val.intuitive.bsi-ctms.com Open in urlscan Pro
3.72.225.125 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://val.intuitive.bsi-ctms.com/
Effective URL:
https://val.intuitive.bsi-ctms.com/bsictms/
Submission: On June 12 via api (June 12th 2024, 6:39:55 am UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 3.72.225.125, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is val.intuitive.bsi-ctms.com.
TLS certificate: Issued by R11 on June 11th 2024. Valid for: 3 months.

This is the only time val.intuitive.bsi-ctms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 12	3.72.225.125 3.72.225.125		16509 (AMAZON-02) (AMAZON-02)
11	1

12 3.72.225.125 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-225-125.eu-central-1.compute.amazonaws.com

val.intuitive.bsi-ctms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	bsi-ctms.com 1 redirects val.intuitive.bsi-ctms.com	553 KB
11	1

	Domain	Requested by
12	val.intuitive.bsi-ctms.com	1 redirects val.intuitive.bsi-ctms.com
11	1

This site contains no links.

Subject Issuer	Validity	Valid
val.intuitive.bsi-ctms.com R11	`2024-06-11` - `2024-09-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://val.intuitive.bsi-ctms.com/bsictms/
Frame ID: 7CF75366E3096BF3E958C668585D7633
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BSI CTMS

Page URL History Show full URLs

http://val.intuitive.bsi-ctms.com/ HTTP 307
https://val.intuitive.bsi-ctms.com/ HTTP 302
https://val.intuitive.bsi-ctms.com/bsictms/ Page URL

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

553 kB
Transfer

2642 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://val.intuitive.bsi-ctms.com/ HTTP 307
https://val.intuitive.bsi-ctms.com/ HTTP 302
https://val.intuitive.bsi-ctms.com/bsictms/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
val.intuitive.bsi-ctms.com/bsictms/
Redirect Chain

http://val.intuitive.bsi-ctms.com/
https://val.intuitive.bsi-ctms.com/
https://val.intuitive.bsi-ctms.com/bsictms/

3 KB
4 KB

10ms
10ms

Document
text/html

3.72.225.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://val.intuitive.bsi-ctms.com/bsictms/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.225.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-225-125.eu-central-1.compute.amazonaws.com

Software

Resource Hash

7d3c47d2ba449f6d96acb2ab55ce41215b4b07360e27cc39a5b7fa20ce8938a8

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src ; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=0, must-revalidate
content-length: 3154
content-security-policy: img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src *; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://*.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
content-type: text/html;charset=UTF-8
date: Wed, 12 Jun 2024 06:39:51 GMT
etag: W/"3154-2649038105"
last-modified: Tue, 11 Jun 2024 17:45:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 138
content-type: text/html
date: Wed, 12 Jun 2024 06:39:51 GMT
location: https://val.intuitive.bsi-ctms.com/bsictms/
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 standard-theme-40ff2f111c2174492464.min.css
val.intuitive.bsi-ctms.com/bsictms/ 885 KB
79 KB 48ms
47ms Stylesheet
text/css 3.72.225.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://val.intuitive.bsi-ctms.com/bsictms/standard-theme-40ff2f111c2174492464.min.css

Requested by

Host: val.intuitive.bsi-ctms.com
URL: https://val.intuitive.bsi-ctms.com/bsictms/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.225.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-225-125.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e9d4d2c523acde4f8578c68bb4baa603edd6f40ae10151403fcbd86cf04fdf68

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src ; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://val.intuitive.bsi-ctms.com/bsictms/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 06:39:51 GMT
content-security-policy: img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src *; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://*.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
content-encoding: gzip
etag: W/"905943-2514447730"
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
cache-control: private, max-age=31536000, s-maxage=31536000
content-length: 80058
x-xss-protection: 1; mode=block

GET
H2 200 vendors~standard~login~logout~spnego-3717eef571e3b5f183b5.min.js Show response
val.intuitive.bsi-ctms.com/bsictms/ 509 KB
127 KB 59ms
58ms Script
application/javascript 3.72.225.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://val.intuitive.bsi-ctms.com/bsictms/vendors~standard~login~logout~spnego-3717eef571e3b5f183b5.min.js

Requested by

Host: val.intuitive.bsi-ctms.com
URL: https://val.intuitive.bsi-ctms.com/bsictms/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.225.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-225-125.eu-central-1.compute.amazonaws.com

Software

Resource Hash

2c6386395149927f26de6e2eccb7e65464c4727db7c7be6a7a4e302f93956bdc

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src ; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://val.intuitive.bsi-ctms.com/bsictms/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 06:39:51 GMT
content-security-policy: img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src *; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://*.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
content-encoding: gzip
etag: W/"521269-2841104458"
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
cache-control: private, max-age=31536000, s-maxage=31536000
content-length: 129489
x-xss-protection: 1; mode=block

GET
H2 200 vendors~standard~login~logout~spnego~office-addin-b75ce0d2a57312eb5dda.min.js Show response
val.intuitive.bsi-ctms.com/bsictms/ 28 KB
8 KB 36ms
36ms Script
application/javascript 3.72.225.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://val.intuitive.bsi-ctms.com/bsictms/vendors~standard~login~logout~spnego~office-addin-b75ce0d2a57312eb5dda.min.js

Requested by

Host: val.intuitive.bsi-ctms.com
URL: https://val.intuitive.bsi-ctms.com/bsictms/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.225.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-225-125.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0eff450cb1a63aff2d5e7872930db5b6d8daf725006a49c53c95481dc70b8f08

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src ; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://val.intuitive.bsi-ctms.com/bsictms/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 06:39:51 GMT
content-security-policy: img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src *; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://*.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
content-encoding: gzip
etag: W/"28439-2396153668"
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
cache-control: private, max-age=31536000, s-maxage=31536000
content-length: 7737
x-xss-protection: 1; mode=block

GET
H2 200 vendors~login~spnego-55a0f5803abe5cf17a21.min.js Show response
val.intuitive.bsi-ctms.com/bsictms/ 27 KB
10 KB 43ms
42ms Script
application/javascript 3.72.225.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://val.intuitive.bsi-ctms.com/bsictms/vendors~login~spnego-55a0f5803abe5cf17a21.min.js

Requested by

Host: val.intuitive.bsi-ctms.com
URL: https://val.intuitive.bsi-ctms.com/bsictms/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.225.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-225-125.eu-central-1.compute.amazonaws.com

Software

Resource Hash

cb39f73a12ef496accd8c3657364cb73458d0142a8a2759f35207807cbf61416

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src ; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://val.intuitive.bsi-ctms.com/bsictms/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 06:39:51 GMT
content-security-policy: img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src *; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://*.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
content-encoding: gzip
etag: W/"27524-1574944504"
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
cache-control: private, max-age=31536000, s-maxage=31536000
content-length: 9560
x-xss-protection: 1; mode=block

GET
H2 200 login-c2b67912afa318b9c4a8.min.js Show response
val.intuitive.bsi-ctms.com/bsictms/ 1 KB
1 KB 35ms
34ms Script
application/javascript 3.72.225.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://val.intuitive.bsi-ctms.com/bsictms/login-c2b67912afa318b9c4a8.min.js

Requested by

Host: val.intuitive.bsi-ctms.com
URL: https://val.intuitive.bsi-ctms.com/bsictms/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.225.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-225-125.eu-central-1.compute.amazonaws.com

Software

Resource Hash

c24776437fa30c001b362df8eceef4bcff4656e3c026539044ea5db1f5a6b4d7

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src ; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://val.intuitive.bsi-ctms.com/bsictms/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 06:39:51 GMT
content-security-policy: img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src *; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://*.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
content-encoding: gzip
etag: W/"1446-2535775063"
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
cache-control: private, max-age=31536000, s-maxage=31536000
content-length: 844
x-xss-protection: 1; mode=block

GET
H2 200 vendors~standard~login~logout~spnego~office-addin~office-addin-dialog-99863a8da4ab05e04f58.min.js Show response
val.intuitive.bsi-ctms.com/bsictms/ 1 MB
274 KB 80ms
79ms Script
application/javascript 3.72.225.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://val.intuitive.bsi-ctms.com/bsictms/vendors~standard~login~logout~spnego~office-addin~office-addin-dialog-99863a8da4ab05e04f58.min.js

Requested by

Host: val.intuitive.bsi-ctms.com
URL: https://val.intuitive.bsi-ctms.com/bsictms/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.225.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-225-125.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e2045d3dc2bb8f2a9fe7d81cb1909f56ac9b452f63d286dc6d765821cbe63394

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src ; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://val.intuitive.bsi-ctms.com/bsictms/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 06:39:51 GMT
content-security-policy: img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src *; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://*.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
content-encoding: gzip
etag: W/"1170071-1753050771"
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
cache-control: private, max-age=31536000, s-maxage=31536000
content-length: 279609
x-xss-protection: 1; mode=block

GET
H2 200 open-sans-v18-latin-regular.woff2
val.intuitive.bsi-ctms.com/bsictms/fonts/ 14 KB
15 KB 261ms
261ms Font
font/woff2 3.72.225.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://val.intuitive.bsi-ctms.com/bsictms/fonts/open-sans-v18-latin-regular.woff2

Requested by

Host: val.intuitive.bsi-ctms.com
URL: https://val.intuitive.bsi-ctms.com/bsictms/standard-theme-40ff2f111c2174492464.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.225.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-225-125.eu-central-1.compute.amazonaws.com

Software

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src ; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://val.intuitive.bsi-ctms.com/bsictms/standard-theme-40ff2f111c2174492464.min.css
Origin: https://val.intuitive.bsi-ctms.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 06:39:51 GMT
content-security-policy: img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src *; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://*.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
etag: W/"14380-2639121480"
x-frame-options: SAMEORIGIN
content-type: font/woff2;charset=UTF-8
cache-control: private, max-age=14400, s-maxage=14400
content-length: 14380
x-xss-protection: 1; mode=block

GET
H2 200 open-sans-v18-latin-600.woff2
val.intuitive.bsi-ctms.com/bsictms/fonts/ 15 KB
15 KB 10ms
10ms Font
font/woff2 3.72.225.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://val.intuitive.bsi-ctms.com/bsictms/fonts/open-sans-v18-latin-600.woff2

Requested by

Host: val.intuitive.bsi-ctms.com
URL: https://val.intuitive.bsi-ctms.com/bsictms/standard-theme-40ff2f111c2174492464.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.225.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-225-125.eu-central-1.compute.amazonaws.com

Software

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src ; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://val.intuitive.bsi-ctms.com/bsictms/standard-theme-40ff2f111c2174492464.min.css
Origin: https://val.intuitive.bsi-ctms.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 06:39:51 GMT
content-security-policy: img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src *; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://*.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
etag: W/"14880-2523259900"
x-frame-options: SAMEORIGIN
content-type: font/woff2;charset=UTF-8
cache-control: private, max-age=14400, s-maxage=14400
content-length: 14880
x-xss-protection: 1; mode=block

GET
H2 200 logo.png
val.intuitive.bsi-ctms.com/bsictms/ 7 KB
8 KB 10ms
9ms Image
image/png 3.72.225.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://val.intuitive.bsi-ctms.com/bsictms/logo.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.225.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-225-125.eu-central-1.compute.amazonaws.com

Software

Resource Hash

c381770d8ee724ce619142ee79510b1cfee055950b937dea3cea734c790c90a2

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src ; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://val.intuitive.bsi-ctms.com/bsictms/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 06:39:51 GMT
content-security-policy: img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src *; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://*.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
etag: W/"7299-2978871052"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
cache-control: private, max-age=14400, s-maxage=14400
content-length: 7299
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
val.intuitive.bsi-ctms.com/bsictms/favicon/ 11 KB
11 KB 9ms
9ms Other
image/x-icon 3.72.225.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://val.intuitive.bsi-ctms.com/bsictms/favicon/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.225.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-225-125.eu-central-1.compute.amazonaws.com

Software

Resource Hash

dc9277d5398fef857f8b86c47f5096bfbf659041e574a35336fe748a0a37893f

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src ; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://val.intuitive.bsi-ctms.com/bsictms/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 06:39:51 GMT
content-security-policy: img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src *; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://*.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
etag: W/"10990-113984475"
x-frame-options: SAMEORIGIN
content-type: image/x-icon;charset=UTF-8
cache-control: private, max-age=14400, s-maxage=14400
content-length: 10990
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunk_bsi_ctms_standard function| $ object| scout

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			val.intuitive.bsi-ctms.com/bsictms/	1969-12-31 23:59:59	Name: BSICTMS_ID Value: 2658f27da2b9803358b563ddda2d7297\|2512e014e43eaa184110b75ae3823a68

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://val.intuitive.bsi-ctms.com/bsictms/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; child-src ; connect-src 'self' https://appsforoffice.microsoft.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self' https://.officeapps.live.com/ https://*.sharepoint.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://maps.googleapis.com https://maps.gstatic.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

val.intuitive.bsi-ctms.com
3.72.225.125
0eff450cb1a63aff2d5e7872930db5b6d8daf725006a49c53c95481dc70b8f08
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
2c6386395149927f26de6e2eccb7e65464c4727db7c7be6a7a4e302f93956bdc
7d3c47d2ba449f6d96acb2ab55ce41215b4b07360e27cc39a5b7fa20ce8938a8
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
c24776437fa30c001b362df8eceef4bcff4656e3c026539044ea5db1f5a6b4d7
c381770d8ee724ce619142ee79510b1cfee055950b937dea3cea734c790c90a2
cb39f73a12ef496accd8c3657364cb73458d0142a8a2759f35207807cbf61416
dc9277d5398fef857f8b86c47f5096bfbf659041e574a35336fe748a0a37893f
e2045d3dc2bb8f2a9fe7d81cb1909f56ac9b452f63d286dc6d765821cbe63394
e9d4d2c523acde4f8578c68bb4baa603edd6f40ae10151403fcbd86cf04fdf68

val.intuitive.bsi-ctms.com Open in urlscan Pro 3.72.225.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

553 kBTransfer

2642 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

val.intuitive.bsi-ctms.com Open in urlscan Pro
3.72.225.125 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

553 kB
Transfer

2642 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions