urlscan.io logo urlscan.io
SecurityTrails logo

signin.sit.test.visma.net Open in urlscan Pro
13.32.27.39  Public Scan

Go To Rescan Add Verdict Report
URL: https://signin.sit.test.visma.net/
Submission: On February 23 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 13.32.27.39, located in United States and belongs to AMAZON-02, US. The main domain is signin.sit.test.visma.net.
TLS certificate: Issued by Amazon on April 5th 2022. Valid for: a year.
This is the only time signin.sit.test.visma.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 13.32.27.39 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.72.122.29 16509 (AMAZON-02)
13 4
Apex Domain
Subdomains		 Transfer
11 visma.net
signin.sit.test.visma.net
api.signin.sit.test.visma.net
connect-mock.sit.test.visma.net Failed
319 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
41 KB
13 2
Domain Requested by
9 signin.sit.test.visma.net signin.sit.test.visma.net
2 api.signin.sit.test.visma.net signin.sit.test.visma.net
1 www.googletagmanager.com signin.sit.test.visma.net
0 connect-mock.sit.test.visma.net Failed signin.sit.test.visma.net
13 4

This site contains no links.

Subject Issuer Validity Valid
signin.sit.test.visma.net
Amazon		 2022-04-05 -
2023-05-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh

This page contains 1 frames:

Frame: https://connect-mock.sit.test.visma.net/mockacino/oidc/authorize?client_id=odp&redirect_uri=https%3A%2F%2Fapi.signin.sit.test.visma.net%2Floginwebapp%2Frest%2Fsso%2Flogin&response_type=code%20id_token&scope=openid%20email%20profile%20vismanetlogin%3Alogin&response_mode=form_post&nonce=zFdW8xzr&state=gvyShDWiymH2pdRIZTg2WFLMcWA39asO
Frame ID: BC8B217A2C0C95A7965FCA806C48CD34
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

13
Requests

92 %
HTTPS

33 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

360 kB
Transfer

412 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
signin.sit.test.visma.net/ 		2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://signin.sit.test.visma.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6ad2b443267fe89ddd78a7b58bf52db4773a2939d2125ca5ea62d09d031ea16
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://www.googletagmanager.com https://vntc-proxy.stage.vismaonline.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://vntc-proxy.stage.vismaonline.com;img-src 'self' data: https://www.google-analytics.com https://play.google.com https://www.googletagmanager.com https://static-odp.stag.visma.net https://vntc-proxy.stage.vismaonline.com https://appinitials.connect.identity.stagaws.visma.com;connect-src 'self' https://www.google-analytics.com https://*.statuspage.io https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com https://vntc-api.stage.vismaonline.com;font-src 'self' data: https://font.visma.com https://fonts.gstatic.com https://fonts.googleapis.com;frame-src 'self' https://www.google.com https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net http://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com;form-action 'self';worker-src 'self';frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
2181
content-security-policy
default-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://www.googletagmanager.com https://vntc-proxy.stage.vismaonline.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://vntc-proxy.stage.vismaonline.com;img-src 'self' data: https://www.google-analytics.com https://play.google.com https://www.googletagmanager.com https://static-odp.stag.visma.net https://vntc-proxy.stage.vismaonline.com https://appinitials.connect.identity.stagaws.visma.com;connect-src 'self' https://www.google-analytics.com https://*.statuspage.io https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com https://vntc-api.stage.vismaonline.com;font-src 'self' data: https://font.visma.com https://fonts.gstatic.com https://fonts.googleapis.com;frame-src 'self' https://www.google.com https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net http://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com;form-action 'self';worker-src 'self';frame-ancestors 'none'
content-type
text/html
date
Thu, 23 Feb 2023 11:27:35 GMT
etag
"4614bca429b25929766460ff85a75d49"
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none';
last-modified
Tue, 17 Jan 2023 11:44:20 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-amz-cf-id
LM0katapAguSvwDkb8Cd6a3CmeTkdxKU-pGXDR3RKjLLJbYsR6ylAw==
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ie11.js
signin.sit.test.visma.net/assets/js/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.sit.test.visma.net/assets/js/ie11.js
Requested by
Host: signin.sit.test.visma.net
URL: https://signin.sit.test.visma.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
318bb67efabb758ceffb66b354d232cefeea2c5c5c28e0b908781a604500b710
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://www.googletagmanager.com https://vntc-proxy.stage.vismaonline.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://vntc-proxy.stage.vismaonline.com;img-src 'self' data: https://www.google-analytics.com https://play.google.com https://www.googletagmanager.com https://static-odp.stag.visma.net https://vntc-proxy.stage.vismaonline.com https://appinitials.connect.identity.stagaws.visma.com;connect-src 'self' https://www.google-analytics.com https://*.statuspage.io https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com https://vntc-api.stage.vismaonline.com;font-src 'self' data: https://font.visma.com https://fonts.gstatic.com https://fonts.googleapis.com;frame-src 'self' https://www.google.com https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net http://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com;form-action 'self';worker-src 'self';frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://signin.sit.test.visma.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:27:35 GMT
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://www.googletagmanager.com https://vntc-proxy.stage.vismaonline.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://vntc-proxy.stage.vismaonline.com;img-src 'self' data: https://www.google-analytics.com https://play.google.com https://www.googletagmanager.com https://static-odp.stag.visma.net https://vntc-proxy.stage.vismaonline.com https://appinitials.connect.identity.stagaws.visma.com;connect-src 'self' https://www.google-analytics.com https://*.statuspage.io https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com https://vntc-api.stage.vismaonline.com;font-src 'self' data: https://font.visma.com https://fonts.gstatic.com https://fonts.googleapis.com;frame-src 'self' https://www.google.com https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net http://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com;form-action 'self';worker-src 'self';frame-ancestors 'none'
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
2028
x-xss-protection
1; mode=block
last-modified
Tue, 17 Jan 2023 11:43:19 GMT
server
AmazonS3
etag
"c71f133385d4024ed2d72c0118d4c789"
vary
Origin
content-type
application/javascript
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none';
accept-ranges
bytes
x-amz-cf-id
WCnZDBi7UTdpmwYJiY-ZGnYY3SPPTAJnIajRsh5jGPM3oTGCtnNxPQ==
gtm.js
signin.sit.test.visma.net/assets/js/ 		440 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.sit.test.visma.net/assets/js/gtm.js
Requested by
Host: signin.sit.test.visma.net
URL: https://signin.sit.test.visma.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3399b8d7c174b0d8a3525b340dc7d6b3f9c6554f33647acd0d3a7bfb7e000d2
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://www.googletagmanager.com https://vntc-proxy.stage.vismaonline.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://vntc-proxy.stage.vismaonline.com;img-src 'self' data: https://www.google-analytics.com https://play.google.com https://www.googletagmanager.com https://static-odp.stag.visma.net https://vntc-proxy.stage.vismaonline.com https://appinitials.connect.identity.stagaws.visma.com;connect-src 'self' https://www.google-analytics.com https://*.statuspage.io https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com https://vntc-api.stage.vismaonline.com;font-src 'self' data: https://font.visma.com https://fonts.gstatic.com https://fonts.googleapis.com;frame-src 'self' https://www.google.com https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net http://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com;form-action 'self';worker-src 'self';frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://signin.sit.test.visma.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:27:35 GMT
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://www.googletagmanager.com https://vntc-proxy.stage.vismaonline.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://vntc-proxy.stage.vismaonline.com;img-src 'self' data: https://www.google-analytics.com https://play.google.com https://www.googletagmanager.com https://static-odp.stag.visma.net https://vntc-proxy.stage.vismaonline.com https://appinitials.connect.identity.stagaws.visma.com;connect-src 'self' https://www.google-analytics.com https://*.statuspage.io https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com https://vntc-api.stage.vismaonline.com;font-src 'self' data: https://font.visma.com https://fonts.gstatic.com https://fonts.googleapis.com;frame-src 'self' https://www.google.com https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net http://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com;form-action 'self';worker-src 'self';frame-ancestors 'none'
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
440
x-xss-protection
1; mode=block
last-modified
Tue, 17 Jan 2023 11:43:19 GMT
server
AmazonS3
etag
"758705e1ec8a26e35d352a7424e39332"
vary
Origin
content-type
application/javascript
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none';
accept-ranges
bytes
x-amz-cf-id
ZHJoPEfqQJDMdQzUgPwFXjzgTiuVBA3Dc3Q_2Nbl8W-mDI2SVOD47A==
runtime.2ceb6f6e438a5234.js
signin.sit.test.visma.net/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.sit.test.visma.net/runtime.2ceb6f6e438a5234.js
Requested by
Host: signin.sit.test.visma.net
URL: https://signin.sit.test.visma.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6bcbb5dbe3b35cf12c4bb256974b212cfbc9b92cce90b3ccadb2754b65f52a33
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://www.googletagmanager.com https://vntc-proxy.stage.vismaonline.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://vntc-proxy.stage.vismaonline.com;img-src 'self' data: https://www.google-analytics.com https://play.google.com https://www.googletagmanager.com https://static-odp.stag.visma.net https://vntc-proxy.stage.vismaonline.com https://appinitials.connect.identity.stagaws.visma.com;connect-src 'self' https://www.google-analytics.com https://*.statuspage.io https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com https://vntc-api.stage.vismaonline.com;font-src 'self' data: https://font.visma.com https://fonts.gstatic.com https://fonts.googleapis.com;frame-src 'self' https://www.google.com https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net http://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com;form-action 'self';worker-src 'self';frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://signin.sit.test.visma.net/
Origin
https://signin.sit.test.visma.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:27:35 GMT
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://www.googletagmanager.com https://vntc-proxy.stage.vismaonline.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://vntc-proxy.stage.vismaonline.com;img-src 'self' data: https://www.google-analytics.com https://play.google.com https://www.googletagmanager.com https://static-odp.stag.visma.net https://vntc-proxy.stage.vismaonline.com https://appinitials.connect.identity.stagaws.visma.com;connect-src 'self' https://www.google-analytics.com https://*.statuspage.io https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com https://vntc-api.stage.vismaonline.com;font-src 'self' data: https://font.visma.com https://fonts.gstatic.com https://fonts.googleapis.com;frame-src 'self' https://www.google.com https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net http://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com;form-action 'self';worker-src 'self';frame-ancestors 'none'
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
2817
x-xss-protection
1; mode=block
last-modified
Tue, 17 Jan 2023 11:43:20 GMT
server
AmazonS3
etag
"72f40cc0fcaf3eb870e9d1968c2f5a59"
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://signin.sit.test.visma.net
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none';
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
MaMAr4BJKkftx0nmAWO5Fx97CUBgKezF_vAP9hgjJmWCYhtZBuQcNA==
polyfills.7ae5bc7339460dd0.js
signin.sit.test.visma.net/ 		33 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.sit.test.visma.net/polyfills.7ae5bc7339460dd0.js
Requested by
Host: signin.sit.test.visma.net
URL: https://signin.sit.test.visma.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
174532197fc47b6bd105739ea1731a6b82e2cd14a32ef2815e1c8c10161d32cd
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://www.googletagmanager.com https://vntc-proxy.stage.vismaonline.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://vntc-proxy.stage.vismaonline.com;img-src 'self' data: https://www.google-analytics.com https://play.google.com https://www.googletagmanager.com https://static-odp.stag.visma.net https://vntc-proxy.stage.vismaonline.com https://appinitials.connect.identity.stagaws.visma.com;connect-src 'self' https://www.google-analytics.com https://*.statuspage.io https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com https://vntc-api.stage.vismaonline.com;font-src 'self' data: https://font.visma.com https://fonts.gstatic.com https://fonts.googleapis.com;frame-src 'self' https://www.google.com https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net http://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com;form-action 'self';worker-src 'self';frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://signin.sit.test.visma.net/
Origin
https://signin.sit.test.visma.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:27:35 GMT
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://www.googletagmanager.com https://vntc-proxy.stage.vismaonline.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://vntc-proxy.stage.vismaonline.com;img-src 'self' data: https://www.google-analytics.com https://play.google.com https://www.googletagmanager.com https://static-odp.stag.visma.net https://vntc-proxy.stage.vismaonline.com https://appinitials.connect.identity.stagaws.visma.com;connect-src 'self' https://www.google-analytics.com https://*.statuspage.io https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com https://vntc-api.stage.vismaonline.com;font-src 'self' data: https://font.visma.com https://fonts.gstatic.com https://fonts.googleapis.com;frame-src 'self' https://www.google.com https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net http://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com;form-action 'self';worker-src 'self';frame-ancestors 'none'
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
33954
x-xss-protection
1; mode=block
last-modified
Tue, 17 Jan 2023 11:43:19 GMT
server
AmazonS3
etag
"04a693f8d19701965d16dbac5c0b8bd5"
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://signin.sit.test.visma.net
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none';
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
pO6DkH10VwSH5kip2vd1zcdvGP-hxu78S8QVe00I6tHUtcvJg1Z19Q==
main.60d4f6e7ee1c2aa8.js
signin.sit.test.visma.net/ 		251 KB
253 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.sit.test.visma.net/main.60d4f6e7ee1c2aa8.js
Requested by
Host: signin.sit.test.visma.net
URL: https://signin.sit.test.visma.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
601079c33b429db836ccc77e42d150930a7e72f85ec1542cd78f10d317ea64dc
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://www.googletagmanager.com https://vntc-proxy.stage.vismaonline.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://vntc-proxy.stage.vismaonline.com;img-src 'self' data: https://www.google-analytics.com https://play.google.com https://www.googletagmanager.com https://static-odp.stag.visma.net https://vntc-proxy.stage.vismaonline.com https://appinitials.connect.identity.stagaws.visma.com;connect-src 'self' https://www.google-analytics.com https://*.statuspage.io https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com https://vntc-api.stage.vismaonline.com;font-src 'self' data: https://font.visma.com https://fonts.gstatic.com https://fonts.googleapis.com;frame-src 'self' https://www.google.com https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net http://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com;form-action 'self';worker-src 'self';frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://signin.sit.test.visma.net/
Origin
https://signin.sit.test.visma.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:27:35 GMT
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://www.googletagmanager.com https://vntc-proxy.stage.vismaonline.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://vntc-proxy.stage.vismaonline.com;img-src 'self' data: https://www.google-analytics.com https://play.google.com https://www.googletagmanager.com https://static-odp.stag.visma.net https://vntc-proxy.stage.vismaonline.com https://appinitials.connect.identity.stagaws.visma.com;connect-src 'self' https://www.google-analytics.com https://*.statuspage.io https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com https://vntc-api.stage.vismaonline.com;font-src 'self' data: https://font.visma.com https://fonts.gstatic.com https://fonts.googleapis.com;frame-src 'self' https://www.google.com https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net http://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com;form-action 'self';worker-src 'self';frame-ancestors 'none'
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
256640
x-xss-protection
1; mode=block
last-modified
Tue, 17 Jan 2023 11:43:19 GMT
server
AmazonS3
etag
"228ee76da1ab6a4a34446c29aa433043"
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://signin.sit.test.visma.net
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none';
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
-4exS7wljaWY80yJJcuuGmCJ1EsnCx3wvNdtoflXK0qsVYz8jcIB_w==
gtm.js
www.googletagmanager.com/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P7DX753
Requested by
Host: signin.sit.test.visma.net
URL: https://signin.sit.test.visma.net/assets/js/gtm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4fcc1a119979bd5a08fedd0848425ad1fcfe2293b9beede3925d86e6e1af7682
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://signin.sit.test.visma.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:27:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42061
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Feb 2023 11:27:34 GMT
styles.77898633b08042ea.css
signin.sit.test.visma.net/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signin.sit.test.visma.net/styles.77898633b08042ea.css
Requested by
Host: signin.sit.test.visma.net
URL: https://signin.sit.test.visma.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90842fa965c7367069b56a638bdac473a76e00540c9ed697856f2b747c86a3ff
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://www.googletagmanager.com https://vntc-proxy.stage.vismaonline.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://vntc-proxy.stage.vismaonline.com;img-src 'self' data: https://www.google-analytics.com https://play.google.com https://www.googletagmanager.com https://static-odp.stag.visma.net https://vntc-proxy.stage.vismaonline.com https://appinitials.connect.identity.stagaws.visma.com;connect-src 'self' https://www.google-analytics.com https://*.statuspage.io https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com https://vntc-api.stage.vismaonline.com;font-src 'self' data: https://font.visma.com https://fonts.gstatic.com https://fonts.googleapis.com;frame-src 'self' https://www.google.com https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net http://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com;form-action 'self';worker-src 'self';frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://signin.sit.test.visma.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:27:35 GMT
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://www.googletagmanager.com https://vntc-proxy.stage.vismaonline.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://vntc-proxy.stage.vismaonline.com;img-src 'self' data: https://www.google-analytics.com https://play.google.com https://www.googletagmanager.com https://static-odp.stag.visma.net https://vntc-proxy.stage.vismaonline.com https://appinitials.connect.identity.stagaws.visma.com;connect-src 'self' https://www.google-analytics.com https://*.statuspage.io https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com https://vntc-api.stage.vismaonline.com;font-src 'self' data: https://font.visma.com https://fonts.gstatic.com https://fonts.googleapis.com;frame-src 'self' https://www.google.com https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net http://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com;form-action 'self';worker-src 'self';frame-ancestors 'none'
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
4624
x-xss-protection
1; mode=block
last-modified
Tue, 17 Jan 2023 11:43:20 GMT
server
AmazonS3
etag
"2fc1f1dcf4648da4a261756fb3045a52"
vary
Origin
content-type
text/css
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none';
accept-ranges
bytes
x-amz-cf-id
m8A2iEnjYuU2Sy6ZszDF7LU6xR3kZn4z1FpRWDPjJ4igZ7ShUChfLw==
en.json
signin.sit.test.visma.net/assets/i18n/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://signin.sit.test.visma.net/assets/i18n/en.json
Requested by
Host: signin.sit.test.visma.net
URL: https://signin.sit.test.visma.net/polyfills.7ae5bc7339460dd0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
885715bf9cb9c5f2ff11861bfb10244c1e3cdf77c96318acb810d3f7198fb924

Request headers

Accept
application/json, text/plain, */*
Referer
https://signin.sit.test.visma.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:27:35 GMT
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
last-modified
Tue, 17 Jan 2023 11:43:19 GMT
server
AmazonS3
x-amz-request-id
N4GKVSD406HFH7QZ
x-amz-cf-pop
FRA56-C2
etag
"66f01963e5a36cd8394eec0852721e3b"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
3934
x-amz-id-2
JyjsvqFmDxUEKAbObCGfvHGs3jOaCHhSh203GfWyu0YA2Ddc1YdOUN0/Lf4qvsLeAsA8ctAx138=
x-amz-cf-id
P-iGJFmXH3DCI3ewfTP-M_1jkNNGNLXz73OZ26GJ_EFFx_NU9YGfbw==
en.json
signin.sit.test.visma.net/assets/i18n/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://signin.sit.test.visma.net/assets/i18n/en.json
Requested by
Host: signin.sit.test.visma.net
URL: https://signin.sit.test.visma.net/polyfills.7ae5bc7339460dd0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
885715bf9cb9c5f2ff11861bfb10244c1e3cdf77c96318acb810d3f7198fb924

Request headers

Accept
application/json, text/plain, */*
Referer
https://signin.sit.test.visma.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:27:36 GMT
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
last-modified
Tue, 17 Jan 2023 11:43:19 GMT
server
AmazonS3
x-amz-request-id
N4GKVSD406HFH7QZ
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
"66f01963e5a36cd8394eec0852721e3b"
x-cache
RefreshHit from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
3934
x-amz-id-2
JyjsvqFmDxUEKAbObCGfvHGs3jOaCHhSh203GfWyu0YA2Ddc1YdOUN0/Lf4qvsLeAsA8ctAx138=
x-amz-cf-id
wdyL5qi9HSrQ1MMQ9mO0ssmD1WP3grAip7YrM7K3barJG68KaMsf4g==
validateSession
api.signin.sit.test.visma.net/loginwebapp/rest/sso/ 		1010 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.signin.sit.test.visma.net/loginwebapp/rest/sso/validateSession
Requested by
Host: signin.sit.test.visma.net
URL: https://signin.sit.test.visma.net/polyfills.7ae5bc7339460dd0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.122.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-122-29.eu-west-1.compute.amazonaws.com
Software
"" /
Resource Hash
178966943266eb67669984148456b90a58576c2d45b3a809e7841352ee5333f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://signin.sit.test.visma.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:27:35 GMT
x-correlation-id
e26dd6fa-2937-4b89-bfdc-ad375320741e
referrer-policy
no-referrer
strict-transport-security
max-age=31536000
server
""
x-content-type-options
nosniff
vary
Origin
x-frame-options
deny
content-type
text/html
access-control-allow-origin
https://signin.sit.test.visma.net
content-language
access-control-allow-credentials
true
content-length
1010
x-xss-protection
1; mode=block
loginUrl
api.signin.sit.test.visma.net/loginwebapp/rest/sso/ 		343 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.signin.sit.test.visma.net/loginwebapp/rest/sso/loginUrl
Requested by
Host: signin.sit.test.visma.net
URL: https://signin.sit.test.visma.net/polyfills.7ae5bc7339460dd0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.122.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-122-29.eu-west-1.compute.amazonaws.com
Software
"" /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://signin.sit.test.visma.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:27:35 GMT
x-correlation-id
a3e27e09-8ba1-4fef-82ab-3b55138b659a
referrer-policy
no-referrer
strict-transport-security
max-age=31536000
server
""
x-content-type-options
nosniff
vary
Origin
x-frame-options
deny
content-type
application/json
access-control-allow-origin
https://signin.sit.test.visma.net
access-control-allow-credentials
true
content-length
343
x-xss-protection
1; mode=block
authorize
connect-mock.sit.test.visma.net/mockacino/oidc/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
connect-mock.sit.test.visma.net
URL
https://connect-mock.sit.test.visma.net/mockacino/oidc/authorize?client_id=odp&redirect_uri=https%3A%2F%2Fapi.signin.sit.test.visma.net%2Floginwebapp%2Frest%2Fsso%2Flogin&response_type=code%20id_token&scope=openid%20email%20profile%20vismanetlogin%3Alogin&response_mode=form_post&nonce=zFdW8xzr&state=gvyShDWiymH2pdRIZTg2WFLMcWA39asO

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
.signin.sit.test.visma.net/ Name: xsrf-token
Value: d87f7e8f-f0c7-4323-953b-eccaf19845aa
api.signin.sit.test.visma.net/ Name: AWSALB
Value: kXgTe0XoPShJT2fcaeTkl4vQsvW8+SHCCafklMSlDqzs1lMv7Us4X/lX12QKiN2huCgT+Gg/KeqQHEHtVyy3xLqK7FIWmOk6XWAlvcc5qNBSBbbf4tUAvK9dvfpI
api.signin.sit.test.visma.net/ Name: AWSALBCORS
Value: kXgTe0XoPShJT2fcaeTkl4vQsvW8+SHCCafklMSlDqzs1lMv7Us4X/lX12QKiN2huCgT+Gg/KeqQHEHtVyy3xLqK7FIWmOk6XWAlvcc5qNBSBbbf4tUAvK9dvfpI
.signin.sit.test.visma.net/ Name: state
Value: gvyShDWiymH2pdRIZTg2WFLMcWA39asO

1 Console Messages

Source Level URL
Text
network error URL: https://api.signin.sit.test.visma.net/loginwebapp/rest/sso/validateSession
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://www.googletagmanager.com https://vntc-proxy.stage.vismaonline.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://vntc-proxy.stage.vismaonline.com;img-src 'self' data: https://www.google-analytics.com https://play.google.com https://www.googletagmanager.com https://static-odp.stag.visma.net https://vntc-proxy.stage.vismaonline.com https://appinitials.connect.identity.stagaws.visma.com;connect-src 'self' https://www.google-analytics.com https://*.statuspage.io https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com https://vntc-api.stage.vismaonline.com;font-src 'self' data: https://font.visma.com https://fonts.gstatic.com https://fonts.googleapis.com;frame-src 'self' https://www.google.com https://api.signin.sit.test.visma.net https://api.signin2.sit.test.visma.net https://signin.sit.test.visma.net https://signin2.sit.test.visma.net https://connect-mock.sit.test.visma.net http://connect-mock.sit.test.visma.net https://vntc-proxy.stage.vismaonline.com;form-action 'self';worker-src 'self';frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block