urlscan.io logo urlscan.io
SecurityTrails logo

ttci-cp.deltekenterprise.com Open in urlscan Pro
3.222.83.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://accounting.aar.com/
Effective URL: https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
Submission: On August 26 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 17 HTTP transactions. The main IP is 3.222.83.4, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ttci-cp.deltekenterprise.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 16th 2024. Valid for: a year.
This is the only time ttci-cp.deltekenterprise.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 74.51.210.74 15164 (UPNLLC)
1 13 3.222.83.4 14618 (AMAZON-AES)
3 18.238.80.106 16509 (AMAZON-02)
1 52.43.12.116 16509 (AMAZON-02)
17 4
Apex Domain
Subdomains		 Transfer
13 deltekenterprise.com
ttci-cp.deltekenterprise.com
1017 KB
3 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 6959
174 KB
1 eum-appdynamics.com
pdx-col.eum-appdynamics.com — Cisco Umbrella Rank: 6244
797 B
1 aar.com
accounting.aar.com
279 B
17 4
Domain Requested by
13 ttci-cp.deltekenterprise.com 1 redirects ttci-cp.deltekenterprise.com
cdn.appdynamics.com
3 cdn.appdynamics.com ttci-cp.deltekenterprise.com
cdn.appdynamics.com
1 pdx-col.eum-appdynamics.com cdn.appdynamics.com
1 accounting.aar.com 1 redirects
17 4

This site contains no links.

Subject Issuer Validity Valid
*.deltekenterprise.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-16 -
2025-06-16		 a year crt.sh
*.appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-06-20 -
2025-07-21		 a year crt.sh
*.eum-appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-06-13 -
2025-07-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
Frame ID: 3F1E04CB7FC6816C6E45472A3419E41C
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Costpoint 8

Page URL History Show full URLs

  1. https://accounting.aar.com/ HTTP 301
    https://ttci-cp.deltekenterprise.com/CPWeb HTTP 301
    https://ttci-cp.deltekenterprise.com/CPWeb/ Page URL
  2. https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adrum

Page Statistics

17
Requests

94 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

1191 kB
Transfer

1643 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://accounting.aar.com/ HTTP 301
    https://ttci-cp.deltekenterprise.com/CPWeb HTTP 301
    https://ttci-cp.deltekenterprise.com/CPWeb/ Page URL
  2. https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://accounting.aar.com/ HTTP 301
  • https://ttci-cp.deltekenterprise.com/CPWeb HTTP 301
  • https://ttci-cp.deltekenterprise.com/CPWeb/

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ttci-cp.deltekenterprise.com/CPWeb/
Redirect Chain
  • https://accounting.aar.com/
  • https://ttci-cp.deltekenterprise.com/CPWeb
  • https://ttci-cp.deltekenterprise.com/CPWeb/
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ttci-cp.deltekenterprise.com/CPWeb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.83.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-83-4.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
917be7d591307d0966f6cdd82114c7e5eac201e005dafca5496a56fe76eb8ff0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
2887
content-type
text/html
date
Mon, 26 Aug 2024 12:51:06 GMT
etag
"020928670d4da1:0"
last-modified
Fri, 12 Jul 2024 15:31:12 GMT
server
Microsoft-IIS/10.0
x-robots-tag
noindex

Redirect headers

content-length
166
content-type
text/html; charset=UTF-8
date
Mon, 26 Aug 2024 12:51:05 GMT
location
https://ttci-cp.deltekenterprise.com/CPWeb/
server
Microsoft-IIS/10.0
x-robots-tag
noindex
adrum-latest.js
cdn.appdynamics.com/adrum/ 		119 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum/adrum-latest.js
Requested by
Host: ttci-cp.deltekenterprise.com
URL: https://ttci-cp.deltekenterprise.com/CPWeb/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-106.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7642b27cb76cc34ab04df9ffd5a84a36297cddf20e4a3c797bb3264efb81610b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ttci-cp.deltekenterprise.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 17:43:00 GMT
via
1.1 0d76e6edae5033f18d154191a74f12b6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK52-P5
age
68887
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
121474
last-modified
Wed, 17 Apr 2024 09:59:49 GMT
server
AmazonS3
etag
"d1741ff16b2aae43560bb01538b77293"
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=600
accept-ranges
bytes
x-amz-cf-id
RhONLWRAfWaUCpgqrdhI5ycrJ4GgtvdBp6JgTm-vSqJDHjfHCtY5Uw==
Primary Request cploginform.htm
ttci-cp.deltekenterprise.com/CPWeb/ 		21 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
Requested by
Host: ttci-cp.deltekenterprise.com
URL: https://ttci-cp.deltekenterprise.com/CPWeb/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.83.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-83-4.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
fba8b596a2942e2dd92ab7a88c486a66032f4f6a67d73e2135236996446d4bbf

Request headers

Referer
https://ttci-cp.deltekenterprise.com/CPWeb/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
21371
content-type
text/html
date
Mon, 26 Aug 2024 12:51:06 GMT
etag
"020928670d4da1:0"
last-modified
Fri, 12 Jul 2024 15:31:12 GMT
server
Microsoft-IIS/10.0
x-robots-tag
noindex
adrum-ext.8ad16b8375327e66a32816a8ad7be617.js
cdn.appdynamics.com/ 		54 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.8ad16b8375327e66a32816a8ad7be617.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-106.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ttci-cp.deltekenterprise.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 01:40:23 GMT
via
1.1 0d76e6edae5033f18d154191a74f12b6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK52-P5
age
40244
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
54962
last-modified
Wed, 17 Apr 2024 09:59:48 GMT
server
AmazonS3
etag
"51fc2a7fe901a5a93406bab767b7414e"
vary
Origin
content-type
text/javascript
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
CFGld7Osv5gH7nuaonSum7W1jaVswbMJgnQdAZ3bQxefjrYocmd8ZQ==
adrum-latest.js
cdn.appdynamics.com/adrum/ 		119 KB
439 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum/adrum-latest.js
Requested by
Host: ttci-cp.deltekenterprise.com
URL: https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-106.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7642b27cb76cc34ab04df9ffd5a84a36297cddf20e4a3c797bb3264efb81610b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ttci-cp.deltekenterprise.com/
If-None-Match
"d1741ff16b2aae43560bb01538b77293"
If-Modified-Since
Wed, 17 Apr 2024 09:59:49 GMT
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 17:43:00 GMT
via
1.1 0d76e6edae5033f18d154191a74f12b6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
last-modified
Wed, 17 Apr 2024 09:59:49 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P5
age
68888
x-amz-server-side-encryption
AES256
etag
"d1741ff16b2aae43560bb01538b77293"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
x-amz-cf-id
RPuLetSK4W7mxzo4R4cP_gQgusR2t4kXHdufIpYyezzEhCMxXWwPoA==
cploginform.css
ttci-cp.deltekenterprise.com/CPWeb/ 		64 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.css
Requested by
Host: ttci-cp.deltekenterprise.com
URL: https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.83.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-83-4.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
ecf4764b94d1dd033231aa6e90e54313a13ecc9b5f50fb5cc0faf100d324e1fa

Request headers

Referer
https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 12:51:07 GMT
last-modified
Tue, 25 Jun 2024 08:05:34 GMT
server
Microsoft-IIS/10.0
etag
"05b7574d6c6da1:0"
content-type
text/css
accept-ranges
bytes
x-robots-tag
noindex
content-length
65823
qrcode.min.js
ttci-cp.deltekenterprise.com/CPWeb/ 		19 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ttci-cp.deltekenterprise.com/CPWeb/qrcode.min.js
Requested by
Host: ttci-cp.deltekenterprise.com
URL: https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.83.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-83-4.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
7ce71906192b4a8bb2601599413a8740e9666c99486010fd42cf2a521cd02ff7

Request headers

Referer
https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 12:51:07 GMT
last-modified
Tue, 25 Jun 2024 08:05:40 GMT
server
Microsoft-IIS/10.0
etag
"0e2878d6c6da1:0"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
content-length
19928
Utils.js
ttci-cp.deltekenterprise.com/CPWeb/utils/ 		105 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ttci-cp.deltekenterprise.com/CPWeb/utils/Utils.js
Requested by
Host: ttci-cp.deltekenterprise.com
URL: https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.83.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-83-4.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
17578737f06b8f1052a206e3330d381476a958a56caf49bfd0187013cc475e88

Request headers

Referer
https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 12:51:07 GMT
last-modified
Tue, 25 Jun 2024 08:05:48 GMT
server
Microsoft-IIS/10.0
etag
"096cd7cd6c6da1:0"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
content-length
107778
cploginform.js
ttci-cp.deltekenterprise.com/CPWeb/ 		78 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.js
Requested by
Host: ttci-cp.deltekenterprise.com
URL: https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.83.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-83-4.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
18ad0c711ac9d92d3db2d5ff1d76d9debe9e3f340522493412e4206f5b157d15

Request headers

Referer
https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 12:51:07 GMT
last-modified
Fri, 12 Jul 2024 15:31:12 GMT
server
Microsoft-IIS/10.0
etag
"020928670d4da1:0"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
content-length
79956
customLoginImage.png
ttci-cp.deltekenterprise.com/CPWeb/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ttci-cp.deltekenterprise.com/CPWeb/images/customLoginImage.png
Requested by
Host: ttci-cp.deltekenterprise.com
URL: https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.83.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-83-4.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Referer
https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 12:51:07 GMT
server
Microsoft-IIS/10.0
x-robots-tag
noindex
content-length
1245
content-type
text/html
cploginformImg.css
ttci-cp.deltekenterprise.com/CPWeb/ 		374 KB
374 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ttci-cp.deltekenterprise.com/CPWeb/cploginformImg.css
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.83.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-83-4.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
6f2305bd96251899d00ddfc6e9f1ccfca17a5fce044aff39c81dcac38cb016db

Request headers

Referer
https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 12:51:07 GMT
last-modified
Tue, 25 Jun 2024 08:05:34 GMT
server
Microsoft-IIS/10.0
etag
"05b7574d6c6da1:0"
content-type
text/css
accept-ranges
bytes
x-robots-tag
noindex
content-length
382470
costpointR.css
ttci-cp.deltekenterprise.com/CPWeb/ 		193 KB
194 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ttci-cp.deltekenterprise.com/CPWeb/costpointR.css
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.83.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-83-4.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
33934c9f0fc007a435eef256fd889393f45d4ee5d9b77513b7a20135663aff51

Request headers

Referer
https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 12:51:07 GMT
last-modified
Tue, 25 Jun 2024 08:05:34 GMT
server
Microsoft-IIS/10.0
etag
"05b7574d6c6da1:0"
content-type
text/css
accept-ranges
bytes
x-robots-tag
noindex
content-length
198032
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1d78e5dd567cb2473b8e26472ed49b0aedc3fa88e3659c679e0d2f3cff5e4e0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93830e927fde8be063b9d1b9125da38188ed1896c747d082ba17f5396228d339

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3016291057eb19ef7ad9a437effb9ecca058eab5ec65c9e9c3bf2f53b13202f0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		280 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53e12c5ac7986ce0e21112e3d55af5d719bc1a89ffcde4eadf8f364fcc7b6b5a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
adrum-ext.8ad16b8375327e66a32816a8ad7be617.js
cdn.appdynamics.com/ 		54 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.8ad16b8375327e66a32816a8ad7be617.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5cf8592f9bed352efc158a4675cff7bd24aa338934ed4ed3ec22aa073d9849c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ttci-cp.deltekenterprise.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 01:40:23 GMT
strict-transport-security
max-age=31536000
via
1.1 0d76e6edae5033f18d154191a74f12b6.cloudfront.net (CloudFront)
age
40246
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
54962
last-modified
Wed, 17 Apr 2024 09:59:48 GMT
server
AmazonS3
etag
"51fc2a7fe901a5a93406bab767b7414e"
vary
Origin
content-type
text/javascript
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
Z-6MQRHksl5qRPlffYw3k1UwHRHiHz86IC9LOrg8iqVRm7Ht4JuM0Q==
favicon.ico
ttci-cp.deltekenterprise.com/CPWeb/ 		154 KB
154 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ttci-cp.deltekenterprise.com/CPWeb/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.83.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-83-4.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
8859333168056299e8c5a07da70301f83250510a342ac4832ffeb98a7801661f

Request headers

Referer
https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 12:51:08 GMT
last-modified
Tue, 25 Jun 2024 08:05:34 GMT
server
Microsoft-IIS/10.0
etag
"05b7574d6c6da1:0"
content-type
image/x-icon
accept-ranges
bytes
x-robots-tag
noindex
content-length
157745
LoginServlet.cps
ttci-cp.deltekenterprise.com/CPWeb/ 		162 B
469 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ttci-cp.deltekenterprise.com/CPWeb/LoginServlet.cps
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.83.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-83-4.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
c0c10d955fcc34e6332c51b2225dc6bcd0588b230d1928080a348ac3fe2e34cb

Request headers

Referer
https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
ADRUM
isAjax:true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 26 Aug 2024 12:51:08 GMT
server
Microsoft-IIS/10.0
adrum_0
g:0dc6df75-a518-4467-b9d6-f98f0213fd38
x-oracle-dms-ecid
880f9663-1f5a-4235-acac-372292523484-00007816
adrum_1
n:deltekprod_602852ad-9c07-43f7-9243-7863a63ac684
content-type
text/html; charset=UTF-8
x-oracle-dms-rid
0
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
162
LoginServlet.cps
ttci-cp.deltekenterprise.com/CPWeb/ 		3 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ttci-cp.deltekenterprise.com/CPWeb/LoginServlet.cps
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.83.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-83-4.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
2ac9a6746aca543af8dff39894cfe8173afba21eb01c6fae33d52947222855ef

Request headers

Referer
https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
ADRUM
isAjax:true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 26 Aug 2024 12:51:08 GMT
server
Microsoft-IIS/10.0
adrum_0
g:09881f09-8061-43b2-8c39-895a577456a5
x-oracle-dms-ecid
188e90ac-b776-4283-aa53-9d649b2dbc21-00007acd
adrum_1
n:deltekprod_602852ad-9c07-43f7-9243-7863a63ac684
content-type
text/html; charset=UTF-8
x-oracle-dms-rid
0
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
3
adrum
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABV-WAH/ 		0
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABV-WAH/adrum
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.8ad16b8375327e66a32816a8ad7be617.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.12.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-12-116.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536010; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ttci-cp.deltekenterprise.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Aug 2024 12:51:10 GMT
strict-transport-security
max-age=31536010; includeSubDomains
x-content-type-options
nosniff
server
envoy
vary
*
content-type
text/html
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time
0
access-control-allow-headers
origin, content-type, accept
expires
0

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| adrum-start-time object| adrum-config object| ADRUM boolean| cacheDone boolean| onloadDone function| Get_Cookie function| redirect function| uppercaseUserName function| custImageError object| s object| m object| MP function| getMsg boolean| u2fConditionalMediationAvail boolean| serverConnChecked object| userCheckSent object| userCheckResult function| isOffline function| isLocalStorageSupported boolean| localStorageSupported function| setUpOTP function| getParms function| u2fStartConditionalMediation function| u2fSignConditionalMediationOk function| u2fSignConditionalMediationErr function| Set_Cookie function| getCookie function| initLogin function| changeLang function| changeLanguage function| setLoginFieldCookies function| filterBadChars function| setSmartPhoneCookie function| setTouchCookie function| setPinCookie function| setParms function| destroy object| workflowInfo object| errorMessageDiv function| doReset function| showWaitCursor function| getBrowserType function| offlineLogin function| checkToClearPIN function| startLogin function| srvReqSend function| xhrStateChanged function| processCopyAuthData function| processChangePassword function| processMFA function| processU2FSign function| u2fConfirmDlg function| doU2FSign function| u2fOkCallback function| u2fErrCallback function| processSendRedirectFederated function| processLoginResult function| clearFields function| _clearFields function| enableLoginButton function| updateLoginBtn function| evaluateResult function| hidePIN function| disableForm function| showErrorOnField function| showErrorOnCompany function| showErrorOnSystemField function| showErrorOnUsernameAndPassword function| showErrorNose function| showErrorOnSetupBtn function| showLoginError function| showLoginWarning function| warnOk function| warnCancel function| statusTxt function| copyAuthData function| requestMFA function| showMfaDialog function| MfaOk function| MfaClose function| mfaPaste function| checkMfa function| freezeUI function| showAdditionalCriteria function| showAdditionalInfo function| getObjOffsetLeft function| getObjOffsetTop function| displayLegalDisclaimer function| openQRCode function| doQRCode function| hideError function| predictMainform function| showAutologinCtrls function| showHideSystemField function| getBodyWidth function| getBodyHeight function| switchOffline function| configOffline function| onTouchStart function| checkConnection function| doOnLoad function| showExtFidoHint function| processU2FRegisterByLink function| loadSmartPhoneSyle function| setSmartPhoneWidth function| phoneClick function| pinClick function| stopit function| openHelpPage function| submitOnEnter function| checkOrientation function| showCriteriaKeyPress function| closeCombos function| bodyClickM function| showLoginForm function| showExtraParms function| showLegalMobile function| showInfoMobile function| openQRCodeMobile function| signOnAnotherWay function| checkAuthConfig function| checkUser function| _checkUser function| checkUserKeyDown function| checkUserId function| sendLogoutAndLogin function| sendSessionInvalidate function| processSessionInvalidate function| processLogout function| hideTipBox function| install function| bodyClick function| completeSetupScreen function| inputTextChange function| str2bool function| fetchLoginServlet object| Evt object| FormatMgr object| ChangePswdDlg object| signInDiv function| QRCode object| F object| Dates object| FileDownload object| DigitalDocumentManager function| Log object| Numbers object| Passwords object| Strings object| WebKitDetect function| encode function| encodeLDAP function| encodeMUS function| byteArrayToString number| keySizeInBits number| blockSizeInBits object| roundsArray object| shiftOffsets object| Rcon object| SBox object| SBoxInverse function| cyclicShiftLeft number| Nk number| Nb number| Nr function| xtime function| mult_GF256 function| byteSub function| shiftRow function| mixColumn function| addRoundKey function| keyExpansion function| Round function| InverseRound function| FinalRound function| InverseFinalRound function| encrypt function| decrypt function| byteArrayToHex function| hexToByteArray function| packBytes function| unpackBytes function| formatPlaintext function| getRandomBytes function| encryptNative function| decryptNative function| rijndaelEncrypt function| rijndaelDecrypt object| Sha1 function| SHA1_Hash object| Utf8 object| Sha256 function| PrinterInfo object| RSHTMLUtils object| GlobalData function| loginPageRedirect function| dialogInjector function| HtmlInjector function| cpInput function| cpAlert function| cpConfirm function| showDebug object| LoginCacheMgr function| internalDlg function| BigNumber object| execModeSel

2 Cookies

Domain/Path Name / Value
.deltekenterprise.com/ Name: ADRUM
Value: s~1724676667196&r~aHR0cHMlM0ElMkYlMkZ0dGNpLWNwLmRlbHRla2VudGVycHJpc2UuY29tJTJGQ1BXZWIlMkY=
ttci-cp.deltekenterprise.com/ Name: cpSession
Value: 0

2 Console Messages

Source Level URL
Text
network error URL: https://ttci-cp.deltekenterprise.com/CPWeb/images/customLoginImage.png
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://ttci-cp.deltekenterprise.com/CPWeb/cploginform.htm
Message:
[DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounting.aar.com
cdn.appdynamics.com
pdx-col.eum-appdynamics.com
ttci-cp.deltekenterprise.com
18.238.80.106
3.222.83.4
52.43.12.116
74.51.210.74
17578737f06b8f1052a206e3330d381476a958a56caf49bfd0187013cc475e88
18ad0c711ac9d92d3db2d5ff1d76d9debe9e3f340522493412e4206f5b157d15
2ac9a6746aca543af8dff39894cfe8173afba21eb01c6fae33d52947222855ef
3016291057eb19ef7ad9a437effb9ecca058eab5ec65c9e9c3bf2f53b13202f0
33934c9f0fc007a435eef256fd889393f45d4ee5d9b77513b7a20135663aff51
53e12c5ac7986ce0e21112e3d55af5d719bc1a89ffcde4eadf8f364fcc7b6b5a
5cf8592f9bed352efc158a4675cff7bd24aa338934ed4ed3ec22aa073d9849c6
6f2305bd96251899d00ddfc6e9f1ccfca17a5fce044aff39c81dcac38cb016db
7642b27cb76cc34ab04df9ffd5a84a36297cddf20e4a3c797bb3264efb81610b
7ce71906192b4a8bb2601599413a8740e9666c99486010fd42cf2a521cd02ff7
8859333168056299e8c5a07da70301f83250510a342ac4832ffeb98a7801661f
917be7d591307d0966f6cdd82114c7e5eac201e005dafca5496a56fe76eb8ff0
93830e927fde8be063b9d1b9125da38188ed1896c747d082ba17f5396228d339
c0c10d955fcc34e6332c51b2225dc6bcd0588b230d1928080a348ac3fe2e34cb
d1d78e5dd567cb2473b8e26472ed49b0aedc3fa88e3659c679e0d2f3cff5e4e0
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecf4764b94d1dd033231aa6e90e54313a13ecc9b5f50fb5cc0faf100d324e1fa
fba8b596a2942e2dd92ab7a88c486a66032f4f6a67d73e2135236996446d4bbf