Submitted URL: https://helpdesk.gbe.cloud/
Effective URL: https://greatbigevents.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dyZWF0YmlnZXZlbnRzLm9u...
Submission: On August 30 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 15 HTTP transactions. The main IP is 23.183.112.3, located in and belongs to . The main domain is greatbigevents.onelogin.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 13th 2023. Valid for: a year.
This is the only time greatbigevents.onelogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:303... 13335 (CLOUDFLAR...)
2 4 2606:4700:303... ()
3 4 23.183.112.3 ()
15 4
Apex Domain
Subdomains
Transfer
10 gbe.cloud
helpdesk.gbe.cloud
auth.gbe.cloud
5 MB
4 onelogin.com
greatbigevents.onelogin.com
cdn.onelogin.com Failed
web-login-v2-cdn.onelogin.com Failed
5 KB
0 cookielaw.org Failed
cdn.cookielaw.org Failed
15 3
Domain Requested by
6 helpdesk.gbe.cloud helpdesk.gbe.cloud
4 greatbigevents.onelogin.com 3 redirects helpdesk.gbe.cloud
4 auth.gbe.cloud 2 redirects helpdesk.gbe.cloud
auth.gbe.cloud
0 web-login-v2-cdn.onelogin.com Failed greatbigevents.onelogin.com
0 cdn.onelogin.com Failed greatbigevents.onelogin.com
0 cdn.cookielaw.org Failed greatbigevents.onelogin.com
15 6

This site contains no links.

Subject Issuer Validity Valid
helpdesk.gbe.cloud
E1
2023-08-30 -
2023-11-28
3 months crt.sh
auth.gbe.cloud
E1
2023-08-30 -
2023-11-28
3 months crt.sh
*.onelogin.com
DigiCert TLS RSA SHA256 2020 CA1
2023-04-13 -
2024-03-20
a year crt.sh

This page contains 2 frames:

Primary Page: https://greatbigevents.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dyZWF0YmlnZXZlbnRzLm9uZWxvZ2luLmNvbS90cnVzdC9vcGVuaWQtY29ubmVjdC92Mj9jbGllbnRfaWQ9MGFmMmNhMTAtZDFlOC0wMTNiLWNjMGMtMDJlYjRhNjhmYjYzMjA3NTg2JmdyYW50PWJjYTU5YTc3LWY3OWYtNDhhZS1hM2I5LTNlODhiMTBiYzQzMSZvbF9vaWRjX2lzc3Vlcl91cmw9aHR0cHMlM0ElMkYlMkZncmVhdGJpZ2V2ZW50cy5vbmVsb2dpbi5jb20lMkZvaWRjJTJGMiIsImFwcF9pZCI6MjE5Njc3MSwiaXNzIjoiTU9OT1JBSUwiLCJicmFuZF9pZCI6Im1hc3RlciIsImZmX211bHRpcGxlX2JyYW5kcyI6ZmFsc2UsImV4cCI6MTY5MzM2MDA0OSwicGFyYW1zIjp7fSwibWV0aG9kIjoiZ2V0IiwiYXVkIjoiQUNDRVNTIn0.jtoqfNbAra4tMNN8y-qsNedTgpAEeo5ZBP1ef99N2y4
Frame ID: 9BB1C07EE0A122C3D2DF8EC3C1F28952
Requests: 13 HTTP requests in this frame

Frame: https://auth.gbe.cloud/auth/realms/gbecloud/protocol/openid-connect/3p-cookies/step2.html
Frame ID: 6634124DCA318F20BF541E22564F28E1
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

GBE Helpdesk

Page URL History Show full URLs

  1. https://helpdesk.gbe.cloud/ Page URL
  2. https://auth.gbe.cloud/auth/realms/gbecloud/protocol/openid-connect/auth?client_id=helpdesk_fronten... HTTP 303
    https://auth.gbe.cloud/auth/realms/gbecloud/broker/onelogin/login?session_code=5qEQwDGm_gfxsPLjW9jx... HTTP 303
    https://greatbigevents.onelogin.com/oidc/2/auth?scope=openid&state=9zs_gOvveX19x4hH5WIK_mJvS3WJ28Nl8LjVnp_EnD0.u... HTTP 302
    https://greatbigevents.onelogin.com/trust/openid-connect/v2?client_id=0af2ca10-d1e8-013b-cc0c-02eb4a68fb63207586... HTTP 302
    https://greatbigevents.onelogin.com/login HTTP 302
    https://greatbigevents.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dy... Page URL

Page Statistics

15
Requests

60 %
HTTPS

67 %
IPv6

3
Domains

6
Subdomains

4
IPs

1
Countries

5349 kB
Transfer

16914 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://helpdesk.gbe.cloud/ Page URL
  2. https://auth.gbe.cloud/auth/realms/gbecloud/protocol/openid-connect/auth?client_id=helpdesk_frontend&redirect_uri=https%3A%2F%2Fhelpdesk.gbe.cloud%2F&state=2af595c6-3e53-46cb-82bd-db7df00c7f70&response_mode=fragment&response_type=code&scope=openid&nonce=82d5188f-b88d-4bec-8c5a-4464a35fe99b HTTP 303
    https://auth.gbe.cloud/auth/realms/gbecloud/broker/onelogin/login?session_code=5qEQwDGm_gfxsPLjW9jx2t2bhc_7jR5o8VmYNO7LL94&client_id=helpdesk_frontend&tab_id=ulvHwdh6P7Q HTTP 303
    https://greatbigevents.onelogin.com/oidc/2/auth?scope=openid&state=9zs_gOvveX19x4hH5WIK_mJvS3WJ28Nl8LjVnp_EnD0.ulvHwdh6P7Q.helpdesk_frontend&response_type=code&client_id=0af2ca10-d1e8-013b-cc0c-02eb4a68fb63207586&redirect_uri=https%3A%2F%2Fauth.gbe.cloud%2Fauth%2Frealms%2Fgbecloud%2Fbroker%2Fonelogin%2Fendpoint&nonce=qdkVSKXn1SHi3P59bo0ODg HTTP 302
    https://greatbigevents.onelogin.com/trust/openid-connect/v2?client_id=0af2ca10-d1e8-013b-cc0c-02eb4a68fb63207586&grant=bca59a77-f79f-48ae-a3b9-3e88b10bc431&ol_oidc_issuer_url=https%3A%2F%2Fgreatbigevents.onelogin.com%2Foidc%2F2 HTTP 302
    https://greatbigevents.onelogin.com/login HTTP 302
    https://greatbigevents.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dyZWF0YmlnZXZlbnRzLm9uZWxvZ2luLmNvbS90cnVzdC9vcGVuaWQtY29ubmVjdC92Mj9jbGllbnRfaWQ9MGFmMmNhMTAtZDFlOC0wMTNiLWNjMGMtMDJlYjRhNjhmYjYzMjA3NTg2JmdyYW50PWJjYTU5YTc3LWY3OWYtNDhhZS1hM2I5LTNlODhiMTBiYzQzMSZvbF9vaWRjX2lzc3Vlcl91cmw9aHR0cHMlM0ElMkYlMkZncmVhdGJpZ2V2ZW50cy5vbmVsb2dpbi5jb20lMkZvaWRjJTJGMiIsImFwcF9pZCI6MjE5Njc3MSwiaXNzIjoiTU9OT1JBSUwiLCJicmFuZF9pZCI6Im1hc3RlciIsImZmX211bHRpcGxlX2JyYW5kcyI6ZmFsc2UsImV4cCI6MTY5MzM2MDA0OSwicGFyYW1zIjp7fSwibWV0aG9kIjoiZ2V0IiwiYXVkIjoiQUNDRVNTIn0.jtoqfNbAra4tMNN8y-qsNedTgpAEeo5ZBP1ef99N2y4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
helpdesk.gbe.cloud/
912 B
1 KB
Document
General
Full URL
https://helpdesk.gbe.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ffd0c372bd5cce0244e4999cd075f74c70fd0f08a80c3c2eb7b1a8f36ff521c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7fe95923b9679b63-FRA
content-encoding
br
content-type
text/html
date
Wed, 30 Aug 2023 01:44:22 GMT
last-modified
Tue, 29 Aug 2023 01:04:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3InPwkn4Tuldb%2FXMC102700qFKMenZMwERHSLwt2NQUaN7ud60clqnHQ2Hiizvjlo1NCIlb2Teo3uCLCphhFdZK3ctZ0zJ4TBT%2BgRQX10jrTfqxnavmydYyYok6r950%2FPQx0h1oBz2baOun1aDsrhv0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
x-amz-cf-id
NIt64i3epwKWDfFM-vwUmg17MdJh_KbOcVqA7n8DjII20CVoWL-Xwg==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
chunk-vendors.be7abf4f.css
helpdesk.gbe.cloud/css/
70 KB
6 KB
Stylesheet
General
Full URL
https://helpdesk.gbe.cloud/css/chunk-vendors.be7abf4f.css
Requested by
Host: helpdesk.gbe.cloud
URL: https://helpdesk.gbe.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2a13277cb28bfb9fc7b7d609f5b74a4ffed79faf5fee8c2c2dfaab0bf9b26c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helpdesk.gbe.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:44:23 GMT
via
1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 29 Aug 2023 01:04:56 GMT
server
cloudflare
etag
W/"8c93f72f700f964dee89cf75e9b2c035"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jh75%2FrG39Ncy4tyFlfr1CqF%2BUnjL1YCestlPxCmR2odzGerQRTBTbU5h3RbCKZgfd%2BqP61c8VsJAZWt1GOkpH7TsLLMePEKCnCNmfkTwwEDrf9OuJtU7FlhuPs9ZE8xQF3WragG9%2FAd6KjNu0q%2BvLY8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7fe95924098d9b63-FRA
x-amz-cf-id
4xffENAUTg7MUCH4RTXyevMNSOhrRcJGDo8OWrFLlRkq3CZSxge4wg==
app.d9cbc2c5.css
helpdesk.gbe.cloud/css/
158 KB
25 KB
Stylesheet
General
Full URL
https://helpdesk.gbe.cloud/css/app.d9cbc2c5.css
Requested by
Host: helpdesk.gbe.cloud
URL: https://helpdesk.gbe.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
311193619527618a24e83bb24bb02710d4085845d57605d02d4633bc243dd72e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helpdesk.gbe.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:44:23 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 29 Aug 2023 01:04:55 GMT
server
cloudflare
etag
W/"082b4f769f82c5361bed7a1408f1e9a5"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjzCmOeRLIr3Du2UDwHfVDfN38N8eBSSwN7AM%2FF7li3IUi0SMeUY9OTL%2FDMf3zc2o7QFnl3YutQVzxf1Hqypqz1UGG2RppbyqvBJFzshIfhmyc9ZRIMzPfDIJIpbBlHOGTmnzUGSMKxZxkNjCzndxjg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7fe95924098f9b63-FRA
x-amz-cf-id
gnwiALh2fsdV_LDakN4AtSjy4Y9C1mjUdaQhv1KR-wBy1L57Wenngg==
rocket-loader.min.js
helpdesk.gbe.cloud/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://helpdesk.gbe.cloud/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: helpdesk.gbe.cloud
URL: https://helpdesk.gbe.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helpdesk.gbe.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:44:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Aug 2023 13:09:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e60500-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asB8uY%2BRqu9E%2FTx%2F%2B7UA48UylElFnBzij8xg00A%2FC94ZX1YL2hIKWsMukLnpgCixB%2BdwRApBN0wOwqyGdlMbM3zfLVkcSSWacYME4LMX3Ykr7zao3P0VX%2Bl2sVt8haXtYM2ctRV6GNRKfwO593wUeGE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7fe9592409909b63-FRA
expires
Fri, 01 Sep 2023 01:44:22 GMT
app.82e8eee3.js
helpdesk.gbe.cloud/js/
0
0

chunk-vendors.4ac36540.js
helpdesk.gbe.cloud/js/
16 MB
5 MB
Script
General
Full URL
https://helpdesk.gbe.cloud/js/chunk-vendors.4ac36540.js
Requested by
Host: helpdesk.gbe.cloud
URL: https://helpdesk.gbe.cloud/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:2218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99b2ab87ba69e12aa22c5baabf2854ad9b5c7e7c9cc73baad1b3a7106c9c8ce7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helpdesk.gbe.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:44:24 GMT
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 29 Aug 2023 01:04:56 GMT
server
cloudflare
etag
W/"0025d4576c83e182eb60be7fbecc5ec8-3"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoH6a5rSYo3cqpLT3TC33SKJcArE0ySWF6POaz3VUjMD5fS66q9WZCEPSZO1hIGAypLuqknrfV1Lw4ygm6S96NVAT2rMaFjr3YYYf70G0kbg5czc9yb06kpM9x7gLV4Hq7cbg3YLsDXkECZDJKX2KIo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7fe9592b492b1c24-FRA
x-amz-cf-id
QiQILI-GhtvYET0DDmUTY0ewFVl_kUbnwVtMWSaB0Zdv28nE3iYvzQ==
app.82e8eee3.js
helpdesk.gbe.cloud/js/
51 KB
14 KB
Script
General
Full URL
https://helpdesk.gbe.cloud/js/app.82e8eee3.js
Requested by
Host: helpdesk.gbe.cloud
URL: https://helpdesk.gbe.cloud/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:2218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helpdesk.gbe.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:44:25 GMT
via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P2
age
1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 29 Aug 2023 01:04:56 GMT
server
cloudflare
etag
W/"3b5683bfc02283e1121669622d6b11ea"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAMtu7drVhHE8g0VAEs3FJtOw%2FmoDQqnAst3zrdIj9iGlJ3F5hr3RnRMMmbgXFCHweV2PWdGJifJDXeOqLhdkNwOVNnhh9GSs6zmhGnSku4EGQ3CH%2Fk9vcdwiaySVqn%2B%2BI9WyuXPfmslVRAUlQE0oTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7fe95939f8e61c24-FRA
x-amz-cf-id
6iALRTQEzd9NLCGKZ6o2Wwh-svonnvhgIqll1J63X7-dDDFW3maBLA==
step1.html
auth.gbe.cloud/auth/realms/gbecloud/protocol/openid-connect/3p-cookies/ Frame 6634
955 B
2 KB
Document
General
Full URL
https://auth.gbe.cloud/auth/realms/gbecloud/protocol/openid-connect/3p-cookies/step1.html
Requested by
Host: helpdesk.gbe.cloud
URL: https://helpdesk.gbe.cloud/js/chunk-vendors.4ac36540.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c4bb -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://helpdesk.gbe.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate, no-transform, no-store
cf-cache-status
DYNAMIC
cf-ray
7fe9593ee8563a6e-FRA
content-length
955
content-security-policy
frame-src 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Wed, 30 Aug 2023 01:44:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="This is not a P3P policy!"
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQEPo7%2F7%2FAeFWOOnJ6uWBwCoqTqJ0O8clsL3EssCnedPvm1JM4GU1EcgqFjyYe93FFqi%2F6HUiBtQyJW6D8JGAiimysS%2BevTFkwdgkjCkHAXaz3z3g%2FYwRnetRphVWJd1s2VbakCiz5io%2Fo57bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-robots-tag
none
x-xss-protection
1; mode=block
step2.html
auth.gbe.cloud/auth/realms/gbecloud/protocol/openid-connect/3p-cookies/ Frame 6634
1 KB
1 KB
Document
General
Full URL
https://auth.gbe.cloud/auth/realms/gbecloud/protocol/openid-connect/3p-cookies/step2.html
Requested by
Host: auth.gbe.cloud
URL: https://auth.gbe.cloud/auth/realms/gbecloud/protocol/openid-connect/3p-cookies/step1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c4bb -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate, no-transform, no-store
cf-cache-status
DYNAMIC
cf-ray
7fe959434a4c3a6e-FRA
content-length
1142
content-security-policy
frame-src 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Wed, 30 Aug 2023 01:44:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="This is not a P3P policy!"
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTHzFL5UD3XWytgXmZPVArJtK3tFQOQ6BiLam03KXUwF1qEdSzS2r4Prf8LVItbCzFNk9KKLJLIt7L4A8koam%2FktlGLZEcOwtVVpLg2GzsbR97C3%2F%2B2YDP5QOPv4xJ2emSnXnYaPqRdro6CN%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-robots-tag
none
x-xss-protection
1; mode=block
Primary Request /
greatbigevents.onelogin.com/login2/
Redirect Chain
  • https://auth.gbe.cloud/auth/realms/gbecloud/protocol/openid-connect/auth?client_id=helpdesk_frontend&redirect_uri=https%3A%2F%2Fhelpdesk.gbe.cloud%2F&state=2af595c6-3e53-46cb-82bd-db7df00c7f70&resp...
  • https://auth.gbe.cloud/auth/realms/gbecloud/broker/onelogin/login?session_code=5qEQwDGm_gfxsPLjW9jx2t2bhc_7jR5o8VmYNO7LL94&client_id=helpdesk_frontend&tab_id=ulvHwdh6P7Q
  • https://greatbigevents.onelogin.com/oidc/2/auth?scope=openid&state=9zs_gOvveX19x4hH5WIK_mJvS3WJ28Nl8LjVnp_EnD0.ulvHwdh6P7Q.helpdesk_frontend&response_type=code&client_id=0af2ca10-d1e8-013b-cc0c-02e...
  • https://greatbigevents.onelogin.com/trust/openid-connect/v2?client_id=0af2ca10-d1e8-013b-cc0c-02eb4a68fb63207586&grant=bca59a77-f79f-48ae-a3b9-3e88b10bc431&ol_oidc_issuer_url=https%3A%2F%2Fgreatbig...
  • https://greatbigevents.onelogin.com/login
  • https://greatbigevents.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dyZWF0YmlnZXZlbnRzLm9uZWxvZ2luLmNvbS90cnVzdC9vcGVuaWQtY29ubmVjdC92Mj9jbGllbnRfaWQ9MGFmM...
3 KB
1 KB
Document
General
Full URL
https://greatbigevents.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dyZWF0YmlnZXZlbnRzLm9uZWxvZ2luLmNvbS90cnVzdC9vcGVuaWQtY29ubmVjdC92Mj9jbGllbnRfaWQ9MGFmMmNhMTAtZDFlOC0wMTNiLWNjMGMtMDJlYjRhNjhmYjYzMjA3NTg2JmdyYW50PWJjYTU5YTc3LWY3OWYtNDhhZS1hM2I5LTNlODhiMTBiYzQzMSZvbF9vaWRjX2lzc3Vlcl91cmw9aHR0cHMlM0ElMkYlMkZncmVhdGJpZ2V2ZW50cy5vbmVsb2dpbi5jb20lMkZvaWRjJTJGMiIsImFwcF9pZCI6MjE5Njc3MSwiaXNzIjoiTU9OT1JBSUwiLCJicmFuZF9pZCI6Im1hc3RlciIsImZmX211bHRpcGxlX2JyYW5kcyI6ZmFsc2UsImV4cCI6MTY5MzM2MDA0OSwicGFyYW1zIjp7fSwibWV0aG9kIjoiZ2V0IiwiYXVkIjoiQUNDRVNTIn0.jtoqfNbAra4tMNN8y-qsNedTgpAEeo5ZBP1ef99N2y4
Requested by
Host: helpdesk.gbe.cloud
URL: https://helpdesk.gbe.cloud/js/chunk-vendors.4ac36540.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.183.112.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

Referer
https://helpdesk.gbe.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, max-age=0
content-encoding
gzip
content-length
901
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 01:44:29 GMT
etag
"4bb18d260bad5b58be4acb2eab473713"
last-modified
Wed, 30 Aug 2023 00:14:07 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains;
x-amz-id-2
kAl1TWwmteaDIjlUO/BiUTy6FSw/JW/FTHlMtgt6rKI2X1tvBkETtgNNEbb97KiVNeiMhp3Aqhg=
x-amz-request-id
EMAR03N30RGP4793
x-amz-version-id
snnrFNtWuMr4zXmA71ZtfG2epMMrkQwg
x-content-type-options
nosniff
x-ol-canary
main

Redirect headers

cache-control
no-cache no-store max-age=0 must-revalidate private s-maxage=0
content-length
713
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 01:44:29 GMT
expires
0
location
https://greatbigevents.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dyZWF0YmlnZXZlbnRzLm9uZWxvZ2luLmNvbS90cnVzdC9vcGVuaWQtY29ubmVjdC92Mj9jbGllbnRfaWQ9MGFmMmNhMTAtZDFlOC0wMTNiLWNjMGMtMDJlYjRhNjhmYjYzMjA3NTg2JmdyYW50PWJjYTU5YTc3LWY3OWYtNDhhZS1hM2I5LTNlODhiMTBiYzQzMSZvbF9vaWRjX2lzc3Vlcl91cmw9aHR0cHMlM0ElMkYlMkZncmVhdGJpZ2V2ZW50cy5vbmVsb2dpbi5jb20lMkZvaWRjJTJGMiIsImFwcF9pZCI6MjE5Njc3MSwiaXNzIjoiTU9OT1JBSUwiLCJicmFuZF9pZCI6Im1hc3RlciIsImZmX211bHRpcGxlX2JyYW5kcyI6ZmFsc2UsImV4cCI6MTY5MzM2MDA0OSwicGFyYW1zIjp7fSwibWV0aG9kIjoiZ2V0IiwiYXVkIjoiQUNDRVNTIn0.jtoqfNbAra4tMNN8y-qsNedTgpAEeo5ZBP1ef99N2y4#app=2196771
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
pragma
no-cache
status
302 Found
strict-transport-security
max-age=63072000; includeSubDomains;
x-content-type-options
nosniff
x-request-id
64EE9EFD-0A090396-C882-0A09012A-24E3-685A32-1A02
x-xss-protection
1; mode=block
OtAutoBlock.js
cdn.cookielaw.org/consent/acac541d-dd27-479c-854b-d21d620c7af5/
0
0

onelogin-vigilance.min.js
cdn.onelogin.com/
0
0

vendor39a5459709ec4d33e2622967c3231c6e3f51117e.js
web-login-v2-cdn.onelogin.com/login2/
0
0

intl39a5459709ec4d33e2622967c3231c6e3f51117e.js
web-login-v2-cdn.onelogin.com/login2/
0
0

app39a5459709ec4d33e2622967c3231c6e3f51117e.js
web-login-v2-cdn.onelogin.com/login2/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
helpdesk.gbe.cloud
URL
https://helpdesk.gbe.cloud/js/app.82e8eee3.js
Domain
cdn.cookielaw.org
URL
https://cdn.cookielaw.org/consent/acac541d-dd27-479c-854b-d21d620c7af5/OtAutoBlock.js
Domain
cdn.onelogin.com
URL
https://cdn.onelogin.com/onelogin-vigilance.min.js
Domain
web-login-v2-cdn.onelogin.com
URL
https://web-login-v2-cdn.onelogin.com/login2/vendor39a5459709ec4d33e2622967c3231c6e3f51117e.js
Domain
web-login-v2-cdn.onelogin.com
URL
https://web-login-v2-cdn.onelogin.com/login2/intl39a5459709ec4d33e2622967c3231c6e3f51117e.js
Domain
web-login-v2-cdn.onelogin.com
URL
https://web-login-v2-cdn.onelogin.com/login2/app39a5459709ec4d33e2622967c3231c6e3f51117e.js

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| __cfQR boolean| __cfRLUnblockHandlers object| webpackChunkhelpdesk_frontend number| uidEvent function| _ object| FontAwesomeConfig object| ___FONT_AWESOME___ object| $sso

0 Cookies