urlscan.io logo urlscan.io
SecurityTrails logo

portailapprobationweb.cgi.com Open in urlscan Pro
64.254.18.46  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://portailapprobationweb.cgi.com/
Effective URL: https://portailapprobationweb.cgi.com/arsys/shared/login.jsp?/arsys/forms/itsm-sh-prod-ars/Approval+Central/
Submission: On February 02 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 64.254.18.46, located in Laval, Canada and belongs to CGINET-01, CA. The main domain is portailapprobationweb.cgi.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on April 30th 2020. Valid for: 2 years.
This is the only time portailapprobationweb.cgi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 6 64.254.18.46 18563 (CGINET-01)
4 1
Apex Domain
Subdomains		 Transfer
6 cgi.com
portailapprobationweb.cgi.com
239 KB
4 1
Domain Requested by
6 portailapprobationweb.cgi.com 2 redirects portailapprobationweb.cgi.com
4 1

This site contains no links.

Subject Issuer Validity Valid
itsm-sh-prod-mt.cgi.com
Entrust Certification Authority - L1K		 2020-04-30 -
2022-04-30		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://portailapprobationweb.cgi.com/arsys/shared/login.jsp?/arsys/forms/itsm-sh-prod-ars/Approval+Central/
Frame ID: 0DDB213A6A06EADE9981AF5CD34ADB23
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://portailapprobationweb.cgi.com/ HTTP 302
    https://portailapprobationweb.cgi.com/ HTTP 302
    https://portailapprobationweb.cgi.com/arsys/shared/login.jsp?/arsys/forms/itsm-sh-prod-ars/Approval+Central/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

238 kB
Transfer

236 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://portailapprobationweb.cgi.com/ HTTP 302
    https://portailapprobationweb.cgi.com/ HTTP 302
    https://portailapprobationweb.cgi.com/arsys/shared/login.jsp?/arsys/forms/itsm-sh-prod-ars/Approval+Central/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set login.jsp
portailapprobationweb.cgi.com/arsys/shared/
Redirect Chain
  • http://portailapprobationweb.cgi.com/
  • https://portailapprobationweb.cgi.com/
  • https://portailapprobationweb.cgi.com/arsys/shared/login.jsp?/arsys/forms/itsm-sh-prod-ars/Approval+Central/
166 KB
166 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portailapprobationweb.cgi.com/arsys/shared/login.jsp?/arsys/forms/itsm-sh-prod-ars/Approval+Central/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.254.18.46 Laval, Canada, ASN18563 (CGINET-01, CA),
Reverse DNS
46-18-254-64.cognicase.net
Software
/
Resource Hash
c35a22239a83b1d421d44d985d230450afacc1fba50629247143f3facc2398c2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Host
portailapprobationweb.cgi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
NSC_jutn-ti-qspe-nu=ffffffff09f61b3245525d5f4f58455e445a4a423660
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Set-Cookie
JSESSIONID=07CA931D18D4FDFC4FA809B25013B547; Path=/arsys; HttpOnly q=; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
X-XSS-Protection
1;mode=block
CONTENT-SECURITY-POLICY
frame-ancestors 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Cache-Control
no-cache
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Date
Tue, 02 Feb 2021 19:15:50 GMT

Redirect headers

Location
/arsys/shared/login.jsp?/arsys/forms/itsm-sh-prod-ars/Approval+Central/
Content-Length
0
Date
Tue, 02 Feb 2021 19:15:50 GMT
Set-Cookie
NSC_jutn-ti-qspe-nu=ffffffff09f61b3245525d5f4f58455e445a4a423660;path=/;secure;httponly
bootstrap.js
portailapprobationweb.cgi.com/arsys/resources/javascript/9.1.10.001%20202008262332/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portailapprobationweb.cgi.com/arsys/resources/javascript/9.1.10.001%20202008262332/bootstrap.js
Requested by
Host: portailapprobationweb.cgi.com
URL: https://portailapprobationweb.cgi.com/arsys/shared/login.jsp?/arsys/forms/itsm-sh-prod-ars/Approval+Central/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.254.18.46 Laval, Canada, ASN18563 (CGINET-01, CA),
Reverse DNS
46-18-254-64.cognicase.net
Software
/
Resource Hash
e298a0509250746a3ac9ae9fe29c51f2cae674b993070d96c2faaa2ee0254f7c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://portailapprobationweb.cgi.com/arsys/shared/login.jsp?/arsys/forms/itsm-sh-prod-ars/Approval+Central/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 19:15:50 GMT
Via
NS-CACHE-10.0: 133
X-Content-Type-Options
nosniff
Last-Modified
Sun, 16 Feb 2020 06:19:50 GMT
Age
2
Strict-Transport-Security
max-age=31536000; includeSubDomains
Xet-Cookie
Content-Type
application/x-javascript
Cache-Control
max-age=86400 ,public
Compression-Index
0
CONTENT-SECURITY-POLICY
frame-ancestors 'self'
Connection
Keep-Alive
Content-Length
2086
X-XSS-Protection
1;mode=block
Expires
Wed, 03 Feb 2021 19:15:51 GMT
login_logo.gif
portailapprobationweb.cgi.com/arsys/shared/cgi_images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portailapprobationweb.cgi.com/arsys/shared/cgi_images/login_logo.gif
Requested by
Host: portailapprobationweb.cgi.com
URL: https://portailapprobationweb.cgi.com/arsys/shared/login.jsp?/arsys/forms/itsm-sh-prod-ars/Approval+Central/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.254.18.46 Laval, Canada, ASN18563 (CGINET-01, CA),
Reverse DNS
46-18-254-64.cognicase.net
Software
/
Resource Hash
d5318f356b0d28a994136531c2914375b153b761201661e90ab5ab5118a3f25c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://portailapprobationweb.cgi.com/arsys/shared/login.jsp?/arsys/forms/itsm-sh-prod-ars/Approval+Central/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 19:15:50 GMT
Via
NS-CACHE-10.0: 133
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Feb 2014 16:31:02 GMT
Age
2
ETag
W/"1697-1392136262000"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif
Xet-Cookie
CONTENT-SECURITY-POLICY
frame-ancestors 'self'
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1697
X-XSS-Protection
1;mode=block
login_image.jpg
portailapprobationweb.cgi.com/arsys/shared/cgi_images/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portailapprobationweb.cgi.com/arsys/shared/cgi_images/login_image.jpg
Requested by
Host: portailapprobationweb.cgi.com
URL: https://portailapprobationweb.cgi.com/arsys/shared/login.jsp?/arsys/forms/itsm-sh-prod-ars/Approval+Central/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.254.18.46 Laval, Canada, ASN18563 (CGINET-01, CA),
Reverse DNS
46-18-254-64.cognicase.net
Software
/
Resource Hash
78bce3b80d7f4304cf8809c79afe4c9037456668d0bf2faa688ddfe59484b453
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://portailapprobationweb.cgi.com/arsys/shared/login.jsp?/arsys/forms/itsm-sh-prod-ars/Approval+Central/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 19:15:50 GMT
Via
NS-CACHE-10.0: 133
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Feb 2011 13:03:18 GMT
Age
2
ETag
W/"68057-1296738198000"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/jpeg
Xet-Cookie
CONTENT-SECURITY-POLICY
frame-ancestors 'self'
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
68057
X-XSS-Protection
1;mode=block

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| bType function| ARMTGetBrowserTypeString function| isChrome function| ARMTGetBrowserVersionString object| cookies function| getCookie function| loadCookie function| setCookie function| getMode function| getUserPrefThemePath function| getUserPrefTheme function| initBoomr function| setInitialFormState function| getCookieValue function| detectPopupBlockers function| shoeIE8VersionAlert function| addAlert function| initLogin function| setInitialFocus function| loadJS function| clearLogin function| getScrambledPassword function| doLogin function| doSubmit function| doSubmit_sp string| msg string| requrl number| requiredMajorVersion number| requiredMinorVersion number| requiredRevision boolean| isIE boolean| isWin boolean| isOpera function| GetSwfVer function| DetectFlashVer function| detectFlash undefined| fetcher function| runSampleReport function| processRequest function| setFetcher function| createClientCookie function| translate function| translate_dessau function| validateUserID function| setTitle function| doLogin_sp function| clearLogin_sp function| initLogin_sp function| setInitialFocus_sp object| noDstTzs object| dstTzs object| USTzs function| getTimezone

2 Cookies

Domain/Path Name / Value
portailapprobationweb.cgi.com/ Name: NSC_jutn-ti-qspe-nu
Value: ffffffff09f61b3245525d5f4f58455e445a4a423660
portailapprobationweb.cgi.com/arsys Name: JSESSIONID
Value: 07CA931D18D4FDFC4FA809B25013B547

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block