nitro.aurobay.com Open in urlscan Pro
20.126.207.36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nitro.aurobay.com/
Effective URL:
https://nitro.aurobay.com/esig/
Submission Tags: phishingrod
Submission: On June 07 via api (June 7th 2024, 12:48:59 pm UTC) from DE — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 24 HTTP transactions. The main IP is 20.126.207.36, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is nitro.aurobay.com.
TLS certificate: Issued by Aurobay Global Issuing CA on June 5th 2024. Valid for: a year.

This is the only time nitro.aurobay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 25	20.126.207.36 20.126.207.36		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
24	2

25 20.126.207.36 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

nitro.aurobay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	aurobay.com 1 redirects nitro.aurobay.com	2 MB
24	1

	Domain	Requested by
25	nitro.aurobay.com	1 redirects nitro.aurobay.com
24	1

This site contains no links.

Subject Issuer	Validity	Valid
nitro.aurobay.com Aurobay Global Issuing CA	`2024-06-05` - `2025-06-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://nitro.aurobay.com/esig/
Frame ID: F0D16803168AA0B3720A006B52F2B1B2
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aurobay Sign

Page URL History Show full URLs

https://nitro.aurobay.com/ HTTP 301
https://nitro.aurobay.com/esig/ Page URL

Page Statistics

24
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1819 kB
Transfer

5422 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nitro.aurobay.com/ HTTP 301
https://nitro.aurobay.com/esig/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
nitro.aurobay.com/esig/
Redirect Chain

https://nitro.aurobay.com/
https://nitro.aurobay.com/esig/

2 KB
4 KB

183ms
183ms

Document
text/html

20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

93c86ffaa7d98eabfc71c3010b82fb65aa665d00e7c34cc9d2fcaf46cc13ffd2

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache,no-store
content-length: 2028
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
content-type: text/html
correlation-id: 6a2a6578-7d40-4770-bb1d-e915da522d90
date: Fri, 07 Jun 2024 12:48:53 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
server: Connective Web Application Firewall
strict-transport-security: max-age=31536000
x-content-security-policy: default-src 'self';
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-unique-id: -/-/20240607144853/ZmMBtXOzffd9lUiDTpMy7gAAwSQ/-/20231117/-

Redirect headers

content-length: 239
content-type: text/html; charset=iso-8859-1
date: Fri, 07 Jun 2024 12:48:52 GMT
location: https://nitro.aurobay.com/esig/
server: Connective Web Application Firewall
x-unique-id: -/-/20240607144852/ZmMBtHOzffd9lUiDTpMy7QAAwSQ/-/20231117/

GET
H2 200 main-2d8bbb7.css
nitro.aurobay.com/esig/ 407 KB
72 KB 260ms
259ms Stylesheet
text/css 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/main-2d8bbb7.css

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

7f832c7bd208d8c4ccc0a847c220579f31636e11a8eb83cb77c249aabb051e27

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nitro.aurobay.com/esig/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:53 GMT
strict-transport-security: max-age=31536000
x-unique-id: -/-/20240607144853/ZmMBtXOzffd9lUiDTpMy7wAAwSQ/-/20231117/-
correlation-id: 92d0ce02-b741-4203-9523-54f5f5f3ce63
content-encoding: gzip
server: Connective Web Application Firewall
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=604800, private
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
x-content-security-policy: default-src 'self';

GET
H2 200 onedrive.js Show response
nitro.aurobay.com/esig/resources/ 59 KB
22 KB 259ms
257ms Script
application/javascript 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/resources/onedrive.js

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

c7b656be289f41cf45182e4e5065a7a9b39fbe2244d3d509b43440c3034ab0c7

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nitro.aurobay.com/esig/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:53 GMT
strict-transport-security: max-age=31536000
x-unique-id: -/-/20240607144853/ZmMBtXOzffd9lUiDTpMy8AAAwQk/-/20231117/-
correlation-id: d83bde5f-4e92-4cd8-a736-02bcb634d61f
content-encoding: gzip
server: Connective Web Application Firewall
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=604800, private
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
x-content-security-policy: default-src 'self';

GET
H2 200 vendor-2d8bbb7.js Show response
nitro.aurobay.com/esig/ 116 KB
49 KB 185ms
184ms Script
application/javascript 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/vendor-2d8bbb7.js

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

3ae9ac65186a7398b57f67fec69165ced92c5863690effc84b2b0daa98d67fe6

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nitro.aurobay.com/esig/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:53 GMT
strict-transport-security: max-age=31536000
x-unique-id: -/-/20240607144853/ZmMBtXOzffd9lUiDTpMy8QAAwQU/-/20231117/-
correlation-id: 31e8040c-ef42-4ea0-b354-f68cb0cb64f3
content-encoding: gzip
server: Connective Web Application Firewall
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=604800, private
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
x-content-security-policy: default-src 'self';

GET
H2 200 bundle-2d8bbb7.js Show response
nitro.aurobay.com/esig/ 3 MB
834 KB 294ms
293ms Script
application/javascript 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/bundle-2d8bbb7.js

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

79fd39ee595e0827241d4a1963aaf5efba8eae2f021aa2a4219df570899d7aa1

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nitro.aurobay.com/esig/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:53 GMT
strict-transport-security: max-age=31536000
x-unique-id: -/-/20240607144853/ZmMBtXOzffd9lUiDTpMy8gAAwQY/-/20231117/-
correlation-id: ca38baf3-e70e-4e5b-9090-076dc8bb4868
content-encoding: gzip
server: Connective Web Application Firewall
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=604800, private
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
x-content-security-policy: default-src 'self';

GET
H2 200 visible Show response
nitro.aurobay.com/esig/portalapi/v1/config/configuration/ 29 KB
7 KB 2378ms
2377ms XHR
application/json 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/portalapi/v1/config/configuration/visible

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/bundle-2d8bbb7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

d68428c4b22fb02440957a2c753c19f4038b8a0201f4d1f6db2705fe3741aac4

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-CSRF-TOKEN: cBa94cnU41TewKAZ0m2g8pdLc_FXad5AP9vLQqTwOFM;1717764533
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://nitro.aurobay.com/esig/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:55 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
x-csrf-token: 4qUmaIQovsOZX6aDZsixyiMY6S-1nxZKB4aF_HMPBvg;1717764536
x-content-type-options: nosniff
content-length: 7019
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
pragma: no-cache
x-unique-id: -/-/20240607144856/ZmMBtXOzffd9lUiDTpMy9AAAwQY/-/20231117/-
correlation-id: 59282192-1849-469d-a48a-59a87c5c8eb6
server: Connective Web Application Firewall
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store
x-content-security-policy: default-src 'self';

GET
H2 200 signingtypes Show response
nitro.aurobay.com/esig/portalapi/v1/config/configuration/ 118 KB
50 KB 2099ms
2098ms XHR
application/json 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/portalapi/v1/config/configuration/signingtypes

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/bundle-2d8bbb7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

bf39023e2558939bd01c622bcdf5e5d6e1166df1df30acdb0ca659e92bf05fbe

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-CSRF-TOKEN: cBa94cnU41TewKAZ0m2g8pdLc_FXad5AP9vLQqTwOFM;1717764533
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://nitro.aurobay.com/esig/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:55 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
x-content-type-options: nosniff
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
pragma: no-cache
x-unique-id: -/-/20240607144855/ZmMBtXOzffd9lUiDTpMy9gAAwSQ/-/20231117/-
correlation-id: 0d7ba2a4-2b3a-4bf4-a040-d5a4355e1760
server: Connective Web Application Firewall
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store
x-content-security-policy: default-src 'self';

GET
H2 403 myaccount Show response
nitro.aurobay.com/esig/portalapi/v1/ 105 B
475 B 980ms
978ms XHR
text/plain 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/portalapi/v1/myaccount

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/bundle-2d8bbb7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

5fc292a905ef9d5a72cdf3e03972f043786e5ecbe471b9a99dded7b6826e93a5

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-CSRF-TOKEN: cBa94cnU41TewKAZ0m2g8pdLc_FXad5AP9vLQqTwOFM;1717764533
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://nitro.aurobay.com/esig/
sec-ch-ua-platform: "Win32"

Response headers

expires: 0
date: Fri, 07 Jun 2024 12:48:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
x-csrf-token: So1yQ4CQuq07Nbs_5z4lmKHTs8hnOEo_DsuIeH7h6wM;1717764534
content-length: 105
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
pragma: no-cache
x-unique-id: -/-/20240607144854/ZmMBtXOzffd9lUiDTpMy9QAAwQk/-/20231117/-
correlation-id: 3509d420-f32e-48ad-b4fb-3e0f433b1e6d
server: Connective Web Application Firewall
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
cache-control: must-revalidate, max-age=0, no-cache, no-store
x-content-security-policy: default-src 'self';

GET
H2 200 version Show response
nitro.aurobay.com/esig/portalapi/v1/config/configuration/ 55 B
520 B 229ms
229ms XHR
application/json 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/portalapi/v1/config/configuration/version

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/bundle-2d8bbb7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

30e18ea6055abfebb25678771df44e4a6a966edef7ee1af0a15d066b57eed99b

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-CSRF-TOKEN: cBa94cnU41TewKAZ0m2g8pdLc_FXad5AP9vLQqTwOFM;1717764533
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://nitro.aurobay.com/esig/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:53 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
x-csrf-token: cBa94cnU41TewKAZ0m2g8pdLc_FXad5AP9vLQqTwOFM;1717764533
x-content-type-options: nosniff
content-length: 163
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
pragma: no-cache
x-unique-id: -/-/20240607144853/ZmMBtXOzffd9lUiDTpMy9wAAwQU/-/20231117/-
correlation-id: 7e9e2292-67e5-4be9-8d81-48a272ff1ffa
server: Connective Web Application Firewall
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store
x-content-security-policy: default-src 'self';

GET
H2 200 theme-configuration.json Show response
nitro.aurobay.com/esig/resources/ 93 KB
12 KB 962ms
961ms XHR
application/json 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/resources/theme-configuration.json

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/bundle-2d8bbb7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

7edb701d792b328040c62706cfc5e01c7a5159eae11d159772fc8884cb6b5139

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-CSRF-TOKEN: cBa94cnU41TewKAZ0m2g8pdLc_FXad5AP9vLQqTwOFM;1717764533
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://nitro.aurobay.com/esig/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:54 GMT
strict-transport-security: max-age=31536000
x-unique-id: -/-/20240607144854/ZmMBtXOzffd9lUiDTpMy@AAAwQ0/-/20231117/-
correlation-id: 98db6c4b-3ab7-4e47-8014-25cf49f6fdb4
content-encoding: gzip
server: Connective Web Application Firewall
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-type: application/json
x-frame-options: SAMEORIGIN
cache-control: max-age=604800, private
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
x-content-security-policy: default-src 'self';

GET
H2 200 favicon.ico
nitro.aurobay.com/ 15 KB
15 KB 212ms
212ms Other
image/x-icon 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

ecdf838b667c55fd173dab517161bf02af95220c112128d0d13206f7394d7635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nitro.aurobay.com/esig/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-request-method: GET,HEAD
content-length: 15406
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
x-unique-id: -/-/20240607144853/ZmMBtXOzffd9lUiDTpMy@QAAwSA/-/20231117/-
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 07 Jun 2024 08:46:05 GMT
server: Connective Web Application Firewall
etag: "3c2e-61a48d47dd883-gzip"
access-control-max-age: 360000
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=600, stale-while-revalidate=60
accept-ranges: bytes

GET
H2 200 values Show response
nitro.aurobay.com/esig/portalapi/v1/config/themes/3ac8ecf3-1726-4d3b-8148-5ad80d7159fe/groups/ 241 KB
198 KB 552ms
551ms XHR
application/json 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/portalapi/v1/config/themes/3ac8ecf3-1726-4d3b-8148-5ad80d7159fe/groups/values

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/bundle-2d8bbb7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

be939fbb4ae46599217e0a311393e7aaea9e490acccb79ec32520f0213248575

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-CSRF-TOKEN: 4qUmaIQovsOZX6aDZsixyiMY6S-1nxZKB4aF_HMPBvg;1717764536
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://nitro.aurobay.com/esig/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:55 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-csrf-token: 4qUmaIQovsOZX6aDZsixyiMY6S-1nxZKB4aF_HMPBvg;1717764536
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
pragma: no-cache
x-unique-id: -/-/20240607144856/ZmMBuHOzffd9lUiDTpMzAgAAwQY/-/20231117/-
correlation-id: 4c5f4c0d-58bf-46f0-bfb3-5c55c9e7d622
server: Connective Web Application Firewall
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store
x-content-security-policy: default-src 'self';

GET
H2 200 portal
nitro.aurobay.com/esig/portalapi/v1/config/themes/3ac8ecf3-1726-4d3b-8148-5ad80d7159fe/favicon/ 1 KB
1 KB 190ms
190ms Other
image/x-icon 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/portalapi/v1/config/themes/3ac8ecf3-1726-4d3b-8148-5ad80d7159fe/favicon/portal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

c3d36b044345da2b8fb3ddc4b8c7fd5ce5a63f85eb45b7b23ade6038319dadae

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nitro.aurobay.com/esig/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
x-csrf-token: 4qUmaIQovsOZX6aDZsixyiMY6S-1nxZKB4aF_HMPBvg;1717764536
content-length: 1109
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
pragma: no-cache
x-unique-id: -/-/20240607144856/ZmMBuHOzffd9lUiDTpMzBAAAwQY/-/20231117/-
correlation-id: 7643acbe-b9b0-4d87-b620-b27992eb240c
server: Connective Web Application Firewall
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-type: image/x-icon
cache-control: no-cache,no-store
x-content-security-policy: default-src 'self';

GET
H2 200 en.json Show response
nitro.aurobay.com/esig/locales/portal/translation/ 2 KB
1 KB 122ms
121ms XHR
application/json 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/locales/portal/translation/en.json

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/vendor-2d8bbb7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

7bc3484190269f32a0cbd6f70b47c802c89373831bf3a8f467cfe6d6703c1604

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://nitro.aurobay.com/esig/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:56 GMT
strict-transport-security: max-age=31536000
x-unique-id: -/-/20240607144856/ZmMBuHOzffd9lUiDTpMzBQAAwSQ/-/20231117/-
correlation-id: da3edcb9-9b71-4b7d-b9b4-0dc1864026df
content-encoding: gzip
server: Connective Web Application Firewall
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-type: application/json
x-frame-options: SAMEORIGIN
cache-control: max-age=604800, private
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
x-content-security-policy: default-src 'self';

GET
H2 200 feature-toggles.json Show response
nitro.aurobay.com/esig/resources/ 2 B
2 KB 133ms
133ms XHR
application/json 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/resources/feature-toggles.json

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/bundle-2d8bbb7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-CSRF-TOKEN: 4qUmaIQovsOZX6aDZsixyiMY6S-1nxZKB4aF_HMPBvg;1717764536
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://nitro.aurobay.com/esig/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:56 GMT
strict-transport-security: max-age=31536000
x-unique-id: -/-/20240607144857/ZmMBuHOzffd9lUiDTpMzBgAAwSQ/-/20231117/-
correlation-id: 9439d616-33ad-42f2-a776-8c817b462357
content-encoding: gzip
server: Connective Web Application Firewall
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-type: application/json
x-frame-options: SAMEORIGIN
cache-control: max-age=604800, private
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
x-content-security-policy: default-src 'self';

GET
H2 200 features Show response
nitro.aurobay.com/esig/api/v1/ 43 B
450 B 227ms
227ms XHR
application/json 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/api/v1/features

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/bundle-2d8bbb7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

602b2f11f2af48a00f23e7904c3df3c9330616a6f4106c38ee85bac5bcd1eace

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-CSRF-TOKEN: 4qUmaIQovsOZX6aDZsixyiMY6S-1nxZKB4aF_HMPBvg;1717764536
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://nitro.aurobay.com/esig/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
x-content-type-options: nosniff
content-length: 161
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
pragma: no-cache
x-unique-id: -/-/20240607144857/ZmMBuXOzffd9lUiDTpMzCAAAwSQ/-/20231117/-
correlation-id: f845f5ab-1c80-4673-bc8a-0dcc24a74c47
server: Connective Web Application Firewall
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store
x-content-security-policy: default-src 'self';

GET
H2 200 blocks.template-2d8bbb7.html Show response
nitro.aurobay.com/esig/ 255 KB
63 KB 216ms
216ms Fetch
text/html 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/blocks.template-2d8bbb7.html

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/bundle-2d8bbb7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

141d844ca9c97658db80dabaab68800ba1c2b6e2cd4de5b3c0a2b68a1cdf6d25

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nitro.aurobay.com/esig/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:56 GMT
strict-transport-security: max-age=31536000
x-unique-id: -/-/20240607144857/ZmMBuXOzffd9lUiDTpMzCQAAwSQ/-/20231117/-
correlation-id: b916794c-6c8d-490c-bb5c-fc75c49874b2
content-encoding: gzip
server: Connective Web Application Firewall
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-type: text/html
x-frame-options: SAMEORIGIN
cache-control: max-age=604800, private
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
x-content-security-policy: default-src 'self';

GET
H2 200 views.template-2d8bbb7.html Show response
nitro.aurobay.com/esig/ 56 KB
11 KB 929ms
928ms Fetch
text/html 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/views.template-2d8bbb7.html

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/bundle-2d8bbb7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

f67daac8cf03e93b1826778ee26e740b375bfb7b9461e1960ce3f8fd4b9bdeea

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nitro.aurobay.com/esig/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:56 GMT
strict-transport-security: max-age=31536000
x-unique-id: -/-/20240607144857/ZmMBuXOzffd9lUiDTpMzCgAAwQY/-/20231117/-
correlation-id: 0db4da85-5b23-4956-a297-df172dbad676
content-encoding: gzip
server: Connective Web Application Firewall
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-type: text/html
x-frame-options: SAMEORIGIN
cache-control: max-age=604800, private
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
x-content-security-policy: default-src 'self';

GET
H2 200 portal
nitro.aurobay.com/esig/portalapi/v1/config/themes/3ac8ecf3-1726-4d3b-8148-5ad80d7159fe/favicon/ 1 KB
1 KB 225ms
224ms Other
image/x-icon 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/portalapi/v1/config/themes/3ac8ecf3-1726-4d3b-8148-5ad80d7159fe/favicon/portal

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

c3d36b044345da2b8fb3ddc4b8c7fd5ce5a63f85eb45b7b23ade6038319dadae

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nitro.aurobay.com/esig/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
x-csrf-token: MwlB70qIAqroUX5gIRqS0ohk2BKT84QvysmT6S-tdaQ;1717764537
content-length: 1109
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
pragma: no-cache
x-unique-id: -/-/20240607144857/ZmMBuXOzffd9lUiDTpMzCwAAwQk/-/20231117/-
correlation-id: 34e44f0b-f915-42fa-90e6-5a716769439a
server: Connective Web Application Firewall
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-type: image/x-icon
cache-control: no-cache,no-store
x-content-security-policy: default-src 'self';

GET
H2 200 en.json Show response
nitro.aurobay.com/esig/locales/portal/login/ 738 B
786 B 259ms
259ms XHR
application/json 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/locales/portal/login/en.json

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/vendor-2d8bbb7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

40f1e0d43c12780ede217d58178b71f21ff1d9edca2b93e22a46dfa4f765bb3f

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://nitro.aurobay.com/esig/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:58 GMT
strict-transport-security: max-age=31536000
x-unique-id: -/-/20240607144858/ZmMBunOzffd9lUiDTpMzDgAAwQY/-/20231117/-
correlation-id: bf677cd0-43ae-42ef-8f21-5c44b35bfc1b
content-encoding: gzip
server: Connective Web Application Firewall
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-type: application/json
x-frame-options: SAMEORIGIN
cache-control: max-age=604800, private
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
x-content-security-policy: default-src 'self';

GET
DATA 200
OK truncated
/ 49 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bbd4c125a01b29d7ae8181dcabe5a862fff2ef84dc5dbeb05937e94bcb9404b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.json Show response
nitro.aurobay.com/esig/locales/portal/register/ 1 KB
987 B 239ms
239ms XHR
application/json 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/locales/portal/register/en.json

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/vendor-2d8bbb7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

bedc386c82a9c6bccc4d4ac46019648e6011ecf22b3c20554f70427373453f9e

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://nitro.aurobay.com/esig/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:58 GMT
strict-transport-security: max-age=31536000
x-unique-id: -/-/20240607144858/ZmMBunOzffd9lUiDTpMzEAAAwQ0/-/20231117/-
correlation-id: ff29a430-23b1-44dc-95cb-8d396eb8b0f1
content-encoding: gzip
server: Connective Web Application Firewall
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-type: application/json
x-frame-options: SAMEORIGIN
cache-control: max-age=604800, private
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
x-content-security-policy: default-src 'self';

GET
H2 200 en.json Show response
nitro.aurobay.com/esig/locales/portal/form/ 4 KB
2 KB 260ms
260ms XHR
application/json 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/locales/portal/form/en.json

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/vendor-2d8bbb7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

56cf4e4f8356b5a2f0aacb7a32b829ac7a2364b8726e850dfa64468eae1f1ca6

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://nitro.aurobay.com/esig/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:58 GMT
strict-transport-security: max-age=31536000
x-unique-id: -/-/20240607144858/ZmMBunOzffd9lUiDTpMzEQAAwQU/-/20231117/-
correlation-id: 4f87a29b-fe28-42a0-a12c-69a1f9d57db2
content-encoding: gzip
server: Connective Web Application Firewall
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-type: application/json
x-frame-options: SAMEORIGIN
cache-control: max-age=604800, private
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
x-content-security-policy: default-src 'self';

GET
DATA 200
OK truncated
/ 125 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f623557e0b5abb61ca45916dff723152a975a2533d26cd825e003b39f7a5d352

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 PT_Sans-Web-Regular.ttf
nitro.aurobay.com/esig/fonts/ 433 KB
230 KB 270ms
269ms Font
application/octet-stream 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/fonts/PT_Sans-Web-Regular.ttf

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/main-2d8bbb7.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

9cc831490532009bae2b3ce0d39c62adfc889060beb421593bfd9d2396d0f10a

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nitro.aurobay.com/esig/main-2d8bbb7.css
Origin: https://nitro.aurobay.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:58 GMT
strict-transport-security: max-age=31536000
x-unique-id: -/-/20240607144858/ZmMBunOzffd9lUiDTpMzDwAAwSQ/-/20231117/-
correlation-id: 085f3194-fa04-4ea9-a500-b9255ca89246
content-encoding: gzip
server: Connective Web Application Firewall
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding,Origin
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: https://nitro.aurobay.com
cache-control: max-age=604800, private
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
x-content-security-policy: default-src 'self';

GET
H2 200 PT_Sans-Web-Bold.ttf
nitro.aurobay.com/esig/fonts/ 459 KB
242 KB 380ms
379ms Font
application/octet-stream 20.126.207.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://nitro.aurobay.com/esig/fonts/PT_Sans-Web-Bold.ttf

Requested by

Host: nitro.aurobay.com
URL: https://nitro.aurobay.com/esig/main-2d8bbb7.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.126.207.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Connective Web Application Firewall /

Resource Hash

3128bd5ecf01816e59a23d54c57a7a6b14615b07db53ff277c77376010265b05

Security Headers

Name	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nitro.aurobay.com/esig/main-2d8bbb7.css
Origin: https://nitro.aurobay.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:48:58 GMT
strict-transport-security: max-age=31536000
x-unique-id: -/-/20240607144858/ZmMBunOzffd9lUiDTpMzDwAAwQk/-/20231117/-
correlation-id: 0b6a2718-c653-4c5f-94b3-b86cef98036e
content-encoding: gzip
server: Connective Web Application Firewall
content-security-policy: report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://*.analytics.google.com 'self' blob: https://localhost:10443 http://localhost:* https://*.connective.eu https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: *;font-src * data:;media-src https://*.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: * data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding,Origin
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: https://nitro.aurobay.com
cache-control: max-age=604800, private
reporting-endpoints: coop=/!report/coop, csp=/!report/csp, default=/!report/default
x-content-security-policy: default-src 'self';

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			nitro.aurobay.com/	1969-12-31 23:59:59	Name: osm.sid Value: e5e6de31915d482d875abc14c69dc4a3.d5t5dxhfZrG6c5uimnTHzrFDq%2Flb1f9Phodl1dQI8C8l%2FYTjVUwvw0cRDDbG2%2B%2FVpLN32tWg4YUhcWLcmbVn7A%3D%3D
			nitro.aurobay.com/	1969-12-31 23:59:59	Name: _acl Value: YWRtaW46bm8=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nitro.aurobay.com/esig/portalapi/v1/myaccount Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-to csp;report-uri /!report/csp;default-src 'self' blob:;script-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://apis.google.com https://www.dropbox.com https://static.hotjar.com https://script.hotjar.com 'unsafe-inline' 'unsafe-eval' 'report-sample';connect-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com https://.analytics.google.com 'self' blob: https://localhost:10443 http://localhost: https://.connective.eu https://.hotjar.com:* https://.hotjar.io: wss://.hotjar.com https://graph.microsoft.com;frame-src https://uatsign.itsme.be https://sign-fe.uat.itsme.services https://sign.itsme.be https://sign-fe.prd.itsme.services https://accounts.google.com https://docs.google.com https://distribution.connective.eu https://distribution-acc.connective.eu https://distribution-test.connective.eu https://vars.hotjar.com https://ais-sas.swisscom.com 'self' blob: javascript:;img-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: https://script.hotjar.com https://ssl.gstatic.com https://www.gstatic.com data: ;font-src data:;media-src https://.google-analytics.com https://googletagmanager.com https://tagmanager.google.com 'self' blob: data:;style-src https://fonts.googleapis.com https://tagmanager.google.com 'self' blob: 'unsafe-inline';upgrade-insecure-requests;block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nitro.aurobay.com
20.126.207.36
141d844ca9c97658db80dabaab68800ba1c2b6e2cd4de5b3c0a2b68a1cdf6d25
30e18ea6055abfebb25678771df44e4a6a966edef7ee1af0a15d066b57eed99b
3128bd5ecf01816e59a23d54c57a7a6b14615b07db53ff277c77376010265b05
3ae9ac65186a7398b57f67fec69165ced92c5863690effc84b2b0daa98d67fe6
40f1e0d43c12780ede217d58178b71f21ff1d9edca2b93e22a46dfa4f765bb3f
4bbd4c125a01b29d7ae8181dcabe5a862fff2ef84dc5dbeb05937e94bcb9404b
56cf4e4f8356b5a2f0aacb7a32b829ac7a2364b8726e850dfa64468eae1f1ca6
5fc292a905ef9d5a72cdf3e03972f043786e5ecbe471b9a99dded7b6826e93a5
602b2f11f2af48a00f23e7904c3df3c9330616a6f4106c38ee85bac5bcd1eace
79fd39ee595e0827241d4a1963aaf5efba8eae2f021aa2a4219df570899d7aa1
7bc3484190269f32a0cbd6f70b47c802c89373831bf3a8f467cfe6d6703c1604
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
7edb701d792b328040c62706cfc5e01c7a5159eae11d159772fc8884cb6b5139
7f832c7bd208d8c4ccc0a847c220579f31636e11a8eb83cb77c249aabb051e27
93c86ffaa7d98eabfc71c3010b82fb65aa665d00e7c34cc9d2fcaf46cc13ffd2
9cc831490532009bae2b3ce0d39c62adfc889060beb421593bfd9d2396d0f10a
be939fbb4ae46599217e0a311393e7aaea9e490acccb79ec32520f0213248575
bedc386c82a9c6bccc4d4ac46019648e6011ecf22b3c20554f70427373453f9e
bf39023e2558939bd01c622bcdf5e5d6e1166df1df30acdb0ca659e92bf05fbe
c3d36b044345da2b8fb3ddc4b8c7fd5ce5a63f85eb45b7b23ade6038319dadae
c7b656be289f41cf45182e4e5065a7a9b39fbe2244d3d509b43440c3034ab0c7
d68428c4b22fb02440957a2c753c19f4038b8a0201f4d1f6db2705fe3741aac4
ecdf838b667c55fd173dab517161bf02af95220c112128d0d13206f7394d7635
f623557e0b5abb61ca45916dff723152a975a2533d26cd825e003b39f7a5d352
f67daac8cf03e93b1826778ee26e740b375bfb7b9461e1960ce3f8fd4b9bdeea

nitro.aurobay.com Open in urlscan Pro 20.126.207.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

24 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

1819 kBTransfer

5422 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

nitro.aurobay.com Open in urlscan Pro
20.126.207.36 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1819 kB
Transfer

5422 kB
Size

2
Cookies

24 HTTP transactions
2 data transactions