urlscan.io logo urlscan.io
SecurityTrails logo

testbdd1.aks.carldnsprod.blevrault.com Open in urlscan Pro
51.103.14.0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://testbdd1.aks.carldnsprod.blevrault.com/
Effective URL: https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
Submission: On March 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 51.103.14.0, located in Paris, France and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is testbdd1.aks.carldnsprod.blevrault.com.
TLS certificate: Issued by R3 on March 29th 2024. Valid for: 3 months.
This is the only time testbdd1.aks.carldnsprod.blevrault.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 15 51.103.14.0 8075 (MICROSOFT...)
13 1
Apex Domain
Subdomains		 Transfer
15 blevrault.com
testbdd1.aks.carldnsprod.blevrault.com
792 KB
13 1
Domain Requested by
15 testbdd1.aks.carldnsprod.blevrault.com 2 redirects testbdd1.aks.carldnsprod.blevrault.com
13 1

This site contains no links.

Subject Issuer Validity Valid
testbdd1.aks.carldnsprod.blevrault.com
R3		 2024-03-29 -
2024-06-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
Frame ID: D28C70FF22BB4F79F8B7AE31FD3F28E6
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://testbdd1.aks.carldnsprod.blevrault.com/ HTTP 302
    https://testbdd1.aks.carldnsprod.blevrault.com/xnet/ HTTP 302
    http://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login HTTP 307
    https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login Page URL

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

790 kB
Transfer

2119 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://testbdd1.aks.carldnsprod.blevrault.com/ HTTP 302
    https://testbdd1.aks.carldnsprod.blevrault.com/xnet/ HTTP 302
    http://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login HTTP 307
    https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/
Redirect Chain
  • https://testbdd1.aks.carldnsprod.blevrault.com/
  • https://testbdd1.aks.carldnsprod.blevrault.com/xnet/
  • http://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
  • https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2ed1db0ac0d12077e70be493979c62a657e51ef49b1fce23cb40d47f2a8c4259
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-language
en-US
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
content-type
text/html;charset=UTF-8
date
Fri, 29 Mar 2024 17:05:42 GMT
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
Non-Authoritative-Reason
HSTS
default-gui-public.css
testbdd1.aks.carldnsprod.blevrault.com/xnet/gzip_N1203811417/bundles/ 		254 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/gzip_N1203811417/bundles/default-gui-public.css
Requested by
Host: testbdd1.aks.carldnsprod.blevrault.com
URL: https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9e904a0f3b2e0ae135a23c1c6e9269de790102145eaddf47bedcfdce913a7fa1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 17:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
2740050219
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
cache-control
public, max-age=315360000, post-check=315360000, pre-check=315360000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
x-xss-protection
1; mode=block
expires
Wed, 29 Mar 2034 16:05:42 GMT
csguilib.js
testbdd1.aks.carldnsprod.blevrault.com/xnet/gzip_2139492420/bundles/ 		1 MB
312 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/gzip_2139492420/bundles/csguilib.js
Requested by
Host: testbdd1.aks.carldnsprod.blevrault.com
URL: https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
05f05378b6c6210c91edcbce17d6d56a730af61e9cb4f417ed38928ed5a917f6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 17:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
2740050219
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=315360000, post-check=315360000, pre-check=315360000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
x-xss-protection
1; mode=block
expires
Wed, 29 Mar 2034 16:05:42 GMT
inputScripts.js
testbdd1.aks.carldnsprod.blevrault.com/xnet/gzip_277321563/bundles/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/gzip_277321563/bundles/inputScripts.js
Requested by
Host: testbdd1.aks.carldnsprod.blevrault.com
URL: https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
87374d9eadee91748af21c3b334a457f4e98b204919263ddb021ff863e8055b9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 17:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
2740050219
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=315360000, post-check=315360000, pre-check=315360000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
content-length
5165
x-xss-protection
1; mode=block
expires
Wed, 29 Mar 2034 16:05:42 GMT
cscorefrmk.js
testbdd1.aks.carldnsprod.blevrault.com/xnet/gzip_N907446231/bundles/ 		149 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/gzip_N907446231/bundles/cscorefrmk.js
Requested by
Host: testbdd1.aks.carldnsprod.blevrault.com
URL: https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0ca95e74bbd0cae90abf363fb385b23cb287cf00bde576b2b109c8723e3ecea5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 17:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
2740050219
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=315360000, post-check=315360000, pre-check=315360000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
x-xss-protection
1; mode=block
expires
Wed, 29 Mar 2034 16:05:42 GMT
gui-base.js
testbdd1.aks.carldnsprod.blevrault.com/xnet/gzip_N1558787730/bundles/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/gzip_N1558787730/bundles/gui-base.js
Requested by
Host: testbdd1.aks.carldnsprod.blevrault.com
URL: https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
254b28c526ef234856d7826bae7cc038bfdd475771003025d8db1c6b899f7dfd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 17:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
2740050219
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=315360000, post-check=315360000, pre-check=315360000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
content-length
5657
x-xss-protection
1; mode=block
expires
Wed, 29 Mar 2034 16:05:42 GMT
gui-public.js
testbdd1.aks.carldnsprod.blevrault.com/xnet/gzip_263344114/bundles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/gzip_263344114/bundles/gui-public.js
Requested by
Host: testbdd1.aks.carldnsprod.blevrault.com
URL: https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
23243a8e670a3be43155e20635c13c6ebdae9187c38574e252c1b517900b9ca7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 17:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
2740050219
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=315360000, post-check=315360000, pre-check=315360000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
content-length
1147
x-xss-protection
1; mode=block
expires
Wed, 29 Mar 2034 16:05:42 GMT
login.js
testbdd1.aks.carldnsprod.blevrault.com/xnet/public/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/public/login.js
Requested by
Host: testbdd1.aks.carldnsprod.blevrault.com
URL: https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e13e946bd1c8b4b52e1b91cd044fcff50369429e4fd1345f8649eb4761a8aaa1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 17:05:42 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
content-length
2820
x-xss-protection
1; mode=block
LEFT_LOGIN_PAGE
testbdd1.aks.carldnsprod.blevrault.com/xnet/api/public/v1/resources/img/f3e6cece/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/api/public/v1/resources/img/f3e6cece/LEFT_LOGIN_PAGE
Requested by
Host: testbdd1.aks.carldnsprod.blevrault.com
URL: https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8eaeb8f76dc21bdfd2de26fe5fc913d2256dd9a8c4405b86f277271d413da941
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 17:05:43 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
content-length
44123
x-xss-protection
1; mode=block
RIGHT_LOGIN_PAGE
testbdd1.aks.carldnsprod.blevrault.com/xnet/api/public/v1/resources/img/a1060f86/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/api/public/v1/resources/img/a1060f86/RIGHT_LOGIN_PAGE
Requested by
Host: testbdd1.aks.carldnsprod.blevrault.com
URL: https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
58d5416dbc90571dfa03490bdc625cd3251e28858d97ca2d8f7849d14f0efea0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 17:05:43 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
content-length
16224
x-xss-protection
1; mode=block
Poppins-Regular.ttf
testbdd1.aks.carldnsprod.blevrault.com/xnet/cb2531401197/css/fonts/Poppins/ 		155 KB
155 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/cb2531401197/css/fonts/Poppins/Poppins-Regular.ttf
Requested by
Host: testbdd1.aks.carldnsprod.blevrault.com
URL: https://testbdd1.aks.carldnsprod.blevrault.com/xnet/gzip_N1203811417/bundles/default-gui-public.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/gzip_N1203811417/bundles/default-gui-public.css
Origin
https://testbdd1.aks.carldnsprod.blevrault.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 17:05:43 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
etag
2740050219
x-frame-options
SAMEORIGIN
content-type
application/x-font-truetype
cache-control
public, max-age=315360000, post-check=315360000, pre-check=315360000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
x-xss-protection
1; mode=block
expires
Wed, 29 Mar 2034 16:05:43 GMT
Roboto-Regular.ttf
testbdd1.aks.carldnsprod.blevrault.com/xnet/cb2991962917/css/fonts/Roboto/ 		164 KB
165 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/cb2991962917/css/fonts/Roboto/Roboto-Regular.ttf
Requested by
Host: testbdd1.aks.carldnsprod.blevrault.com
URL: https://testbdd1.aks.carldnsprod.blevrault.com/xnet/gzip_N1203811417/bundles/default-gui-public.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/gzip_N1203811417/bundles/default-gui-public.css
Origin
https://testbdd1.aks.carldnsprod.blevrault.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 17:05:43 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
etag
2740050219
x-frame-options
SAMEORIGIN
content-type
application/x-font-truetype
cache-control
public, max-age=315360000, post-check=315360000, pre-check=315360000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
x-xss-protection
1; mode=block
expires
Wed, 29 Mar 2034 16:05:43 GMT
carlsource.ico
testbdd1.aks.carldnsprod.blevrault.com/xnet/themes/default/resources/ 		16 KB
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/themes/default/resources/carlsource.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
18e6260e5f96b8b02af9083c57f33093c3965a5a034405393c8f55b54f15e805
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 17:05:43 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
image/vnd.microsoft.icon
cache-control
PUBLIC, max-age=8640000, must-revalidate
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
x-xss-protection
1; mode=block
expires
Sun, 07 Jul 2024 17:05:43 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal object| CS function| $ function| jQuery function| Inputmask function| default function| JQClass function| jQueryBridget function| getSize function| EvEmitter function| matchesSelector object| fizzyUIUtils function| Outlayer function| Packery object| Handlebars function| OverlayScrollbars function| tinycolor object| expDateSmall object| expDateTime object| expDateTimeRevert object| expDateTimeRevert2 object| expDateFormatRevert boolean| replaceKeyPress boolean| replaceKeyPressCode function| getMaxDay function| formatDate function| outDate function| getHoursOrMinutesFromDecimal function| hasDecimal function| getHoursFromDecimal function| getMinutesFromDecimal function| outDuration function| increDate function| keyDownDate function| keyUpDate function| getDate function| reConstructDate string| codeSpaceReplace function| keyDownCode function| keyUpCode undefined| inputStartRange function| keyDownCase function| keyUpCase function| getSelectionStart function| getSelectionEnd function| setSelectionRange function| isFullSelect object| pFormatTab function| getCtrlInfo function| completeObj function| removeSuffix function| inNumber function| outNumber function| buildRegExp function| unicode function| parseFormat function| checkInterval function| ctrlIsNumber function| removeNotGoodClass function| addNotGoodClass function| removeInputFocusClass function| addInputFocusClass function| removeClass function| addClass function| IZDetail function| changeTwoState function| changeThreeState function| checkboxSetValue function| overCheck function| outCheck function| onKeyPress function| limitRate function| checkRate function| reinitI18nInput function| restoreI18nInput function| storeLast object| CSTools boolean| initializing object| A4J function| checkCookie function| submitChangePassword function| applyChangePasswordListener

3 Cookies

Domain/Path Name / Value
testbdd1.aks.carldnsprod.blevrault.com/xnet Name: JSESSIONID
Value: 7704A4B2F73E881396E983B29C0292E2
testbdd1.aks.carldnsprod.blevrault.com/ Name: appgw-affinity-a2e025f0231eba52d4cc5dd7b93c5b98CORS
Value: b0ef311794aabafe37ef867a4484da7f
testbdd1.aks.carldnsprod.blevrault.com/ Name: appgw-affinity-a2e025f0231eba52d4cc5dd7b93c5b98
Value: b0ef311794aabafe37ef867a4484da7f

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://testbdd1.aks.carldnsprod.blevrault.com/xnet/auth/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block