fs.ucb.com Open in urlscan Pro
194.187.114.156 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ucb-smartit.onbmc.com/
Effective URL:
https://fs.ucb.com/adfs/ls/?SAMLRequest=nZLLTsMwEEX3fEXkveOENn1YbaVAhajEI2oLCzbItSdgKbGDxynw97jhVaTCAu9sj%2B6cO3cmK...
Submission: On March 15 via manual (March 15th 2023, 9:54:20 am UTC) from IN — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 194.187.114.156, located in Tarcienne, Belgium and belongs to AS_SCHWARZ_PHARMA_AG Alfred-Nobel-Str. 10, BE. The main domain is fs.ucb.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on October 28th 2022. Valid for: a year.

This is the only time fs.ucb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	3.64.94.112 3.64.94.112	16509 (AMAZON-02) (AMAZON-02)
1 2	3.124.221.156 3.124.221.156	16509 (AMAZON-02) (AMAZON-02)
7	194.187.114.156 194.187.114.156	35350 (AS_SCHWAR...) (AS_SCHWARZ_PHARMA_AG Alfred-Nobel-Str. 10)
10	3

3 3.64.94.112 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-94-112.eu-central-1.compute.amazonaws.com

ucb-smartit.onbmc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.221.156 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-221-156.eu-central-1.compute.amazonaws.com

de-rsso1.onbmc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 194.187.114.156 (Tarcienne, Belgium)

ASN35350 (AS_SCHWARZ_PHARMA_AG Alfred-Nobel-Str. 10, BE)

fs.ucb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	ucb.com fs.ucb.com	480 KB
5	onbmc.com 2 redirects ucb-smartit.onbmc.com de-rsso1.onbmc.com — Cisco Umbrella Rank: 986279	5 KB
10	2

	Domain	Requested by
7	fs.ucb.com	fs.ucb.com
3	ucb-smartit.onbmc.com	1 redirects
2	de-rsso1.onbmc.com	1 redirects
10	3

This site contains no links.

Subject Issuer	Validity	Valid
*.onbmc.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-04` - `2023-05-04`	a year	crt.sh
fs.ucb.com Sectigo RSA Organization Validation Secure Server CA	`2022-10-28` - `2023-10-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://fs.ucb.com/adfs/ls/?SAMLRequest=nZLLTsMwEEX3fEXkveOENn1YbaVAhajEI2oLCzbItSdgKbGDxynw97jhVaTCAu9sj%2B6cO3cmKOqq4XnrH80SnlpAH73UlUHefUxJ6wy3AjVyI2pA7iVf5ZcX%2FDhOeOOst9JWJFrMp%2BQexqNhLx1kdLCBEe0PQVKRjiRNVT9T5QjKgRqQ6BYcamumJCiQo%2BjAWSC2sDDohfGhLDnu0aRH02ydjHnW52kShy53JJoHWG2E79QevW%2BQM1Zi3MpNLG3NhCqRVchIdGadhM7jlJSiQgjEWAhEvYXPl4MoxYfDE22UNg9%2Fj2PzXoT8fL0uaHG9Wh8WzRHB7ahPrcG2BrcCt9USbpYX3z4UUIdo09iaTS07P7s7cyAhUDsWXNIQgCKzrslklxfvRuf2EvybWHySkBk29zu1L9kJ2xPca9HwqyCzmBe20vL1P7sSwqiF%2F706jdPuRStadqW8NdiA1KUGRaK8quzzqQPhQ3TetUDY7Oid9ucez94A&RelayState=_e9873165-6be8-47ec-a18c-1d45df8ef6d6&client-request-id=344f0cec-3e58-4721-b5fb-0080010000c7&pullStatus=0
Frame ID: 852B7B5FB5C43AB016707E1AE0ABE298
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden

Page URL History Show full URLs

https://ucb-smartit.onbmc.com/ HTTP 302
https://ucb-smartit.onbmc.com/smartit/ Page URL
https://ucb-smartit.onbmc.com/smartit/app Page URL
https://de-rsso1.onbmc.com/rsso/start Page URL
https://de-rsso1.onbmc.com/rsso/start HTTP 302
https://fs.ucb.com/adfs/ls/?SAMLRequest=nZLLTsMwEEX3fEXkveOENn1YbaVAhajEI2oLCzbItSdgKbGDxynw97j... Page URL
https://fs.ucb.com/adfs/ls/?SAMLRequest=nZLLTsMwEEX3fEXkveOENn1YbaVAhajEI2oLCzbItSdgKbGDxynw97j... Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

484 kB
Transfer

480 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ucb-smartit.onbmc.com/ HTTP 302
https://ucb-smartit.onbmc.com/smartit/ Page URL
https://ucb-smartit.onbmc.com/smartit/app Page URL
https://de-rsso1.onbmc.com/rsso/start Page URL
https://de-rsso1.onbmc.com/rsso/start HTTP 302
https://fs.ucb.com/adfs/ls/?SAMLRequest=nZLLTsMwEEX3fEXkveOENn1YbaVAhajEI2oLCzbItSdgKbGDxynw97jhVaTCAu9sj%2B6cO3cmKOqq4XnrH80SnlpAH73UlUHefUxJ6wy3AjVyI2pA7iVf5ZcX%2FDhOeOOst9JWJFrMp%2BQexqNhLx1kdLCBEe0PQVKRjiRNVT9T5QjKgRqQ6BYcamumJCiQo%2BjAWSC2sDDohfGhLDnu0aRH02ydjHnW52kShy53JJoHWG2E79QevW%2BQM1Zi3MpNLG3NhCqRVchIdGadhM7jlJSiQgjEWAhEvYXPl4MoxYfDE22UNg9%2Fj2PzXoT8fL0uaHG9Wh8WzRHB7ahPrcG2BrcCt9USbpYX3z4UUIdo09iaTS07P7s7cyAhUDsWXNIQgCKzrslklxfvRuf2EvybWHySkBk29zu1L9kJ2xPca9HwqyCzmBe20vL1P7sSwqiF%2F706jdPuRStadqW8NdiA1KUGRaK8quzzqQPhQ3TetUDY7Oid9ucez94A&RelayState=_e9873165-6be8-47ec-a18c-1d45df8ef6d6 Page URL
https://fs.ucb.com/adfs/ls/?SAMLRequest=nZLLTsMwEEX3fEXkveOENn1YbaVAhajEI2oLCzbItSdgKbGDxynw97jhVaTCAu9sj%2B6cO3cmKOqq4XnrH80SnlpAH73UlUHefUxJ6wy3AjVyI2pA7iVf5ZcX%2FDhOeOOst9JWJFrMp%2BQexqNhLx1kdLCBEe0PQVKRjiRNVT9T5QjKgRqQ6BYcamumJCiQo%2BjAWSC2sDDohfGhLDnu0aRH02ydjHnW52kShy53JJoHWG2E79QevW%2BQM1Zi3MpNLG3NhCqRVchIdGadhM7jlJSiQgjEWAhEvYXPl4MoxYfDE22UNg9%2Fj2PzXoT8fL0uaHG9Wh8WzRHB7ahPrcG2BrcCt9USbpYX3z4UUIdo09iaTS07P7s7cyAhUDsWXNIQgCKzrslklxfvRuf2EvybWHySkBk29zu1L9kJ2xPca9HwqyCzmBe20vL1P7sSwqiF%2F706jdPuRStadqW8NdiA1KUGRaK8quzzqQPhQ3TetUDY7Oid9ucez94A&RelayState=_e9873165-6be8-47ec-a18c-1d45df8ef6d6&client-request-id=344f0cec-3e58-4721-b5fb-0080010000c7&pullStatus=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://ucb-smartit.onbmc.com/ HTTP 302
https://ucb-smartit.onbmc.com/smartit/

Request Chain 3

https://de-rsso1.onbmc.com/rsso/start HTTP 302
https://fs.ucb.com/adfs/ls/?SAMLRequest=nZLLTsMwEEX3fEXkveOENn1YbaVAhajEI2oLCzbItSdgKbGDxynw97jhVaTCAu9sj%2B6cO3cmKOqq4XnrH80SnlpAH73UlUHefUxJ6wy3AjVyI2pA7iVf5ZcX%2FDhOeOOst9JWJFrMp%2BQexqNhLx1kdLCBEe0PQVKRjiRNVT9T5QjKgRqQ6BYcamumJCiQo%2BjAWSC2sDDohfGhLDnu0aRH02ydjHnW52kShy53JJoHWG2E79QevW%2BQM1Zi3MpNLG3NhCqRVchIdGadhM7jlJSiQgjEWAhEvYXPl4MoxYfDE22UNg9%2Fj2PzXoT8fL0uaHG9Wh8WzRHB7ahPrcG2BrcCt9USbpYX3z4UUIdo09iaTS07P7s7cyAhUDsWXNIQgCKzrslklxfvRuf2EvybWHySkBk29zu1L9kJ2xPca9HwqyCzmBe20vL1P7sSwqiF%2F706jdPuRStadqW8NdiA1KUGRaK8quzzqQPhQ3TetUDY7Oid9ucez94A&RelayState=_e9873165-6be8-47ec-a18c-1d45df8ef6d6

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

/
ucb-smartit.onbmc.com/smartit/
Redirect Chain

https://ucb-smartit.onbmc.com/
https://ucb-smartit.onbmc.com/smartit/

148 B
501 B

44ms
43ms

Document
text/html

3.64.94.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ucb-smartit.onbmc.com/smartit/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.64.94.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-94-112.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 148
Content-Type: text/html
Date: Wed, 15 Mar 2023 09:54:09 GMT
ETag: W/"148-1599859981000"
Last-Modified: Fri, 11 Sep 2020 21:33:01 GMT

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 15 Mar 2023 09:54:09 GMT
Location: /smartit/

GET
H/1.1 401 app
ucb-smartit.onbmc.com/smartit/ 1 KB
2 KB 44ms
44ms Document
text/html 3.64.94.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ucb-smartit.onbmc.com/smartit/app
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.64.94.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-94-112.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ucb-smartit.onbmc.com/smartit/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 1394
Content-Type: text/html;charset=UTF-8
Date: Wed, 15 Mar 2023 09:54:09 GMT

POST
H/1.1 200 start
de-rsso1.onbmc.com/rsso/ 1 KB
1 KB 374ms
46ms Document
text/html 3.124.221.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://de-rsso1.onbmc.com/rsso/start

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.124.221.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-221-156.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com 'nonce-IAhcm7ucDhiI4HepbRmhbIchbl0KjZLcYtKTIM3TdEyxkuwH7oeGrUAWPvM8BrSCPaeWPZHoeumvltX217Rqz89Uhqsvb+V7+m6rjfab75KAje+3dVs5ZAXRYakTDZvNA/iSH8RJSqL8qeblh4gQuk+dAUz2d4+zQUq48m9IAtQ='; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ucb-smartit.onbmc.com
Referer: https://ucb-smartit.onbmc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com 'nonce-IAhcm7ucDhiI4HepbRmhbIchbl0KjZLcYtKTIM3TdEyxkuwH7oeGrUAWPvM8BrSCPaeWPZHoeumvltX217Rqz89Uhqsvb+V7+m6rjfab75KAje+3dVs5ZAXRYakTDZvNA/iSH8RJSqL8qeblh4gQuk+dAUz2d4+zQUq48m9IAtQ='; object-src 'none'; frame-ancestors 'self'
Content-Type: text/html;charset=UTF-8
Date: Wed, 15 Mar 2023 09:54:10 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
fs.ucb.com/adfs/ls/
Redirect Chain

https://de-rsso1.onbmc.com/rsso/start
https://fs.ucb.com/adfs/ls/?SAMLRequest=nZLLTsMwEEX3fEXkveOENn1YbaVAhajEI2oLCzbItSdgKbGDxynw97jhVaTCAu9sj%2B6cO3cmKOqq4XnrH80SnlpAH73UlUHefUxJ6wy3AjVyI2pA7iVf5ZcX%2FDhOeOOst9JWJFrMp%2BQexqNhLx1kdLC...

31 KB
31 KB

969ms
165ms

Document
text/html

194.187.114.156
AS_SCHWARZ_PHARMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://fs.ucb.com/adfs/ls/?SAMLRequest=nZLLTsMwEEX3fEXkveOENn1YbaVAhajEI2oLCzbItSdgKbGDxynw97jhVaTCAu9sj%2B6cO3cmKOqq4XnrH80SnlpAH73UlUHefUxJ6wy3AjVyI2pA7iVf5ZcX%2FDhOeOOst9JWJFrMp%2BQexqNhLx1kdLCBEe0PQVKRjiRNVT9T5QjKgRqQ6BYcamumJCiQo%2BjAWSC2sDDohfGhLDnu0aRH02ydjHnW52kShy53JJoHWG2E79QevW%2BQM1Zi3MpNLG3NhCqRVchIdGadhM7jlJSiQgjEWAhEvYXPl4MoxYfDE22UNg9%2Fj2PzXoT8fL0uaHG9Wh8WzRHB7ahPrcG2BrcCt9USbpYX3z4UUIdo09iaTS07P7s7cyAhUDsWXNIQgCKzrslklxfvRuf2EvybWHySkBk29zu1L9kJ2xPca9HwqyCzmBe20vL1P7sSwqiF%2F706jdPuRStadqW8NdiA1KUGRaK8quzzqQPhQ3TetUDY7Oid9ucez94A&RelayState=_e9873165-6be8-47ec-a18c-1d45df8ef6d6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.187.114.156 Tarcienne, Belgium, ASN35350 (AS_SCHWARZ_PHARMA_AG Alfred-Nobel-Str. 10, BE),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

dc8393b96eee1fa39a709f39f446417faf470797422bf995fec10bf8a785faba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security	max-age = 31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://de-rsso1.onbmc.com
Referer: https://de-rsso1.onbmc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store
Content-Length: 31738
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Content-Type: text/html; charset=utf-8
Date: Wed, 15 Mar 2023 09:54:10 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age = 31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
Date: Wed, 15 Mar 2023 09:54:10 GMT
Location: https://fs.ucb.com/adfs/ls/?SAMLRequest=nZLLTsMwEEX3fEXkveOENn1YbaVAhajEI2oLCzbItSdgKbGDxynw97jhVaTCAu9sj%2B6cO3cmKOqq4XnrH80SnlpAH73UlUHefUxJ6wy3AjVyI2pA7iVf5ZcX%2FDhOeOOst9JWJFrMp%2BQexqNhLx1kdLCBEe0PQVKRjiRNVT9T5QjKgRqQ6BYcamumJCiQo%2BjAWSC2sDDohfGhLDnu0aRH02ydjHnW52kShy53JJoHWG2E79QevW%2BQM1Zi3MpNLG3NhCqRVchIdGadhM7jlJSiQgjEWAhEvYXPl4MoxYfDE22UNg9%2Fj2PzXoT8fL0uaHG9Wh8WzRHB7ahPrcG2BrcCt9USbpYX3z4UUIdo09iaTS07P7s7cyAhUDsWXNIQgCKzrslklxfvRuf2EvybWHySkBk29zu1L9kJ2xPca9HwqyCzmBe20vL1P7sSwqiF%2F706jdPuRStadqW8NdiA1KUGRaK8quzzqQPhQ3TetUDY7Oid9ucez94A&RelayState=_e9873165-6be8-47ec-a18c-1d45df8ef6d6
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
fs.ucb.com/adfs/portal/css/ 30 KB
30 KB 100ms
56ms Stylesheet
text/css 194.187.114.156
AS_SCHWARZ_PHARMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://fs.ucb.com/adfs/portal/css/style.css?id=559755FCDD8C380D22FF7173B086021EEB91F9DBDEBA32FF9326B088623EEBAA

Requested by

Host: fs.ucb.com
URL: https://fs.ucb.com/adfs/ls/?SAMLRequest=nZLLTsMwEEX3fEXkveOENn1YbaVAhajEI2oLCzbItSdgKbGDxynw97jhVaTCAu9sj%2B6cO3cmKOqq4XnrH80SnlpAH73UlUHefUxJ6wy3AjVyI2pA7iVf5ZcX%2FDhOeOOst9JWJFrMp%2BQexqNhLx1kdLCBEe0PQVKRjiRNVT9T5QjKgRqQ6BYcamumJCiQo%2BjAWSC2sDDohfGhLDnu0aRH02ydjHnW52kShy53JJoHWG2E79QevW%2BQM1Zi3MpNLG3NhCqRVchIdGadhM7jlJSiQgjEWAhEvYXPl4MoxYfDE22UNg9%2Fj2PzXoT8fL0uaHG9Wh8WzRHB7ahPrcG2BrcCt9USbpYX3z4UUIdo09iaTS07P7s7cyAhUDsWXNIQgCKzrslklxfvRuf2EvybWHySkBk29zu1L9kJ2xPca9HwqyCzmBe20vL1P7sSwqiF%2F706jdPuRStadqW8NdiA1KUGRaK8quzzqQPhQ3TetUDY7Oid9ucez94A&RelayState=_e9873165-6be8-47ec-a18c-1d45df8ef6d6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.187.114.156 Tarcienne, Belgium, ASN35350 (AS_SCHWARZ_PHARMA_AG Alfred-Nobel-Str. 10, BE),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

c9130ec8ea178999931fa67e9fb88740d9fecd894333b40860ef89aeda9e9688

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security	max-age = 31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fs.ucb.com/adfs/ls/?SAMLRequest=nZLLTsMwEEX3fEXkveOENn1YbaVAhajEI2oLCzbItSdgKbGDxynw97jhVaTCAu9sj%2B6cO3cmKOqq4XnrH80SnlpAH73UlUHefUxJ6wy3AjVyI2pA7iVf5ZcX%2FDhOeOOst9JWJFrMp%2BQexqNhLx1kdLCBEe0PQVKRjiRNVT9T5QjKgRqQ6BYcamumJCiQo%2BjAWSC2sDDohfGhLDnu0aRH02ydjHnW52kShy53JJoHWG2E79QevW%2BQM1Zi3MpNLG3NhCqRVchIdGadhM7jlJSiQgjEWAhEvYXPl4MoxYfDE22UNg9%2Fj2PzXoT8fL0uaHG9Wh8WzRHB7ahPrcG2BrcCt9USbpYX3z4UUIdo09iaTS07P7s7cyAhUDsWXNIQgCKzrslklxfvRuf2EvybWHySkBk29zu1L9kJ2xPca9HwqyCzmBe20vL1P7sSwqiF%2F706jdPuRStadqW8NdiA1KUGRaK8quzzqQPhQ3TetUDY7Oid9ucez94A&RelayState=_e9873165-6be8-47ec-a18c-1d45df8ef6d6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age = 31536000
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options: nosniff
Date: Wed, 15 Mar 2023 09:54:10 GMT
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag: 559755FCDD8C380D22FF7173B086021EEB91F9DBDEBA32FF9326B088623EEBAA
Content-Type: text/css
Content-Length: 30446
X-XSS-Protection: 1; mode=block
Expires: Fri, 14 Apr 2023 08:54:11 GMT

GET
H/1.1 200
OK logo.png
fs.ucb.com/adfs/portal/logo/ 10 KB
10 KB 156ms
55ms Image
image/png 194.187.114.156
AS_SCHWARZ_PHARMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fs.ucb.com/adfs/portal/logo/logo.png?id=32D0B3BB6B453FFD22208FE3FD30B39582CBCEBB82601D5DD102A402DA286BAD

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.187.114.156 Tarcienne, Belgium, ASN35350 (AS_SCHWARZ_PHARMA_AG Alfred-Nobel-Str. 10, BE),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security	max-age = 31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fs.ucb.com/adfs/ls/?SAMLRequest=nZLLTsMwEEX3fEXkveOENn1YbaVAhajEI2oLCzbItSdgKbGDxynw97jhVaTCAu9sj%2B6cO3cmKOqq4XnrH80SnlpAH73UlUHefUxJ6wy3AjVyI2pA7iVf5ZcX%2FDhOeOOst9JWJFrMp%2BQexqNhLx1kdLCBEe0PQVKRjiRNVT9T5QjKgRqQ6BYcamumJCiQo%2BjAWSC2sDDohfGhLDnu0aRH02ydjHnW52kShy53JJoHWG2E79QevW%2BQM1Zi3MpNLG3NhCqRVchIdGadhM7jlJSiQgjEWAhEvYXPl4MoxYfDE22UNg9%2Fj2PzXoT8fL0uaHG9Wh8WzRHB7ahPrcG2BrcCt9USbpYX3z4UUIdo09iaTS07P7s7cyAhUDsWXNIQgCKzrslklxfvRuf2EvybWHySkBk29zu1L9kJ2xPca9HwqyCzmBe20vL1P7sSwqiF%2F706jdPuRStadqW8NdiA1KUGRaK8quzzqQPhQ3TetUDY7Oid9ucez94A&RelayState=_e9873165-6be8-47ec-a18c-1d45df8ef6d6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age = 31536000
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options: nosniff
Date: Wed, 15 Mar 2023 09:54:10 GMT
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag: 32D0B3BB6B453FFD22208FE3FD30B39582CBCEBB82601D5DD102A402DA286BAD
Content-Type: image/png
Content-Length: 10124
X-XSS-Protection: 1; mode=block
Expires: Fri, 14 Apr 2023 08:54:11 GMT

GET
H/1.1 200
OK Primary Request / Show response
fs.ucb.com/adfs/ls/ 32 KB
33 KB 186ms
186ms Document
text/html 194.187.114.156
AS_SCHWARZ_PHARMA...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.187.114.156 Tarcienne, Belgium, ASN35350 (AS_SCHWARZ_PHARMA_AG Alfred-Nobel-Str. 10, BE),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

dbb67c796c7f10d17b429cb8444c9819275709ebfd7c79078c12760af0a27d79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security	max-age = 31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fs.ucb.com/adfs/ls/?SAMLRequest=nZLLTsMwEEX3fEXkveOENn1YbaVAhajEI2oLCzbItSdgKbGDxynw97jhVaTCAu9sj%2B6cO3cmKOqq4XnrH80SnlpAH73UlUHefUxJ6wy3AjVyI2pA7iVf5ZcX%2FDhOeOOst9JWJFrMp%2BQexqNhLx1kdLCBEe0PQVKRjiRNVT9T5QjKgRqQ6BYcamumJCiQo%2BjAWSC2sDDohfGhLDnu0aRH02ydjHnW52kShy53JJoHWG2E79QevW%2BQM1Zi3MpNLG3NhCqRVchIdGadhM7jlJSiQgjEWAhEvYXPl4MoxYfDE22UNg9%2Fj2PzXoT8fL0uaHG9Wh8WzRHB7ahPrcG2BrcCt9USbpYX3z4UUIdo09iaTS07P7s7cyAhUDsWXNIQgCKzrslklxfvRuf2EvybWHySkBk29zu1L9kJ2xPca9HwqyCzmBe20vL1P7sSwqiF%2F706jdPuRStadqW8NdiA1KUGRaK8quzzqQPhQ3TetUDY7Oid9ucez94A&RelayState=_e9873165-6be8-47ec-a18c-1d45df8ef6d6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store
Content-Length: 33054
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Content-Type: text/html; charset=utf-8
Date: Wed, 15 Mar 2023 09:54:10 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age = 31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
fs.ucb.com/adfs/portal/css/ 30 KB
30 KB 64ms
63ms Stylesheet
text/css 194.187.114.156
AS_SCHWARZ_PHARMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://fs.ucb.com/adfs/portal/css/style.css?id=559755FCDD8C380D22FF7173B086021EEB91F9DBDEBA32FF9326B088623EEBAA

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.187.114.156 Tarcienne, Belgium, ASN35350 (AS_SCHWARZ_PHARMA_AG Alfred-Nobel-Str. 10, BE),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

c9130ec8ea178999931fa67e9fb88740d9fecd894333b40860ef89aeda9e9688

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security	max-age = 31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fs.ucb.com/adfs/ls/?SAMLRequest=nZLLTsMwEEX3fEXkveOENn1YbaVAhajEI2oLCzbItSdgKbGDxynw97jhVaTCAu9sj%2B6cO3cmKOqq4XnrH80SnlpAH73UlUHefUxJ6wy3AjVyI2pA7iVf5ZcX%2FDhOeOOst9JWJFrMp%2BQexqNhLx1kdLCBEe0PQVKRjiRNVT9T5QjKgRqQ6BYcamumJCiQo%2BjAWSC2sDDohfGhLDnu0aRH02ydjHnW52kShy53JJoHWG2E79QevW%2BQM1Zi3MpNLG3NhCqRVchIdGadhM7jlJSiQgjEWAhEvYXPl4MoxYfDE22UNg9%2Fj2PzXoT8fL0uaHG9Wh8WzRHB7ahPrcG2BrcCt9USbpYX3z4UUIdo09iaTS07P7s7cyAhUDsWXNIQgCKzrslklxfvRuf2EvybWHySkBk29zu1L9kJ2xPca9HwqyCzmBe20vL1P7sSwqiF%2F706jdPuRStadqW8NdiA1KUGRaK8quzzqQPhQ3TetUDY7Oid9ucez94A&RelayState=_e9873165-6be8-47ec-a18c-1d45df8ef6d6&client-request-id=344f0cec-3e58-4721-b5fb-0080010000c7&pullStatus=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age = 31536000
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options: nosniff
Date: Wed, 15 Mar 2023 09:54:10 GMT
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag: 559755FCDD8C380D22FF7173B086021EEB91F9DBDEBA32FF9326B088623EEBAA
Content-Type: text/css
Content-Length: 30446
X-XSS-Protection: 1; mode=block
Expires: Fri, 14 Apr 2023 08:54:11 GMT

GET
H/1.1 200
OK logo.png
fs.ucb.com/adfs/portal/logo/ 10 KB
10 KB 57ms
57ms Image
image/png 194.187.114.156
AS_SCHWARZ_PHARMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fs.ucb.com/adfs/portal/logo/logo.png?id=32D0B3BB6B453FFD22208FE3FD30B39582CBCEBB82601D5DD102A402DA286BAD

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.187.114.156 Tarcienne, Belgium, ASN35350 (AS_SCHWARZ_PHARMA_AG Alfred-Nobel-Str. 10, BE),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

32d0b3bb6b453ffd22208fe3fd30b39582cbcebb82601d5dd102a402da286bad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security	max-age = 31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fs.ucb.com/adfs/ls/?SAMLRequest=nZLLTsMwEEX3fEXkveOENn1YbaVAhajEI2oLCzbItSdgKbGDxynw97jhVaTCAu9sj%2B6cO3cmKOqq4XnrH80SnlpAH73UlUHefUxJ6wy3AjVyI2pA7iVf5ZcX%2FDhOeOOst9JWJFrMp%2BQexqNhLx1kdLCBEe0PQVKRjiRNVT9T5QjKgRqQ6BYcamumJCiQo%2BjAWSC2sDDohfGhLDnu0aRH02ydjHnW52kShy53JJoHWG2E79QevW%2BQM1Zi3MpNLG3NhCqRVchIdGadhM7jlJSiQgjEWAhEvYXPl4MoxYfDE22UNg9%2Fj2PzXoT8fL0uaHG9Wh8WzRHB7ahPrcG2BrcCt9USbpYX3z4UUIdo09iaTS07P7s7cyAhUDsWXNIQgCKzrslklxfvRuf2EvybWHySkBk29zu1L9kJ2xPca9HwqyCzmBe20vL1P7sSwqiF%2F706jdPuRStadqW8NdiA1KUGRaK8quzzqQPhQ3TetUDY7Oid9ucez94A&RelayState=_e9873165-6be8-47ec-a18c-1d45df8ef6d6&client-request-id=344f0cec-3e58-4721-b5fb-0080010000c7&pullStatus=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age = 31536000
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options: nosniff
Date: Wed, 15 Mar 2023 09:54:10 GMT
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag: 32D0B3BB6B453FFD22208FE3FD30B39582CBCEBB82601D5DD102A402DA286BAD
Content-Type: image/png
Content-Length: 10124
X-XSS-Protection: 1; mode=block
Expires: Fri, 14 Apr 2023 08:54:11 GMT

GET
H/1.1 200
OK illustration.jpg
fs.ucb.com/adfs/portal/illustration/ 334 KB
335 KB 60ms
60ms Image
image/jpeg 194.187.114.156
AS_SCHWARZ_PHARMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fs.ucb.com/adfs/portal/illustration/illustration.jpg?id=EDF48C54D87BC2059A6B7E5AB7B2DC5D5382F28954FC27F65A3091CD830E234D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.187.114.156 Tarcienne, Belgium, ASN35350 (AS_SCHWARZ_PHARMA_AG Alfred-Nobel-Str. 10, BE),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

edf48c54d87bc2059a6b7e5ab7b2dc5d5382f28954fc27f65a3091cd830e234d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security	max-age = 31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fs.ucb.com/adfs/ls/?SAMLRequest=nZLLTsMwEEX3fEXkveOENn1YbaVAhajEI2oLCzbItSdgKbGDxynw97jhVaTCAu9sj%2B6cO3cmKOqq4XnrH80SnlpAH73UlUHefUxJ6wy3AjVyI2pA7iVf5ZcX%2FDhOeOOst9JWJFrMp%2BQexqNhLx1kdLCBEe0PQVKRjiRNVT9T5QjKgRqQ6BYcamumJCiQo%2BjAWSC2sDDohfGhLDnu0aRH02ydjHnW52kShy53JJoHWG2E79QevW%2BQM1Zi3MpNLG3NhCqRVchIdGadhM7jlJSiQgjEWAhEvYXPl4MoxYfDE22UNg9%2Fj2PzXoT8fL0uaHG9Wh8WzRHB7ahPrcG2BrcCt9USbpYX3z4UUIdo09iaTS07P7s7cyAhUDsWXNIQgCKzrslklxfvRuf2EvybWHySkBk29zu1L9kJ2xPca9HwqyCzmBe20vL1P7sSwqiF%2F706jdPuRStadqW8NdiA1KUGRaK8quzzqQPhQ3TetUDY7Oid9ucez94A&RelayState=_e9873165-6be8-47ec-a18c-1d45df8ef6d6&client-request-id=344f0cec-3e58-4721-b5fb-0080010000c7&pullStatus=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age = 31536000
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options: nosniff
Date: Wed, 15 Mar 2023 09:54:10 GMT
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag: EDF48C54D87BC2059A6B7E5AB7B2DC5D5382F28954FC27F65A3091CD830E234D
Content-Type: image/jpeg
Content-Length: 342323
X-XSS-Protection: 1; mode=block
Expires: Fri, 14 Apr 2023 08:54:11 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
de-rsso1.onbmc.com/rsso	1969-12-31 23:59:59	Name: route Value: 1678874051.263.9859.83037
ucb-smartit.onbmc.com/	1969-12-31 23:59:59	Name: route Value: 1678874050.751.14424.786963
ucb-smartit.onbmc.com/	1969-12-31 23:59:59	Name: onbmc_pool Value: !kyOnJCmcT/RypjYZZC5K4Ikvz8SCJG7eaNtH70BG1N3bD+YCrZR+irl7xdBGamaHG/IubvnZLc5PHgM=
de-rsso1.onbmc.com/	1969-12-31 23:59:59	Name: onbmc_pool Value: !I78chPfvpbzZxKO/KSk+mFlNJC4htX7aBwqzwVYkc6mjC6ZdtDUKUVvRzwrlAbwHwOW4WeLOPFya0g==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ucb-smartit.onbmc.com/smartit/app Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

de-rsso1.onbmc.com
fs.ucb.com
ucb-smartit.onbmc.com
194.187.114.156
3.124.221.156
3.64.94.112
32d0b3bb6b453ffd22208fe3fd30b39582cbcebb82601d5dd102a402da286bad
c9130ec8ea178999931fa67e9fb88740d9fecd894333b40860ef89aeda9e9688
dbb67c796c7f10d17b429cb8444c9819275709ebfd7c79078c12760af0a27d79
dc8393b96eee1fa39a709f39f446417faf470797422bf995fec10bf8a785faba
edf48c54d87bc2059a6b7e5ab7b2dc5d5382f28954fc27f65a3091cd830e234d

fs.ucb.com Open in urlscan Pro 194.187.114.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

484 kBTransfer

480 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

fs.ucb.com Open in urlscan Pro
194.187.114.156 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

484 kB
Transfer

480 kB
Size

4
Cookies

10 HTTP transactions
0 data transactions