portal.csr24.com Open in urlscan Pro
204.155.61.208 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://portal.csr24.com/mvc/9880446
Effective URL:
https://portal.csr24.com/mvc/9880446
Submission: On November 09 via manual (November 9th 2022, 4:21:18 pm UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 16 HTTP transactions. The main IP is 204.155.61.208, located in Farmington, United States and belongs to CO-DATACENTER, US. The main domain is portal.csr24.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on July 3rd 2022. Valid for: a year.

This is the only time portal.csr24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	204.155.61.208 204.155.61.208	30620 (CO-DATACE...) (CO-DATACENTER)
4	35.167.186.221 35.167.186.221	16509 (AMAZON-02) (AMAZON-02)
16	2

13 204.155.61.208 (Farmington, United States) 1 redirects

ASN30620 (CO-DATACENTER, US)
PTR: portalhip.csr24.com

portal.csr24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.167.186.221 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-186-221.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	csr24.com 1 redirects portal.csr24.com	218 KB
4	amplitude.com api.amplitude.com — Cisco Umbrella Rank: 1658	410 B
16	2

	Domain	Requested by
13	portal.csr24.com	1 redirects portal.csr24.com
4	api.amplitude.com	portal.csr24.com
16	2

This site contains links to these domains. Also see Links.

Domain
www.bokfinancial.com

Subject Issuer	Validity	Valid
*.csr24.com GlobalSign RSA OV SSL CA 2018	`2022-07-03` - `2023-08-04`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://portal.csr24.com/mvc/9880446
Frame ID: EC6EB03622A597A06260E821E79425CC
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BOK Financial Insurance

Page URL History Show full URLs

http://portal.csr24.com/mvc/9880446 HTTP 301
https://portal.csr24.com/mvc/9880446 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

217 kB
Transfer

354 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bokfinancial.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://portal.csr24.com/mvc/9880446 HTTP 301
https://portal.csr24.com/mvc/9880446 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 9880446 Show response
portal.csr24.com/mvc/
Redirect Chain

http://portal.csr24.com/mvc/9880446
https://portal.csr24.com/mvc/9880446

7 KB
8 KB

702ms
249ms

Document
text/html

204.155.61.208
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.csr24.com/mvc/9880446

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

204.155.61.208 Farmington, United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

portalhip.csr24.com

Software

Resource Hash

6975ed4e4dff004e86221c9f28d389897e77f6b2c8fb5c61f7a9503a268df6d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private,no-cache, no-store
Content-Length: 6689
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://www.i-csr.net https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: text/html; charset=utf-8
Date: Wed, 09 Nov 2022 16:21:11 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-cache, no-store
Content-Length: 159
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://www.i-csr.net https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Nov 2022 16:21:11 GMT
Expires: 0
Location: https://portal.csr24.com/mvc/9880446
Pragma: no-cache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK superfish.css
portal.csr24.com/mvc/Content/ 3 KB
2 KB 149ms
149ms Stylesheet
text/css 204.155.61.208
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.csr24.com/mvc/Content/superfish.css

Requested by

Host: portal.csr24.com
URL: https://portal.csr24.com/mvc/9880446

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

204.155.61.208 Farmington, United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

portalhip.csr24.com

Software

Resource Hash

fbc6eb75cca4a9f2726ecfd958d744ec0fcaedf6887abfb0ce625ffe35c87921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.csr24.com/mvc/9880446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 09 Nov 2022 16:21:11 GMT
Last-Modified: Mon, 25 Oct 2021 16:38:48 GMT
ETag: "05cc4c8bec9d71:0"
Vary: Accept-Encoding
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://www.i-csr.net https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: text/css
Cache-Control: public, max-age=86400
Accept-Ranges: bytes
Content-Length: 1025
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK Login_2020.css
portal.csr24.com/mvc/Content/ 6 KB
3 KB 299ms
149ms Stylesheet
text/css 204.155.61.208
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.csr24.com/mvc/Content/Login_2020.css

Requested by

Host: portal.csr24.com
URL: https://portal.csr24.com/mvc/9880446

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

204.155.61.208 Farmington, United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

portalhip.csr24.com

Software

Resource Hash

ea6e769030700c70f77ee6792671dd93d9fc4e40f7389c788918e737c819c4d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.csr24.com/mvc/9880446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 09 Nov 2022 16:21:12 GMT
Last-Modified: Wed, 19 Jan 2022 05:01:02 GMT
ETag: "03b368ef1cd81:0"
Vary: Accept-Encoding
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://www.i-csr.net https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: text/css
Cache-Control: public, max-age=86400
Accept-Ranges: bytes
Content-Length: 1515
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK Login_2021.css
portal.csr24.com/mvc/Content/ 4 KB
2 KB 431ms
145ms Stylesheet
text/css 204.155.61.208
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.csr24.com/mvc/Content/Login_2021.css

Requested by

Host: portal.csr24.com
URL: https://portal.csr24.com/mvc/9880446

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

204.155.61.208 Farmington, United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

portalhip.csr24.com

Software

Resource Hash

7c45d90ee98a9db6782cc2140c1cbc8e465e8114479575c09499bb188368f1f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.csr24.com/mvc/9880446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 09 Nov 2022 16:21:12 GMT
Last-Modified: Wed, 19 Jan 2022 05:01:02 GMT
ETag: "03b368ef1cd81:0"
Vary: Accept-Encoding
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://www.i-csr.net https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: text/css
Cache-Control: public, max-age=86400
Accept-Ranges: bytes
Content-Length: 1135
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK StyleSheet_2021.css
portal.csr24.com/mvc/Content/Insured/ 24 KB
6 KB 587ms
296ms Stylesheet
text/css 204.155.61.208
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.csr24.com/mvc/Content/Insured/StyleSheet_2021.css?1

Requested by

Host: portal.csr24.com
URL: https://portal.csr24.com/mvc/9880446

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

204.155.61.208 Farmington, United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

portalhip.csr24.com

Software

Resource Hash

01126749fff4706c6a6242605ef144fa703818c3b718c3f901509fa24db1b879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.csr24.com/mvc/9880446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 09 Nov 2022 16:21:12 GMT
Last-Modified: Wed, 31 Aug 2022 22:36:52 GMT
ETag: "01a492a8abdd81:0"
Vary: Accept-Encoding
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://www.i-csr.net https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: text/css
Cache-Control: public, max-age=86400
Accept-Ranges: bytes
Content-Length: 5044
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK jquery-3.6.0.min.js Show response
portal.csr24.com/mvc/Scripts/ 87 KB
32 KB 738ms
445ms Script
application/javascript 204.155.61.208
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.csr24.com/mvc/Scripts/jquery-3.6.0.min.js

Requested by

Host: portal.csr24.com
URL: https://portal.csr24.com/mvc/9880446

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

204.155.61.208 Farmington, United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

portalhip.csr24.com

Software

Resource Hash

ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.csr24.com/mvc/9880446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 09 Nov 2022 16:21:12 GMT
Last-Modified: Wed, 31 Aug 2022 22:36:54 GMT
ETag: "0477a2b8abdd81:0"
Vary: Accept-Encoding
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://www.i-csr.net https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: application/javascript
Cache-Control: public, max-age=86400
Accept-Ranges: bytes
Content-Length: 30987
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK jquery.placeholder.js Show response
portal.csr24.com/mvc/Scripts/ 651 B
2 KB 445ms
153ms Script
application/javascript 204.155.61.208
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.csr24.com/mvc/Scripts/jquery.placeholder.js

Requested by

Host: portal.csr24.com
URL: https://portal.csr24.com/mvc/9880446

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

204.155.61.208 Farmington, United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

portalhip.csr24.com

Software

Resource Hash

accc9562ef4013f338211e9dd3c5089956470e0c2997978a96783cb08e942291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.csr24.com/mvc/9880446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Wed, 09 Nov 2022 16:21:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 25 Oct 2021 16:38:54 GMT
ETag: "0e357ccbec9d71:0"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://www.i-csr.net https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: application/javascript
Cache-Control: public, max-age=86400
Accept-Ranges: bytes
Content-Length: 651
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK superfish.js Show response
portal.csr24.com/mvc/Scripts/Shared/ 8 KB
4 KB 452ms
153ms Script
application/javascript 204.155.61.208
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.csr24.com/mvc/Scripts/Shared/superfish.js

Requested by

Host: portal.csr24.com
URL: https://portal.csr24.com/mvc/9880446

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

204.155.61.208 Farmington, United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

portalhip.csr24.com

Software

Resource Hash

0426802f1386818022cdd44053713ac6cb1f772f133c2d4c0108ce81b1f094b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.csr24.com/mvc/9880446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 09 Nov 2022 16:21:12 GMT
Last-Modified: Mon, 25 Oct 2021 16:38:58 GMT
ETag: "03dbacebec9d71:0"
Vary: Accept-Encoding
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://www.i-csr.net https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: application/javascript
Cache-Control: public, max-age=86400
Accept-Ranges: bytes
Content-Length: 2354
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK svg4everybody.js Show response
portal.csr24.com/mvc/Scripts/ 6 KB
3 KB 457ms
153ms Script
application/javascript 204.155.61.208
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.csr24.com/mvc/Scripts/svg4everybody.js

Requested by

Host: portal.csr24.com
URL: https://portal.csr24.com/mvc/9880446

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

204.155.61.208 Farmington, United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

portalhip.csr24.com

Software

Resource Hash

4eb0ee251cdee2eac80de870f7f40058d66694f273c567d5809561c44b21ea9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.csr24.com/mvc/9880446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 09 Nov 2022 16:21:12 GMT
Last-Modified: Mon, 25 Oct 2021 16:38:54 GMT
ETag: "0e357ccbec9d71:0"
Vary: Accept-Encoding
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://www.i-csr.net https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: application/javascript
Cache-Control: public, max-age=86400
Accept-Ranges: bytes
Content-Length: 1976
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK appliedProdInt.js Show response
portal.csr24.com/mvc/Scripts/webpack/dist/ 83 KB
28 KB 720ms
289ms Script
application/javascript 204.155.61.208
CO-DATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.csr24.com/mvc/Scripts/webpack/dist/appliedProdInt.js

Requested by

Host: portal.csr24.com
URL: https://portal.csr24.com/mvc/9880446

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

204.155.61.208 Farmington, United States, ASN30620 (CO-DATACENTER, US),

Reverse DNS

portalhip.csr24.com

Software

Resource Hash

b1c886a49633634463d04e78638401a99666cfbccf2175d51b6bb0a09e6e1756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.csr24.com/mvc/9880446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 09 Nov 2022 16:21:12 GMT
Last-Modified: Thu, 15 Sep 2022 20:26:46 GMT
ETag: "047be7941c9d81:0"
Vary: Accept-Encoding
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.csr24.com *.chatra.io https://cdn.syndication.twimg.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.googleapis.com *.intercom.io *.intercomcdn.com *.twitter.com *platform.twitter.com *.twimg.com *.purechat.com *.purechatcdn.com *.livechatinc.com *.smooch.io www.snapengage.com *.jquery.com *.fontawesome.com *.intercom.io *.gstatic.com *.providesupport.com *.liveperson.net *.clickdesk.com https://cdn.jsdelivr.net *.amplitude.com *.force.com *.salesforce.com *.salesforceliveagent.com *.appliedsystems.com *.useindio.com *.relay.ie ; frame-src 'self' *.facebook.com *.twitter.com *.csr24.com *.salesforce.com service.force.com *.relay.ie https://www.i-csr.net https://secure.payconex.net https://api.epaypolicy.com https://pay.realexpayments.com https://live.sagepay.com https://payments.worldnettps.com; report-uri /mvc/Logging/ContentSecurityPolicy
Content-Type: application/javascript
Cache-Control: public, max-age=86400
Accept-Ranges: bytes
Content-Length: 27120
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK logo.png
portal.csr24.com/users/9880446/images/ 6 KB
7 KB 155ms
155ms Image
image/png 204.155.61.208
CO-DATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.csr24.com/users/9880446/images/logo.png
Requested by: Host: portal.csr24.com
URL: https://portal.csr24.com/mvc/9880446
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 204.155.61.208 Farmington, United States, ASN30620 (CO-DATACENTER, US),
Reverse DNS: portalhip.csr24.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 55f8e2744ac9d8b0497a5cb872d1de8754f48288f80ece0a2d89cfde058ca8de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.csr24.com/mvc/9880446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Nov 2022 16:21:12 GMT
Last-Modified: Fri, 22 Mar 2019 22:40:06 GMT
Server: Microsoft-IIS/8.5
ETag: "cea968320e1d41:0"
Content-Type: image/png
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store
Accept-Ranges: bytes
Content-Length: 6299
Expires: 0

OPTIONS
H2 200 /
api.amplitude.com/ 0
0 565ms
172ms Preflight 35.167.186.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.167.186.221 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-167-186-221.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://portal.csr24.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 09 Nov 2022 16:21:13 GMT
strict-transport-security: max-age=15768000

POST
H2 200 / Show response
api.amplitude.com/ 7 B
205 B 178ms
178ms XHR
text/html 35.167.186.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: portal.csr24.com
URL: https://portal.csr24.com/mvc/Scripts/webpack/dist/appliedProdInt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.167.186.221 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-167-186-221.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://portal.csr24.com/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 09 Nov 2022 16:21:14 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-636bd37a-2c5d4417184595b6713c3848
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H/1.1 200
OK 30ca9c76-9e81-46a4-8c1b-55c98cbcdd77.jpg
portal.csr24.com/users/9880446/images/ 119 KB
120 KB 162ms
162ms Image
image/jpeg 204.155.61.208
CO-DATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.csr24.com/users/9880446/images/30ca9c76-9e81-46a4-8c1b-55c98cbcdd77.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 204.155.61.208 Farmington, United States, ASN30620 (CO-DATACENTER, US),
Reverse DNS: portalhip.csr24.com
Software: Microsoft-IIS/8.5 /
Resource Hash: d576c6bcd560497f431aabe401072b1903d1e004b3d831b4132b92a608834a7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.csr24.com/mvc/9880446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Nov 2022 16:21:12 GMT
Last-Modified: Fri, 14 Oct 2022 21:02:19 GMT
Server: Microsoft-IIS/8.5
ETag: "8ed0633f10e0d81:0"
Content-Type: image/jpeg
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store
Accept-Ranges: bytes
Content-Length: 122258
Expires: 0

POST
H2 200 / Show response
api.amplitude.com/ 7 B
205 B 180ms
179ms XHR
text/html 35.167.186.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: portal.csr24.com
URL: https://portal.csr24.com/mvc/Scripts/webpack/dist/appliedProdInt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.167.186.221 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-167-186-221.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://portal.csr24.com/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 09 Nov 2022 16:21:14 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-636bd37a-61777e2318b58c1e55780a0f
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

OPTIONS
H2 200 /
api.amplitude.com/ 0
0 173ms
173ms Preflight 35.167.186.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.167.186.221 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-167-186-221.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://portal.csr24.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 09 Nov 2022 16:21:14 GMT
strict-transport-security: max-age=15768000

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			portal.csr24.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken_L212Yw2 Value: WhHP1zcUGzTGnLLn2qqJAH8cI8CZ-3Efw1dBK67WWG20F5VFczq5jrDF93iYVatavAoJ5EHM8kIi_EgRuuUbm2m1DqsH8sEab-6f6dEhBhg1
			.csr24.com/	1970-01-20 16:05:46	Name: amp_faf5a1 Value: CX10FCUWX4wmr5CqaaI4SZ...1ghej44kh.1ghej44kn.1.1.2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://portal.csr24.com/mvc/9880446 Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: '*platform.twitter.com'. It will be ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
portal.csr24.com
204.155.61.208
35.167.186.221
01126749fff4706c6a6242605ef144fa703818c3b718c3f901509fa24db1b879
0426802f1386818022cdd44053713ac6cb1f772f133c2d4c0108ce81b1f094b8
4eb0ee251cdee2eac80de870f7f40058d66694f273c567d5809561c44b21ea9c
55f8e2744ac9d8b0497a5cb872d1de8754f48288f80ece0a2d89cfde058ca8de
6975ed4e4dff004e86221c9f28d389897e77f6b2c8fb5c61f7a9503a268df6d4
7c45d90ee98a9db6782cc2140c1cbc8e465e8114479575c09499bb188368f1f2
accc9562ef4013f338211e9dd3c5089956470e0c2997978a96783cb08e942291
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b1c886a49633634463d04e78638401a99666cfbccf2175d51b6bb0a09e6e1756
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
d576c6bcd560497f431aabe401072b1903d1e004b3d831b4132b92a608834a7f
ea6e769030700c70f77ee6792671dd93d9fc4e40f7389c788918e737c819c4d5
fbc6eb75cca4a9f2726ecfd958d744ec0fcaedf6887abfb0ce625ffe35c87921

portal.csr24.com Open in urlscan Pro 204.155.61.208 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

217 kBTransfer

354 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

portal.csr24.com Open in urlscan Pro
204.155.61.208 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

217 kB
Transfer

354 kB
Size

2
Cookies

16 HTTP transactions
0 data transactions