secure.port.se Open in urlscan Pro
217.16.197.193 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.port.se/Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9C...
Submission: On January 13 via manual (January 13th 2021, 9:38:46 am UTC) from SE

Summary HTTP 8 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 217.16.197.193, located in Sweden and belongs to INTERNETBORDER Norra Stationsgatan 93, SE. The main domain is secure.port.se.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on November 28th 2019. Valid for: 2 years.

This is the only time secure.port.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
5	217.16.197.193 217.16.197.193		41175 (INTERNETB...) (INTERNETBORDER Norra Stationsgatan 93)
3	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a		20446 (HIGHWINDS3) (HIGHWINDS3)
8	2

5 217.16.197.193 (Sweden)

ASN41175 (INTERNETBORDER Norra Stationsgatan 93, SE)

secure.port.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	port.se secure.port.se	127 KB
3	jquery.com code.jquery.com	105 KB
8	2

	Domain	Requested by
5	secure.port.se	secure.port.se
3	code.jquery.com	secure.port.se
8	2

This site contains no links.

Subject Issuer	Validity	Valid
*.port.se AlphaSSL CA - SHA256 - G2	`2019-11-28` - `2022-02-12`	2 years	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://secure.port.se/Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9CDED7FBA2815078A6796A12B24C151D
Frame ID: 44A7EA6F68F20234DCC4F3A138775900
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CFML (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.cfm(?:$|\?)/i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Adobe ColdFusion (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.cfm(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

232 kB
Transfer

497 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request s4.cfm Show response secure.port.se/Alphaquest/aqsys/BHAuth/	6 KB 6 KB	176ms 61ms	Document text/html	217.16.197.193 INTERNETBORDER No...
General Check archive.org Show headers Download Go to Full URL https://secure.port.se/Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9CDED7FBA2815078A6796A12B24C151D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.16.197.193 , Sweden, ASN41175 (INTERNETBORDER Norra Stationsgatan 93, SE), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `4fe6b5e92cfe092feed36cf7b54c5b6270980cbf9d1529ac787105b54b454dc1` Request headers :method GET :authority secure.port.se :scheme https :path /Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9CDED7FBA2815078A6796A12B24C151D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers cache-control no-cache, no-store, must-revalidate, private pragma no-cache content-type text/html;charset=UTF-8 expires 0,Tue, 01 Jan 1985 00:00:01 GMT server Microsoft-IIS/10.0 set-cookie CFID=1297749; Expires=Fri, 06-Jan-2051 09:38:25 GMT; Path=/; Secure; HttpOnly CFTOKEN=6b781b91690ef2be-CF0231D9-03C0-A593-81D94AC5BA6E1F10; Expires=Fri, 06-Jan-2051 09:38:25 GMT; Path=/; Secure; HttpOnly date Wed, 13 Jan 2021 09:38:25 GMT content-length 6231
GET H2	200	jquery-ui.css code.jquery.com/ui/1.12.1/themes/smoothness/	36 KB 8 KB	10ms 9ms	Stylesheet text/css	2001:4de0:ac19::1:b:2a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.12.1/themes/smoothness/jquery-ui.css Requested by Host: secure.port.se URL: https://secure.port.se/Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9CDED7FBA2815078A6796A12B24C151D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash `f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702` Request headers Referer https://secure.port.se/Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9CDED7FBA2815078A6796A12B24C151D User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 13 Jan 2021 09:38:27 GMT content-encoding gzip last-modified Wed, 14 Sep 2016 16:34:17 GMT server nginx etag W/"57d97c09-8eb8" vary Accept-Encoding x-hw 1610530707.dop219.fr8.t,1610530707.cds243.fr8.hc,1610530707.cds221.fr8.c content-type text/css access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 8422
GET H2	200	jquery-3.5.0.min.js Show response code.jquery.com/	87 KB 30 KB	23ms 9ms	Script application/javascript	2001:4de0:ac19::1:b:2a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.0.min.js Requested by Host: secure.port.se URL: https://secure.port.se/Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9CDED7FBA2815078A6796A12B24C151D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash `c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4` Request headers Origin https://secure.port.se Referer https://secure.port.se/Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9CDED7FBA2815078A6796A12B24C151D User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 13 Jan 2021 09:38:27 GMT content-encoding gzip last-modified Fri, 10 Apr 2020 15:24:08 GMT server nginx etag W/"5e908f98-15d95" vary Accept-Encoding x-hw 1610530707.dop219.fr8.t,1610530707.cds218.fr8.hc,1610530707.cds139.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30880
GET H2	200	jquery-ui.min.js Show response code.jquery.com/ui/1.12.1/	248 KB 66 KB	29ms 15ms	Script application/javascript	2001:4de0:ac19::1:b:2a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.12.1/jquery-ui.min.js Requested by Host: secure.port.se URL: https://secure.port.se/Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9CDED7FBA2815078A6796A12B24C151D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash `55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5` Request headers Origin https://secure.port.se Referer https://secure.port.se/Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9CDED7FBA2815078A6796A12B24C151D User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 13 Jan 2021 09:38:27 GMT content-encoding gzip last-modified Wed, 14 Sep 2016 16:34:16 GMT server nginx etag W/"57d97c08-3dee4" vary Accept-Encoding x-hw 1610530707.dop219.fr8.t,1610530707.cds218.fr8.hc,1610530707.cds151.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 67751
GET H2	200	klaramolnutan.png secure.port.se/Alphaquest/bilder/loggor/	68 KB 69 KB	45ms 45ms	Image image/png	217.16.197.193 INTERNETBORDER No...
General Check archive.org Show headers Download Go to Show image Full URL https://secure.port.se/Alphaquest/bilder/loggor/klaramolnutan.png Requested by Host: secure.port.se URL: https://secure.port.se/Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9CDED7FBA2815078A6796A12B24C151D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.16.197.193 , Sweden, ASN41175 (INTERNETBORDER Norra Stationsgatan 93, SE), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `4650d423339f2699adf156074309583ccbabe26f8c2188e9cd6b2b0c6f29491c` Request headers Referer https://secure.port.se/Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9CDED7FBA2815078A6796A12B24C151D User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 13 Jan 2021 09:38:25 GMT last-modified Mon, 14 Sep 2020 07:09:59 GMT server Microsoft-IIS/10.0 accept-ranges bytes etag "b48ebe668ad61:0" content-length 70021 content-type image/png
GET H2	200	quest.png secure.port.se/Alphaquest/bilder/actionicons/	49 KB 49 KB	75ms 74ms	Image image/png	217.16.197.193 INTERNETBORDER No...
General Check archive.org Show headers Download Go to Show image Full URL https://secure.port.se/Alphaquest/bilder/actionicons/quest.png Requested by Host: secure.port.se URL: https://secure.port.se/Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9CDED7FBA2815078A6796A12B24C151D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.16.197.193 , Sweden, ASN41175 (INTERNETBORDER Norra Stationsgatan 93, SE), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `d4868c4516b6a017f7096b9fbc78dd41221eb296b8b63686c3f2ceae91b3f87a` Request headers Referer https://secure.port.se/Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9CDED7FBA2815078A6796A12B24C151D User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 13 Jan 2021 09:38:25 GMT last-modified Mon, 14 Sep 2020 07:09:49 GMT server Microsoft-IIS/10.0 accept-ranges bytes etag "56faf8668ad61:0" content-length 49743 content-type image/png
GET H2	200	space.gif secure.port.se/Alphaquest/bilder/	43 B 127 B	66ms 65ms	Image image/gif	217.16.197.193 INTERNETBORDER No...
General Check archive.org Show headers Download Go to Show image Full URL https://secure.port.se/Alphaquest/bilder/space.gif Requested by Host: secure.port.se URL: https://secure.port.se/Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9CDED7FBA2815078A6796A12B24C151D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.16.197.193 , Sweden, ASN41175 (INTERNETBORDER Norra Stationsgatan 93, SE), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363` Request headers Referer https://secure.port.se/Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9CDED7FBA2815078A6796A12B24C151D User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 13 Jan 2021 09:38:25 GMT last-modified Mon, 14 Sep 2020 07:09:47 GMT server Microsoft-IIS/10.0 accept-ranges bytes etag "6f10a17668ad61:0" content-length 43 content-type image/gif
GET H2	200	_captcha_img2579060797427221372.png secure.port.se/CFFileServlet/_cf_captcha/	3 KB 3 KB	66ms 66ms	Image image/png	217.16.197.193 INTERNETBORDER No...
General Check archive.org Show headers Download Go to Show image Full URL https://secure.port.se/CFFileServlet/_cf_captcha/_captcha_img2579060797427221372.png Requested by Host: secure.port.se URL: https://secure.port.se/Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9CDED7FBA2815078A6796A12B24C151D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.16.197.193 , Sweden, ASN41175 (INTERNETBORDER Norra Stationsgatan 93, SE), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `0752cb91283ea736d036eb3d445fb0ecc538dd60a75485d3a2a0e23173e802c1` Request headers Referer https://secure.port.se/Alphaquest/aqsys/BHAuth/s4.cfm?d=%24%3E%5BJ%5BD%40%20%20%0A&n=9CDED7FAED35881AFC85EDD9CF1559ED9CDED7FBA2815078A6796A12B24C151D User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 13 Jan 2021 09:38:25 GMT last-modified Wed, 13 Jan 2021 09:38:25 GMT server Microsoft-IIS/10.0 content-length 2999 content-type image/png

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			secure.port.se/	1970-01-30 14:10:10	Name: CFTOKEN Value: 6b781b91690ef2be-CF0231D9-03C0-A593-81D94AC5BA6E1F10
			secure.port.se/	1970-01-30 14:10:10	Name: CFID Value: 1297749

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
secure.port.se
2001:4de0:ac19::1:b:2a
217.16.197.193
0752cb91283ea736d036eb3d445fb0ecc538dd60a75485d3a2a0e23173e802c1
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
4650d423339f2699adf156074309583ccbabe26f8c2188e9cd6b2b0c6f29491c
4fe6b5e92cfe092feed36cf7b54c5b6270980cbf9d1529ac787105b54b454dc1
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
d4868c4516b6a017f7096b9fbc78dd41221eb296b8b63686c3f2ceae91b3f87a
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702