auth.escience.onti.actcognitive.org Open in urlscan Pro
77.234.202.169  Public Scan

Submitted URL: https://microblog.escience.ifmo.ru/
Effective URL: https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F
Submission Tags: phishingrod
Submission: On July 01 via api from DE — Scanned from DE

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 14 HTTP transactions. The main IP is 77.234.202.169, located in Russian Federation and belongs to ITMO-AS ITMO, RU. The main domain is auth.escience.onti.actcognitive.org.
TLS certificate: Issued by R3 on April 22nd 2024. Valid for: 3 months.
This is the only time auth.escience.onti.actcognitive.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 77.234.202.169 42289 (ITMO-AS ITMO)
2 104.18.10.207 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
14 6
Apex Domain
Subdomains
Transfer
5 actcognitive.org
auth.escience.onti.actcognitive.org
22 KB
2 gstatic.com
fonts.gstatic.com
30 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
2 KB
2 datatables.net
cdn.datatables.net — Cisco Umbrella Rank: 5671
29 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1286
72 KB
2 ifmo.ru
microblog.escience.ifmo.ru
891 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 816
30 KB
14 7
Domain Requested by
5 auth.escience.onti.actcognitive.org auth.escience.onti.actcognitive.org
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com auth.escience.onti.actcognitive.org
2 cdn.datatables.net auth.escience.onti.actcognitive.org
2 maxcdn.bootstrapcdn.com auth.escience.onti.actcognitive.org
maxcdn.bootstrapcdn.com
2 microblog.escience.ifmo.ru 2 redirects
1 code.jquery.com auth.escience.onti.actcognitive.org
14 7

This site contains no links.

Subject Issuer Validity Valid
auth.escience.onti.actcognitive.org
R3
2024-04-22 -
2024-07-21
3 months crt.sh
bootstrapcdn.com
GTS CA 1P5
2024-05-25 -
2024-08-23
3 months crt.sh
datatables.net
GTS CA 1P5
2024-05-25 -
2024-08-23
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
upload.video.google.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
*.gstatic.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F
Frame ID: 79628484B73360E095054DCE45308E4E
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

НИИ НКТ

Page URL History Show full URLs

  1. https://microblog.escience.ifmo.ru/ HTTP 302
    https://microblog.escience.ifmo.ru/users/login HTTP 302
    https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Overall confidence: 100%
Detected patterns
  • dataTables.*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

185 kB
Transfer

442 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://microblog.escience.ifmo.ru/ HTTP 302
    https://microblog.escience.ifmo.ru/users/login HTTP 302
    https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
auth.escience.onti.actcognitive.org/
Redirect Chain
  • https://microblog.escience.ifmo.ru/
  • https://microblog.escience.ifmo.ru/users/login
  • https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F
3 KB
1 KB
Document
General
Full URL
https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
77.234.202.169 , Russian Federation, ASN42289 (ITMO-AS ITMO, RU),
Reverse DNS
host169.openstack.vuztc.ru
Software
nginx /
Resource Hash
2a391131688bd258523910d5fdccff2c6ada714596ba40e86c5101571c3433c6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 Jul 2024 12:09:49 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 Jul 2024 12:09:48 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/
27 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: auth.escience.onti.actcognitive.org
URL: https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://auth.escience.onti.actcognitive.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:09:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1029
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
572657
cdn-cachedat
03/18/2024 12:10:08
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"4fbd15cb6047af93373f4f895639c8bf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
08e05320f24d8e808a4ef38c6a818369
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
89c64a135ba7c054-WAW
cdn-requestpullsuccess
True
jquery.dataTables.min.css
cdn.datatables.net/1.10.13/css/
13 KB
2 KB
Stylesheet
General
Full URL
https://cdn.datatables.net/1.10.13/css/jquery.dataTables.min.css
Requested by
Host: auth.escience.onti.actcognitive.org
URL: https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f99d6b61adf2b3939d64d51c9391bb941bdbf00d773ab630bdff9df0f7c46874
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://auth.escience.onti.actcognitive.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:09:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6039853
last-modified
Fri, 19 Apr 2024 08:45:39 GMT
server
cloudflare
etag
W/"66222f33-3513"
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NLaUCqh3Rgx57Rhjk%2BR1PRlUUmIkitT9K%2FTcLOi035wv1DAyqyr44AWm0fz601l%2FztvfXSuaNfKkmxiRji6ZG2AUpJjZwzktNBmZOPE%2BrICa3UQRiX6G3YhBBHUHJVqCvtVcXUOvSCVlVo5GMsKoHA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
x-frame-options
SAMEORIGIN
cf-ray
89c64a13dd2865c3-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.0.0.min.js
code.jquery.com/
84 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.0.0.min.js
Requested by
Host: auth.escience.onti.actcognitive.org
URL: https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://auth.escience.onti.actcognitive.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:09:49 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
25033589
x-cache
HIT, HIT
content-length
29995
x-served-by
cache-lga13625-LGA, cache-mxp6957-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1719835789.416437,VS0,VE0
etag
W/"28feccc0-15145"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
21, 9607
jquery.dataTables.min.js
cdn.datatables.net/1.10.13/js/
81 KB
27 KB
Script
General
Full URL
https://cdn.datatables.net/1.10.13/js/jquery.dataTables.min.js
Requested by
Host: auth.escience.onti.actcognitive.org
URL: https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c96037e7a94386bbb2d49f231a771a3162803d80db2b8ece29bd2e4ff6842cb7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://auth.escience.onti.actcognitive.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:09:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6039857
last-modified
Fri, 19 Apr 2024 08:45:39 GMT
server
cloudflare
etag
W/"66222f33-14473"
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KMSp3tACKgn2ZBnRr3Ri0jnd8hDvRq2vmcDKYqHQbQNVK2cNlXg78E1hq1hzyhn9wuqFTXiHk%2BKCxOaSVg70Uk7YYPz4LXPABgKh%2Fkqz1JZgpe8U1C8rvOPWx%2Bl6ZMhUeUlMLtFnIHSD1XPmPqrAug%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
x-frame-options
SAMEORIGIN
cf-ray
89c64a13dd2a65c3-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Thu, 31 Dec 2037 23:55:55 GMT
app.css
auth.escience.onti.actcognitive.org/css/
91 KB
14 KB
Stylesheet
General
Full URL
https://auth.escience.onti.actcognitive.org/css/app.css
Requested by
Host: auth.escience.onti.actcognitive.org
URL: https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
77.234.202.169 , Russian Federation, ASN42289 (ITMO-AS ITMO, RU),
Reverse DNS
host169.openstack.vuztc.ru
Software
nginx /
Resource Hash
9c9b8dd9e8a49a33c5617a8d89f85f6710db78dbbe04b056e87554645d3918e5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Jul 2024 12:09:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jul 2016 10:34:39 GMT
Server
nginx
ETag
W/"577a3bbf-16a7b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
main.css
auth.escience.onti.actcognitive.org/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://auth.escience.onti.actcognitive.org/css/main.css
Requested by
Host: auth.escience.onti.actcognitive.org
URL: https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
77.234.202.169 , Russian Federation, ASN42289 (ITMO-AS ITMO, RU),
Reverse DNS
host169.openstack.vuztc.ru
Software
nginx /
Resource Hash
8e9fad808490ac85dc687a39adde70afd86c82b1e929ff89f75b0fa2d2400314

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Jul 2024 12:09:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Jun 2016 08:00:59 GMT
Server
nginx
ETag
W/"5773803b-b96"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_ru.svg
auth.escience.onti.actcognitive.org/img/
6 KB
2 KB
Image
General
Full URL
https://auth.escience.onti.actcognitive.org/img/logo_ru.svg
Requested by
Host: auth.escience.onti.actcognitive.org
URL: https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
77.234.202.169 , Russian Federation, ASN42289 (ITMO-AS ITMO, RU),
Reverse DNS
host169.openstack.vuztc.ru
Software
nginx /
Resource Hash
f9282b5a59d107d696b952f46c634a0c5542809dc2cf9894537ec355f32e9d2b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Jul 2024 12:09:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Jun 2016 10:05:26 GMT
Server
nginx
ETag
W/"57739d66-16d9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Connection
keep-alive
css
fonts.googleapis.com/
725 B
784 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:700
Requested by
Host: auth.escience.onti.actcognitive.org
URL: https://auth.escience.onti.actcognitive.org/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
181332276dd0c0bd527c598cbc42dc34a6d0be9120b37e615d3b9202e25f95e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://auth.escience.onti.actcognitive.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Jul 2024 12:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Jul 2024 11:10:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Jul 2024 12:09:49 GMT
css
fonts.googleapis.com/
6 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans&subset=latin,cyrillic
Requested by
Host: auth.escience.onti.actcognitive.org
URL: https://auth.escience.onti.actcognitive.org/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://auth.escience.onti.actcognitive.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Jul 2024 12:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Jul 2024 12:03:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Jul 2024 12:09:49 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/
65 KB
66 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin
https://auth.escience.onti.actcognitive.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:09:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
1067
cdn-cachedat
03/16/2024 16:07:50
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
66624
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"db812d8a70a4e88e888744c1c9a27e89"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e43e9db1f0a92af738f320d96f551352
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
89c64a14e82bc3ae-WAW
cdn-requestpullsuccess
True
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://auth.escience.onti.actcognitive.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 09:38:01 GMT
x-content-type-options
nosniff
age
354708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 09:38:01 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
fonts.gstatic.com/s/opensans/v40/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21e75944d3f77408d1f5f2fab67c89c7fc43f4a80a3b8e4dcf38185f9d9f46e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://auth.escience.onti.actcognitive.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 15:02:22 GMT
x-content-type-options
nosniff
age
508047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11116
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 15:02:22 GMT
favicon.ico
auth.escience.onti.actcognitive.org/
34 KB
3 KB
Other
General
Full URL
https://auth.escience.onti.actcognitive.org/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
77.234.202.169 , Russian Federation, ASN42289 (ITMO-AS ITMO, RU),
Reverse DNS
host169.openstack.vuztc.ru
Software
nginx /
Resource Hash
0bb3a14bcac6548374da18ef35c2adb9282ec7aa91bae0c4ad0e4f7d54642016

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Jul 2024 12:09:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Jun 2016 12:51:46 GMT
Server
nginx
ETag
W/"577272e2-86be"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/x-icon
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
microblog.escience.ifmo.ru/ Name: CAKEPHP
Value: 18pf5at0s7glqnk1861ro6mje3

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://auth.escience.onti.actcognitive.org/?return=microblog.escience.ifmo.ru&page=%2F
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o