165.109.105.45 Open in urlscan Pro
165.109.105.45 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://165.109.105.45/
Effective URL:
https://165.109.105.45/portal-seefx/login.jsp
Submission: On April 07 via manual (April 7th 2022, 8:12:51 am UTC) from IN — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 0 domains to perform 8 HTTP transactions. The main IP is 165.109.105.45, located in United States and belongs to FICO, US. The main domain is 165.109.105.45.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on May 1st 2021. Valid for: a year.

This is the only time 165.109.105.45 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 10	165.109.105.45 165.109.105.45		7926 (FICO) (FICO)
8	1

10 165.109.105.45 (United States) 2 redirects

ASN7926 (FICO, US)
PTR: fts-chi.ficoanalyticcloud.com

165.109.105.45	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	0

	Domain	Requested by
8	0

This site contains no links.

Subject Issuer	Validity	Valid
*.fts.ficoanalyticcloud.com Sectigo RSA Organization Validation Secure Server CA	`2021-05-01` - `2022-05-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://165.109.105.45/portal-seefx/login.jsp
Frame ID: 21C6B01F17B565E09DC2C0136AA4F416
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FICO Analytic Cloud FTS

Page URL History Show full URLs

https://165.109.105.45/ HTTP 302
https://165.109.105.45/portal-seefx/ HTTP 302
https://165.109.105.45/portal-seefx/login.jsp Page URL

Page Statistics

8
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

1
IPs

1
Countries

62 kB
Transfer

47 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://165.109.105.45/ HTTP 302
https://165.109.105.45/portal-seefx/ HTTP 302
https://165.109.105.45/portal-seefx/login.jsp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login.jsp Show response
165.109.105.45/portal-seefx/
Redirect Chain

https://165.109.105.45/
https://165.109.105.45/portal-seefx/
https://165.109.105.45/portal-seefx/login.jsp

8 KB
10 KB

153ms
152ms

Document
text/html

165.109.105.45
FICO

General

Check archive.org

Show headers Download Go to

Full URL

https://165.109.105.45/portal-seefx/login.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

165.109.105.45 , United States, ASN7926 (FICO, US),

Reverse DNS

fts-chi.ficoanalyticcloud.com

Software

SEEBURGER JBossAS /

Resource Hash

c923665079f6024754d0c72fa29564c3698f1ae49183edb2ec7ec901d65d0865

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control: private, no-cache, no-store
Content-Length: 7980
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Content-Type: text/html;charset=UTF-8
Date: Thu, 07 Apr 2022 08:12:46 GMT
Expires: Thu, 07 Apr 2022 08:12:46 GMT
Pragma: no-cache
Server: SEEBURGER JBossAS
Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-XSS-Protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Date: Thu, 07 Apr 2022 08:12:46 GMT
Location: https://165.109.105.45/portal-seefx/login.jsp
Server: SEEBURGER JBossAS
Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK login.css
165.109.105.45/portal-seefx/VAADIN/themes/default/ 5 KB
7 KB 137ms
136ms Stylesheet
text/css 165.109.105.45
FICO

General

Check archive.org

Show headers Download Go to

Full URL

https://165.109.105.45/portal-seefx/VAADIN/themes/default/login.css

Requested by

Host: 165.109.105.45
URL: https://165.109.105.45/portal-seefx/login.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

165.109.105.45 , United States, ASN7926 (FICO, US),

Reverse DNS

fts-chi.ficoanalyticcloud.com

Software

SEEBURGER JBossAS /

Resource Hash

448a36c924035a791eddf030a09e2bd7d3e54ba4211b4d42bfc691f26bf7684c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://165.109.105.45/portal-seefx/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Last-Modified: Sun, 20 Mar 2022 09:09:08 GMT
Server: SEEBURGER JBossAS
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Date: Thu, 07 Apr 2022 08:12:46 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: public
Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Length: 5128
X-XSS-Protection: 1; mode=block
Expires: Thu, 07 Apr 2022 08:12:46 GMT

GET
H/1.1 200
OK login.css
165.109.105.45/portal-seefx/custom/ 904 B
3 KB 275ms
137ms Stylesheet
text/css 165.109.105.45
FICO

General

Check archive.org

Show headers Download Go to

Full URL

https://165.109.105.45/portal-seefx/custom/login.css

Requested by

Host: 165.109.105.45
URL: https://165.109.105.45/portal-seefx/login.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

165.109.105.45 , United States, ASN7926 (FICO, US),

Reverse DNS

fts-chi.ficoanalyticcloud.com

Software

SEEBURGER JBossAS /

Resource Hash

4c30fcc55f32db8843694d0b596ede45ba7c4e288d2f0b8d85648190c4c5ab5c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://165.109.105.45/portal-seefx/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Last-Modified: Sun, 20 Mar 2022 09:09:08 GMT
Server: SEEBURGER JBossAS
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Date: Thu, 07 Apr 2022 08:12:46 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=ISO-8859-1
Cache-Control: public
Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Length: 904
X-XSS-Protection: 1; mode=block
Expires: Thu, 07 Apr 2022 08:12:47 GMT

GET
H/1.1 200
OK mobileLogin.css
165.109.105.45/portal-seefx/VAADIN/themes/default/ 2 KB
4 KB 409ms
150ms Stylesheet
text/css 165.109.105.45
FICO

General

Check archive.org

Show headers Download Go to

Full URL

https://165.109.105.45/portal-seefx/VAADIN/themes/default/mobileLogin.css

Requested by

Host: 165.109.105.45
URL: https://165.109.105.45/portal-seefx/login.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

165.109.105.45 , United States, ASN7926 (FICO, US),

Reverse DNS

fts-chi.ficoanalyticcloud.com

Software

SEEBURGER JBossAS /

Resource Hash

23075ccb8df8eb25c2dc197691de563e41afb80e17d07f09dee24c96e2d04b1e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://165.109.105.45/portal-seefx/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Last-Modified: Sun, 20 Mar 2022 09:09:08 GMT
Server: SEEBURGER JBossAS
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Date: Thu, 07 Apr 2022 08:12:46 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: public
Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Length: 2059
X-XSS-Protection: 1; mode=block
Expires: Thu, 07 Apr 2022 08:12:47 GMT

GET
H/1.1 200
OK background
165.109.105.45/portal-seefx/custom/file/login/header/ 182 B
2 KB 134ms
133ms Image
image/png 165.109.105.45
FICO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://165.109.105.45/portal-seefx/custom/file/login/header/background

Requested by

Host: 165.109.105.45
URL: https://165.109.105.45/portal-seefx/VAADIN/themes/default/login.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

165.109.105.45 , United States, ASN7926 (FICO, US),

Reverse DNS

fts-chi.ficoanalyticcloud.com

Software

SEEBURGER JBossAS /

Resource Hash

7e2eeb8a1099221c540f679c9b4ea7d94c642aacc22fd26bf356f13bded457fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://165.109.105.45/portal-seefx/VAADIN/themes/default/login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Last-Modified: Sun, 20 Mar 2022 09:20:16 GMT
Server: SEEBURGER JBossAS
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Date: Thu, 07 Apr 2022 08:12:46 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public
Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Length: 182
X-XSS-Protection: 1; mode=block
Expires: Thu, 07 Apr 2022 08:12:47 GMT

GET
H/1.1 200
OK logo
165.109.105.45/portal-seefx/custom/file/login/ 12 KB
13 KB 135ms
135ms Image
image/png 165.109.105.45
FICO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://165.109.105.45/portal-seefx/custom/file/login/logo

Requested by

Host: 165.109.105.45
URL: https://165.109.105.45/portal-seefx/VAADIN/themes/default/login.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

165.109.105.45 , United States, ASN7926 (FICO, US),

Reverse DNS

fts-chi.ficoanalyticcloud.com

Software

SEEBURGER JBossAS /

Resource Hash

d1fa175a4bced059b49a01c7abce58da38eca3106380c097000aef5d205131c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://165.109.105.45/portal-seefx/VAADIN/themes/default/login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Last-Modified: Mon, 14 Aug 2017 12:07:52 GMT
Server: SEEBURGER JBossAS
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Date: Thu, 07 Apr 2022 08:12:46 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public
Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Length: 11848
X-XSS-Protection: 1; mode=block
Expires: Thu, 07 Apr 2022 08:12:47 GMT

GET
H/1.1 200
OK background
165.109.105.45/portal-seefx/custom/file/login/ 18 KB
20 KB 268ms
137ms Image
image/png 165.109.105.45
FICO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://165.109.105.45/portal-seefx/custom/file/login/background

Requested by

Host: 165.109.105.45
URL: https://165.109.105.45/portal-seefx/VAADIN/themes/default/login.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

165.109.105.45 , United States, ASN7926 (FICO, US),

Reverse DNS

fts-chi.ficoanalyticcloud.com

Software

SEEBURGER JBossAS /

Resource Hash

0b31bafb40e433f3d21f6b486f206c8a29fa305064509ca129ef9543cfbfe33f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://165.109.105.45/portal-seefx/VAADIN/themes/default/login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Last-Modified: Sun, 20 Mar 2022 09:20:16 GMT
Server: SEEBURGER JBossAS
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Date: Thu, 07 Apr 2022 08:12:46 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public
Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Length: 18650
X-XSS-Protection: 1; mode=block
Expires: Thu, 07 Apr 2022 08:12:47 GMT

GET
H/1.1 200
OK button
165.109.105.45/portal-seefx/custom/file/login/ 1 KB
3 KB 269ms
135ms Image
image/png 165.109.105.45
FICO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://165.109.105.45/portal-seefx/custom/file/login/button

Requested by

Host: 165.109.105.45
URL: https://165.109.105.45/portal-seefx/VAADIN/themes/default/login.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

165.109.105.45 , United States, ASN7926 (FICO, US),

Reverse DNS

fts-chi.ficoanalyticcloud.com

Software

SEEBURGER JBossAS /

Resource Hash

57825d9ef8a18bd01a387af119adfcc1f903d71c535f0ed1ca333d2593694c21

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://165.109.105.45/portal-seefx/VAADIN/themes/default/login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Last-Modified: Sun, 20 Mar 2022 09:20:16 GMT
Server: SEEBURGER JBossAS
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' *.googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: *.youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Date: Thu, 07 Apr 2022 08:12:46 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public
Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Length: 1179
X-XSS-Protection: 1; mode=block
Expires: Thu, 07 Apr 2022 08:12:47 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			165.109.105.45/	1969-12-31 23:59:59	Name: JSESSIONID Value: 7E88547EFFEF293558D1E5E000CADAEA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s.ytimg.com/yts/jsbin/ https://www.google.com/js/; connect-src 'self' .googlevideo.com; style-src 'self' 'unsafe-inline' https://s.ytimg.com/yts/cssbin/; img-src 'self' blob: 'self' data: .youtube.com https://i.ytimg.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' data: https://www.youtube.com; child-src 'self' data: https://www.youtube.com; frame-ancestors 'self'; media-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

165.109.105.45
0b31bafb40e433f3d21f6b486f206c8a29fa305064509ca129ef9543cfbfe33f
23075ccb8df8eb25c2dc197691de563e41afb80e17d07f09dee24c96e2d04b1e
448a36c924035a791eddf030a09e2bd7d3e54ba4211b4d42bfc691f26bf7684c
4c30fcc55f32db8843694d0b596ede45ba7c4e288d2f0b8d85648190c4c5ab5c
57825d9ef8a18bd01a387af119adfcc1f903d71c535f0ed1ca333d2593694c21
7e2eeb8a1099221c540f679c9b4ea7d94c642aacc22fd26bf356f13bded457fd
c923665079f6024754d0c72fa29564c3698f1ae49183edb2ec7ec901d65d0865
d1fa175a4bced059b49a01c7abce58da38eca3106380c097000aef5d205131c4

165.109.105.45 Open in urlscan Pro 165.109.105.45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

0 %HTTPS

0 %IPv6

0 Domains

0 Subdomains

1 IPs

1 Countries

62 kBTransfer

47 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

165.109.105.45 Open in urlscan Pro
165.109.105.45 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

1
IPs

1
Countries

62 kB
Transfer

47 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions