urlscan.io logo urlscan.io
SecurityTrails logo

login-int-dev.bit2win.cloud Open in urlscan Pro
34.79.20.155  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://platform.internal-dev-01.bit2win.cloud/
Effective URL: https://login-int-dev.bit2win.cloud/auth/realms/internal-dev-01/protocol/openid-connect/auth?nonce=b03a4a16f697c103278678b1f7f7ea8f&...
Submission: On March 20 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 12 HTTP transactions. The main IP is 34.79.20.155, located in Brussels, Belgium and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is login-int-dev.bit2win.cloud.
TLS certificate: Issued by R3 on February 23rd 2024. Valid for: 3 months.
This is the only time login-int-dev.bit2win.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.79.106.35 396982 (GOOGLE-CL...)
8 34.79.20.155 396982 (GOOGLE-CL...)
1 34.96.113.75 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
12 4
1    34.79.106.35 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 35.106.79.34.bc.googleusercontent.com
platform.internal-dev-01.bit2win.cloud
8    34.79.20.155 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 155.20.79.34.bc.googleusercontent.com
login-int-dev.bit2win.cloud
1    34.96.113.75 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 75.113.96.34.bc.googleusercontent.com
cdn.bit2win.cloud
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 bit2win.cloud
platform.internal-dev-01.bit2win.cloud
login-int-dev.bit2win.cloud
cdn.bit2win.cloud
31 KB
2 gstatic.com
fonts.gstatic.com
97 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
12 3
Domain Requested by
8 login-int-dev.bit2win.cloud login-int-dev.bit2win.cloud
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com login-int-dev.bit2win.cloud
1 cdn.bit2win.cloud login-int-dev.bit2win.cloud
1 platform.internal-dev-01.bit2win.cloud 1 redirects
12 5

This site contains links to these domains. Also see Links.

Domain
www.bit2win.com
Subject Issuer Validity Valid
login-int-dev.bit2win.cloud
R3		 2024-02-23 -
2024-05-23		 3 months crt.sh
cdn.bit2win.cloud
GTS CA 1D4		 2024-01-22 -
2024-04-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://login-int-dev.bit2win.cloud/auth/realms/internal-dev-01/protocol/openid-connect/auth?nonce=b03a4a16f697c103278678b1f7f7ea8f&redirect_uri=https%3A%2F%2Fplatform.internal-dev-01.bit2win.cloud%2Foauth2%2Fcallback&state=01b11595063e79eaae62bdd1a69bafdd&client_id=client-internal-dev-01&scope=openid%20profile%20email&response_type=code
Frame ID: 08279216F00B246BDD52F756D69D76B4
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Administration Portal | Bit2win

Page URL History Show full URLs

  1. https://platform.internal-dev-01.bit2win.cloud/ HTTP 302
    https://login-int-dev.bit2win.cloud/auth/realms/internal-dev-01/protocol/openid-connect/auth?nonce=b03a4a16f697c... Page URL

Page Statistics

12
Requests

100 %
HTTPS

40 %
IPv6

3
Domains

5
Subdomains

4
IPs

3
Countries

128 kB
Transfer

154 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://platform.internal-dev-01.bit2win.cloud/ HTTP 302
    https://login-int-dev.bit2win.cloud/auth/realms/internal-dev-01/protocol/openid-connect/auth?nonce=b03a4a16f697c103278678b1f7f7ea8f&redirect_uri=https%3A%2F%2Fplatform.internal-dev-01.bit2win.cloud%2Foauth2%2Fcallback&state=01b11595063e79eaae62bdd1a69bafdd&client_id=client-internal-dev-01&scope=openid%20profile%20email&response_type=code Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth
login-int-dev.bit2win.cloud/auth/realms/internal-dev-01/protocol/openid-connect/
Redirect Chain
  • https://platform.internal-dev-01.bit2win.cloud/
  • https://login-int-dev.bit2win.cloud/auth/realms/internal-dev-01/protocol/openid-connect/auth?nonce=b03a4a16f697c103278678b1f7f7ea8f&redirect_uri=https%3A%2F%2Fplatform.internal-dev-01.bit2win.cloud...
5 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login-int-dev.bit2win.cloud/auth/realms/internal-dev-01/protocol/openid-connect/auth?nonce=b03a4a16f697c103278678b1f7f7ea8f&redirect_uri=https%3A%2F%2Fplatform.internal-dev-01.bit2win.cloud%2Foauth2%2Fcallback&state=01b11595063e79eaae62bdd1a69bafdd&client_id=client-internal-dev-01&scope=openid%20profile%20email&response_type=code
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.79.20.155 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
155.20.79.34.bc.googleusercontent.com
Software
APISIX /
Resource Hash
9d714aabda7855161a494693da59a57a689ec100cbab8ad8e5d589920f7b600a
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://www.google.com; frame-ancestors 'self' https://play.bit2win.cloud https://cushmanwakefield-play.bit2win.cloud https://fidelity.portedimestre.it; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.google.com
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, must-revalidate, max-age=0
content-language
en
content-length
5383
content-security-policy
frame-src 'self' https://www.google.com; frame-ancestors 'self' https://play.bit2win.cloud https://cushmanwakefield-play.bit2win.cloud https://fidelity.portedimestre.it; object-src 'none';
content-type
text/html;charset=utf-8
referrer-policy
no-referrer
server
APISIX
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
ALLOW-FROM https://www.google.com
x-robots-tag
none
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, no-store, max-age=0
content-length
217
content-security-policy
frame-src 'self'; frame-ancestors 'self';
content-type
text/html
date
Wed, 20 Mar 2024 17:32:56 GMT
location
https://login-int-dev.bit2win.cloud/auth/realms/internal-dev-01/protocol/openid-connect/auth?nonce=b03a4a16f697c103278678b1f7f7ea8f&redirect_uri=https%3A%2F%2Fplatform.internal-dev-01.bit2win.cloud%2Foauth2%2Fcallback&state=01b11595063e79eaae62bdd1a69bafdd&client_id=client-internal-dev-01&scope=openid%20profile%20email&response_type=code
server
APISIX
strict-transport-security
max-age=86400; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
40ceaf8a2c67e037b1d35282b0ff72b9
style.css
cdn.bit2win.cloud/static/css/ 		13 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.bit2win.cloud/static/css/style.css
Requested by
Host: login-int-dev.bit2win.cloud
URL: https://login-int-dev.bit2win.cloud/auth/realms/internal-dev-01/protocol/openid-connect/auth?nonce=b03a4a16f697c103278678b1f7f7ea8f&redirect_uri=https%3A%2F%2Fplatform.internal-dev-01.bit2win.cloud%2Foauth2%2Fcallback&state=01b11595063e79eaae62bdd1a69bafdd&client_id=client-internal-dev-01&scope=openid%20profile%20email&response_type=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.113.75 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.113.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
342c6fa8e57c9cab0c88d036220747d5e35dfb4f8aca41940b3122f189d145b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 17:32:57 GMT
age
0
x-guploader-uploadid
ABPtcPqnBRN6IyJKKp3v-WrR6R_EbdC_qNV9gL_Rax3z-wS-CQzOUW1gHqLJHo3FWl9V4K4kZabVD-CExA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
last-modified
Mon, 15 Jan 2024 10:55:21 GMT
server
UploadServer
etag
"d1082560f9f608ac1056b61e69db9b04"
x-goog-generation
1705316121143556
x-goog-hash
crc32c=QRfyVw==, md5=0QglYPn2CKwQVrYeadubBA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=300
x-goog-stored-content-length
13035
accept-ranges
bytes
content-type
text/css
common.css
login-int-dev.bit2win.cloud/auth/resources/8vcuf/login/bit2win/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-int-dev.bit2win.cloud/auth/resources/8vcuf/login/bit2win/css/common.css
Requested by
Host: login-int-dev.bit2win.cloud
URL: https://login-int-dev.bit2win.cloud/auth/realms/internal-dev-01/protocol/openid-connect/auth?nonce=b03a4a16f697c103278678b1f7f7ea8f&redirect_uri=https%3A%2F%2Fplatform.internal-dev-01.bit2win.cloud%2Foauth2%2Fcallback&state=01b11595063e79eaae62bdd1a69bafdd&client_id=client-internal-dev-01&scope=openid%20profile%20email&response_type=code
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.79.20.155 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
155.20.79.34.bc.googleusercontent.com
Software
APISIX /
Resource Hash
1df5b984ef55ee18480f85a249fc1f4e9b8cfffc1ecde0b94c8dc9d4a84e278d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
server
APISIX
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
content-length
2522
x-xss-protection
1; mode=block
login.css
login-int-dev.bit2win.cloud/auth/resources/8vcuf/login/bit2win/css/ 		981 B
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-int-dev.bit2win.cloud/auth/resources/8vcuf/login/bit2win/css/login.css
Requested by
Host: login-int-dev.bit2win.cloud
URL: https://login-int-dev.bit2win.cloud/auth/realms/internal-dev-01/protocol/openid-connect/auth?nonce=b03a4a16f697c103278678b1f7f7ea8f&redirect_uri=https%3A%2F%2Fplatform.internal-dev-01.bit2win.cloud%2Foauth2%2Fcallback&state=01b11595063e79eaae62bdd1a69bafdd&client_id=client-internal-dev-01&scope=openid%20profile%20email&response_type=code
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.79.20.155 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
155.20.79.34.bc.googleusercontent.com
Software
APISIX /
Resource Hash
eb46d55263a9c671ae4bee1bb91630e63b7fd844c6f40f891cc5beb99f4f56c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
server
APISIX
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
content-length
403
x-xss-protection
1; mode=block
register.css
login-int-dev.bit2win.cloud/auth/resources/8vcuf/login/bit2win/css/ 		85 B
310 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-int-dev.bit2win.cloud/auth/resources/8vcuf/login/bit2win/css/register.css
Requested by
Host: login-int-dev.bit2win.cloud
URL: https://login-int-dev.bit2win.cloud/auth/realms/internal-dev-01/protocol/openid-connect/auth?nonce=b03a4a16f697c103278678b1f7f7ea8f&redirect_uri=https%3A%2F%2Fplatform.internal-dev-01.bit2win.cloud%2Foauth2%2Fcallback&state=01b11595063e79eaae62bdd1a69bafdd&client_id=client-internal-dev-01&scope=openid%20profile%20email&response_type=code
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.79.20.155 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
155.20.79.34.bc.googleusercontent.com
Software
APISIX /
Resource Hash
074b866c5e3879315588eaaf42ce817191937c3945e90a35cf6b4aecc8b9d13d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
server
APISIX
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
content-length
98
x-xss-protection
1; mode=block
reset-password.css
login-int-dev.bit2win.cloud/auth/resources/8vcuf/login/bit2win/css/ 		0
232 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-int-dev.bit2win.cloud/auth/resources/8vcuf/login/bit2win/css/reset-password.css
Requested by
Host: login-int-dev.bit2win.cloud
URL: https://login-int-dev.bit2win.cloud/auth/realms/internal-dev-01/protocol/openid-connect/auth?nonce=b03a4a16f697c103278678b1f7f7ea8f&redirect_uri=https%3A%2F%2Fplatform.internal-dev-01.bit2win.cloud%2Foauth2%2Fcallback&state=01b11595063e79eaae62bdd1a69bafdd&client_id=client-internal-dev-01&scope=openid%20profile%20email&response_type=code
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.79.20.155 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
155.20.79.34.bc.googleusercontent.com
Software
APISIX /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
server
APISIX
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
content-length
20
x-xss-protection
1; mode=block
form-validation.js
login-int-dev.bit2win.cloud/auth/resources/8vcuf/login/bit2win/js/ 		1 KB
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://login-int-dev.bit2win.cloud/auth/resources/8vcuf/login/bit2win/js/form-validation.js
Requested by
Host: login-int-dev.bit2win.cloud
URL: https://login-int-dev.bit2win.cloud/auth/realms/internal-dev-01/protocol/openid-connect/auth?nonce=b03a4a16f697c103278678b1f7f7ea8f&redirect_uri=https%3A%2F%2Fplatform.internal-dev-01.bit2win.cloud%2Foauth2%2Fcallback&state=01b11595063e79eaae62bdd1a69bafdd&client_id=client-internal-dev-01&scope=openid%20profile%20email&response_type=code
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.79.20.155 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
155.20.79.34.bc.googleusercontent.com
Software
APISIX /
Resource Hash
cc4f64665cc4c5db84fa78271b6bf32f209131f4d7604e6eaf7ed40a887fc7ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
server
APISIX
content-type
text/javascript;charset=UTF-8
cache-control
max-age=2592000
content-length
390
x-xss-protection
1; mode=block
variables.css
login-int-dev.bit2win.cloud/auth/resources/8vcuf/login/bit2win/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-int-dev.bit2win.cloud/auth/resources/8vcuf/login/bit2win/css/variables.css
Requested by
Host: login-int-dev.bit2win.cloud
URL: https://login-int-dev.bit2win.cloud/auth/resources/8vcuf/login/bit2win/css/common.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.79.20.155 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
155.20.79.34.bc.googleusercontent.com
Software
APISIX /
Resource Hash
e547f6acccb3f989fc061f260c2573c4c48c50722ec14742e83c620773e001d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
server
APISIX
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
content-length
1090
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Requested by
Host: login-int-dev.bit2win.cloud
URL: https://login-int-dev.bit2win.cloud/auth/resources/8vcuf/login/bit2win/css/variables.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8047dbcd2ecae6ddeba40a8ffcfa17f9e9b38748b0c19753d29318350d773640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Mar 2024 17:32:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Mar 2024 17:32:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Mar 2024 17:32:57 GMT
logo.png
login-int-dev.bit2win.cloud/auth/resources/8vcuf/login/bit2win/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login-int-dev.bit2win.cloud/auth/resources/8vcuf/login/bit2win/img/logo.png
Requested by
Host: login-int-dev.bit2win.cloud
URL: https://login-int-dev.bit2win.cloud/auth/resources/8vcuf/login/bit2win/css/common.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.79.20.155 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
155.20.79.34.bc.googleusercontent.com
Software
APISIX /
Resource Hash
0cebc4baa33bccf702dc7769fe9535e1b05bd7b4e887b409dc3c989bc2c02609
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
server
APISIX
content-type
image/png
cache-control
max-age=2592000
content-length
4117
x-xss-protection
1; mode=block
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login-int-dev.bit2win.cloud
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 04:05:20 GMT
x-content-type-options
nosniff
age
134857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 04:05:20 GMT
1Ptsg8zYS_SKggPNyCg4TYFq.woff2
fonts.gstatic.com/s/raleway/v29/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4TYFq.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
039ddf14394e123b661886c7f7342ad63a40000003933122b7eb1ad0228e5077
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login-int-dev.bit2win.cloud
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 20:12:18 GMT
x-content-type-options
nosniff
age
163239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50400
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:55:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Mar 2025 20:12:18 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
login-int-dev.bit2win.cloud/auth/realms/internal-dev-01/ Name: AUTH_SESSION_ID
Value: 76a04ea3-80e0-4d7d-92f0-75476a331041.keycloak-int-dev-keycloak-1-50995
login-int-dev.bit2win.cloud/auth/realms/internal-dev-01/ Name: AUTH_SESSION_ID_LEGACY
Value: 76a04ea3-80e0-4d7d-92f0-75476a331041.keycloak-int-dev-keycloak-1-50995
login-int-dev.bit2win.cloud/auth/realms/internal-dev-01/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI0NTdiOThlNS1hNjNiLTQ5MDgtOTU3Mi1iYjkwZGFhNDk0MDYifQ.eyJjaWQiOiJjbGllbnQtaW50ZXJuYWwtZGV2LTAxIiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9wbGF0Zm9ybS5pbnRlcm5hbC1kZXYtMDEuYml0Mndpbi5jbG91ZC9vYXV0aDIvY2FsbGJhY2siLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJzY29wZSI6Im9wZW5pZCBwcm9maWxlIGVtYWlsIiwiaXNzIjoiaHR0cHM6Ly9sb2dpbi1pbnQtZGV2LmJpdDJ3aW4uY2xvdWQvYXV0aC9yZWFsbXMvaW50ZXJuYWwtZGV2LTAxIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL3BsYXRmb3JtLmludGVybmFsLWRldi0wMS5iaXQyd2luLmNsb3VkL29hdXRoMi9jYWxsYmFjayIsInN0YXRlIjoiMDFiMTE1OTUwNjNlNzllYWFlNjJiZGQxYTY5YmFmZGQiLCJub25jZSI6ImIwM2E0YTE2ZjY5N2MxMDMyNzg2NzhiMWY3ZjdlYThmIn19.WamyKxfozVj7F02bxsJR5ITvuPK8FrkL0SfeFbl_KHs
.internal-dev-01.bit2win.cloud/ Name: bit2win_session_cookie
Value: pMocUoZTDYk62zzfnKHCaQ|1710959576|BZz_1W7CM3KjE-d-5bODFHYejFvr597EQ0TB79shORO4AfLLlI4zWntlQFN9S-5RANlPo29SmLsq8Y7ztKMj3UfykN3lL5hUvA9AxnQ5VZaoJnTMlglWEkfCdwenBP7sQuLlv93a5F2WwZRTdtuwXjQlZf3ypM2E3XuOkaKZ6NnIsUxHoyhQuEYhi2HjCZ2UfHdTO4eNEJMUSqJnGbEgQMQxINeN9fDfcqGM1eJ2vq8|BomIzzTYDAE-RXomvf3CUlSmtgA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src 'self' https://www.google.com; frame-ancestors 'self' https://play.bit2win.cloud https://cushmanwakefield-play.bit2win.cloud https://fidelity.portedimestre.it; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.google.com
X-Xss-Protection 1; mode=block