urlscan.io logo urlscan.io
SecurityTrails logo

auth-dev.dev11.nec-ccoc.com Open in urlscan Pro
91.232.71.44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://auth-dev.dev11.nec-ccoc.com/
Effective URL: https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID...
Submission: On September 11 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 91.232.71.44, located in Spain and belongs to WALHALLA__AS30937, ES. The main domain is auth-dev.dev11.nec-ccoc.com.
TLS certificate: Issued by R3 on September 11th 2021. Valid for: 3 months.
This is the only time auth-dev.dev11.nec-ccoc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 13 91.232.71.44 30937 (WALHALLA_...)
9 1
Apex Domain
Subdomains		 Transfer
13 nec-ccoc.com
auth-dev.dev11.nec-ccoc.com
127 KB
9 1
Domain Requested by
13 auth-dev.dev11.nec-ccoc.com 4 redirects auth-dev.dev11.nec-ccoc.com
9 1

This site contains links to these domains. Also see Links.

Domain
wso2.com
Subject Issuer Validity Valid
auth-dev.dev11.nec-ccoc.com
R3		 2021-09-11 -
2021-12-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
Frame ID: 0C7A49DE2AF89589FEBA0382880ED79E
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WSO2 Identity Server

Page URL History Show full URLs

  1. https://auth-dev.dev11.nec-ccoc.com/ HTTP 302
    https://auth-dev.dev11.nec-ccoc.com/carbon HTTP 302
    https://auth-dev.dev11.nec-ccoc.com/carbon/admin/index.jsp HTTP 302
    https://auth-dev.dev11.nec-ccoc.com/carbon/admin/login.jsp Page URL
  2. https://auth-dev.dev11.nec-ccoc.com/samlsso HTTP 302
    https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

126 kB
Transfer

461 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://auth-dev.dev11.nec-ccoc.com/ HTTP 302
    https://auth-dev.dev11.nec-ccoc.com/carbon HTTP 302
    https://auth-dev.dev11.nec-ccoc.com/carbon/admin/index.jsp HTTP 302
    https://auth-dev.dev11.nec-ccoc.com/carbon/admin/login.jsp Page URL
  2. https://auth-dev.dev11.nec-ccoc.com/samlsso HTTP 302
    https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://auth-dev.dev11.nec-ccoc.com/ HTTP 302
  • https://auth-dev.dev11.nec-ccoc.com/carbon HTTP 302
  • https://auth-dev.dev11.nec-ccoc.com/carbon/admin/index.jsp HTTP 302
  • https://auth-dev.dev11.nec-ccoc.com/carbon/admin/login.jsp

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login.jsp
auth-dev.dev11.nec-ccoc.com/carbon/admin/
Redirect Chain
  • https://auth-dev.dev11.nec-ccoc.com/
  • https://auth-dev.dev11.nec-ccoc.com/carbon
  • https://auth-dev.dev11.nec-ccoc.com/carbon/admin/index.jsp
  • https://auth-dev.dev11.nec-ccoc.com/carbon/admin/login.jsp
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth-dev.dev11.nec-ccoc.com/carbon/admin/login.jsp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.232.71.44 , Spain, ASN30937 (WALHALLA__AS30937, ES),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
04997860f354d44bb6697eec8cc39e60a4bef0cda247b01fe53df29704382886
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
auth-dev.dev11.nec-ccoc.com
:scheme
https
:path
/carbon/admin/login.jsp
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
route=1631352466.295.31921.26923; JSESSIONID=72BA44762A756CB3F1765A13329312D1; requestedURI=../../carbon/admin/index.jsp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.19.2
date
Sat, 11 Sep 2021 09:27:45 GMT
content-type
text/html;charset=UTF-8
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
DENY
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=15724800; includeSubDomains

Redirect headers

server
nginx/1.19.2
date
Sat, 11 Sep 2021 09:27:45 GMT
content-type
text/html;charset=UTF-8
content-length
0
location
https://auth-dev.dev11.nec-ccoc.com/carbon/admin/login.jsp
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
DENY
set-cookie
requestedURI=../../carbon/admin/index.jsp; Path=/; Secure; HttpOnly
strict-transport-security
max-age=15724800; includeSubDomains
Primary Request login.do
auth-dev.dev11.nec-ccoc.com/authenticationendpoint/
Redirect Chain
  • https://auth-dev.dev11.nec-ccoc.com/samlsso
  • https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso...
11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.232.71.44 , Spain, ASN30937 (WALHALLA__AS30937, ES),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
7c41731aa4ec30cfbe8a33964441ab1985a0bfbb83a034c5f23b9d240f3b5565
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
auth-dev.dev11.nec-ccoc.com
:scheme
https
:path
/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://auth-dev.dev11.nec-ccoc.com/carbon/admin/login.jsp
accept-encoding
gzip, deflate, br
cookie
route=1631352466.295.31921.26923; JSESSIONID=72BA44762A756CB3F1765A13329312D1; requestedURI=../../carbon/admin/index.jsp
Upgrade-Insecure-Requests
1
Origin
https://auth-dev.dev11.nec-ccoc.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://auth-dev.dev11.nec-ccoc.com/carbon/admin/login.jsp

Response headers

server
nginx/1.19.2
date
Sat, 11 Sep 2021 09:27:46 GMT
content-type
text/html;charset=UTF-8
x-frame-options
DENY
x-content-type-options
nosniff
x-xss-protection
1; mode=block
set-cookie
JSESSIONID=B6465E04C7DDDA941C06D91417C18C9FBE9200002BBEA0691756D91DEE24FA49556003E780E8C195612AD3E8806F32ACBA8E0813177E8613003C787A531CDAFA800929A924A890DE608ECAEB29EA7492A272571B082E94872AB31341393F33DF5F755C70788B73DB1DDF3009BE8EA9A76ECE02CFE8362C8FFF0E2E654BDEB953; Path=/authenticationendpoint; Secure; HttpOnly
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=15724800; includeSubDomains

Redirect headers

server
nginx/1.19.2
date
Sat, 11 Sep 2021 09:27:45 GMT
content-type
text/html;charset=UTF-8
content-length
0
location
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
DENY
strict-transport-security
max-age=15724800; includeSubDomains
bootstrap.min.css
auth-dev.dev11.nec-ccoc.com/authenticationendpoint/libs/bootstrap_3.3.5/css/ 		120 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/libs/bootstrap_3.3.5/css/bootstrap.min.css
Requested by
Host: auth-dev.dev11.nec-ccoc.com
URL: https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.232.71.44 , Spain, ASN30937 (WALHALLA__AS30937, ES),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/authenticationendpoint/libs/bootstrap_3.3.5/css/bootstrap.min.css
pragma
no-cache
cookie
JSESSIONID=B6465E04C7DDDA941C06D91417C18C9FBE9200002BBEA0691756D91DEE24FA49556003E780E8C195612AD3E8806F32ACBA8E0813177E8613003C787A531CDAFA800929A924A890DE608ECAEB29EA7492A272571B082E94872AB31341393F33DF5F755C70788B73DB1DDF3009BE8EA9A76ECE02CFE8362C8FFF0E2E654BDEB953; route=1631352466.295.31921.26923; JSESSIONID=72BA44762A756CB3F1765A13329312D1; requestedURI=../../carbon/admin/index.jsp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
auth-dev.dev11.nec-ccoc.com
referer
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 09:27:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Mar 2018 17:09:24 GMT
server
nginx/1.19.2
etag
W/"122540-1521047364000"
x-frame-options
DENY
content-type
text/css
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
Roboto.css
auth-dev.dev11.nec-ccoc.com/authenticationendpoint/css/ 		301 B
437 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/css/Roboto.css
Requested by
Host: auth-dev.dev11.nec-ccoc.com
URL: https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.232.71.44 , Spain, ASN30937 (WALHALLA__AS30937, ES),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
a0db4ef06ad7172414ba48c35c5d1308c9b0e43e1c0a3497fd5eb9bea994fc50
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/authenticationendpoint/css/Roboto.css
pragma
no-cache
cookie
JSESSIONID=B6465E04C7DDDA941C06D91417C18C9FBE9200002BBEA0691756D91DEE24FA49556003E780E8C195612AD3E8806F32ACBA8E0813177E8613003C787A531CDAFA800929A924A890DE608ECAEB29EA7492A272571B082E94872AB31341393F33DF5F755C70788B73DB1DDF3009BE8EA9A76ECE02CFE8362C8FFF0E2E654BDEB953; route=1631352466.295.31921.26923; JSESSIONID=72BA44762A756CB3F1765A13329312D1; requestedURI=../../carbon/admin/index.jsp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
auth-dev.dev11.nec-ccoc.com
referer
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 09:27:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Mar 2018 17:09:24 GMT
server
nginx/1.19.2
etag
W/"301-1521047364000"
x-frame-options
DENY
content-type
text/css
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
custom-common.css
auth-dev.dev11.nec-ccoc.com/authenticationendpoint/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/css/custom-common.css
Requested by
Host: auth-dev.dev11.nec-ccoc.com
URL: https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.232.71.44 , Spain, ASN30937 (WALHALLA__AS30937, ES),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
c7b8b9b98424603704fb6a686e383fc3c9cda6f4245d8b415a0e6602027d8d58
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/authenticationendpoint/css/custom-common.css
pragma
no-cache
cookie
JSESSIONID=B6465E04C7DDDA941C06D91417C18C9FBE9200002BBEA0691756D91DEE24FA49556003E780E8C195612AD3E8806F32ACBA8E0813177E8613003C787A531CDAFA800929A924A890DE608ECAEB29EA7492A272571B082E94872AB31341393F33DF5F755C70788B73DB1DDF3009BE8EA9A76ECE02CFE8362C8FFF0E2E654BDEB953; route=1631352466.295.31921.26923; JSESSIONID=72BA44762A756CB3F1765A13329312D1; requestedURI=../../carbon/admin/index.jsp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
auth-dev.dev11.nec-ccoc.com
referer
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 09:27:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Mar 2018 17:09:24 GMT
server
nginx/1.19.2
etag
W/"5197-1521047364000"
x-frame-options
DENY
content-type
text/css
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
logo-inverse.svg
auth-dev.dev11.nec-ccoc.com/authenticationendpoint/images/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/images/logo-inverse.svg
Requested by
Host: auth-dev.dev11.nec-ccoc.com
URL: https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.232.71.44 , Spain, ASN30937 (WALHALLA__AS30937, ES),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
aad59a473a62ba31bad2b8639f892f1cc00015fdf3f91f7e1dd8889794c03e09
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/authenticationendpoint/images/logo-inverse.svg
pragma
no-cache
cookie
JSESSIONID=B6465E04C7DDDA941C06D91417C18C9FBE9200002BBEA0691756D91DEE24FA49556003E780E8C195612AD3E8806F32ACBA8E0813177E8613003C787A531CDAFA800929A924A890DE608ECAEB29EA7492A272571B082E94872AB31341393F33DF5F755C70788B73DB1DDF3009BE8EA9A76ECE02CFE8362C8FFF0E2E654BDEB953; route=1631352466.295.31921.26923; JSESSIONID=72BA44762A756CB3F1765A13329312D1; requestedURI=../../carbon/admin/index.jsp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
auth-dev.dev11.nec-ccoc.com
referer
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 09:27:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Mar 2018 17:09:24 GMT
server
nginx/1.19.2
etag
W/"4663-1521047364000"
x-frame-options
DENY
content-type
image/svg+xml
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
jquery-1.11.3.js
auth-dev.dev11.nec-ccoc.com/authenticationendpoint/libs/jquery_1.11.3/ 		278 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/libs/jquery_1.11.3/jquery-1.11.3.js
Requested by
Host: auth-dev.dev11.nec-ccoc.com
URL: https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.232.71.44 , Spain, ASN30937 (WALHALLA__AS30937, ES),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/authenticationendpoint/libs/jquery_1.11.3/jquery-1.11.3.js
pragma
no-cache
cookie
JSESSIONID=B6465E04C7DDDA941C06D91417C18C9FBE9200002BBEA0691756D91DEE24FA49556003E780E8C195612AD3E8806F32ACBA8E0813177E8613003C787A531CDAFA800929A924A890DE608ECAEB29EA7492A272571B082E94872AB31341393F33DF5F755C70788B73DB1DDF3009BE8EA9A76ECE02CFE8362C8FFF0E2E654BDEB953; route=1631352466.295.31921.26923; JSESSIONID=72BA44762A756CB3F1765A13329312D1; requestedURI=../../carbon/admin/index.jsp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
auth-dev.dev11.nec-ccoc.com
referer
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 09:27:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Mar 2018 17:09:24 GMT
server
nginx/1.19.2
etag
W/"284394-1521047364000"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
bootstrap.min.js
auth-dev.dev11.nec-ccoc.com/authenticationendpoint/libs/bootstrap_3.3.5/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/libs/bootstrap_3.3.5/js/bootstrap.min.js
Requested by
Host: auth-dev.dev11.nec-ccoc.com
URL: https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.232.71.44 , Spain, ASN30937 (WALHALLA__AS30937, ES),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/authenticationendpoint/libs/bootstrap_3.3.5/js/bootstrap.min.js
pragma
no-cache
cookie
JSESSIONID=B6465E04C7DDDA941C06D91417C18C9FBE9200002BBEA0691756D91DEE24FA49556003E780E8C195612AD3E8806F32ACBA8E0813177E8613003C787A531CDAFA800929A924A890DE608ECAEB29EA7492A272571B082E94872AB31341393F33DF5F755C70788B73DB1DDF3009BE8EA9A76ECE02CFE8362C8FFF0E2E654BDEB953; route=1631352466.295.31921.26923; JSESSIONID=72BA44762A756CB3F1765A13329312D1; requestedURI=../../carbon/admin/index.jsp
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
auth-dev.dev11.nec-ccoc.com
referer
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 09:27:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Mar 2018 17:09:24 GMT
server
nginx/1.19.2
etag
W/"36816-1521047364000"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
logincontext
auth-dev.dev11.nec-ccoc.com/ 		20 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth-dev.dev11.nec-ccoc.com/logincontext?sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&tenantDomain=carbon.super
Requested by
Host: auth-dev.dev11.nec-ccoc.com
URL: https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/libs/jquery_1.11.3/jquery-1.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.232.71.44 , Spain, ASN30937 (WALHALLA__AS30937, ES),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
route=1631352466.295.31921.26923; JSESSIONID=72BA44762A756CB3F1765A13329312D1; requestedURI=../../carbon/admin/index.jsp
:path
/logincontext?sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&tenantDomain=carbon.super
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
auth-dev.dev11.nec-ccoc.com
referer
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://auth-dev.dev11.nec-ccoc.com/authenticationendpoint/login.do?RelayState=c4c8c06f-5dbb-459d-b7d1-bacd8d771c41&SSOAuthSessionID=72BA44762A756CB3F1765A13329312D1&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=6ac08c82-0b28-4648-b651-6fe6e3f759e5&relyingParty=IdentityServer&type=samlsso&sp=IdentityServer&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-xss-protection
1; mode=block
date
Sat, 11 Sep 2021 09:27:46 GMT
x-content-type-options
nosniff
server
nginx/1.19.2
content-length
20
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| checkSessionKey function| getParameterByName function| submitCredentials function| $ function| jQuery object| jQuery11130051338466731593035 function| myFunction function| handleNoDomain

4 Cookies

Domain/Path Name / Value
auth-dev.dev11.nec-ccoc.com/authenticationendpoint Name: JSESSIONID
Value: B6465E04C7DDDA941C06D91417C18C9FBE9200002BBEA0691756D91DEE24FA49556003E780E8C195612AD3E8806F32ACBA8E0813177E8613003C787A531CDAFA800929A924A890DE608ECAEB29EA7492A272571B082E94872AB31341393F33DF5F755C70788B73DB1DDF3009BE8EA9A76ECE02CFE8362C8FFF0E2E654BDEB953
auth-dev.dev11.nec-ccoc.com/ Name: route
Value: 1631352466.295.31921.26923
auth-dev.dev11.nec-ccoc.com/ Name: JSESSIONID
Value: 72BA44762A756CB3F1765A13329312D1
auth-dev.dev11.nec-ccoc.com/ Name: requestedURI
Value: ../../carbon/admin/index.jsp

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block