urlscan.io logo urlscan.io
SecurityTrails logo

protect.gmfinancial.com Open in urlscan Pro
44.209.141.169  Public Scan

Go To Rescan Add Verdict Report
URL: https://protect.gmfinancial.com/policyserver/PreClientDownload.do?psp_from_download_link=1&psp_direct_download=1
Submission: On March 14 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 44.209.141.169, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is protect.gmfinancial.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on October 10th 2022. Valid for: a year.
This is the only time protect.gmfinancial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete Seclore Desktop Client.exe
Downloaded from: https://protect.gmfinancial.com/policyserver/DownloadInstaller.do?agent_type=1

Domain & IP information

IP Address AS Autonomous System
7 44.209.141.169 14618 (AMAZON-AES)
7 1
Apex Domain
Subdomains		 Transfer
7 gmfinancial.com
protect.gmfinancial.com
107 KB
7 1
Domain Requested by
7 protect.gmfinancial.com protect.gmfinancial.com
7 1

This site contains no links.

Subject Issuer Validity Valid
protect.gmfinancial.com
Entrust Certification Authority - L1K		 2022-10-10 -
2023-10-31		 a year crt.sh

This page contains 1 frames:

Frame: https://protect.gmfinancial.com/policyserver/DownloadInstaller.do?agent_type=1
Frame ID: CF6B185818BAAD513D6848CBE2A9C095
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Policy Server Portal

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

107 kB
Transfer

104 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request PreClientDownload.do
protect.gmfinancial.com/policyserver/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://protect.gmfinancial.com/policyserver/PreClientDownload.do?psp_from_download_link=1&psp_direct_download=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.141.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-141-169.compute-1.amazonaws.com
Software
Seclore Server /
Resource Hash
0f22063b06167101299b54816b1c3a5a282d0ca4c930d6272c8144f14ea5ed48
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
content-language
de-DE
content-length
3396
content-security-policy
frame-ancestors 'self'
content-type
text/html;charset=utf-8
date
Tue, 14 Mar 2023 20:01:00 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
referrer-policy
no-referrer
server
Seclore Server
strict-transport-security
max-age=31536000;includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-seclore-response-from
Seclore PolicyServer
x-xss-protection
1; mode=block
htmlwrapper.css
protect.gmfinancial.com/policyserver/portal/css/htmlwrapper/ 		730 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://protect.gmfinancial.com/policyserver/portal/css/htmlwrapper/htmlwrapper.css
Requested by
Host: protect.gmfinancial.com
URL: https://protect.gmfinancial.com/policyserver/PreClientDownload.do?psp_from_download_link=1&psp_direct_download=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.141.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-141-169.compute-1.amazonaws.com
Software
Seclore Server /
Resource Hash
012408bc3d6a713bff2fec470bfdb3fa28c8fe3b3ff3a67eee0c71f90f0008dc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 20:01:00 GMT
strict-transport-security
max-age=31536000;includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Fri, 23 Dec 2022 10:46:04 GMT
server
Seclore Server
content-security-policy
frame-ancestors 'self'
x-frame-options
SAMEORIGIN
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
text/css;charset=UTF-8
cache-control
private
accept-ranges
bytes
content-length
730
x-xss-protection
1; mode=block
jquery-3.5.1.min.js
protect.gmfinancial.com/policyserver/portal/js_frameworks/jquery-3.5.1/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://protect.gmfinancial.com/policyserver/portal/js_frameworks/jquery-3.5.1/jquery-3.5.1.min.js
Requested by
Host: protect.gmfinancial.com
URL: https://protect.gmfinancial.com/policyserver/PreClientDownload.do?psp_from_download_link=1&psp_direct_download=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.141.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-141-169.compute-1.amazonaws.com
Software
Seclore Server /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 20:01:00 GMT
strict-transport-security
max-age=31536000;includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Fri, 23 Dec 2022 10:46:06 GMT
server
Seclore Server
content-security-policy
frame-ancestors 'self'
x-frame-options
SAMEORIGIN
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
cache-control
private
accept-ranges
bytes
content-length
89476
x-xss-protection
1; mode=block
generic_error_red_20.png
protect.gmfinancial.com/policyserver/portal/images/ 		571 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protect.gmfinancial.com/policyserver/portal/images/generic_error_red_20.png
Requested by
Host: protect.gmfinancial.com
URL: https://protect.gmfinancial.com/policyserver/PreClientDownload.do?psp_from_download_link=1&psp_direct_download=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.141.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-141-169.compute-1.amazonaws.com
Software
Seclore Server /
Resource Hash
acb6b23d33877463ab50684c348df10f2900e8f42251ee0df1a3f87e620e3188
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 20:01:01 GMT
strict-transport-security
max-age=31536000;includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Fri, 23 Dec 2022 10:46:06 GMT
server
Seclore Server
content-security-policy
frame-ancestors 'self'
x-frame-options
SAMEORIGIN
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
image/png;charset=UTF-8
cache-control
private
accept-ranges
bytes
content-length
571
x-xss-protection
1; mode=block
success_filled_medium.png
protect.gmfinancial.com/policyserver/portal/images/ 		494 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protect.gmfinancial.com/policyserver/portal/images/success_filled_medium.png
Requested by
Host: protect.gmfinancial.com
URL: https://protect.gmfinancial.com/policyserver/PreClientDownload.do?psp_from_download_link=1&psp_direct_download=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.141.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-141-169.compute-1.amazonaws.com
Software
Seclore Server /
Resource Hash
8c4552a7e86363c3c9932beff587c170765543f3aba3bb5c8fa595f5b2634018
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 20:01:01 GMT
strict-transport-security
max-age=31536000;includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Fri, 23 Dec 2022 10:46:06 GMT
server
Seclore Server
content-security-policy
frame-ancestors 'self'
x-frame-options
SAMEORIGIN
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
image/png;charset=UTF-8
cache-control
private
accept-ranges
bytes
content-length
494
x-xss-protection
1; mode=block
logo.gif
protect.gmfinancial.com/policyserver/portal/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protect.gmfinancial.com/policyserver/portal/images/logo.gif
Requested by
Host: protect.gmfinancial.com
URL: https://protect.gmfinancial.com/policyserver/PreClientDownload.do?psp_from_download_link=1&psp_direct_download=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.141.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-141-169.compute-1.amazonaws.com
Software
Seclore Server /
Resource Hash
b0216deed5b557f74c37ba9f003d2e9cbf7d3daa2139967b5101ff526b1eeb4a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 20:01:01 GMT
strict-transport-security
max-age=31536000;includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Wed, 09 Mar 2022 08:20:21 GMT
server
Seclore Server
content-security-policy
frame-ancestors 'self'
x-frame-options
SAMEORIGIN
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
image/gif;charset=UTF-8
cache-control
private
accept-ranges
bytes
content-length
12333
x-xss-protection
1; mode=block
DownloadInstaller.do
protect.gmfinancial.com/policyserver/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://protect.gmfinancial.com/policyserver/DownloadInstaller.do?agent_type=1
Requested by
Host: protect.gmfinancial.com
URL: https://protect.gmfinancial.com/policyserver/PreClientDownload.do?psp_from_download_link=1&psp_direct_download=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.141.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-141-169.compute-1.amazonaws.com
Software
Seclore Server /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
content-disposition
attachment; filename="Seclore Desktop Client.exe"
content-language
de-DE
content-security-policy
frame-ancestors 'self'
content-type
application/octet-stream;charset=utf-8
date
Tue, 14 Mar 2023 20:01:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
referrer-policy
no-referrer
server
Seclore Server
strict-transport-security
max-age=31536000;includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-seclore-response-from
Seclore PolicyServer
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery function| downloadAgent function| resetPage

1 Cookies

Domain/Path Name / Value
protect.gmfinancial.com/policyserver Name: JSESSIONID
Value: E41479B068D332736352D20D0C570FE5.psnode2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block