URL: https://auth-1sso.cloud/
Submission: On March 08 via automatic, source certstream-suspicious — Scanned from NL

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth-1sso.cloud.
TLS certificate: Issued by GTS CA 1P5 on March 7th 2024. Valid for: 3 months.
This is the only time auth-1sso.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 212.23.222.194 201814 (MEVSPACE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 152.199.21.168 15133 (EDGECAST)
8 4
Apex Domain
Subdomains
Transfer
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
54 KB
2 bankofamerica.com
message.bankofamerica.com — Cisco Umbrella Rank: 575370
41 KB
2 flixoif.ru
flixoif.ru
1 auth-1sso.cloud
auth-1sso.cloud
2 KB
8 4
Domain Requested by
3 cdn.jsdelivr.net auth-1sso.cloud
2 message.bankofamerica.com auth-1sso.cloud
2 flixoif.ru auth-1sso.cloud
1 auth-1sso.cloud
8 4

This site contains no links.

Subject Issuer Validity Valid
auth-1sso.cloud
GTS CA 1P5
2024-03-07 -
2024-06-05
3 months crt.sh
flixoif.ru
R3
2024-03-02 -
2024-05-31
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
about.bankofamerica.com
Entrust Certification Authority - L1M
2024-01-29 -
2025-02-28
a year crt.sh

This page contains 1 frames:

Primary Page: https://auth-1sso.cloud/
Frame ID: 406C793F7123E26E59ED897DEF7D8F2C
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Sign in

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

97 kB
Transfer

314 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
auth-1sso.cloud/
5 KB
2 KB
Document
General
Full URL
https://auth-1sso.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa7d887829bc54f5898c94bfbb7500c82bd7f9115aa1f9bd3d1543dcc6ee2ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
860eda5a69b5036e-FRA
content-encoding
br
content-type
text/html
date
Fri, 08 Mar 2024 00:54:15 GMT
last-modified
Wed, 06 Mar 2024 06:22:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQx8Ak9PGQHIN2Z8Xv8p6r%2B6SOnf0fQDnHgDKE5a7PZhrOY%2B5ytE%2B3vdyXwzhgx5zOttXcrmHYpKHgQcM50KfOnYHhpXYyHyHDJikJija2ziiazd%2BFsHIL%2FJ90Hge8f%2BEdCo4WhehW2E0%2BzMIuo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
jquery-3.3.1.min.js
flixoif.ru/bo_files/lib/js/
0
0
Script
General
Full URL
https://flixoif.ru/bo_files/lib/js/jquery-3.3.1.min.js
Requested by
Host: auth-1sso.cloud
URL: https://auth-1sso.cloud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
212.23.222.194 , Poland, ASN201814 (MEVSPACE, PL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://auth-1sso.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/
190 KB
29 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css
Requested by
Host: auth-1sso.cloud
URL: https://auth-1sso.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://auth-1sso.cloud/
Origin
https://auth-1sso.cloud
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 00:54:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8621869
x-jsd-version
5.2.2
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230133-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"2f955-er7QcON84GDApWFXXx1Bp/JI/HQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OKhjXExE6hucUCqWhRq3bNuZJwUPn0stH9cuErmz8aZNDsYPu8f2gm7DsPBstsUtgW1JBwk46C7Z4%2Be%2BTL8eQO2f38SldYv%2FK4T%2BPMXkiNEQWNUsmCfJf%2FDLP0Xf%2B75wmjgFs8XvrQ3abCQQOA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
860eda5c9a6f3657-FRA
csspage.php
flixoif.ru/bo_files/ca/
0
0
Stylesheet
General
Full URL
https://flixoif.ru/bo_files/ca/csspage.php?page=signin&t=7b9ld4lpsy4to9o
Requested by
Host: auth-1sso.cloud
URL: https://auth-1sso.cloud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
212.23.222.194 , Poland, ASN201814 (MEVSPACE, PL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://auth-1sso.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

banner_bofa_295x29_2x.png
message.bankofamerica.com/onlinebanking_demo/mobileApp_Simulator/images/
19 KB
20 KB
Image
General
Full URL
https://message.bankofamerica.com/onlinebanking_demo/mobileApp_Simulator/images/banner_bofa_295x29_2x.png
Requested by
Host: auth-1sso.cloud
URL: https://auth-1sso.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.168 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CB) /
Resource Hash
c701cb550ff6d8665b5c330c3fca253b06b62fbdadfc4e77307c00e8911dd672
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: blob: ws: *.bankofamerica.com *.ml.com institute1.bofa.com bcbolt446c5271-a.akamaihd.net bcsecure01-a.akamaihd.net brightcove04pmdo-a.akamaihd.net hlsak-a.akamaihd.net hslsslak-a.akamaihd.net www.ustrust.ml.bac-assets.com www1.bac-assets.com c.betrad.com cf-images.us-east-1.prod.boltdns.net manifest.prod.boltdns.net edge.api.brightcove.com metrics.brightcove.com sadmin.brightcove.com secure.brightcove.com players.brightcove.net api.company-target.com cdn.cookielaw.org data.coremetrics.com iocdn.coremetrics.com libs.coremetrics.com mc.coremetrics.com mcdata.coremetrics.com mktgcdn.coremetrics.com recs.coremetrics.com test.coremetrics.com testdata.coremetrics.com tmscdn.coremetrics.com dpm.demdex.net 1359940.fls.doubleclick.net www.glance.net storage.glancecdn.net www.glancecdn.net www.myglance.net cobrowse-location.glance.net s1056.glance.net www-bofa.myglance.net cdn-bofa.myglance.net googleads.g.doubleclick.net stats.g.doubleclick.net c.evidon.com dgcollector.evidon.com l.evidon.com www.facebook.com adservice.google.com cct.google.com www.google.com www.googleadservices.com www.google-analytics.com maps.googleapis.com www.googletagmanager.com maps.gstatic.com dc.ads.linkedin.com etui.fs.ml.com rg.ml.com bankofamerica.tt.omtrdc.net cdn.tt.omtrdc.net mboxedge34.tt.omtrdc.net akamai.tiqcdn.com tags.tiqcdn.com analytics.twitter.com vjs.zencdn.net cdnapisec.kaltura.com analytics.kaltura.com cfvod.kaltura.com geolocation.onetrust.com *.glance.net assets.adobedtm.com;font-src 'self' http: https: vjs.zencdn.net data:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://auth-1sso.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: blob: ws: *.bankofamerica.com *.ml.com institute1.bofa.com bcbolt446c5271-a.akamaihd.net bcsecure01-a.akamaihd.net brightcove04pmdo-a.akamaihd.net hlsak-a.akamaihd.net hslsslak-a.akamaihd.net www.ustrust.ml.bac-assets.com www1.bac-assets.com c.betrad.com cf-images.us-east-1.prod.boltdns.net manifest.prod.boltdns.net edge.api.brightcove.com metrics.brightcove.com sadmin.brightcove.com secure.brightcove.com players.brightcove.net api.company-target.com cdn.cookielaw.org data.coremetrics.com iocdn.coremetrics.com libs.coremetrics.com mc.coremetrics.com mcdata.coremetrics.com mktgcdn.coremetrics.com recs.coremetrics.com test.coremetrics.com testdata.coremetrics.com tmscdn.coremetrics.com dpm.demdex.net 1359940.fls.doubleclick.net www.glance.net storage.glancecdn.net www.glancecdn.net www.myglance.net cobrowse-location.glance.net s1056.glance.net www-bofa.myglance.net cdn-bofa.myglance.net googleads.g.doubleclick.net stats.g.doubleclick.net c.evidon.com dgcollector.evidon.com l.evidon.com www.facebook.com adservice.google.com cct.google.com www.google.com www.googleadservices.com www.google-analytics.com maps.googleapis.com www.googletagmanager.com maps.gstatic.com dc.ads.linkedin.com etui.fs.ml.com rg.ml.com bankofamerica.tt.omtrdc.net cdn.tt.omtrdc.net mboxedge34.tt.omtrdc.net akamai.tiqcdn.com tags.tiqcdn.com analytics.twitter.com vjs.zencdn.net cdnapisec.kaltura.com analytics.kaltura.com cfvod.kaltura.com geolocation.onetrust.com *.glance.net assets.adobedtm.com;font-src 'self' http: https: vjs.zencdn.net data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 08 Mar 2024 00:54:15 GMT
strict-transport-security
max-age=31536000
age
276656
x-cache
HIT
content-length
18620
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge, IE=Edge
x-ec-custom-error
1
last-modified
Tue, 05 Dec 2023 18:10:09 GMT
server
ECAcc (ama/48CB)
etag
"4b91-60bc725182240-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 09 Mar 2023 00:54:15 GMT
fp_quad_ads.png
message.bankofamerica.com/onlinebanking_demo/mobileApp_Simulator/images/
21 KB
21 KB
Image
General
Full URL
https://message.bankofamerica.com/onlinebanking_demo/mobileApp_Simulator/images/fp_quad_ads.png
Requested by
Host: auth-1sso.cloud
URL: https://auth-1sso.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.168 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489C) /
Resource Hash
86926e766f8e6fab9300839f617b05235b66c6956fa8403735fdd8b90835609a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: blob: ws: *.bankofamerica.com *.ml.com institute1.bofa.com bcbolt446c5271-a.akamaihd.net bcsecure01-a.akamaihd.net brightcove04pmdo-a.akamaihd.net hlsak-a.akamaihd.net hslsslak-a.akamaihd.net www.ustrust.ml.bac-assets.com www1.bac-assets.com c.betrad.com cf-images.us-east-1.prod.boltdns.net manifest.prod.boltdns.net edge.api.brightcove.com metrics.brightcove.com sadmin.brightcove.com secure.brightcove.com players.brightcove.net api.company-target.com cdn.cookielaw.org data.coremetrics.com iocdn.coremetrics.com libs.coremetrics.com mc.coremetrics.com mcdata.coremetrics.com mktgcdn.coremetrics.com recs.coremetrics.com test.coremetrics.com testdata.coremetrics.com tmscdn.coremetrics.com dpm.demdex.net 1359940.fls.doubleclick.net www.glance.net storage.glancecdn.net www.glancecdn.net www.myglance.net cobrowse-location.glance.net s1056.glance.net www-bofa.myglance.net cdn-bofa.myglance.net googleads.g.doubleclick.net stats.g.doubleclick.net c.evidon.com dgcollector.evidon.com l.evidon.com www.facebook.com adservice.google.com cct.google.com www.google.com www.googleadservices.com www.google-analytics.com maps.googleapis.com www.googletagmanager.com maps.gstatic.com dc.ads.linkedin.com etui.fs.ml.com rg.ml.com bankofamerica.tt.omtrdc.net cdn.tt.omtrdc.net mboxedge34.tt.omtrdc.net akamai.tiqcdn.com tags.tiqcdn.com analytics.twitter.com vjs.zencdn.net cdnapisec.kaltura.com analytics.kaltura.com cfvod.kaltura.com geolocation.onetrust.com *.glance.net assets.adobedtm.com;font-src 'self' http: https: vjs.zencdn.net data:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://auth-1sso.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: blob: ws: *.bankofamerica.com *.ml.com institute1.bofa.com bcbolt446c5271-a.akamaihd.net bcsecure01-a.akamaihd.net brightcove04pmdo-a.akamaihd.net hlsak-a.akamaihd.net hslsslak-a.akamaihd.net www.ustrust.ml.bac-assets.com www1.bac-assets.com c.betrad.com cf-images.us-east-1.prod.boltdns.net manifest.prod.boltdns.net edge.api.brightcove.com metrics.brightcove.com sadmin.brightcove.com secure.brightcove.com players.brightcove.net api.company-target.com cdn.cookielaw.org data.coremetrics.com iocdn.coremetrics.com libs.coremetrics.com mc.coremetrics.com mcdata.coremetrics.com mktgcdn.coremetrics.com recs.coremetrics.com test.coremetrics.com testdata.coremetrics.com tmscdn.coremetrics.com dpm.demdex.net 1359940.fls.doubleclick.net www.glance.net storage.glancecdn.net www.glancecdn.net www.myglance.net cobrowse-location.glance.net s1056.glance.net www-bofa.myglance.net cdn-bofa.myglance.net googleads.g.doubleclick.net stats.g.doubleclick.net c.evidon.com dgcollector.evidon.com l.evidon.com www.facebook.com adservice.google.com cct.google.com www.google.com www.googleadservices.com www.google-analytics.com maps.googleapis.com www.googletagmanager.com maps.gstatic.com dc.ads.linkedin.com etui.fs.ml.com rg.ml.com bankofamerica.tt.omtrdc.net cdn.tt.omtrdc.net mboxedge34.tt.omtrdc.net akamai.tiqcdn.com tags.tiqcdn.com analytics.twitter.com vjs.zencdn.net cdnapisec.kaltura.com analytics.kaltura.com cfvod.kaltura.com geolocation.onetrust.com *.glance.net assets.adobedtm.com;font-src 'self' http: https: vjs.zencdn.net data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 08 Mar 2024 00:54:15 GMT
strict-transport-security
max-age=31536000
age
194419
x-cache
HIT
content-length
21229
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge, IE=Edge
x-ec-custom-error
1
last-modified
Tue, 05 Dec 2023 18:10:01 GMT
server
ECAcc (ama/489C)
etag
"5501-60bc7249e1040-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 09 Mar 2023 00:54:15 GMT
popper.min.js
cdn.jsdelivr.net/npm/@popperjs/core@2.11.6/dist/umd/
20 KB
8 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@popperjs/core@2.11.6/dist/umd/popper.min.js
Requested by
Host: auth-1sso.cloud
URL: https://auth-1sso.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
051a8137b75880006ab58f47778ca713ed6c967130faba043c5cd0ed34517dc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://auth-1sso.cloud/
Origin
https://auth-1sso.cloud
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 00:54:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8451585
x-jsd-version
2.11.6
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230084-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"4e7f-YDO5/9GsCmSrp3VxzVXmgduuK5k"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40pGk6M6U5utprmPhtl8w19Eniu5%2FiWjaur7NnNFy0N26kUYk6Szmnw5R3Wr1Ll%2B%2FJ%2FzbK4QyhRjM5O1pe8c92PkzY9hlVVVhx%2Bbk57w1lX8rO0LkcpS2T7gBnfc7EQowj74KTUf2xbdXWllSuk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
860eda5cca923657-FRA
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/
59 KB
17 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js
Requested by
Host: auth-1sso.cloud
URL: https://auth-1sso.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87538c4b7e488f5a49d12f98d6a04afc61d00f26a790f319569799acd434eb65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://auth-1sso.cloud/
Origin
https://auth-1sso.cloud
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 00:54:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3009849
x-jsd-version
5.2.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220032-FRA, cache-lga21937-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"ec40-b7/b3b6FxXjeVZrcyNB8zLwW1RQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BRcngU4T9RqG7T1mitgjoW7NrJPNHkNsA7hgto7izlRp6xRUXFRFeYImmev%2FMtiBHTv7VHm0yI8VcHLk9orpFBEYuboURFtafIlBKAon1Q33iOHtA7Vw01xUUw6%2BLYvtn5axJlrPgG8Qyj8UmA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
860eda5cda9e3657-FRA

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| check function| generateRandomString function| submitForm object| Popper number| uidEvent object| bootstrap

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://flixoif.ru/bo_files/ca/csspage.php?page=signin&t=7b9ld4lpsy4to9o
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://flixoif.ru/bo_files/lib/js/jquery-3.3.1.min.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)