apply.twoocean.org.qa.two-ocean.dev Open in urlscan Pro
2620:1ec:46::44  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response apply.twoocean.org.qa.two-ocean.dev/	671 B 2 KB	825ms 491ms	Document text/html	2620:1ec:46::44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://apply.twoocean.org.qa.two-ocean.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash d8a712176d3513311a5876abe1d89cf8f0cf6e80b5ba50e61bcc86a36197dccb Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control public, max-age=82800 content-length 671 content-md5 MfadMEIupe9xrF1WrnW0RQ== content-security-policy frame-ancestors 'self' content-type text/html date Tue, 20 Dec 2022 21:37:09 GMT etag "0x8DADF736588568A" expect-ct max-age=3600 last-modified Fri, 16 Dec 2022 14:39:54 GMT permissions-policy geolocation=(); midi=(); sync-xhr=(); microphone=(); camera=(); magnetometer=(); gyroscope=(); speaker=(); fullscreen=(self); payment=() referrer-policy strict-origin-when-cross-origin server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 strict-transport-security max-age=31536000; includeSubDomains x-azure-ref 0BCuiYwAAAAAuQl/svmhfTJE2q7ZT8XUgRlJBMzFFREdFMDkyMgA1NjVhMTgwYi0xMDczLTQwMTAtODI0Yi00MDNiMDI0Nzk2NmY= x-azure-ref-originshield 0BSuiYwAAAADg8OfXCnTzSK6j0IFn+CBRRlJBMjMxMDUwNDE3MDIzADU2NWExODBiLTEwNzMtNDAxMC04MjRiLTQwM2IwMjQ3OTY2Zg== x-base-url https://api.apply.sienacollege.org.qa.two-ocean.dev x-cache TCP_MISS x-cid 40fb5a70-4ab3-4f65-aa4a-e4fd088a114f x-content-type-options nosniff x-frame-options DENY x-ms-request-id 7eda63c2-f01e-001c-4bbb-141767000000 x-ms-version 2018-03-28 x-xss-protection 1; mode=block
GET H2	200	main.ed8b521f.js Show response apply.twoocean.org.qa.two-ocean.dev/static/js/	1 MB 332 KB	1134ms 1134ms	Script application/javascript	2620:1ec:46::44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://apply.twoocean.org.qa.two-ocean.dev/static/js/main.ed8b521f.js Requested by Host: apply.twoocean.org.qa.two-ocean.dev URL: https://apply.twoocean.org.qa.two-ocean.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 4f316fac0b6adebb7032cd4caea73ca4d9ac5f3b6c11ed084ddc56426fa84233 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://apply.twoocean.org.qa.two-ocean.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br x-content-type-options nosniff content-security-policy frame-ancestors 'self' x-azure-ref-originshield 0BSuiYwAAAADqUaZ8LNpaTYqu82Ly1MKgRlJBMjMxMDUwNDE3MDQ3ADU2NWExODBiLTEwNzMtNDAxMC04MjRiLTQwM2IwMjQ3OTY2Zg== content-md5 ooX4c7NTu1Ofeb2m0Dhh8Q== date Tue, 20 Dec 2022 21:37:10 GMT x-cache TCP_MISS x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Fri, 16 Dec 2022 14:39:55 GMT server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DADF73664A02DD" expect-ct max-age=3600 x-frame-options DENY x-azure-ref 0BSuiYwAAAADyEjboc+iOQZUasypnarXFRlJBMzFFREdFMDkyMgA1NjVhMTgwYi0xMDczLTQwMTAtODI0Yi00MDNiMDI0Nzk2NmY= content-type application/javascript access-control-allow-origin * x-ms-request-id 6f33f513-001e-006a-29bb-149d2f000000 cache-control public, max-age=82800 x-ms-version 2018-03-28 permissions-policy geolocation=(); midi=(); sync-xhr=(); microphone=(); camera=(); magnetometer=(); gyroscope=(); speaker=(); fullscreen=(self); payment=() accept-ranges bytes x-cid 40fb5a70-4ab3-4f65-aa4a-e4fd088a114f x-base-url https://api.apply.sienacollege.org.qa.two-ocean.dev
GET H2	200	main.97e5f7ea.css apply.twoocean.org.qa.two-ocean.dev/static/css/	4 KB 1 KB	460ms 459ms	Stylesheet text/css	2620:1ec:46::44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://apply.twoocean.org.qa.two-ocean.dev/static/css/main.97e5f7ea.css Requested by Host: apply.twoocean.org.qa.two-ocean.dev URL: https://apply.twoocean.org.qa.two-ocean.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 7a8f72371f5d9e5bba47778720503d1df7bbdd1ff2ae61a0c43fb9f7a3b503e4 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://apply.twoocean.org.qa.two-ocean.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br x-content-type-options nosniff content-security-policy frame-ancestors 'self' x-azure-ref-originshield 0BSuiYwAAAAD/Qv9D0YE5Rot8uqWyzbWTRlJBMjMxMDUwNDE4MDUxADU2NWExODBiLTEwNzMtNDAxMC04MjRiLTQwM2IwMjQ3OTY2Zg== content-md5 NPpycCpHDvIr6NxgS2jYaw== date Tue, 20 Dec 2022 21:37:09 GMT x-cache TCP_MISS x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Fri, 16 Dec 2022 14:39:54 GMT server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DADF7365CD9295" expect-ct max-age=3600 x-frame-options DENY x-azure-ref 0BSuiYwAAAAAyp3B+zlwWSrt13bbDKX8JRlJBMzFFREdFMDkyMgA1NjVhMTgwYi0xMDczLTQwMTAtODI0Yi00MDNiMDI0Nzk2NmY= content-type text/css access-control-allow-origin * x-ms-request-id fa551215-601e-0031-7bbb-14a414000000 cache-control public, max-age=82800 x-ms-version 2018-03-28 permissions-policy geolocation=(); midi=(); sync-xhr=(); microphone=(); camera=(); magnetometer=(); gyroscope=(); speaker=(); fullscreen=(self); payment=() accept-ranges bytes x-cid 40fb5a70-4ab3-4f65-aa4a-e4fd088a114f x-base-url https://api.apply.sienacollege.org.qa.two-ocean.dev
GET H2	200	fs.js Show response edge.fullstory.com/s/	261 KB 66 KB	119ms 37ms	Script application/javascript	35.201.112.186 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://edge.fullstory.com/s/fs.js Requested by Host: apply.twoocean.org.qa.two-ocean.dev URL: https://apply.twoocean.org.qa.two-ocean.dev/static/js/main.ed8b521f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 186.112.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash c5a96f811c07cd6ebe0c0f778b01ad010aed66b67c7870041082ade83536f2f1 Request headers Referer https://apply.twoocean.org.qa.two-ocean.dev/ Origin https://apply.twoocean.org.qa.two-ocean.dev accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 20 Dec 2022 21:01:08 GMT content-encoding br age 2163 x-guploader-uploadid ADPycduwhKn1EE2b6GhI87Tnq4yK-cFQgki-AYUIBaLD1jhG66eykga-wcYf-JHyqiF_j5MkFQTkqQBnVtjsuoV3r1mWOJPCt8Nd x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66739 last-modified Wed, 14 Dec 2022 20:07:45 GMT server UploadServer etag "b8b9b4fe027151ede0a153fc76e1bc9d" vary Accept-Encoding x-goog-generation 1671048465040176 x-goog-hash crc32c=eRL31g==, md5=uLm0/gJxUe3goVP8duG8nQ== access-control-allow-origin * access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600,no-transform x-goog-stored-content-length 66739 accept-ranges bytes content-type application/javascript expires Tue, 20 Dec 2022 22:01:08 GMT
GET H2	200	/ Show response apply.twoocean.org.qa.two-ocean.dev/	671 B 840 B	39ms 39ms	XHR text/html	2620:1ec:46::44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://apply.twoocean.org.qa.two-ocean.dev/ Requested by Host: apply.twoocean.org.qa.two-ocean.dev URL: https://apply.twoocean.org.qa.two-ocean.dev/static/js/main.ed8b521f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash d8a712176d3513311a5876abe1d89cf8f0cf6e80b5ba50e61bcc86a36197dccb Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://apply.twoocean.org.qa.two-ocean.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-security-policy frame-ancestors 'self' x-content-type-options nosniff date Tue, 20 Dec 2022 21:37:10 GMT x-azure-ref-originshield 0BSuiYwAAAADg8OfXCnTzSK6j0IFn+CBRRlJBMjMxMDUwNDE3MDIzADU2NWExODBiLTEwNzMtNDAxMC04MjRiLTQwM2IwMjQ3OTY2Zg== content-md5 MfadMEIupe9xrF1WrnW0RQ== x-cache TCP_HIT content-length 671 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Fri, 16 Dec 2022 14:39:54 GMT server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DADF736588568A" expect-ct max-age=3600 x-frame-options DENY x-azure-ref 0ByuiYwAAAADXegndiaIPRosnzqSPrEXiRlJBMzFFREdFMDkyMgA1NjVhMTgwYi0xMDczLTQwMTAtODI0Yi00MDNiMDI0Nzk2NmY= content-type text/html access-control-allow-origin * x-ms-request-id 7eda63c2-f01e-001c-4bbb-141767000000 cache-control public, max-age=82800 x-ms-version 2018-03-28 permissions-policy geolocation=(); midi=(); sync-xhr=(); microphone=(); camera=(); magnetometer=(); gyroscope=(); speaker=(); fullscreen=(self); payment=() accept-ranges bytes x-cid 40fb5a70-4ab3-4f65-aa4a-e4fd088a114f x-base-url https://api.apply.sienacollege.org.qa.two-ocean.dev
GET		40fb5a70-4ab3-4f65-aa4a-e4fd088a114f api.apply.sienacollege.org.qa.two-ocean.dev/api/clients/	0 0
POST H2	200	page Show response rs.fullstory.com/rec/	5 KB 2 KB	462ms 379ms	XHR application/json	35.186.194.58 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rs.fullstory.com/rec/page Requested by Host: edge.fullstory.com URL: https://edge.fullstory.com/s/fs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 58.194.186.35.bc.googleusercontent.com Software / Resource Hash 0fed931e157d2eed1545bd3329aa99135fff4bf2718166637ed24233d3603d8e Request headers Referer https://apply.twoocean.org.qa.two-ocean.dev/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers date Tue, 20 Dec 2022 21:37:11 GMT content-encoding gzip via 1.1 google content-type application/json; charset=utf-8 access-control-allow-origin https://apply.twoocean.org.qa.two-ocean.dev access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1519
POST H2	200	bundle Show response rs.fullstory.com/rec/	29 B 91 B	172ms 171ms	XHR application/json	35.186.194.58 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rs.fullstory.com/rec/bundle?OrgId=o-1CBCVA-na1&UserId=4993383360974848&SessionId=4807644664909824&PageId=6740811948838912&Seq=1&PageStart=1671572231400&PrevBundleTime=0&LastActivity=0&IsNewSession=true Requested by Host: edge.fullstory.com URL: https://edge.fullstory.com/s/fs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 58.194.186.35.bc.googleusercontent.com Software / Resource Hash c8d8d14bee346f78663a794189e99547dd1bb36d4549ee61c2f6187159594b19 Request headers Referer https://apply.twoocean.org.qa.two-ocean.dev/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://apply.twoocean.org.qa.two-ocean.dev date Tue, 20 Dec 2022 21:37:11 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29 content-type application/json; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

api.apply.sienacollege.org.qa.two-ocean.dev

URL

https://api.apply.sienacollege.org.qa.two-ocean.dev/api/clients/40fb5a70-4ab3-4f65-aa4a-e4fd088a114f

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| webpackChunkcollege_apps_ui object| regeneratorRuntime function| _ boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS boolean| _fs_initialized string| _fs_loaded function| _fs_shutdown

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.two-ocean.dev/	1970-01-20 17:05:08	Name: fs_uid Value: #o-1CBCVA-na1#4993383360974848:4807644664909824:::#/1703108231

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
javascript	error	URL: https://apply.twoocean.org.qa.two-ocean.dev/ Message: Access to XMLHttpRequest at 'https://api.apply.sienacollege.org.qa.two-ocean.dev/api/clients/40fb5a70-4ab3-4f65-aa4a-e4fd088a114f' from origin 'https://apply.twoocean.org.qa.two-ocean.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.apply.sienacollege.org.qa.two-ocean.dev/api/clients/40fb5a70-4ab3-4f65-aa4a-e4fd088a114f Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.apply.sienacollege.org.qa.two-ocean.dev
apply.twoocean.org.qa.two-ocean.dev
edge.fullstory.com
rs.fullstory.com
api.apply.sienacollege.org.qa.two-ocean.dev
2620:1ec:46::44
35.186.194.58
35.201.112.186
0fed931e157d2eed1545bd3329aa99135fff4bf2718166637ed24233d3603d8e
4f316fac0b6adebb7032cd4caea73ca4d9ac5f3b6c11ed084ddc56426fa84233
7a8f72371f5d9e5bba47778720503d1df7bbdd1ff2ae61a0c43fb9f7a3b503e4
c5a96f811c07cd6ebe0c0f778b01ad010aed66b67c7870041082ade83536f2f1
c8d8d14bee346f78663a794189e99547dd1bb36d4549ee61c2f6187159594b19
d8a712176d3513311a5876abe1d89cf8f0cf6e80b5ba50e61bcc86a36197dccb