urlscan.io logo urlscan.io
SecurityTrails logo

fadv.csod.com Open in urlscan Pro
13.225.81.247  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://customerlearningportal.fadv.com/
Effective URL: https://fadv.csod.com/login/render.aspx?id=defaultclp
Submission: On January 11 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 13.225.81.247, located in United States and belongs to AMAZON-02, US. The main domain is fadv.csod.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 7th 2020. Valid for: 2 years.
This is the only time fadv.csod.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 66.77.206.218 209 (CENTURYLI...)
1 5 13.225.81.247 16509 (AMAZON-02)
3 54.177.30.132 16509 (AMAZON-02)
7 3
Apex Domain
Subdomains		 Transfer
8 csod.com
fadv.csod.com
us.api.csod.com — Cisco Umbrella Rank: 32392
2 MB
1 fadv.com
customerlearningportal.fadv.com
216 B
7 2
Domain Requested by
5 fadv.csod.com 1 redirects fadv.csod.com
3 us.api.csod.com fadv.csod.com
us.api.csod.com
1 customerlearningportal.fadv.com 1 redirects
7 3

This site contains no links.

Subject Issuer Validity Valid
*.csod.com
DigiCert SHA2 Secure Server CA		 2020-08-07 -
2022-08-12		 2 years crt.sh
*.api.csod.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-20		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://fadv.csod.com/login/render.aspx?id=defaultclp
Frame ID: 7433C51614ADD45F79C18AD1439495B4
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FA Employee Advantage OnDemand

Page URL History Show full URLs

  1. https://customerlearningportal.fadv.com/ HTTP 301
    https://fadv.csod.com/ HTTP 302
    https://fadv.csod.com/login/render.aspx?id=defaultclp Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

2146 kB
Transfer

2888 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://customerlearningportal.fadv.com/ HTTP 301
    https://fadv.csod.com/ HTTP 302
    https://fadv.csod.com/login/render.aspx?id=defaultclp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request render.aspx
fadv.csod.com/login/
Redirect Chain
  • https://customerlearningportal.fadv.com/
  • https://fadv.csod.com/
  • https://fadv.csod.com/login/render.aspx?id=defaultclp
16 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fadv.csod.com/login/render.aspx?id=defaultclp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.81.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-81-247.fra2.r.cloudfront.net
Software
/
Resource Hash
e421e7efe6a9eabba7b2bf223abdad0f21336f8bf5c6d1ccd878a7c0decd26aa
Security Headers
Name Value
Strict-Transport-Security max-age=156768000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
private
server
x-robots-tag
noindex
true_route
/login/render.aspx
true_status
Ok
correlation_id
bfd35459-37e3-4218-bdcb-1b10a1429d92
s-n
ECWT3002
p3p
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
strict-transport-security
max-age=156768000; includeSubDomains
date
Tue, 11 Jan 2022 17:11:37 GMT
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
La8ej73s-VGipf_CBTGtZJwYYjH_7J6tsSwotMx2Nt_MPKjkS5hnMw==

Redirect headers

content-type
text/html; charset=utf-8
content-length
149
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
location
/login/render.aspx?id=defaultclp
server
x-robots-tag
noindex
x-frame-options
SAMEORIGIN
true_route
/default.aspx
true_status
Ok
correlation_id
3df2d2f9-0c57-4b4a-8fc0-becc18545340
s-n
ECWT3002
p3p
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
strict-transport-security
max-age=156768000; includeSubDomains
date
Tue, 11 Jan 2022 17:11:36 GMT
x-cache
Miss from cloudfront
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
lG0IDkEo6ZGvnCCbZ0gvpLgz_2mslZVSXiiOdkIOYX2Ii9z8419qEA==
csod-icons.css
fadv.csod.com/login/node_modules/player-core-ui/assets/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fadv.csod.com/login/node_modules/player-core-ui/assets/csod-icons.css?ver=637774890982853392
Requested by
Host: fadv.csod.com
URL: https://fadv.csod.com/login/render.aspx?id=defaultclp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.81.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-81-247.fra2.r.cloudfront.net
Software
/
Resource Hash
5efc73d62973eb12f9502582234e76b90e4321d87604d837b979e755b82189b0
Security Headers
Name Value
Strict-Transport-Security max-age=156768000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fadv.csod.com/login/render.aspx?id=defaultclp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=156768000; includeSubDomains
content-encoding
gzip
etag
W/"0e3d5ad9f89d71:0"
true_status
Ok
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
last-modified
Thu, 05 Aug 2021 02:14:54 GMT
server
date
Tue, 11 Jan 2022 17:11:37 GMT
true_route
/login/node_modules/player-core-ui/assets/csod-icons.css
vary
Accept-Encoding
content-type
text/css
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
s-n
ECWT3006
x-amz-cf-id
0vpbeW0LiuZBfIAcsGvE35ySgjiD9-zF3shpRNnpTSJh_qIQZHgVeQ==
correlation_id
1916f28b-f8b8-40e9-91df-0c5fb3e71595
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
render.styles.css
fadv.csod.com/login/pages/ 		83 B
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fadv.csod.com/login/pages/render.styles.css?ver=637774890982853392
Requested by
Host: fadv.csod.com
URL: https://fadv.csod.com/login/render.aspx?id=defaultclp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.81.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-81-247.fra2.r.cloudfront.net
Software
/
Resource Hash
ad562293fc317d24c172e3dc3c26bdeae80842f1331f892d30608d48cf837885
Security Headers
Name Value
Strict-Transport-Security max-age=156768000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fadv.csod.com/login/render.aspx?id=defaultclp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=156768000; includeSubDomains
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
etag
"0e3d5ad9f89d71:0"
true_status
Ok
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
content-length
83
last-modified
Thu, 05 Aug 2021 02:14:54 GMT
server
date
Tue, 11 Jan 2022 17:11:38 GMT
true_route
/login/pages/render.styles.css
content-type
text/css
s-n
ECWT3007
accept-ranges
bytes
x-amz-cf-id
ouGwwtW9VPko1wBwfxuZ_LHoiTgVzJETJWQdWb5vW7TyGUEForfMYw==
correlation_id
616fdc52-20da-4025-ac67-34ab6b8ff907
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
theme.css
fadv.csod.com/login/node_modules/player-theming/ 		134 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fadv.csod.com/login/node_modules/player-theming/theme.css?ver=637774890982853392
Requested by
Host: fadv.csod.com
URL: https://fadv.csod.com/login/render.aspx?id=defaultclp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.81.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-81-247.fra2.r.cloudfront.net
Software
/
Resource Hash
ee68ea1bf547ad4192633ad92d8995d176909a5a05e3e248c94e1c75bc286b3e
Security Headers
Name Value
Strict-Transport-Security max-age=156768000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fadv.csod.com/login/render.aspx?id=defaultclp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=156768000; includeSubDomains
content-encoding
gzip
etag
W/"0e3d5ad9f89d71:0"
true_status
Ok
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
last-modified
Thu, 05 Aug 2021 02:14:54 GMT
server
date
Tue, 11 Jan 2022 17:11:37 GMT
true_route
/login/node_modules/player-theming/theme.css
vary
Accept-Encoding
content-type
text/css
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
s-n
ECWT3006
x-amz-cf-id
iFEUbtp6Q_cW3BQGXInAlAvorPc61Q7ZdA3kyLZP18VYQuetEg7H7w==
correlation_id
5bc7ffb6-57a9-4c49-8064-e8db6a73da72
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Component
us.api.csod.com/gts-custom-login-page/V1/ 		832 KB
833 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.api.csod.com/gts-custom-login-page/V1/Component?componentName=render
Requested by
Host: fadv.csod.com
URL: https://fadv.csod.com/login/render.aspx?id=defaultclp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.177.30.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-30-132.us-west-1.compute.amazonaws.com
Software
edge /
Resource Hash
3c6ff09214317a8768f5fc6a2663c6f79c5691919585e8909878359620f6a5b9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fadv.csod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 17:11:38 GMT
x-content-type-options
nosniff
server
edge
cache-control
public,max-age=86400
x-gateway-upstream-status
200
vary
Origin
x-gateway-upstream-latency
111
content-type
text/javascript; charset=utf-8
x-gateway-latency
0
access-control-allow-credentials
true
strict-transport-security
max-age=15552000; includeSubdomains
x-xss-protection
1; mode=block
defaultclp
us.api.csod.com/gts-custom-login-page/V1/GetCustomLoginPage/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us.api.csod.com/gts-custom-login-page/V1/GetCustomLoginPage/defaultclp?corpname=fadv
Requested by
Host: us.api.csod.com
URL: https://us.api.csod.com/gts-custom-login-page/V1/Component?componentName=render
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.177.30.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-30-132.us-west-1.compute.amazonaws.com
Software
edge /
Resource Hash
da87f38cc94cfe792147e2bb1350f1b11a090d7877796994149190511c68ed6d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://fadv.csod.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 17:11:40 GMT
x-content-type-options
nosniff
server
edge
cache-control
public,max-age=86400
x-gateway-upstream-status
200
vary
Origin
x-gateway-upstream-latency
176
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fadv.csod.com
x-gateway-latency
1
access-control-allow-credentials
true
strict-transport-security
max-age=15552000; includeSubdomains
x-xss-protection
1; mode=block
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
262da8a3264f3333642d15d0425266a85f964ff8a113831602376217c05a80b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
Component
us.api.csod.com/gts-custom-login-page/V1/ 		140 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.api.csod.com/gts-custom-login-page/V1/Component?componentName=backgroundClassicResponsive
Requested by
Host: us.api.csod.com
URL: https://us.api.csod.com/gts-custom-login-page/V1/Component?componentName=render
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.177.30.132 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-30-132.us-west-1.compute.amazonaws.com
Software
edge /
Resource Hash
61d216f41562d49dd95d9f18731cea8fc0e3e4cc5d44b9163fa6f82f13a64cc6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fadv.csod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 17:11:41 GMT
x-content-type-options
nosniff
server
edge
cache-control
public,max-age=86400
x-gateway-upstream-status
200
vary
Origin
x-gateway-upstream-latency
34
content-type
text/javascript; charset=utf-8
x-gateway-latency
1
access-control-allow-credentials
true
strict-transport-security
max-age=15552000; includeSubdomains
x-xss-protection
1; mode=block
truncated
/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
748b808fd89774a4ff42ac9b1c76cee9431405fa5b7dc01d2741354e81ba6932

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		596 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a8c1e4cd28675e238166913e0a5f87645651a2afb3294b2caa051533503e718

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/jpeg

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange string| SERVICE_URL_SERVICE_BASE_OVERRIDE undefined| timeLeft function| redirectToDefault function| Redirect function| getXHR function| countdown function| ClickHereRedirect string| gtmCode object| React object| ReactDOM function| setImmediate function| clearImmediate object| csod object| regeneratorRuntime object| ComponentRegistryb6db870cedeb498ab593712020cf9394

4 Cookies

Domain/Path Name / Value
fadv.csod.com/ Name: ASP.NET_SessionId
Value: df2nyk2dsxzngiunfb0opdht
fadv.csod.com/ Name: loginCyberU_LogoutRedirectUrl
Value: timeoutURL=/login/render.aspx?id=defaultclp&logoutURL=/login/render.aspx?id=defaultclp
fadv.csod.com/ Name: CYBERU_backUrl
Value: http://fadv.csod.com/login/render.aspx?id=defaultclp
fadv.csod.com/ Name: CYBERU_lastculture
Value: de-DE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=156768000; includeSubDomains