is the only time login.ccmp.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 7 2606:4700:440... 13335 (CLOUDFLAR...)
13 45.60.124.199 19551 (INCAPSULA)
2 2a00:1450:400... 15169 (GOOGLE)
2 172.217.16.195 15169 (GOOGLE)
20 4
Apex Domain
Subdomains
Transfer
13 ccmp.eu
login.ccmp.eu
464 KB
7 mgsreops.com
login.waflower.mgsreops.com
127 KB
2 gstatic.com
fonts.gstatic.com
36 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
20 4
Domain Requested by
13 login.ccmp.eu login.waflower.mgsreops.com
login.ccmp.eu
7 login.waflower.mgsreops.com 4 redirects login.waflower.mgsreops.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com login.ccmp.eu
20 4

This site contains links to these domains. Also see Links.

Domain
meetmarigold.com
Subject Issuer Validity Valid
login.waflower.mgsreops.com
WE1
2024-09-24 -
2024-12-23
3 months crt.sh
*.ccmp.eu
Sectigo RSA Organization Validation Secure Server CA
2024-08-29 -
2025-08-29
a year crt.sh
upload.video.google.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
*.gstatic.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh

This page contains 1 frames:

Primary Page: https://login.ccmp.eu/uxlogin/ux/login/
Frame ID: 00DB5215319D83E02C4BB9426EF47330
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Marigold Engage+

Page URL History Show full URLs

  1. https://login.waflower.mgsreops.com/ HTTP 302
    https://login.waflower.mgsreops.com/ux/default.aspx Page URL
  2. https://login.waflower.mgsreops.com/ux/ux/login.aspx HTTP 302
    https://login.waflower.mgsreops.com/uxlogin/ux/login.aspx HTTP 302
    https://login.waflower.mgsreops.com/uxlogin/ux/login HTTP 301
    http://login.ccmp.eu/uxlogin/ux/login/ HTTP 307
    https://login.ccmp.eu/uxlogin/ux/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

628 kB
Transfer

1972 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://login.waflower.mgsreops.com/ HTTP 302
    https://login.waflower.mgsreops.com/ux/default.aspx Page URL
  2. https://login.waflower.mgsreops.com/ux/ux/login.aspx HTTP 302
    https://login.waflower.mgsreops.com/uxlogin/ux/login.aspx HTTP 302
    https://login.waflower.mgsreops.com/uxlogin/ux/login HTTP 301
    http://login.ccmp.eu/uxlogin/ux/login/ HTTP 307
    https://login.ccmp.eu/uxlogin/ux/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://login.waflower.mgsreops.com/ HTTP 302
  • https://login.waflower.mgsreops.com/ux/default.aspx

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
default.aspx
login.waflower.mgsreops.com/ux/
Redirect Chain
  • https://login.waflower.mgsreops.com/
  • https://login.waflower.mgsreops.com/ux/default.aspx
3 KB
2 KB
Document
General
Full URL
https://login.waflower.mgsreops.com/ux/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f420a62e08a49490dde06c4a6f33b3fd91f2061a88ef6a58636f547384726ab
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
8d0179ff1a909bee-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 09 Oct 2024 21:31:15 GMT
expires
-1
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
x-frame-options
sameorigin

Redirect headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8d0179fe8a179bee-FRA
content-type
text/html; charset=utf-8
date
Wed, 09 Oct 2024 21:31:15 GMT
location
/ux/default.aspx
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
login.css
login.waflower.mgsreops.com/ui/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://login.waflower.mgsreops.com/ui/css/login.css
Requested by
Host: login.waflower.mgsreops.com
URL: https://login.waflower.mgsreops.com/ux/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6385f7b6763a1d1e633cdf072c4368174b0da22456bdc293091697fa0199ee3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.waflower.mgsreops.com/ux/default.aspx

Response headers

strict-transport-security
max-age=0; includeSubDomains
cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
MISS
etag
W/"0a7d9f9516db1:0"
cf-ray
8d0179ff7b189bee-FRA
expires
Thu, 10 Oct 2024 01:31:15 GMT
date
Wed, 09 Oct 2024 21:31:15 GMT
content-type
text/css
last-modified
Fri, 04 Oct 2024 02:34:46 GMT
vary
Accept-Encoding
server
cloudflare
jquery
login.waflower.mgsreops.com/ux/cassette.axd/script/e149085c77017133a2e737305b01690bc021b976/ux/js/libraries/
438 KB
121 KB
Script
General
Full URL
https://login.waflower.mgsreops.com/ux/cassette.axd/script/e149085c77017133a2e737305b01690bc021b976/ux/js/libraries/jquery
Requested by
Host: login.waflower.mgsreops.com
URL: https://login.waflower.mgsreops.com/ux/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cafb13497d40516822e178cf237932715c53478740bb794401d2e5677519c646
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.waflower.mgsreops.com/ux/default.aspx

Response headers

strict-transport-security
max-age=0; includeSubDomains
cache-control
public
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
"e149085c77017133a2e737305b01690bc021b976"
x-content-type-options
nosniff
cf-ray
8d0179ff7b1a9bee-FRA
expires
Wed, 08 Oct 2025 08:23:49 GMT
content-length
123960
date
Wed, 09 Oct 2024 21:31:15 GMT
content-type
text/javascript
server
cloudflare
x-frame-options
sameorigin
Primary Request /
login.ccmp.eu/uxlogin/ux/login/
Redirect Chain
  • https://login.waflower.mgsreops.com/ux/ux/login.aspx
  • https://login.waflower.mgsreops.com/uxlogin/ux/login.aspx
  • https://login.waflower.mgsreops.com/uxlogin/ux/login
  • http://login.ccmp.eu/uxlogin/ux/login/
  • https://login.ccmp.eu/uxlogin/ux/login/
2 KB
2 KB
Document
General
Full URL
https://login.ccmp.eu/uxlogin/ux/login/
Requested by
Host: login.waflower.mgsreops.com
URL: https://login.waflower.mgsreops.com/ux/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.199 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
cab340d2ac66be1caeabdc81134b9e2b18c52d393a890069f7acaec9719b5a75
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://login.waflower.mgsreops.com/ux/default.aspx
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Wed, 09 Oct 2024 21:31:16 GMT
expires
0
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
DENY
x-iinfo
6-34254923-34254925 NNYN CT(3 49 0) RT(1728509476029 15) q(0 0 0 0) r(1 1) U24

Redirect headers

Location
https://login.ccmp.eu/uxlogin/ux/login/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: login.ccmp.eu
URL: https://login.ccmp.eu/uxlogin/ux/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4dd49d1f89345b2f261ee71d4ce0020ec9abceecf6048b443f3bc4d6386c546f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.ccmp.eu/uxlogin/ux/login/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 09 Oct 2024 21:31:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 21:31:16 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 09 Oct 2024 19:41:38 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
9 KB
817 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,500,700
Requested by
Host: login.ccmp.eu
URL: https://login.ccmp.eu/uxlogin/ux/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0efc4965c1c33cf9bf539db060ef615ed544121d59b01dc0e96c38802a630328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.ccmp.eu/uxlogin/ux/login/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 09 Oct 2024 21:31:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 21:31:16 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 09 Oct 2024 21:31:16 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
main.2c1640f5.chunk.css
login.ccmp.eu/uxlogin/ux/login/static/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://login.ccmp.eu/uxlogin/ux/login/static/css/main.2c1640f5.chunk.css
Requested by
Host: login.ccmp.eu
URL: https://login.ccmp.eu/uxlogin/ux/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.199 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e99a26a7dad8cf82841a3f7f7fe5cfa3c62b0d179604c59e53f5baab47ee1edb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.ccmp.eu/uxlogin/ux/login/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-iinfo
6-34254923-34254925 PNYN RT(1728509476029 111) q(0 0 0 -1) r(0 0) U24
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
etag
"024a24f639db1:0"
x-cdn
Imperva
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
date
Wed, 09 Oct 2024 21:31:16 GMT
content-type
text/css
last-modified
Wed, 18 Sep 2024 00:40:08 GMT
x-frame-options
DENY
2.97000c86.chunk.js
login.ccmp.eu/uxlogin/ux/login/static/js/
1 MB
321 KB
Script
General
Full URL
https://login.ccmp.eu/uxlogin/ux/login/static/js/2.97000c86.chunk.js
Requested by
Host: login.ccmp.eu
URL: https://login.ccmp.eu/uxlogin/ux/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.199 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5700368a8f0f7d634440bc9c5455589e806a4c897114288c0cf51e06248f516b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.ccmp.eu/uxlogin/ux/login/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-iinfo
6-34254923-34254935 NNNN CT(9 3 0) RT(1728509476029 113) q(0 0 0 -1) r(0 0) U24
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
etag
"024a24f639db1:0"
x-cdn
Imperva
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
328120
date
Wed, 09 Oct 2024 21:31:16 GMT
content-type
application/javascript
last-modified
Wed, 18 Sep 2024 00:40:08 GMT
x-frame-options
DENY
main.c2279d71.chunk.js
login.ccmp.eu/uxlogin/ux/login/static/js/
133 KB
29 KB
Script
General
Full URL
https://login.ccmp.eu/uxlogin/ux/login/static/js/main.c2279d71.chunk.js
Requested by
Host: login.ccmp.eu
URL: https://login.ccmp.eu/uxlogin/ux/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.199 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e7b58f77e87e88ddd109fd46bd1a67776ab1d11cb0b953c0805f93ed92a55f84
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.ccmp.eu/uxlogin/ux/login/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-iinfo
6-34254923-34254937 NNNN CT(8 2 0) RT(1728509476029 115) q(0 0 0 -1) r(0 0) U24
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
etag
"024a24f639db1:0"
x-cdn
Imperva
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
29896
date
Wed, 09 Oct 2024 21:31:16 GMT
content-type
application/javascript
last-modified
Wed, 18 Sep 2024 00:40:08 GMT
x-frame-options
DENY
_Incapsula_Resource
login.ccmp.eu/
83 KB
20 KB
Script
General
Full URL
https://login.ccmp.eu/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=489757508
Requested by
Host: login.ccmp.eu
URL: https://login.ccmp.eu/uxlogin/ux/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.199 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
aef097a923845d4a1856a1a707f56050bf4e749d43ef8aeae67eabd6bb45f4bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.ccmp.eu/uxlogin/ux/login/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-robots-tag
noindex
content-security-policy
upgrade-insecure-requests
cache-control
no-cache, no-store
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
content-length
20248
content-type
application/javascript
background.2ea96484.svg
login.ccmp.eu/uxlogin/ux/login/static/media/
3 KB
2 KB
Image
General
Full URL
https://login.ccmp.eu/uxlogin/ux/login/static/media/background.2ea96484.svg
Requested by
Host: login.ccmp.eu
URL: https://login.ccmp.eu/uxlogin/ux/login/static/css/main.2c1640f5.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.199 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e25b6240107aa9adea2387eae95ee40b0d4a7a336dcaf171332cd8d5f29df76e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.ccmp.eu/uxlogin/ux/login/static/css/main.2c1640f5.chunk.css

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-iinfo
6-34254923-34254935 PNYN RT(1728509476029 277) q(0 0 0 -1) r(0 0) U24
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
etag
"024a24f639db1:0"
x-cdn
Imperva
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
date
Wed, 09 Oct 2024 21:31:16 GMT
content-type
image/svg+xml
last-modified
Wed, 18 Sep 2024 00:40:08 GMT
x-frame-options
DENY
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://login.ccmp.eu
Referer
https://fonts.googleapis.com/

Response headers

age
157711
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 01:42:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 01:42:45 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://login.ccmp.eu
Referer
https://fonts.googleapis.com/

Response headers

age
514892
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 03 Oct 2025 22:29:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 22:29:44 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
ccmp-icons.a2289518.woff
login.ccmp.eu/uxlogin/ux/login/static/media/
54 KB
54 KB
Font
General
Full URL
https://login.ccmp.eu/uxlogin/ux/login/static/media/ccmp-icons.a2289518.woff
Requested by
Host: login.ccmp.eu
URL: https://login.ccmp.eu/uxlogin/ux/login/static/css/main.2c1640f5.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.199 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2f25be31737e21f83d2a0f6cc8891565a3786645c97a758ede72b986ec742531
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://login.ccmp.eu
Referer
https://login.ccmp.eu/uxlogin/ux/login/static/css/main.2c1640f5.chunk.css

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-iinfo
6-34254923-34254944 NNNN CT(2 2 0) RT(1728509476029 300) q(0 0 0 -1) r(0 0) U24
content-security-policy
upgrade-insecure-requests
etag
"024a24f639db1:0"
x-cdn
Imperva
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
55036
date
Wed, 09 Oct 2024 21:31:16 GMT
content-type
font/x-woff
last-modified
Wed, 18 Sep 2024 00:40:08 GMT
x-frame-options
DENY
logo-engageplus.e011d648.png
login.ccmp.eu/uxlogin/ux/login/static/media/
16 KB
16 KB
Image
General
Full URL
https://login.ccmp.eu/uxlogin/ux/login/static/media/logo-engageplus.e011d648.png
Requested by
Host: login.ccmp.eu
URL: https://login.ccmp.eu/uxlogin/ux/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.199 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2c705126855a91f88adfdf0898e58d4d0f43c5d0cda6a04f31bfefa9a8859524
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.ccmp.eu/uxlogin/ux/login/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-iinfo
6-34254923-34254935 PNNN RT(1728509476029 294) q(0 0 0 -1) r(0 0) U24
content-security-policy
upgrade-insecure-requests
etag
"024a24f639db1:0"
x-cdn
Imperva
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
15880
date
Wed, 09 Oct 2024 21:31:16 GMT
content-type
image/png
last-modified
Wed, 18 Sep 2024 00:40:08 GMT
x-frame-options
DENY
preloader.40c53657.png
login.ccmp.eu/uxlogin/ux/login/static/media/
14 KB
14 KB
Image
General
Full URL
https://login.ccmp.eu/uxlogin/ux/login/static/media/preloader.40c53657.png
Requested by
Host: login.ccmp.eu
URL: https://login.ccmp.eu/uxlogin/ux/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.199 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
117700132c800e45145f223a87173535b1b4c59a9fbdb10587e19c42435a9480
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.ccmp.eu/uxlogin/ux/login/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-iinfo
6-34254923-34254937 PNNN RT(1728509476029 296) q(0 0 0 -1) r(0 0) U24
content-security-policy
upgrade-insecure-requests
etag
"024a24f639db1:0"
x-cdn
Imperva
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
14357
date
Wed, 09 Oct 2024 21:31:16 GMT
content-type
image/png
last-modified
Wed, 18 Sep 2024 00:40:08 GMT
x-frame-options
DENY
destination
login.ccmp.eu/ux/primarylogin/
57 B
264 B
XHR
General
Full URL
https://login.ccmp.eu/ux/primarylogin/destination?platformId=&uri=&path=
Requested by
Host: login.ccmp.eu
URL: https://login.ccmp.eu/uxlogin/ux/login/static/js/2.97000c86.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.199 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ee714570fc440bb9e528c730eaf3edf38ad84d1ddade048911f546b4d3b24e81
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://login.ccmp.eu/uxlogin/ux/login/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-iinfo
6-34254923-34254925 PNYN RT(1728509476029 298) q(0 0 0 -1) r(0 0) U24
content-security-policy
upgrade-insecure-requests
cache-control
no-cache, no-store
content-encoding
gzip
pragma
no-cache
x-cdn
Imperva
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
-1
date
Wed, 09 Oct 2024 21:31:16 GMT
content-type
application/json; charset=utf-8
x-frame-options
sameorigin
Message
login.ccmp.eu/ux/MarketingPanel/
32 B
147 B
XHR
General
Full URL
https://login.ccmp.eu/ux/MarketingPanel/Message?Language=en
Requested by
Host: login.ccmp.eu
URL: https://login.ccmp.eu/uxlogin/ux/login/static/js/2.97000c86.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.199 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d16c61152bbb1909b0f1b872dddf3bb068bd9525b8e7a7f0b86c5b98b22830ed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://login.ccmp.eu/uxlogin/ux/login/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-iinfo
6-34254923-34254946 NNYN CT(1 1 0) RT(1728509476029 301) q(0 0 0 -1) r(0 0) U24
content-security-policy
upgrade-insecure-requests
cache-control
no-cache, no-store
content-encoding
gzip
pragma
no-cache
x-cdn
Imperva
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
-1
date
Wed, 09 Oct 2024 21:31:16 GMT
content-type
application/json; charset=utf-8
x-frame-options
sameorigin
_Incapsula_Resource
login.ccmp.eu/
1 B
38 B
Image
General
Full URL
https://login.ccmp.eu/_Incapsula_Resource?SWKMTFSR=1&e=0.060890115702588066
Requested by
Host: login.ccmp.eu
URL: https://login.ccmp.eu/uxlogin/ux/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.199 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.ccmp.eu/uxlogin/ux/login/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-robots-tag
noindex
content-security-policy
upgrade-insecure-requests
cache-control
no-cache, no-store
content-length
1
content-type
text/plain
referrer-policy
no-referrer-when-downgrade
favicon.png
login.ccmp.eu/uxlogin/ux/login/
3 KB
3 KB
Other
General
Full URL
https://login.ccmp.eu/uxlogin/ux/login/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.199 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ae0f707fbcba848ed06d67e2dd59ec2e030a22baed45173e8afe54dbecf7c9b0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.ccmp.eu/uxlogin/ux/login/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-iinfo
6-34254923-34254935 PNNN RT(1728509476029 356) q(0 0 0 -1) r(1 1) U24
content-security-policy
upgrade-insecure-requests
etag
"0fde825639db1:0"
x-cdn
Imperva
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
2620
date
Wed, 09 Oct 2024 21:31:16 GMT
content-type
image/png
last-modified
Wed, 18 Sep 2024 00:38:58 GMT
x-frame-options
DENY

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime object| __MUI_STYLES__ number| 2f1acc6c3a606b082e5eef5e54414ffb object| _0x59e4 function| _0x459e object| numberA

13 Cookies

Domain/Path Name / Value
login.waflower.mgsreops.com/ Name: BIGipServer~ccmp~ccmp_pux
Value: !DjkteOrarRpIJFyRWcWB/CHd3cUJbPpsNXxEKAbikHmVgjx+lmj6qLLkLz4VMLKVtD4llRCqg2E6Ruk=
.waflower.mgsreops.com/ Name: __cf_bm
Value: MhlekNrVpzYF6JHDGJKyTFXdo08IorGN3MPqWCYqwBo-1728509475-1.0.1.1-uuTEtIM98hBRoRiklfKDtBMeCKabW32cyLzZG3EDuumPXx4zqNvkR01zz6dauFUyhUwhOIIjIYNKd5rMLARcoQ
login.waflower.mgsreops.com/ Name: ASP.NET_SessionId
Value: y33uzitou1jtd3jsvhh5etn0
login.waflower.mgsreops.com/ Name: xyz_adm_adm_org_user_language_code
Value: de
login.waflower.mgsreops.com/ Name: xyz_adm_adm_org_user_locale_code
Value: en-US
login.waflower.mgsreops.com/ Name: xyz_adm_adm_org_user_time_zone_id
Value: UTC
login.ccmp.eu/ Name: xyz_adm_adm_org_user_language_code
Value: de
login.ccmp.eu/ Name: xyz_adm_adm_org_user_locale_code
Value: en-US
login.ccmp.eu/ Name: xyz_adm_adm_org_user_time_zone_id
Value: UTC
login.ccmp.eu/ Name: BIGipServer~ccmp~ccmp_pux
Value: !UN2Jb5pU5fmS1dyRWcWB/CHd3cUJbE5T3Pd6+K3f/ULhZfQWJNOJEyQJOxRwApqluzIBQMmeru2NTlE=
.ccmp.eu/ Name: visid_incap_1745507
Value: q7swPuTZQR6xynSAFWEOrCT2BmcAAAAAQUIPAAAAAAARyDDeL2SETYg6Wzsi9NF7
.ccmp.eu/ Name: incap_ses_8219_1745507
Value: 4kK0Qg/m51CeL+rgBsEPciT2BmcAAAAAenO81enmcHrZlAk0ckPPMw==
login.ccmp.eu/ Name: ASP.NET_SessionId
Value: nc4oqdvnt3zm2amw1gy0s4dw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
login.ccmp.eu
login.waflower.mgsreops.com
172.217.16.195
2606:4700:4400::ac40:98f5
2a00:1450:4001:812::200a
45.60.124.199
0efc4965c1c33cf9bf539db060ef615ed544121d59b01dc0e96c38802a630328
117700132c800e45145f223a87173535b1b4c59a9fbdb10587e19c42435a9480
2c705126855a91f88adfdf0898e58d4d0f43c5d0cda6a04f31bfefa9a8859524
2f25be31737e21f83d2a0f6cc8891565a3786645c97a758ede72b986ec742531
4dd49d1f89345b2f261ee71d4ce0020ec9abceecf6048b443f3bc4d6386c546f
5700368a8f0f7d634440bc9c5455589e806a4c897114288c0cf51e06248f516b
6f420a62e08a49490dde06c4a6f33b3fd91f2061a88ef6a58636f547384726ab
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
a6385f7b6763a1d1e633cdf072c4368174b0da22456bdc293091697fa0199ee3
ae0f707fbcba848ed06d67e2dd59ec2e030a22baed45173e8afe54dbecf7c9b0
aef097a923845d4a1856a1a707f56050bf4e749d43ef8aeae67eabd6bb45f4bd
cab340d2ac66be1caeabdc81134b9e2b18c52d393a890069f7acaec9719b5a75
cafb13497d40516822e178cf237932715c53478740bb794401d2e5677519c646
d16c61152bbb1909b0f1b872dddf3bb068bd9525b8e7a7f0b86c5b98b22830ed
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e25b6240107aa9adea2387eae95ee40b0d4a7a336dcaf171332cd8d5f29df76e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b58f77e87e88ddd109fd46bd1a67776ab1d11cb0b953c0805f93ed92a55f84
e99a26a7dad8cf82841a3f7f7fe5cfa3c62b0d179604c59e53f5baab47ee1edb
ee714570fc440bb9e528c730eaf3edf38ad84d1ddade048911f546b4d3b24e81