urlscan.io logo urlscan.io
SecurityTrails logo

insight.opsecsecurity.com Open in urlscan Pro
104.46.101.59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://insight.opsecsecurity.com/Approvals#approval=1006099&program=56
Effective URL: https://insight.opsecsecurity.com/Home/Login?ReturnUrl=%2FApprovals
Submission: On November 02 via manual from RO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 104.46.101.59, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is insight.opsecsecurity.com. The Cisco Umbrella rank of the primary domain is 484796.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 2nd 2022. Valid for: a year.
This is the only time insight.opsecsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 104.46.101.59 8075 (MICROSOFT...)
2 2600:9000:224... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 3
Apex Domain
Subdomains		 Transfer
5 opsecsecurity.com
insight.opsecsecurity.com — Cisco Umbrella Rank: 484796
auth.opsecsecurity.com
372 KB
2 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 7121
4 KB
6 2
Domain Requested by
4 insight.opsecsecurity.com 1 redirects insight.opsecsecurity.com
2 cdn.auth0.com insight.opsecsecurity.com
1 auth.opsecsecurity.com insight.opsecsecurity.com
6 3

This site contains no links.

Subject Issuer Validity Valid
*.opsecsecurity.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-14		 a year crt.sh
*.auth0.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-03-24		 a year crt.sh
auth.opsecsecurity.com
E1		 2023-10-24 -
2024-01-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://insight.opsecsecurity.com/Home/Login?ReturnUrl=%2FApprovals
Frame ID: 9B038A878C15988F7EA06C712F930355
Requests: 5 HTTP requests in this frame

Frame: https://auth.opsecsecurity.com/authorize?client_id=OoGyiFCBZBmciitmwQH7BSToCZr1CZ3O&response_type=token%20id_token&redirect_uri=https%3A%2F%2Finsight.opsecsecurity.com%2Fsignin-auth0%3FReturnUrl%3D%252FApprovals%23approval%3D1006099%26program%3D56&scope=openid%20profile%20email&state=oewpiavCcRmyNDQcU.k8ORbIg2PasgiC&nonce=w9Sczt.rVEVzNYA8GbwcS1_jiha1EjUr&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoibG9jay5qcyIsInZlcnNpb24iOiIxMS4zNS4xIiwiZW52Ijp7ImF1dGgwLmpzIjoiOS4yMC4wIiwiYXV0aDAuanMtdWxwIjoiOS4yMC4wIn19
Frame ID: 03105044E3A1D38ED55EA56324D102DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://insight.opsecsecurity.com/Approvals HTTP 302
    https://insight.opsecsecurity.com/Home/Login?ReturnUrl=%2FApprovals Page URL

Page Statistics

6
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

375 kB
Transfer

948 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://insight.opsecsecurity.com/Approvals HTTP 302
    https://insight.opsecsecurity.com/Home/Login?ReturnUrl=%2FApprovals Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
insight.opsecsecurity.com/Home/
Redirect Chain
  • https://insight.opsecsecurity.com/Approvals
  • https://insight.opsecsecurity.com/Home/Login?ReturnUrl=%2FApprovals
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.opsecsecurity.com/Home/Login?ReturnUrl=%2FApprovals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.46.101.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
65e3a791faceab2228620f16c6d7019fd525c68bfa5792841988ec9561d3f2bb
Security Headers
Name Value
Content-Security-Policy script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-expose-headers
Request-Context
cache-control
private
content-encoding
gzip
content-length
1027
content-security-policy
script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
content-type
text/html; charset=utf-8
date
Thu, 02 Nov 2023 14:18:34 GMT
permissions-policy
geolocation=(self)
referrer-policy
no-referrer-when-downgrade
request-context
appId=cid-v1:57ad1b6a-68cc-4dd8-b4ea-5d7644c4102d
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

access-control-expose-headers
Request-Context
cache-control
private
content-length
0
content-security-policy
script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
date
Thu, 02 Nov 2023 14:18:34 GMT
location
https://insight.opsecsecurity.com/Home/Login?ReturnUrl=%2FApprovals
permissions-policy
geolocation=(self)
referrer-policy
no-referrer-when-downgrade
request-context
appId=cid-v1:57ad1b6a-68cc-4dd8-b4ea-5d7644c4102d
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
DENY
auth0
insight.opsecsecurity.com/bundles/ 		920 KB
351 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insight.opsecsecurity.com/bundles/auth0?v=bvB6xQMgzf5sT4xTIiMeTHOsTzGjb9wodMv5cXipxXk1
Requested by
Host: insight.opsecsecurity.com
URL: https://insight.opsecsecurity.com/Home/Login?ReturnUrl=%2FApprovals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.46.101.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d8eda0fc7e24cd3f7386e867ec62aa40fe8d831a32c2b6d809c4273f73cbb0fa
Security Headers
Name Value
Content-Security-Policy script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insight.opsecsecurity.com/Home/Login?ReturnUrl=%2FApprovals
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Fri, 01 Nov 2024 14:18:35 GMT
date
Thu, 02 Nov 2023 14:18:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 02 Nov 2023 14:18:35 GMT
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
vary
User-Agent,Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
permissions-policy
geolocation=(self)
request-context
appId=cid-v1:57ad1b6a-68cc-4dd8-b4ea-5d7644c4102d
OpSecLogoAuth0.png
insight.opsecsecurity.com/Content/image/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.opsecsecurity.com/Content/image/OpSecLogoAuth0.png
Requested by
Host: insight.opsecsecurity.com
URL: https://insight.opsecsecurity.com/Home/Login?ReturnUrl=%2FApprovals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.46.101.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3e30f0559c043d52bb2d316fcd4f6f209ef7dc6b5b094b5f9e4d78954fecf548
Security Headers
Name Value
Content-Security-Policy script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insight.opsecsecurity.com/Home/Login?ReturnUrl=%2FApprovals
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 14:18:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
last-modified
Wed, 23 Aug 2023 18:56:00 GMT
referrer-policy
no-referrer-when-downgrade
etag
"2ae21075f3d5d91:0"
x-frame-options
DENY
content-type
image/png
access-control-expose-headers
Request-Context
permissions-policy
geolocation=(self)
accept-ranges
bytes
content-length
17537
request-context
appId=cid-v1:57ad1b6a-68cc-4dd8-b4ea-5d7644c4102d
en.js
cdn.auth0.com/js/lock/11.35.1/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/lock/11.35.1/en.js
Requested by
Host: insight.opsecsecurity.com
URL: https://insight.opsecsecurity.com/bundles/auth0?v=bvB6xQMgzf5sT4xTIiMeTHOsTzGjb9wodMv5cXipxXk1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2c00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b8e1578e14f20ccaee0c0c80f5420d5d2c48ffd8bb3edd0573010719fad5be8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insight.opsecsecurity.com/Home/Login?ReturnUrl=%2FApprovals
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
vF.ml57yWUDXdQRYx19B5VH0hhk7FOxS
content-encoding
gzip
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
date
Thu, 02 Nov 2023 05:18:08 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA60-P1
age
32429
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
last-modified
Thu, 02 Feb 2023 12:52:58 GMT
server
AmazonS3
etag
W/"bcbf740cd8a652fc01809dedc83e09e9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2628000,public
x-robots-tag
noindex
x-amz-cf-id
RNV_MbiLaKIklW6JBxITd9Uhc6GsITDkQHx_LkRFHlm71cG9e65X2A==
OoGyiFCBZBmciitmwQH7BSToCZr1CZ3O.js
cdn.auth0.com/client/ 		714 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/client/OoGyiFCBZBmciitmwQH7BSToCZr1CZ3O.js?t1698934716110
Requested by
Host: insight.opsecsecurity.com
URL: https://insight.opsecsecurity.com/bundles/auth0?v=bvB6xQMgzf5sT4xTIiMeTHOsTzGjb9wodMv5cXipxXk1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2c00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c971b34561dcb80ec54c3ca5190e8d98cc508d17942e8000293d542a9fde3b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insight.opsecsecurity.com/Home/Login?ReturnUrl=%2FApprovals
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
tracestate
auth0-request-id=81c8460aba174d6d,auth0=true
x-auth0-requestid
599027df4ee542f9c47c
date
Thu, 02 Nov 2023 14:18:36 GMT
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-cache
RefreshHit from cloudfront
cf-bgj
minify
server
cloudflare
ot-tracer-sampled
true
traceparent
00-00000000000000001481212e70d05f2f-2b8bcb60087af959-01
etag
W/"2ca-RkJ1/pMCXxasIh7KALCC1h+B9JU"
ot-tracer-traceid
1481212e70d05f2f
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=60, stale-while-revalidate=60, stale-if-error=86400
ot-baggage-auth0-request-id
81c8460aba174d6d
cf-ray
81f20dbb1a5b65dd-FRA
x-robots-tag
noindex
x-amz-cf-id
WHWJsaG_Fzws2Yt1MLkfn42KKNnetVPCEW6fK1XjBeexyCGxXg2Z_w==
ot-tracer-spanid
2b8bcb60087af959
authorize
auth.opsecsecurity.com/ Frame 0310 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.opsecsecurity.com/authorize?client_id=OoGyiFCBZBmciitmwQH7BSToCZr1CZ3O&response_type=token%20id_token&redirect_uri=https%3A%2F%2Finsight.opsecsecurity.com%2Fsignin-auth0%3FReturnUrl%3D%252FApprovals%23approval%3D1006099%26program%3D56&scope=openid%20profile%20email&state=oewpiavCcRmyNDQcU.k8ORbIg2PasgiC&nonce=w9Sczt.rVEVzNYA8GbwcS1_jiha1EjUr&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoibG9jay5qcyIsInZlcnNpb24iOiIxMS4zNS4xIiwiZW52Ijp7ImF1dGgwLmpzIjoiOS4yMC4wIiwiYXV0aDAuanMtdWxwIjoiOS4yMC4wIn19
Requested by
Host: insight.opsecsecurity.com
URL: https://insight.opsecsecurity.com/bundles/auth0?v=bvB6xQMgzf5sT4xTIiMeTHOsTzGjb9wodMv5cXipxXk1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2251756df812f29c9556f26c8300410e773d7cee2c38cbeff56b36201db64e36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://insight.opsecsecurity.com/Home/Login?ReturnUrl=%2FApprovals
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
81fd01faabc31cb7-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Thu, 02 Nov 2023 14:18:37 GMT
ot-baggage-auth0-request-id
81fd01faabc31cb7
ot-tracer-sampled
true
ot-tracer-spanid
78b0727955673ae0
ot-tracer-traceid
06561e8e42edf785
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-000000000000000006561e8e42edf785-78b0727955673ae0-01
tracestate
auth0-request-id=81fd01faabc31cb7,auth0=true
vary
Accept-Encoding
x-auth0-requestid
4d11a4d0b35ae579c309
x-content-type-options
nosniff
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1698934718

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| Auth0 function| Auth0Lock function| Auth0LockPasswordless string| hostUrl string| culture string| previousRedirect object| lock

4 Cookies

Domain/Path Name / Value
.insight.opsecsecurity.com/ Name: ARRAffinity
Value: 189cf4fc48893c42c0e7188cd7329de22d98633358f20468511ad1148e9c0214
.insight.opsecsecurity.com/ Name: ARRAffinitySameSite
Value: 189cf4fc48893c42c0e7188cd7329de22d98633358f20468511ad1148e9c0214
auth.opsecsecurity.com/ Name: did
Value: s%3Av0%3Ab6906c30-798a-11ee-a041-97c53838e9e8.n0mV3dk3f%2FP2QEq0FVppB89Nm3Kx1dGLbu%2Fvrx7uDj0
auth.opsecsecurity.com/ Name: did_compat
Value: s%3Av0%3Ab6906c30-798a-11ee-a041-97c53838e9e8.n0mV3dk3f%2FP2QEq0FVppB89Nm3Kx1dGLbu%2Fvrx7uDj0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY