Submitted URL: https://olsbeta.accountassure.com/
Effective URL: https://olsbeta.accountassure.com/Account/Login/
Submission: On November 04 via automatic, source certstream-suspicious — Scanned from CA

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 23 HTTP transactions. The main IP is 165.125.99.49, located in United States and belongs to AS16875, US. The main domain is olsbeta.accountassure.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on November 22nd 2023. Valid for: a year.
This is the only time olsbeta.accountassure.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 21 165.125.99.49 16875 (AS16875)
3 142.251.35.170 15169 (GOOGLE)
1 142.250.72.106 15169 (GOOGLE)
23 4
Apex Domain
Subdomains
Transfer
21 accountassure.com
olsbeta.accountassure.com
310 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
ajax.googleapis.com — Cisco Umbrella Rank: 412
34 KB
0 webtrendslive.com Failed
statse.webtrendslive.com Failed
23 3
Domain Requested by
21 olsbeta.accountassure.com 3 redirects olsbeta.accountassure.com
3 fonts.googleapis.com olsbeta.accountassure.com
1 ajax.googleapis.com olsbeta.accountassure.com
0 statse.webtrendslive.com Failed olsbeta.accountassure.com
23 4

This site contains no links.

Subject Issuer Validity Valid
olsbeta.accountassure.com
Sectigo RSA Organization Validation Secure Server CA
2023-11-22 -
2024-11-21
a year crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://olsbeta.accountassure.com/Account/Login/
Frame ID: C194CF1B35543130A0B7F129B3225A04
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

Login - Bread

Page URL History Show full URLs

  1. https://olsbeta.accountassure.com/ HTTP 302
    https://olsbeta.accountassure.com/Account/SsoRedirect?ReturnUrl=%2F HTTP 301
    https://olsbeta.accountassure.com/Account/SsoRedirect/?ReturnUrl=%2F HTTP 302
    https://olsbeta.accountassure.com/Account/Login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <img[^>]+id="DCSIMG"[^>]+webtrends

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

96 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

341 kB
Transfer

774 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://olsbeta.accountassure.com/ HTTP 302
    https://olsbeta.accountassure.com/Account/SsoRedirect?ReturnUrl=%2F HTTP 301
    https://olsbeta.accountassure.com/Account/SsoRedirect/?ReturnUrl=%2F HTTP 302
    https://olsbeta.accountassure.com/Account/Login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
olsbeta.accountassure.com/Account/Login/
Redirect Chain
  • https://olsbeta.accountassure.com/
  • https://olsbeta.accountassure.com/Account/SsoRedirect?ReturnUrl=%2F
  • https://olsbeta.accountassure.com/Account/SsoRedirect/?ReturnUrl=%2F
  • https://olsbeta.accountassure.com/Account/Login/
15 KB
7 KB
Document
General
Full URL
https://olsbeta.accountassure.com/Account/Login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
68063db5c5442f77264d4ac2af25710eb459ab841fdfb8061236483df94c6ed5
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' static.zdassets.com fonts.googleapis.com seal.digicert.com maxcdn.bootstrapcdn.com statse.webtrendslive.com ajax.googleapis.com ajax.aspnetcdn.com;style-src 'self' 'unsafe-inline' statse.webtrendslive.com maxcdn.bootstrapcdn.com fonts.googleapis.com;img-src 'self' seal.digicert.com;media-src static.zdassets.com;font-src 'self' maxcdn.bootstrapcdn.com fonts.gstatic.com;connect-src 'self' ekr.zdassets.com wss://widget-mediator.zopim.com aonintegramark.zendesk.com statse.webtrendslive.com maxcdn.bootstrapcdn.com fonts.googleapis.com https://static.zdassets.com;form-action 'self';upgrade-insecure-requests;report-uri /WebResource.axd?cspReport=true
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate,no-cache, no-store, must-revalidate
Content-Encoding
gzip
Content-Length
5313
Content-Security-Policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' static.zdassets.com fonts.googleapis.com seal.digicert.com maxcdn.bootstrapcdn.com statse.webtrendslive.com ajax.googleapis.com ajax.aspnetcdn.com;style-src 'self' 'unsafe-inline' statse.webtrendslive.com maxcdn.bootstrapcdn.com fonts.googleapis.com;img-src 'self' seal.digicert.com;media-src static.zdassets.com;font-src 'self' maxcdn.bootstrapcdn.com fonts.gstatic.com;connect-src 'self' ekr.zdassets.com wss://widget-mediator.zopim.com aonintegramark.zendesk.com statse.webtrendslive.com maxcdn.bootstrapcdn.com fonts.googleapis.com https://static.zdassets.com;form-action 'self';upgrade-insecure-requests;report-uri /WebResource.axd?cspReport=true
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Nov 2024 23:42:10 GMT
ETag
Expires
-1
Permissions-Policy
geolocation=(self)
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
Deny
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate,no-cache, no-store, must-revalidate
Content-Length
132
Content-Security-Policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' static.zdassets.com fonts.googleapis.com seal.digicert.com maxcdn.bootstrapcdn.com statse.webtrendslive.com ajax.googleapis.com ajax.aspnetcdn.com;style-src 'self' 'unsafe-inline' statse.webtrendslive.com maxcdn.bootstrapcdn.com fonts.googleapis.com;img-src 'self' seal.digicert.com;media-src static.zdassets.com;font-src 'self' maxcdn.bootstrapcdn.com fonts.gstatic.com;connect-src 'self' ekr.zdassets.com wss://widget-mediator.zopim.com aonintegramark.zendesk.com statse.webtrendslive.com maxcdn.bootstrapcdn.com fonts.googleapis.com https://static.zdassets.com;form-action 'self';upgrade-insecure-requests;report-uri /WebResource.axd?cspReport=true
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Nov 2024 23:42:10 GMT
ETag
Expires
-1
Location
/Account/Login/
Permissions-Policy
geolocation=(self)
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
Deny
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
css
olsbeta.accountassure.com/styles/
68 KB
16 KB
Stylesheet
General
Full URL
https://olsbeta.accountassure.com/styles/css?v=sxmuE-XxnpZ3NtVswQwtorPSFw9uib2Bb-iwJwP3LEo1
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/Account/Login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
4f2171ca56aacc9cfa4116d72a3c85e29789247751fe9ab676f3c0fc5af8f35a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/Account/Login/

Response headers

Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Content-Security-Policy
upgrade-insecure-requests
Cache-Control
public,no-cache, no-store, must-revalidate
Content-Encoding
gzip
ETag
Referrer-Policy
strict-origin-when-cross-origin
Expires
Tue, 04 Nov 2025 23:42:11 GMT
Permissions-Policy
geolocation=(self)
Content-Length
15443
X-XSS-Protection
1; mode=block
Date
Mon, 04 Nov 2024 23:42:10 GMT
Content-Type
text/css; charset=utf-8
Last-Modified
Mon, 04 Nov 2024 23:42:11 GMT
Vary
User-Agent,Accept-Encoding
Bread.min.css
olsbeta.accountassure.com/styles/
12 KB
4 KB
Stylesheet
General
Full URL
https://olsbeta.accountassure.com/styles/Bread.min.css
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/Account/Login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
f4d4c3a720545f485a2c2740546fb068738948de79c944165c02a2217cf59bea
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/Account/Login/

Response headers

Cache-Control
public,max-age=31536000,no-cache, no-store, must-revalidate
Content-Encoding
gzip
ETag
Referrer-Policy
strict-origin-when-cross-origin
Permissions-Policy
geolocation=(self)
Accept-Ranges
bytes
Content-Length
3485
X-XSS-Protection
1; mode=block
Date
Mon, 04 Nov 2024 23:42:10 GMT
Content-Type
text/css
Last-Modified
Thu, 31 Oct 2024 17:49:02 GMT
Vary
Accept-Encoding
css2
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:wght@300;700&display=swap
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/Account/Login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.170 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f10.1e100.net
Software
ESF /
Resource Hash
6c97247cb77a745233ba84a6d6a932f2e691f2dad7b36c2fcfc73044b1a34380
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 04 Nov 2024 23:42:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 23:42:11 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 04 Nov 2024 23:25:26 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
3 KB
610 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Taviraj:wght@300;500&display=swap
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/Account/Login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.170 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f10.1e100.net
Software
ESF /
Resource Hash
46db1590b1e7e2b69bf8662b8c135e288334f9171400ff98a65609d405d17a63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 04 Nov 2024 23:42:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 23:42:11 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 04 Nov 2024 23:42:11 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Amiri:wght@400;700&family=EB+Garamond:wght@400;600&display=swap
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/Account/Login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.170 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f10.1e100.net
Software
ESF /
Resource Hash
14911a0622f3d2b0c11e427c6ce78532b535507e37cfb158f71a39f9486375ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 04 Nov 2024 23:42:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 23:42:11 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 04 Nov 2024 23:42:11 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
Bread_PageLogo.png
olsbeta.accountassure.com/assets/Bread/images/
26 KB
27 KB
Image
General
Full URL
https://olsbeta.accountassure.com/assets/Bread/images/Bread_PageLogo.png
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/Account/Login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
53c1e2e2f8c1885c125ccec3c5de628e3dd9c60ef086cc378e7e161e2cfe91b9
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/Account/Login/

Response headers

Cache-Control
public,max-age=31536000,no-cache, no-store, must-revalidate
ETag
Referrer-Policy
strict-origin-when-cross-origin
Permissions-Policy
geolocation=(self)
Accept-Ranges
bytes
Content-Length
27088
X-XSS-Protection
1; mode=block
Date
Mon, 04 Nov 2024 23:42:10 GMT
Content-Type
image/png
Last-Modified
Thu, 17 Oct 2024 14:01:14 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/Account/Login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.106 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f10.1e100.net
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/

Response headers

content-encoding
gzip
age
16719
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Tue, 04 Nov 2025 19:03:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 19:03:32 GMT
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
31017
x-xss-protection
0
server
sffe
tether.min.js
olsbeta.accountassure.com/scripts/vendors/
24 KB
10 KB
Script
General
Full URL
https://olsbeta.accountassure.com/scripts/vendors/tether.min.js
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/Account/Login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/Account/Login/

Response headers

Cache-Control
public,max-age=31536000,no-cache, no-store, must-revalidate
Content-Encoding
gzip
ETag
Referrer-Policy
strict-origin-when-cross-origin
Permissions-Policy
geolocation=(self)
Accept-Ranges
bytes
Content-Length
9503
X-XSS-Protection
1; mode=block
Date
Mon, 04 Nov 2024 23:42:10 GMT
Content-Type
application/javascript
Last-Modified
Thu, 17 Oct 2024 14:01:14 GMT
Vary
Accept-Encoding
bootstrap.min.js
olsbeta.accountassure.com/scripts/
57 KB
21 KB
Script
General
Full URL
https://olsbeta.accountassure.com/scripts/bootstrap.min.js
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/Account/Login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/Account/Login/

Response headers

Cache-Control
public,max-age=31536000,no-cache, no-store, must-revalidate
Content-Encoding
gzip
ETag
Referrer-Policy
strict-origin-when-cross-origin
Permissions-Policy
geolocation=(self)
Accept-Ranges
bytes
Content-Length
21407
X-XSS-Protection
1; mode=block
Date
Mon, 04 Nov 2024 23:42:10 GMT
Content-Type
application/javascript
Last-Modified
Thu, 17 Oct 2024 14:01:12 GMT
Vary
Accept-Encoding
swiper.min.js
olsbeta.accountassure.com/scripts/vendors/
123 KB
43 KB
Script
General
Full URL
https://olsbeta.accountassure.com/scripts/vendors/swiper.min.js
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/Account/Login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
c37fb1445f20aa972fbfc5aead5f48292e04db87673831bffa912a0fa82a6dcb
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/Account/Login/

Response headers

Cache-Control
public,max-age=31536000,no-cache, no-store, must-revalidate
Content-Encoding
gzip
ETag
Referrer-Policy
strict-origin-when-cross-origin
Permissions-Policy
geolocation=(self)
Accept-Ranges
bytes
Content-Length
43172
X-XSS-Protection
1; mode=block
Date
Mon, 04 Nov 2024 23:42:11 GMT
Content-Type
application/javascript
Last-Modified
Thu, 17 Oct 2024 14:01:14 GMT
Vary
Accept-Encoding
base.js
olsbeta.accountassure.com/scripts/core/
144 B
680 B
Script
General
Full URL
https://olsbeta.accountassure.com/scripts/core/base.js
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/Account/Login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
d9171ca45e17a98108fb7f198a253f279c8b87428ef1179eafc05e609d567255
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/Account/Login/

Response headers

Cache-Control
public,max-age=31536000,no-cache, no-store, must-revalidate
Content-Encoding
gzip
ETag
Referrer-Policy
strict-origin-when-cross-origin
Permissions-Policy
geolocation=(self)
Accept-Ranges
bytes
Content-Length
170
X-XSS-Protection
1; mode=block
Date
Mon, 04 Nov 2024 23:42:11 GMT
Content-Type
application/javascript
Last-Modified
Thu, 17 Oct 2024 14:01:12 GMT
Vary
Accept-Encoding
theme-module.js
olsbeta.accountassure.com/scripts/modules/
2 KB
1 KB
Script
General
Full URL
https://olsbeta.accountassure.com/scripts/modules/theme-module.js
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/Account/Login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
cd808300b8aab94cd0d4e8b0c1d2ba6e7b02c4d854c613eef593642cf5fb5282
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/Account/Login/

Response headers

Cache-Control
public,max-age=31536000,no-cache, no-store, must-revalidate
Content-Encoding
gzip
ETag
Referrer-Policy
strict-origin-when-cross-origin
Permissions-Policy
geolocation=(self)
Accept-Ranges
bytes
Content-Length
816
X-XSS-Protection
1; mode=block
Date
Mon, 04 Nov 2024 23:42:11 GMT
Content-Type
application/javascript
Last-Modified
Thu, 17 Oct 2024 14:01:12 GMT
Vary
Accept-Encoding
bootstrapper.js
olsbeta.accountassure.com/scripts/
61 B
682 B
Script
General
Full URL
https://olsbeta.accountassure.com/scripts/bootstrapper.js
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/Account/Login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
535ef0e4ab28cd370d972cf35a3e9dcb75509f34da308e3a5d0326977c6a8f7d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/Account/Login/

Response headers

Cache-Control
public,max-age=31536000,no-cache, no-store, must-revalidate
Content-Encoding
gzip
ETag
Referrer-Policy
strict-origin-when-cross-origin
Permissions-Policy
geolocation=(self)
Accept-Ranges
bytes
Content-Length
172
X-XSS-Protection
1; mode=block
Date
Mon, 04 Nov 2024 23:42:11 GMT
Content-Type
application/javascript
Last-Modified
Thu, 17 Oct 2024 14:01:12 GMT
Vary
Accept-Encoding
site
olsbeta.accountassure.com/bundles/
593 B
1 KB
Script
General
Full URL
https://olsbeta.accountassure.com/bundles/site?v=Y1WhlqLeojM8UrULgnS-jxjE21JqneyKY2ki6Zd6Bds1
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/Account/Login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
2357c85a7c4efe4aca26875d1687777652d1cb6ee60ab1b65b12b2e41117ddd8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/Account/Login/

Response headers

Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Content-Security-Policy
upgrade-insecure-requests
Cache-Control
public,no-cache, no-store, must-revalidate
Content-Encoding
gzip
ETag
Referrer-Policy
strict-origin-when-cross-origin
Expires
Tue, 04 Nov 2025 23:42:12 GMT
Permissions-Policy
geolocation=(self)
Content-Length
506
X-XSS-Protection
1; mode=block
Date
Mon, 04 Nov 2024 23:42:11 GMT
Content-Type
text/javascript; charset=utf-8
Last-Modified
Mon, 04 Nov 2024 23:42:12 GMT
Vary
User-Agent,Accept-Encoding
bootstrap.min.css
olsbeta.accountassure.com/styles/vendors/
152 KB
35 KB
Stylesheet
General
Full URL
https://olsbeta.accountassure.com/styles/vendors/bootstrap.min.css
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/styles/css?v=sxmuE-XxnpZ3NtVswQwtorPSFw9uib2Bb-iwJwP3LEo1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
719cb37a3d17bc263d8995ef3b4e4569c60ac9e9258205b07ed9d6d4ffcf69ac
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/styles/css?v=sxmuE-XxnpZ3NtVswQwtorPSFw9uib2Bb-iwJwP3LEo1

Response headers

Cache-Control
public,max-age=31536000,no-cache, no-store, must-revalidate
Content-Encoding
gzip
ETag
Referrer-Policy
strict-origin-when-cross-origin
Permissions-Policy
geolocation=(self)
Accept-Ranges
bytes
Content-Length
35475
X-XSS-Protection
1; mode=block
Date
Mon, 04 Nov 2024 23:42:10 GMT
Content-Type
text/css
Last-Modified
Thu, 17 Oct 2024 14:01:18 GMT
Vary
Accept-Encoding
select2.min.css
olsbeta.accountassure.com/styles/vendors/
15 KB
3 KB
Stylesheet
General
Full URL
https://olsbeta.accountassure.com/styles/vendors/select2.min.css
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/styles/css?v=sxmuE-XxnpZ3NtVswQwtorPSFw9uib2Bb-iwJwP3LEo1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
ea237985427db5573da7d02e2ce688fe2337a308f9a08dbd73697430f6bc0aed
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/styles/css?v=sxmuE-XxnpZ3NtVswQwtorPSFw9uib2Bb-iwJwP3LEo1

Response headers

Cache-Control
public,max-age=31536000,no-cache, no-store, must-revalidate
Content-Encoding
gzip
ETag
Referrer-Policy
strict-origin-when-cross-origin
Permissions-Policy
geolocation=(self)
Accept-Ranges
bytes
Content-Length
2795
X-XSS-Protection
1; mode=block
Date
Mon, 04 Nov 2024 23:42:10 GMT
Content-Type
text/css
Last-Modified
Thu, 17 Oct 2024 14:01:18 GMT
Vary
Accept-Encoding
listbox.css
olsbeta.accountassure.com/styles/vendors/
2 KB
1 KB
Stylesheet
General
Full URL
https://olsbeta.accountassure.com/styles/vendors/listbox.css
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/styles/css?v=sxmuE-XxnpZ3NtVswQwtorPSFw9uib2Bb-iwJwP3LEo1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
ff91a8dd83bd0446c37340091a4fa17e7c81b8e8c19b097ea10df51c3a642b0f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/styles/css?v=sxmuE-XxnpZ3NtVswQwtorPSFw9uib2Bb-iwJwP3LEo1

Response headers

Cache-Control
public,max-age=31536000,no-cache, no-store, must-revalidate
Content-Encoding
gzip
ETag
Referrer-Policy
strict-origin-when-cross-origin
Permissions-Policy
geolocation=(self)
Accept-Ranges
bytes
Content-Length
980
X-XSS-Protection
1; mode=block
Date
Mon, 04 Nov 2024 23:42:10 GMT
Content-Type
text/css
Last-Modified
Thu, 17 Oct 2024 14:01:18 GMT
Vary
Accept-Encoding
webtrends.js
olsbeta.accountassure.com/scripts/
58 KB
20 KB
Script
General
Full URL
https://olsbeta.accountassure.com/scripts/webtrends.js
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/Account/Login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
9affe61246a5a4b8c5d7985060c2d19119c1754ccecf01da2d522fb39f6bf7c4
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/Account/Login/

Response headers

Cache-Control
public,max-age=31536000,no-cache, no-store, must-revalidate
Content-Encoding
gzip
ETag
Referrer-Policy
strict-origin-when-cross-origin
Permissions-Policy
geolocation=(self)
Accept-Ranges
bytes
Content-Length
19810
X-XSS-Protection
1; mode=block
Date
Mon, 04 Nov 2024 23:42:11 GMT
Content-Type
application/javascript
Last-Modified
Thu, 17 Oct 2024 14:01:14 GMT
Vary
Accept-Encoding
NunitoSans-Regular.woff
olsbeta.accountassure.com/assets/fonts/
52 KB
52 KB
Font
General
Full URL
https://olsbeta.accountassure.com/assets/fonts/NunitoSans-Regular.woff
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/styles/css?v=sxmuE-XxnpZ3NtVswQwtorPSFw9uib2Bb-iwJwP3LEo1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
b0068df2fade0dae3de5fb4be2d9bcf8149dc5e572e0ef3b88dec86412b223ad
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://olsbeta.accountassure.com
Referer
https://olsbeta.accountassure.com/styles/css?v=sxmuE-XxnpZ3NtVswQwtorPSFw9uib2Bb-iwJwP3LEo1

Response headers

Cache-Control
public,max-age=31536000,no-cache, no-store, must-revalidate
ETag
Referrer-Policy
strict-origin-when-cross-origin
Permissions-Policy
geolocation=(self)
Accept-Ranges
bytes
Content-Length
53184
X-XSS-Protection
1; mode=block
Date
Mon, 04 Nov 2024 23:42:11 GMT
Content-Type
application/font-woff
Last-Modified
Thu, 17 Oct 2024 14:01:16 GMT
NunitoSans-Bold.woff
olsbeta.accountassure.com/assets/fonts/
53 KB
53 KB
Font
General
Full URL
https://olsbeta.accountassure.com/assets/fonts/NunitoSans-Bold.woff
Requested by
Host: olsbeta.accountassure.com
URL: https://olsbeta.accountassure.com/styles/css?v=sxmuE-XxnpZ3NtVswQwtorPSFw9uib2Bb-iwJwP3LEo1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
9cf2e2371fbf3359deeffddd8728eb3cd56ec8cd39c473a33e0a7eaea89c508f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://olsbeta.accountassure.com
Referer
https://olsbeta.accountassure.com/styles/css?v=sxmuE-XxnpZ3NtVswQwtorPSFw9uib2Bb-iwJwP3LEo1

Response headers

Cache-Control
public,max-age=31536000,no-cache, no-store, must-revalidate
ETag
Referrer-Policy
strict-origin-when-cross-origin
Permissions-Policy
geolocation=(self)
Accept-Ranges
bytes
Content-Length
53824
X-XSS-Protection
1; mode=block
Date
Mon, 04 Nov 2024 23:42:11 GMT
Content-Type
application/font-woff
Last-Modified
Thu, 17 Oct 2024 14:01:16 GMT
wtid.js
statse.webtrendslive.com//
0
0

favicon.ico
olsbeta.accountassure.com/
11 KB
11 KB
Other
General
Full URL
https://olsbeta.accountassure.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.125.99.49 , United States, ASN16875 (AS16875, US),
Reverse DNS
Software
/
Resource Hash
d684a386868b6a867398e8846f9660969ade911ae7157e2ad1dcb53e2adf3fe2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://olsbeta.accountassure.com/Account/Login/

Response headers

Cache-Control
public,max-age=31536000,no-cache, no-store, must-revalidate
ETag
Referrer-Policy
strict-origin-when-cross-origin
Permissions-Policy
geolocation=(self)
Accept-Ranges
bytes
Content-Length
10990
X-XSS-Protection
1; mode=block
Date
Mon, 04 Nov 2024 23:42:14 GMT
Content-Type
image/x-icon
Last-Modified
Thu, 17 Oct 2024 14:01:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
statse.webtrendslive.com
URL
https://statse.webtrendslive.com//wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| webtrendsAsyncInit function| closeMenu function| $ function| jQuery function| Tether object| bootstrap function| dcsMultiTrack object| Webtrends object| WebTrends function| Swiper object| AppName object| framework

1 Cookies

Domain/Path Name / Value
olsbeta.accountassure.com/ Name: My_session
Value: 1697817354.47873.0000

2 Console Messages

Source Level URL
Text
network error URL: https://statse.webtrendslive.com//wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
recommendation verbose URL: https://olsbeta.accountassure.com/Account/Login/
Message:
[DOM] Password forms should have (optionally hidden) username fields for accessibility: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' static.zdassets.com fonts.googleapis.com seal.digicert.com maxcdn.bootstrapcdn.com statse.webtrendslive.com ajax.googleapis.com ajax.aspnetcdn.com;style-src 'self' 'unsafe-inline' statse.webtrendslive.com maxcdn.bootstrapcdn.com fonts.googleapis.com;img-src 'self' seal.digicert.com;media-src static.zdassets.com;font-src 'self' maxcdn.bootstrapcdn.com fonts.gstatic.com;connect-src 'self' ekr.zdassets.com wss://widget-mediator.zopim.com aonintegramark.zendesk.com statse.webtrendslive.com maxcdn.bootstrapcdn.com fonts.googleapis.com https://static.zdassets.com;form-action 'self';upgrade-insecure-requests;report-uri /WebResource.axd?cspReport=true
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
olsbeta.accountassure.com
statse.webtrendslive.com
statse.webtrendslive.com
142.250.72.106
142.251.35.170
165.125.99.49
14911a0622f3d2b0c11e427c6ce78532b535507e37cfb158f71a39f9486375ea
2357c85a7c4efe4aca26875d1687777652d1cb6ee60ab1b65b12b2e41117ddd8
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
46db1590b1e7e2b69bf8662b8c135e288334f9171400ff98a65609d405d17a63
4f2171ca56aacc9cfa4116d72a3c85e29789247751fe9ab676f3c0fc5af8f35a
535ef0e4ab28cd370d972cf35a3e9dcb75509f34da308e3a5d0326977c6a8f7d
53c1e2e2f8c1885c125ccec3c5de628e3dd9c60ef086cc378e7e161e2cfe91b9
68063db5c5442f77264d4ac2af25710eb459ab841fdfb8061236483df94c6ed5
6c97247cb77a745233ba84a6d6a932f2e691f2dad7b36c2fcfc73044b1a34380
719cb37a3d17bc263d8995ef3b4e4569c60ac9e9258205b07ed9d6d4ffcf69ac
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
9affe61246a5a4b8c5d7985060c2d19119c1754ccecf01da2d522fb39f6bf7c4
9cf2e2371fbf3359deeffddd8728eb3cd56ec8cd39c473a33e0a7eaea89c508f
b0068df2fade0dae3de5fb4be2d9bcf8149dc5e572e0ef3b88dec86412b223ad
c37fb1445f20aa972fbfc5aead5f48292e04db87673831bffa912a0fa82a6dcb
cd808300b8aab94cd0d4e8b0c1d2ba6e7b02c4d854c613eef593642cf5fb5282
d684a386868b6a867398e8846f9660969ade911ae7157e2ad1dcb53e2adf3fe2
d9171ca45e17a98108fb7f198a253f279c8b87428ef1179eafc05e609d567255
ea237985427db5573da7d02e2ce688fe2337a308f9a08dbd73697430f6bc0aed
f4d4c3a720545f485a2c2740546fb068738948de79c944165c02a2217cf59bea
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff91a8dd83bd0446c37340091a4fa17e7c81b8e8c19b097ea10df51c3a642b0f