fs.ucb.com
Open in
urlscan Pro
194.187.114.156
Public Scan
Effective URL: https://fs.ucb.com/adfs/ls/?SAMLRequest=nZJfT8IwFMXf%2BRRL37tuMBdsgAQhRhL%2FLIA%2B%2BGK67k6abO3s7VC%2FvWWIYoI%2B2Le...
Submission Tags: falconsandbox
Submission: On February 10 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Organization Validation S... on October 28th 2022. Valid for: a year.
This is the only time fs.ucb.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 3.64.94.112 3.64.94.112 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 3.124.221.156 3.124.221.156 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 194.187.114.156 194.187.114.156 | 35350 (AS_SCHWAR...) (AS_SCHWARZ_PHARMA_AG Alfred-Nobel-Str. 10) | |
9 | 3 |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-94-112.eu-central-1.compute.amazonaws.com
ucb-dwp.onbmc.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-221-156.eu-central-1.compute.amazonaws.com
de-rsso1.onbmc.com |
ASN35350 (AS_SCHWARZ_PHARMA_AG Alfred-Nobel-Str. 10, BE)
fs.ucb.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
ucb.com
fs.ucb.com — Cisco Umbrella Rank: 804584 |
480 KB |
3 |
onbmc.com
1 redirects
ucb-dwp.onbmc.com — Cisco Umbrella Rank: 957622 de-rsso1.onbmc.com |
5 KB |
9 | 2 |
Domain | Requested by | |
---|---|---|
7 | fs.ucb.com |
fs.ucb.com
|
2 | de-rsso1.onbmc.com | 1 redirects |
1 | ucb-dwp.onbmc.com | |
9 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.onbmc.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-05-04 - 2023-05-04 |
a year | crt.sh |
fs.ucb.com Sectigo RSA Organization Validation Secure Server CA |
2022-10-28 - 2023-10-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://fs.ucb.com/adfs/ls/?SAMLRequest=nZJfT8IwFMXf%2BRRL37tuMBdsgAQhRhL%2FLIA%2B%2BGK67k6abO3s7VC%2FvWWIYoI%2B2Le2N%2Bf%2Bzj13hKKuGj5t3UYv4aUFdMFbXWnk3ceYtFZzI1Ah16IG5E7y1fTmmvfDiDfWOCNNRYLFfEyehpCksjgTVJwnkiZxP6fDQZzSIskHw1ikMEgiEjyARWX0mHgF0gtOnAViCwuNTmjny6L%2BgEZ9Gkfr6JzHCU%2FSME3OHkkw97BKC9epbZxrkDNWYtjKPJSmZqIokVXISHBprITO45iUokLwxJgJRLWFw8tJlOzT4YXShdLPf48j3xchv1qvM5rdrdanRaeIYHfUM6OxrcGuwG6VhPvl9bePAqhFNHFodF7Lzs%2FuzixI8NSWeZfUB1CQSddktMuLd6OzRwn%2BTSwOJGSCzdNO7Ut2xI4Ej1o0%2FNbLLOaZqZR8%2F8%2Bu%2BDBq4X6vjsO4e1EFLbtS3mpsQKpSQUGCaVWZ15kF4Xx0zrZA2KS3p%2F25x5MP&RelayState=_8e46cd5a-a94c-412b-8316-d4b381a6e340&client-request-id=68257e27-20d9-45da-cdee-0480010000d8&pullStatus=0
Frame ID: 29CE366C76865B1EF2F4D5F902184D4F
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
AnmeldenPage URL History Show full URLs
- https://ucb-dwp.onbmc.com/dwp/rest/share/OJSXG33VOJRWKVDZOBST2RKWIVHFIJTUMVXGC3TUJFSD2MBQGAYDAMBQGAYDA... Page URL
- https://de-rsso1.onbmc.com/rsso/start Page URL
-
https://de-rsso1.onbmc.com/rsso/start
HTTP 302
https://fs.ucb.com/adfs/ls/?SAMLRequest=nZJfT8IwFMXf%2BRRL37tuMBdsgAQhRhL%2FLIA%2B%2BGK67k6abO3... Page URL
- https://fs.ucb.com/adfs/ls/?SAMLRequest=nZJfT8IwFMXf%2BRRL37tuMBdsgAQhRhL%2FLIA%2B%2BGK67k6abO3... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ucb-dwp.onbmc.com/dwp/rest/share/OJSXG33VOJRWKVDZOBST2RKWIVHFIJTUMVXGC3TUJFSD2MBQGAYDAMBQGAYDAMBQGAYDCJTSMVZW65LSMNSUSZB5IFDUORJWJBJEKSRSGI2FKQKSKAZVGWSYKJHTGV22GAYDESCBEZSXMZLOOREWIPKVNNLFET3OJZ4WEVDQIJJDAZCGJZVWQU2SKVXXSTLKKJLFCVSKKFGTCTTBK5DEUUCNGFSGCTKEIF4VGRKF Page URL
- https://de-rsso1.onbmc.com/rsso/start Page URL
-
https://de-rsso1.onbmc.com/rsso/start
HTTP 302
https://fs.ucb.com/adfs/ls/?SAMLRequest=nZJfT8IwFMXf%2BRRL37tuMBdsgAQhRhL%2FLIA%2B%2BGK67k6abO3s7VC%2FvWWIYoI%2B2Le2N%2Bf%2Bzj13hKKuGj5t3UYv4aUFdMFbXWnk3ceYtFZzI1Ah16IG5E7y1fTmmvfDiDfWOCNNRYLFfEyehpCksjgTVJwnkiZxP6fDQZzSIskHw1ikMEgiEjyARWX0mHgF0gtOnAViCwuNTmjny6L%2BgEZ9Gkfr6JzHCU%2FSME3OHkkw97BKC9epbZxrkDNWYtjKPJSmZqIokVXISHBprITO45iUokLwxJgJRLWFw8tJlOzT4YXShdLPf48j3xchv1qvM5rdrdanRaeIYHfUM6OxrcGuwG6VhPvl9bePAqhFNHFodF7Lzs%2FuzixI8NSWeZfUB1CQSddktMuLd6OzRwn%2BTSwOJGSCzdNO7Ut2xI4Ej1o0%2FNbLLOaZqZR8%2F8%2Bu%2BDBq4X6vjsO4e1EFLbtS3mpsQKpSQUGCaVWZ15kF4Xx0zrZA2KS3p%2F25x5MP&RelayState=_8e46cd5a-a94c-412b-8316-d4b381a6e340 Page URL
- https://fs.ucb.com/adfs/ls/?SAMLRequest=nZJfT8IwFMXf%2BRRL37tuMBdsgAQhRhL%2FLIA%2B%2BGK67k6abO3s7VC%2FvWWIYoI%2B2Le2N%2Bf%2Bzj13hKKuGj5t3UYv4aUFdMFbXWnk3ceYtFZzI1Ah16IG5E7y1fTmmvfDiDfWOCNNRYLFfEyehpCksjgTVJwnkiZxP6fDQZzSIskHw1ikMEgiEjyARWX0mHgF0gtOnAViCwuNTmjny6L%2BgEZ9Gkfr6JzHCU%2FSME3OHkkw97BKC9epbZxrkDNWYtjKPJSmZqIokVXISHBprITO45iUokLwxJgJRLWFw8tJlOzT4YXShdLPf48j3xchv1qvM5rdrdanRaeIYHfUM6OxrcGuwG6VhPvl9bePAqhFNHFodF7Lzs%2FuzixI8NSWeZfUB1CQSddktMuLd6OzRwn%2BTSwOJGSCzdNO7Ut2xI4Ej1o0%2FNbLLOaZqZR8%2F8%2Bu%2BDBq4X6vjsO4e1EFLbtS3mpsQKpSQUGCaVWZ15kF4Xx0zrZA2KS3p%2F25x5MP&RelayState=_8e46cd5a-a94c-412b-8316-d4b381a6e340&client-request-id=68257e27-20d9-45da-cdee-0480010000d8&pullStatus=0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://de-rsso1.onbmc.com/rsso/start HTTP 302
- https://fs.ucb.com/adfs/ls/?SAMLRequest=nZJfT8IwFMXf%2BRRL37tuMBdsgAQhRhL%2FLIA%2B%2BGK67k6abO3s7VC%2FvWWIYoI%2B2Le2N%2Bf%2Bzj13hKKuGj5t3UYv4aUFdMFbXWnk3ceYtFZzI1Ah16IG5E7y1fTmmvfDiDfWOCNNRYLFfEyehpCksjgTVJwnkiZxP6fDQZzSIskHw1ikMEgiEjyARWX0mHgF0gtOnAViCwuNTmjny6L%2BgEZ9Gkfr6JzHCU%2FSME3OHkkw97BKC9epbZxrkDNWYtjKPJSmZqIokVXISHBprITO45iUokLwxJgJRLWFw8tJlOzT4YXShdLPf48j3xchv1qvM5rdrdanRaeIYHfUM6OxrcGuwG6VhPvl9bePAqhFNHFodF7Lzs%2FuzixI8NSWeZfUB1CQSddktMuLd6OzRwn%2BTSwOJGSCzdNO7Ut2xI4Ej1o0%2FNbLLOaZqZR8%2F8%2Bu%2BDBq4X6vjsO4e1EFLbtS3mpsQKpSQUGCaVWZ15kF4Xx0zrZA2KS3p%2F25x5MP&RelayState=_8e46cd5a-a94c-412b-8316-d4b381a6e340
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
OJSXG33VOJRWKVDZOBST2RKWIVHFIJTUMVXGC3TUJFSD2MBQGAYDAMBQGAYDAMBQGAYDCJTSMVZW65LSMNSUSZB5IFDUORJWJBJEKSRSGI2FKQKSKAZVGWSYKJHTGV22GAYDESCBEZSXMZLOOREWIPKVNNLFET3OJZ4WEVDQIJJDAZCGJZVWQU2SKVXXSTLKKJLFC...
ucb-dwp.onbmc.com/dwp/rest/share/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
start
de-rsso1.onbmc.com/rsso/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
fs.ucb.com/adfs/ls/ Redirect Chain
|
31 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
fs.ucb.com/adfs/portal/css/ |
30 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
fs.ucb.com/adfs/portal/logo/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
fs.ucb.com/adfs/ls/ |
32 KB 33 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
fs.ucb.com/adfs/portal/css/ |
30 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
fs.ucb.com/adfs/portal/logo/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
illustration.jpg
fs.ucb.com/adfs/portal/illustration/ |
334 KB 335 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange function| LoginErrors number| maxPasswordLength function| InputUtil object| paginationManager object| PaginationUtil object| PaginationManager object| Login object| LoginManager object| options object| _self object| instructionsActivate object| instructions object| loginMessage undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration function| SetIllustrationImage4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
de-rsso1.onbmc.com/rsso | Name: route Value: 1676020487.624.11000.89750 |
|
ucb-dwp.onbmc.com/ | Name: route Value: 1676020487.467.32116.120861 |
|
ucb-dwp.onbmc.com/ | Name: onbmc_pool Value: !stcSy7cWzR4xPBcZZC5K4Ikvz8SCJBJqyJSCYvZUYF9i30R7rTCgdATKr64bAlwyzevEnvqp0DahRF4= |
|
de-rsso1.onbmc.com/ | Name: onbmc_pool Value: !t49L7m/Vg5tc02S/KSk+mFlNJC4htQ1WKfI8v1SXanClRbBa4iP/gUkk1cPTJBGBJ8jtuFDFA+w2BWo= |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | script-src 'self' 'unsafe-inline' 'unsafe-eval' *.salesforce.com maps.google.com maps.googleapis.com www.google-analytics.com www.google.com google.com www.gstatic.com www.youtube.com s.ytimg.com tencent.com open.t.qq.com cdn.mxpnl.com d24n15hnbwhuhn.cloudfront.net *.pactsafe.io *.onbmc.com cdn.whatfix.com whatfix.com |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
de-rsso1.onbmc.com
fs.ucb.com
ucb-dwp.onbmc.com
194.187.114.156
3.124.221.156
3.64.94.112
0df2be435b0b30f3ebefc9e041312ce5bcc04bce411ce0b71281bca3da78005d
32d0b3bb6b453ffd22208fe3fd30b39582cbcebb82601d5dd102a402da286bad
4b77cc067745784e8c02bf67e7427b7f9492b12037227c1e48454411b06b7f86
7a4a95e99a696aa29a82cd9c8498da3261d5b824d42a319049cdc7dff630a7d7
c9130ec8ea178999931fa67e9fb88740d9fecd894333b40860ef89aeda9e9688
edf48c54d87bc2059a6b7e5ab7b2dc5d5382f28954fc27f65a3091cd830e234d