urlscan.io logo urlscan.io
SecurityTrails logo

api.sta1.com Open in urlscan Pro
104.248.177.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://api.sta1.com/
Effective URL: http://api.sta1.com/bo/login
Submission: On March 20 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 23 HTTP transactions. The main IP is 104.248.177.25, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is api.sta1.com.
This is the only time api.sta1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 104.248.177.25 14061 (DIGITALOC...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
23 5
18    104.248.177.25 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
api.sta1.com
1    2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)
apis.google.com
2    2607:f8b0:4004:c1b::54 (Washington, United States)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
18 sta1.com
api.sta1.com
935 KB
4 google.com
apis.google.com — Cisco Umbrella Rank: 259
accounts.google.com — Cisco Umbrella Rank: 62
80 KB
1 gstatic.com
www.gstatic.com
38 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
23 4
Domain Requested by
18 api.sta1.com 1 redirects api.sta1.com
2 accounts.google.com apis.google.com
www.gstatic.com
2 apis.google.com api.sta1.com
apis.google.com
1 www.gstatic.com accounts.google.com
1 fonts.googleapis.com api.sta1.com
23 5

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://api.sta1.com/bo/login
Frame ID: 9623A3CFA56E6546FF4B6C9F1C34FC19
Requests: 20 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: DCD33A39F98B1E906345D3E841B7F0F5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[BackOffice] sta1.com

Page URL History Show full URLs

  1. https://api.sta1.com/ HTTP 302
    http://api.sta1.com/bo/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-client_id
  • <meta[^>]*google-signin-scope
  • <iframe[^>]*accounts\.google\.com/o/oauth2
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

23
Requests

26 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

1053 kB
Transfer

1273 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://api.sta1.com/ HTTP 302
    http://api.sta1.com/bo/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
api.sta1.com/bo/
Redirect Chain
  • https://api.sta1.com/
  • http://api.sta1.com/bo/login
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://api.sta1.com/bo/login
Protocol
HTTP/1.1
Server
104.248.177.25 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
41f63a6a4238903d62b94bbd4ad7cbc7d4167d3a90d0858359fbb825ee3d0f1c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Language
en-US
Content-Length
2821
Content-Type
text/html;charset=UTF-8
Date
Wed, 20 Mar 2024 21:35:45 GMT
P3P
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC", policyref="/w3c/p3p.xml"
Server
nginx/1.15.12

Redirect headers

Connection
keep-alive
Content-Language
en-US
Content-Length
0
Date
Wed, 20 Mar 2024 21:35:44 GMT
Location
http://api.sta1.com/bo/login
Server
nginx/1.15.12
bootstrap.min.css
api.sta1.com/assets/bo/lte/bower_components/bootstrap/dist/css/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://api.sta1.com/assets/bo/lte/bower_components/bootstrap/dist/css/bootstrap.min.css
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
HTTP/1.1
Server
104.248.177.25 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/bo/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 21:35:45 GMT
Last-Modified
Tue, 30 Jul 2019 14:17:46 GMT
Server
nginx/1.15.12
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
121200
font-awesome.min.css
api.sta1.com/assets/bo/lte/bower_components/font-awesome/css/ 		30 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://api.sta1.com/assets/bo/lte/bower_components/font-awesome/css/font-awesome.min.css
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
HTTP/1.1
Server
104.248.177.25 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
5f3cfe5215fdc81e81813e678931037afc4493ca19607be1a5ab2a6d04933050

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/bo/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 21:35:45 GMT
Last-Modified
Tue, 30 Jul 2019 14:17:46 GMT
Server
nginx/1.15.12
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31011
ionicons.min.css
api.sta1.com/assets/bo/lte/bower_components/Ionicons/css/ 		50 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://api.sta1.com/assets/bo/lte/bower_components/Ionicons/css/ionicons.min.css
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
HTTP/1.1
Server
104.248.177.25 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/bo/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 21:35:45 GMT
Last-Modified
Tue, 30 Jul 2019 14:17:46 GMT
Server
nginx/1.15.12
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51284
AdminLTE.min.css
api.sta1.com/assets/bo/lte/dist/css/ 		89 KB
90 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://api.sta1.com/assets/bo/lte/dist/css/AdminLTE.min.css
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
HTTP/1.1
Server
104.248.177.25 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
dd189e7bccc19446cb5725d3a6b480c0015566c584faefd8cc8a691cddb17931

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/bo/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 21:35:45 GMT
Last-Modified
Tue, 30 Jul 2019 14:17:46 GMT
Server
nginx/1.15.12
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91484
blue.css
api.sta1.com/assets/bo/lte/plugins/iCheck/square/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://api.sta1.com/assets/bo/lte/plugins/iCheck/square/blue.css
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
HTTP/1.1
Server
104.248.177.25 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
467fefb5320f85af9c3dd29605d3a6f33cf29048143ae24dc2bdb1f345b16228

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/bo/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 21:35:45 GMT
Last-Modified
Tue, 30 Jul 2019 14:17:46 GMT
Server
nginx/1.15.12
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1611
bo.css
api.sta1.com/assets/bo/css/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://api.sta1.com/assets/bo/css/bo.css
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
HTTP/1.1
Server
104.248.177.25 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
4729a9888dde6de27e9ce20804d613cb9afe58a1588cc22ca7b32afb3645cdc7

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/bo/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 21:35:45 GMT
Last-Modified
Tue, 30 Jul 2019 14:17:46 GMT
Server
nginx/1.15.12
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12200
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
49afe8ea5f2d8846973068bb5c396b410f4864e8903589b6dc337bf71bf063e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Mar 2024 21:35:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Mar 2024 20:37:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Mar 2024 21:35:45 GMT
platform.js
apis.google.com/js/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8a7ac9ad00d3e22712047fb5640d31120bd47b00538582b18a0d223cf9e90d5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 20 Mar 2024 21:35:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21296
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"5c70e8c05e1ae263"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 21:35:45 GMT
logo.png
api.sta1.com/assets/bo/img/ 		375 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://api.sta1.com/assets/bo/img/logo.png
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
HTTP/1.1
Server
104.248.177.25 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
669601e736e539bbec319c87339b85328c0aeec776982c7d24bdd195a4a9a7ec

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/bo/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 21:35:45 GMT
Last-Modified
Tue, 30 Jul 2019 14:17:46 GMT
Server
nginx/1.15.12
Content-Type
image/png;charset=UTF-8
Cache-Control
max-age=1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
375
jquery.min.js
api.sta1.com/assets/bo/lte/bower_components/jquery/dist/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://api.sta1.com/assets/bo/lte/bower_components/jquery/dist/jquery.min.js
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
HTTP/1.1
Server
104.248.177.25 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/bo/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 21:35:45 GMT
Last-Modified
Tue, 30 Jul 2019 14:17:46 GMT
Server
nginx/1.15.12
Content-Type
application/javascript;charset=UTF-8
Cache-Control
max-age=1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86927
jquery-ui.min.js
api.sta1.com/assets/bo/plugins/jquery-ui/ 		248 KB
248 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://api.sta1.com/assets/bo/plugins/jquery-ui/jquery-ui.min.js
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
HTTP/1.1
Server
104.248.177.25 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/bo/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 21:35:45 GMT
Last-Modified
Tue, 30 Jul 2019 14:17:46 GMT
Server
nginx/1.15.12
Content-Type
application/javascript;charset=UTF-8
Cache-Control
max-age=1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
253669
bootstrap.min.js
api.sta1.com/assets/bo/lte/bower_components/bootstrap/dist/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://api.sta1.com/assets/bo/lte/bower_components/bootstrap/dist/js/bootstrap.min.js
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
HTTP/1.1
Server
104.248.177.25 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/bo/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 21:35:45 GMT
Last-Modified
Tue, 30 Jul 2019 14:17:46 GMT
Server
nginx/1.15.12
Content-Type
application/javascript;charset=UTF-8
Cache-Control
max-age=1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37045
icheck.min.js
api.sta1.com/assets/bo/lte/plugins/iCheck/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://api.sta1.com/assets/bo/lte/plugins/iCheck/icheck.min.js
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
HTTP/1.1
Server
104.248.177.25 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/bo/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 21:35:45 GMT
Last-Modified
Tue, 30 Jul 2019 14:17:46 GMT
Server
nginx/1.15.12
Content-Type
application/javascript;charset=UTF-8
Cache-Control
max-age=1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4516
moment.min.js
api.sta1.com/assets/bo/lte/bower_components/moment/min/ 		50 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://api.sta1.com/assets/bo/lte/bower_components/moment/min/moment.min.js
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
HTTP/1.1
Server
104.248.177.25 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/bo/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 21:35:45 GMT
Last-Modified
Tue, 30 Jul 2019 14:17:46 GMT
Server
nginx/1.15.12
Content-Type
application/javascript;charset=UTF-8
Cache-Control
max-age=1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51679
daterangepicker.js
api.sta1.com/assets/bo/lte/bower_components/bootstrap-daterangepicker/ 		69 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://api.sta1.com/assets/bo/lte/bower_components/bootstrap-daterangepicker/daterangepicker.js
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
HTTP/1.1
Server
104.248.177.25 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
479d1cfd1504b872b6a46aa0478d6db8fbfdbe8ae0fcd381fdf776b241ca1b24

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/bo/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 21:35:45 GMT
Last-Modified
Tue, 30 Jul 2019 14:17:46 GMT
Server
nginx/1.15.12
Content-Type
application/javascript;charset=UTF-8
Cache-Control
max-age=1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
71115
bootstrap-datepicker.min.js
api.sta1.com/assets/bo/lte/bower_components/bootstrap-datepicker/dist/js/ 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://api.sta1.com/assets/bo/lte/bower_components/bootstrap-datepicker/dist/js/bootstrap-datepicker.min.js
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
HTTP/1.1
Server
104.248.177.25 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
b56e4bcc40bb423846d02880bf196c78c4ecdaa252eeedc344f6ae0e3149df3a

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/bo/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 21:35:45 GMT
Last-Modified
Tue, 30 Jul 2019 14:17:46 GMT
Server
nginx/1.15.12
Content-Type
application/javascript;charset=UTF-8
Cache-Control
max-age=1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33599
common.js
api.sta1.com/assets/bo/js/ 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://api.sta1.com/assets/bo/js/common.js
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
HTTP/1.1
Server
104.248.177.25 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
03f01f396983d7237c09885d551af9e33ffc624c1f207aff5e4a232dcb4e3ec2

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/bo/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 21:35:45 GMT
Last-Modified
Tue, 30 Jul 2019 14:17:46 GMT
Server
nginx/1.15.12
Content-Type
application/javascript;charset=UTF-8
Cache-Control
max-age=1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93453
login.js
api.sta1.com/assets/bo/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://api.sta1.com/assets/bo/js/login.js
Requested by
Host: api.sta1.com
URL: http://api.sta1.com/bo/login
Protocol
HTTP/1.1
Server
104.248.177.25 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
e22436558e8ce9eec01c08581e01aca94accf4fb6580e090cb19833d411571aa

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/bo/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 21:35:45 GMT
Last-Modified
Tue, 30 Jul 2019 14:17:46 GMT
Server
nginx/1.15.12
Content-Type
application/javascript;charset=UTF-8
Cache-Control
max-age=1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8360
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.Oh6mNxd5OYM.O/m=signin2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-goHQwcBQdTSfIcaYi5vOvnb-P8g/ 		162 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.Oh6mNxd5OYM.O/m=signin2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-goHQwcBQdTSfIcaYi5vOvnb-P8g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a128d6b9ea8538cec75fe5282f0adaeb706ee3f4d51c895322e3c8cc43ff781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://api.sta1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 07:47:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49680
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56742
x-xss-protection
0
last-modified
Fri, 01 Mar 2024 15:19:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Mar 2025 07:47:45 GMT
iframe
accounts.google.com/o/oauth2/ Frame DCD3 		295 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.Oh6mNxd5OYM.O/m=signin2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-goHQwcBQdTSfIcaYi5vOvnb-P8g/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::54 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c5d77c334a16464e04ebc3612e4dd4d057f956d85415c355bd8157c47d411da8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jAl-0kUI-3-1NoH-nSskUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://api.sta1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-jAl-0kUI-3-1NoH-nSskUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 20 Mar 2024 21:35:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
Anx7P+ykxPk2cvb3pmDcFJrtthuvm2pPqF/N9DW2XnD4tw+GvaXWaUhemhtJeK2OiYYjgVfcdmEkym+Al84WUQEAAABReyJvcmlnaW4iOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTl9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/_/IdpIFrameHttp/web-reports?context=eJzjctHikmLw1ZBiePflJRPP15dMEkCsAcR866azqgCx7vrprKFA7JQ-gzUIiH3qZ7DGAHHrzXOsU4HY-uZ5ViEejo1r365nE7hx5-MNZgA9iCJP"
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.CRjZsbLFC7Y.es5.O/am=wA/d=1/rs=AOaEmlFJVO6b9gwDXxk4iRilRlt4INh1lg/ Frame DCD3 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.CRjZsbLFC7Y.es5.O/am=wA/d=1/rs=AOaEmlFJVO6b9gwDXxk4iRilRlt4INh1lg/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
689dc9d9c13d54d0da52d6f27128166dd8b695a877afd5da700750c3a6c473b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 08:04:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38366
x-xss-protection
0
last-modified
Sat, 16 Mar 2024 00:50:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Mar 2025 08:04:24 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame DCD3 		50 B
787 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=http%3A%2F%2Fapi.sta1.com&client_id=62610030572-p2jig1jd3e3jnf6c1ra89lid37hh8t7l.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.CRjZsbLFC7Y.es5.O/am=wA/d=1/rs=AOaEmlFJVO6b9gwDXxk4iRilRlt4INh1lg/m=base
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::54 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-vXELCF4gBdq6HYBwSelG6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 21:35:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-vXELCF4gBdq6HYBwSelG6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-encoding
gzip
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/IdpIFrameHttp/web-reports?context=eJzjctHikmLw1JBiePflJRPP15dMEkCsAcR866azqgCx7vrprKFA7JQ-gzUIiH3qZ7DGAHHrzXOsU4HY6uZ5ViEejk1r365nEzhw8ukjJgA7dCId"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
content-type
application/json; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 20 Mar 2024 21:35:46 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| gapi object| ___jsl object| _F_toggles object| osapi function| $ function| jQuery function| moment function| daterangepicker undefined| googleAuth2 function| oauthStart function| logout object| _SITE_ object| _FORM_ function| setupDisplayInputSize function| setupBlink function| addNvKeyword function| reloadMainNavi function| printSideBarMenu function| refreshBrandStateCount function| refreshStoreStateCount function| showProcessImage function| hideProcessImage string| navigatorUserAgent object| browser string| appname boolean| IE6 function| validateFormElement function| openWinCenter function| isEmpty function| isNotEmpty function| checkFormat function| checkRepeatCharacter function| checkSeqCharacter function| isNumber function| containsNumber function| containsSpace function| containsCharsOnly function| isDomain function| isUrl function| isIp function| isTelNumber function| isMobileNumber function| isEmailDomain function| isFloatNum function| isAlpha function| isCapitalAlpha function| isSmallAlpha function| isAlphaNum function| isCapitalAlphaNum function| isSmallAlphaNum function| is16Num function| isEmail function| hasCheckedCheckBox function| getCheckBoxCheckValue function| hasCheckedRadio function| getRadioCheckValue function| containsSpecialChar function| checkDateValue function| isDateSeparateValue function| getLastDate function| isDateValue function| checkTime function| isCompanyNumber function| isCorpNumber function| getFileExtension function| addCommaNumber function| getFileSize function| checkUploadFile function| checkSearchDateRange function| setupInputFunctionalClass object| _board function| closeDaumPostcode function| searchZoneCode function| initLayerPosition function| changeStoreState function| downloadExcel function| downloadAttachFile function| dateToString function| setStatsRange function| Cookies boolean| IE10 boolean| IE9 boolean| IE8 boolean| IE7 function| onSignIn function| _logout function| afterCheckFunction object| joinControl

2 Cookies

Domain/Path Name / Value
.api.sta1.com/ Name: G_ENABLED_IDPS
Value: google
.google.com/ Name: NID
Value: 512=kZ3Z7ftIbtmqgx9F9cLZhMFTiOGh6iBK0A5oYWgB94Cq2nDUQZAKvBCNNMqejE8MPe19l94Gx96zHiOhm_2yIU0ez42oQlnbYsuySOn8hNpGxwsmLF3Qu7fGpNh6iQguKf3CoB2NjhKbgtHFU5PFtWYqGOnXXvEM3JOtBlyMpwI

2 Console Messages

Source Level URL
Text
security warning URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.Oh6mNxd5OYM.O/m=signin2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-goHQwcBQdTSfIcaYi5vOvnb-P8g/cb=gapi.loaded_0?le=scs(Line 181)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: http://api.sta1.com/bo/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.sta1.com
apis.google.com
fonts.googleapis.com
www.gstatic.com
104.248.177.25
2607:f8b0:4004:c1b::54
2607:f8b0:4006:816::200e
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81f::200a
03f01f396983d7237c09885d551af9e33ffc624c1f207aff5e4a232dcb4e3ec2
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
41f63a6a4238903d62b94bbd4ad7cbc7d4167d3a90d0858359fbb825ee3d0f1c
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
467fefb5320f85af9c3dd29605d3a6f33cf29048143ae24dc2bdb1f345b16228
4729a9888dde6de27e9ce20804d613cb9afe58a1588cc22ca7b32afb3645cdc7
479d1cfd1504b872b6a46aa0478d6db8fbfdbe8ae0fcd381fdf776b241ca1b24
49afe8ea5f2d8846973068bb5c396b410f4864e8903589b6dc337bf71bf063e1
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5a128d6b9ea8538cec75fe5282f0adaeb706ee3f4d51c895322e3c8cc43ff781
5f3cfe5215fdc81e81813e678931037afc4493ca19607be1a5ab2a6d04933050
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
669601e736e539bbec319c87339b85328c0aeec776982c7d24bdd195a4a9a7ec
689dc9d9c13d54d0da52d6f27128166dd8b695a877afd5da700750c3a6c473b6
a8a7ac9ad00d3e22712047fb5640d31120bd47b00538582b18a0d223cf9e90d5
b56e4bcc40bb423846d02880bf196c78c4ecdaa252eeedc344f6ae0e3149df3a
c5d77c334a16464e04ebc3612e4dd4d057f956d85415c355bd8157c47d411da8
dd189e7bccc19446cb5725d3a6b480c0015566c584faefd8cc8a691cddb17931
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
e22436558e8ce9eec01c08581e01aca94accf4fb6580e090cb19833d411571aa
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c