urlscan.io logo urlscan.io
SecurityTrails logo

admin.pos.sandbox.cognesive.com Open in urlscan Pro
64.225.107.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://admin.pos.sandbox.cognesive.com/
Effective URL: https://admin.pos.sandbox.cognesive.com/credential/login
Submission: On September 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 24 HTTP transactions. The main IP is 64.225.107.90, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is admin.pos.sandbox.cognesive.com.
TLS certificate: Issued by R3 on September 2nd 2022. Valid for: 3 months.
This is the only time admin.pos.sandbox.cognesive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 64.225.107.90 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
24 6
11    64.225.107.90 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
admin.pos.sandbox.cognesive.com
1    2a00:1450:400e:800::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
11 cognesive.com
admin.pos.sandbox.cognesive.com
4 MB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
546 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
25 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
24 4
Domain Requested by
11 admin.pos.sandbox.cognesive.com 1 redirects admin.pos.sandbox.cognesive.com
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com admin.pos.sandbox.cognesive.com
www.google.com
www.gstatic.com
3 fonts.gstatic.com fonts.googleapis.com
www.google.com
1 fonts.googleapis.com admin.pos.sandbox.cognesive.com
24 5

This site contains no links.

Subject Issuer Validity Valid
admin.pos.sandbox.cognesive.com
R3		 2022-09-02 -
2022-12-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://admin.pos.sandbox.cognesive.com/credential/login
Frame ID: 26E060DCBB6134EEA3CA52170F009C94
Requests: 16 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVW-wbAAAAAD3GPnvxrXh6E4tV3-TPZMRBTaOW&co=aHR0cHM6Ly9hZG1pbi5wb3Muc2FuZGJveC5jb2duZXNpdmUuY29tOjQ0Mw..&hl=de&type=image&v=3TZgZIog-UsaFDv31vC4L9R_&theme=light&size=normal&badge=inline&cb=5649xid1vf9n
Frame ID: F820BDC6DB3C84CA03F41BC2B7C9A6CB
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&k=6LeVW-wbAAAAAD3GPnvxrXh6E4tV3-TPZMRBTaOW
Frame ID: 563FCFE92A5863281C5EACCA0C736A02
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OmniPOS | Yƶnetim Paneli

Page URL History Show full URLs

  1. https://admin.pos.sandbox.cognesive.com/ HTTP 302
    https://admin.pos.sandbox.cognesive.com/credential/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

24
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

4865 kB
Transfer

5667 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://admin.pos.sandbox.cognesive.com/ HTTP 302
    https://admin.pos.sandbox.cognesive.com/credential/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
admin.pos.sandbox.cognesive.com/credential/
Redirect Chain
  • https://admin.pos.sandbox.cognesive.com/
  • https://admin.pos.sandbox.cognesive.com/credential/login
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.pos.sandbox.cognesive.com/credential/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.225.107.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
95f0e13b3132f99b868b2c0c8bd5963291824ada7c23350acb3ba9b7c1188ffd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data:; font-src 'self' https: fonts.googleapis.com: data:; frame-src 'self' data: https: https://www.google.com/recaptcha; img-src 'self' data:; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options sameorigin SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' data:; font-src 'self' https: fonts.googleapis.com: data:; frame-src 'self' data: https: https://www.google.com/recaptcha; img-src 'self' data:; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:
Content-Type
text/html; charset=UTF-8
Date
Fri, 02 Sep 2022 08:44:45 GMT
Expect-CT
max-age=2147483648
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff nosniff
X-Download-Options
noopen
X-Frame-Options
sameorigin SAMEORIGIN SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block 1; mode=block

Redirect headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Security-Policy
default-src 'self' data:; font-src 'self' https: fonts.googleapis.com: data:; frame-src 'self' data: https: https://www.google.com/recaptcha; img-src 'self' data:; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:
Content-Type
text/html; charset=UTF-8
Date
Fri, 02 Sep 2022 08:44:44 GMT
Expect-CT
max-age=2147483648
Location
https://admin.pos.sandbox.cognesive.com/credential/login
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff nosniff
X-Download-Options
noopen
X-Frame-Options
sameorigin SAMEORIGIN SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block 1; mode=block
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@100;300;400;500;700;900&display=swap
Requested by
Host: admin.pos.sandbox.cognesive.com
URL: https://admin.pos.sandbox.cognesive.com/credential/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d09c1c58b405a210dc1ea740d466d698b5846e5478a1e94378711930a7b86039
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Sep 2022 08:44:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 02 Sep 2022 08:44:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Sep 2022 08:44:45 GMT
styles.min.css
admin.pos.sandbox.cognesive.com/assets/css/icons/icomoon/ 		44 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.pos.sandbox.cognesive.com/assets/css/icons/icomoon/styles.min.css
Requested by
Host: admin.pos.sandbox.cognesive.com
URL: https://admin.pos.sandbox.cognesive.com/credential/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.225.107.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8e9f240315a07ae042cb5e0ffc3fe6b75a4b4092c7baf1233a9d96ae4699e4a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 08:44:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 04 Jul 2022 07:32:39 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62c29797-b1c8"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45512
X-XSS-Protection
1; mode=block
all.min.css
admin.pos.sandbox.cognesive.com/assets/css/ 		785 KB
786 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.pos.sandbox.cognesive.com/assets/css/all.min.css
Requested by
Host: admin.pos.sandbox.cognesive.com
URL: https://admin.pos.sandbox.cognesive.com/credential/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.225.107.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b34ced16460abfe65cc313a2c37f9b07c68c4034624ebd437fa596d3c8df0d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 08:44:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 04 Jul 2022 07:32:39 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62c29797-c45a1"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
804257
X-XSS-Protection
1; mode=block
omnibus.css
admin.pos.sandbox.cognesive.com/assets/css/ 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.pos.sandbox.cognesive.com/assets/css/omnibus.css
Requested by
Host: admin.pos.sandbox.cognesive.com
URL: https://admin.pos.sandbox.cognesive.com/credential/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.225.107.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5bc5e5b1f8b791e965dce7e7a8f19417dcd8e611b4897472d44a325103666d17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 08:44:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 04 Jul 2022 07:34:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62c29813-4394"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17300
X-XSS-Protection
1; mode=block
application.js
admin.pos.sandbox.cognesive.com/assets/js/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.pos.sandbox.cognesive.com/assets/js/application.js
Requested by
Host: admin.pos.sandbox.cognesive.com
URL: https://admin.pos.sandbox.cognesive.com/credential/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.225.107.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ebdfdb2af86c06719171613844eb62967c29c8f1ab85ff56e251e162974c986a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 08:44:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 04 Jul 2022 07:32:39 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62c29797-4642"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17986
X-XSS-Protection
1; mode=block
app.js
admin.pos.sandbox.cognesive.com/js/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.pos.sandbox.cognesive.com/js/app.js?id=735e95f1de3f3a860bcd
Requested by
Host: admin.pos.sandbox.cognesive.com
URL: https://admin.pos.sandbox.cognesive.com/credential/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.225.107.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0f00c613337c80319cd83b4768cc97217f99c386259fe7d535222275a7f94d07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 08:44:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 04 Aug 2022 06:07:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62eb6220-2aba61"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2800225
X-XSS-Protection
1; mode=block
js
admin.pos.sandbox.cognesive.com/credential/%E2%80%9Chttps://www.googletagmanager.com/gtag/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.pos.sandbox.cognesive.com/credential/%E2%80%9Chttps://www.googletagmanager.com/gtag/js?id=G-QNZ7G3FEHG%E2%80%9D
Requested by
Host: admin.pos.sandbox.cognesive.com
URL: https://admin.pos.sandbox.cognesive.com/credential/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.225.107.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' data:; font-src 'self' https: fonts.googleapis.com: data:; frame-src 'self' data: https: https://www.google.com/recaptcha; img-src 'self' data:; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 08:44:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Expect-CT
max-age=2147483648
X-Frame-Options
sameorigin, SAMEORIGIN
Strict-Transport-Security
max-age=31536000; preload
X-Download-Options
noopen
Cache-Control
no-cache, private
Content-Security-Policy
default-src 'self' data:; font-src 'self' https: fonts.googleapis.com: data:; frame-src 'self' data: https: https://www.google.com/recaptcha; img-src 'self' data:; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:
Content-Type
text/html; charset=UTF-8
bg-rachel-claire-5490917.jpg
admin.pos.sandbox.cognesive.com/assets/images/background/ 		452 KB
452 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.pos.sandbox.cognesive.com/assets/images/background/bg-rachel-claire-5490917.jpg
Requested by
Host: admin.pos.sandbox.cognesive.com
URL: https://admin.pos.sandbox.cognesive.com/credential/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.225.107.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cfec10c7b7a0ec3ac325e32303ed23ecb9a6a5f43f9e73472c5110c3d2c8b07d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.pos.sandbox.cognesive.com/credential/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 08:44:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 04 Jul 2022 07:32:39 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62c29797-7106d"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
462957
X-XSS-Protection
1; mode=block
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;300;400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://admin.pos.sandbox.cognesive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 19:24:53 GMT
x-content-type-options
nosniff
age
134392
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 19:24:53 GMT
api.js
www.google.com/recaptcha/ 		909 B
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: admin.pos.sandbox.cognesive.com
URL: https://admin.pos.sandbox.cognesive.com/js/app.js?id=735e95f1de3f3a860bcd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5b665b2d47998a81a83690bf3eeb33cf0371d60af3fc6b781cbd3817301f3af2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 08:44:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
580
x-xss-protection
1; mode=block
expires
Fri, 02 Sep 2022 08:44:45 GMT
logo-main-dark.png
admin.pos.sandbox.cognesive.com/assets/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.pos.sandbox.cognesive.com/assets/images/logo-main-dark.png
Requested by
Host: admin.pos.sandbox.cognesive.com
URL: https://admin.pos.sandbox.cognesive.com/credential/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.225.107.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5e58684d6ac764e99adfb50725f37df527bb3de65abd0c35381c8a025674970b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 08:44:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 04 Jul 2022 07:34:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62c29813-5cc4"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23748
X-XSS-Protection
1; mode=block
truncated
/ 		131 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd1ba8d91aa28ff79a8e02083e10bb7e5ae906d4a2ea3b7953a58ce7341ea441

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
icomoon-3p0rtw.woff
admin.pos.sandbox.cognesive.com/assets/css/icons/icomoon/fonts/ 		213 KB
214 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://admin.pos.sandbox.cognesive.com/assets/css/icons/icomoon/fonts/icomoon-3p0rtw.woff
Requested by
Host: admin.pos.sandbox.cognesive.com
URL: https://admin.pos.sandbox.cognesive.com/assets/css/icons/icomoon/styles.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.225.107.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
657d012c7e3e3bb465f0c70f6088d9844a36835dd74ff9756bac4c78c853b1b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://admin.pos.sandbox.cognesive.com/assets/css/icons/icomoon/styles.min.css
Origin
https://admin.pos.sandbox.cognesive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 08:44:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 04 Jul 2022 07:32:39 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62c29797-354c0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
218304
X-XSS-Protection
1; mode=block
pxiEyp8kv8JHgFVrJJnecmNE.woff2
fonts.gstatic.com/s/poppins/v20/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;300;400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://admin.pos.sandbox.cognesive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 14:20:53 GMT
x-content-type-options
nosniff
age
239032
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5544
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 14:20:53 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ 		391 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://admin.pos.sandbox.cognesive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 20:06:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159350
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 22:02:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Sep 2023 20:06:48 GMT
anchor
www.google.com/recaptcha/api2/ Frame F820 		43 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVW-wbAAAAAD3GPnvxrXh6E4tV3-TPZMRBTaOW&co=aHR0cHM6Ly9hZG1pbi5wb3Muc2FuZGJveC5jb2duZXNpdmUuY29tOjQ0Mw..&hl=de&type=image&v=3TZgZIog-UsaFDv31vC4L9R_&theme=light&size=normal&badge=inline&cb=5649xid1vf9n
Requested by
Host: admin.pos.sandbox.cognesive.com
URL: https://admin.pos.sandbox.cognesive.com/js/app.js?id=735e95f1de3f3a860bcd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a4d17ab78669e15837bb9d7077539222295cab43a5d87a1c625b066d6416849a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--R6RFGSmJ9huvN0g5SVUJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22970
content-security-policy
script-src 'report-sample' 'nonce--R6RFGSmJ9huvN0g5SVUJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 08:44:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame F820 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVW-wbAAAAAD3GPnvxrXh6E4tV3-TPZMRBTaOW&co=aHR0cHM6Ly9hZG1pbi5wb3Muc2FuZGJveC5jb2duZXNpdmUuY29tOjQ0Mw..&hl=de&type=image&v=3TZgZIog-UsaFDv31vC4L9R_&theme=light&size=normal&badge=inline&cb=5649xid1vf9n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 16:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 22:02:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Sep 2023 16:26:19 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame F820 		391 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVW-wbAAAAAD3GPnvxrXh6E4tV3-TPZMRBTaOW&co=aHR0cHM6Ly9hZG1pbi5wb3Muc2FuZGJveC5jb2duZXNpdmUuY29tOjQ0Mw..&hl=de&type=image&v=3TZgZIog-UsaFDv31vC4L9R_&theme=light&size=normal&badge=inline&cb=5649xid1vf9n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 20:06:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159350
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 22:02:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Sep 2023 20:06:48 GMT
truncated
/ Frame F820 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F820 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F820 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 19:40:09 GMT
x-content-type-options
nosniff
age
47077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 08 Sep 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F820 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVW-wbAAAAAD3GPnvxrXh6E4tV3-TPZMRBTaOW&co=aHR0cHM6Ly9hZG1pbi5wb3Muc2FuZGJveC5jb2duZXNpdmUuY29tOjQ0Mw..&hl=de&type=image&v=3TZgZIog-UsaFDv31vC4L9R_&theme=light&size=normal&badge=inline&cb=5649xid1vf9n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 17:06:41 GMT
x-content-type-options
nosniff
age
229085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Aug 2023 17:06:41 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame F820 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=3TZgZIog-UsaFDv31vC4L9R_
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVW-wbAAAAAD3GPnvxrXh6E4tV3-TPZMRBTaOW&co=aHR0cHM6Ly9hZG1pbi5wb3Muc2FuZGJveC5jb2duZXNpdmUuY29tOjQ0Mw..&hl=de&type=image&v=3TZgZIog-UsaFDv31vC4L9R_&theme=light&size=normal&badge=inline&cb=5649xid1vf9n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5f431019dbc02c29358a84d7071317fa5c496bf3f934e5f0bcc65a3ae68a5620
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVW-wbAAAAAD3GPnvxrXh6E4tV3-TPZMRBTaOW&co=aHR0cHM6Ly9hZG1pbi5wb3Muc2FuZGJveC5jb2duZXNpdmUuY29tOjQ0Mw..&hl=de&type=image&v=3TZgZIog-UsaFDv31vC4L9R_&theme=light&size=normal&badge=inline&cb=5649xid1vf9n
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 08:44:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Fri, 02 Sep 2022 08:44:46 GMT
bframe
www.google.com/recaptcha/api2/ Frame 563F 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&k=6LeVW-wbAAAAAD3GPnvxrXh6E4tV3-TPZMRBTaOW
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5e324c2d7d3bd990bf2cbd1ee5b4f96d4f72898476c397aca8625ad0db238c1d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kbxJQSrzP-XS87rPnxx4Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1115
content-security-policy
script-src 'report-sample' 'nonce-kbxJQSrzP-XS87rPnxx4Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 08:44:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame 563F 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&k=6LeVW-wbAAAAAD3GPnvxrXh6E4tV3-TPZMRBTaOW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 16:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 22:02:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Sep 2023 16:26:19 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame 563F 		391 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&k=6LeVW-wbAAAAAD3GPnvxrXh6E4tV3-TPZMRBTaOW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 20:06:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159350
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 22:02:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Sep 2023 20:06:48 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| _ function| setImmediate function| clearImmediate function| swal function| sweetAlert function| jQuery function| $ function| axios object| regeneratorRuntime function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_946377

2 Cookies

Domain/Path Name / Value
admin.pos.sandbox.cognesive.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Ik02SFBRbmJ4R1JwRktMUmZHL3RXQ0E9PSIsInZhbHVlIjoiVEVPUWhiZUl0d3MrM1dvTEwyR0Z4ajh6cWg1Um1EUkJmQjFCckpjMk8wYUIrR0grc2FHWFVQNjFDaXpqK0hsczlEeDlYbXVpeVZDUTZEQ2pLOWxKQjB4c2I0T0NnZHYxZTNFYnhHSlVRUEtlUGJ6RFZOL29HY1o4YzdqRncxdksiLCJtYWMiOiJjZGQwMWYxNTRjNjFlZWUzNzM4ZjE4NWM4MGZhM2ZlNDVlZTdmZGRjZDY0YzU0ODE2NzUzODA2MGMyNTg5NzlkIiwidGFnIjoiIn0%3D
admin.pos.sandbox.cognesive.com/ Name: denver_web_admin_session
Value: eyJpdiI6ImVINzRPci9SNE8ydWt5ZzZiNUFud0E9PSIsInZhbHVlIjoiUG0wVWxIcnlVcnpESURpOUVkKzUzd3pZek1LOHFhaThBV0V0QlpSQUppd0dydHhqMVRwMEpOVFlCM0VXUC9kdmJHYlRZRlgwdHZzRnRZWUNkNEdzRHhkNHVYb2o2TnVyNTB4MklIZXh0bUxEcEhraW45TzdNUFRYcU5DaGt6UEIiLCJtYWMiOiI2YmM4MGUwNDMxYWNjMzU5MjE5MTNhNmZkMmJmYTY2NzhiNGRmNTU5MTc2NmVkNTIxNjVjNWI4ZDE0NmRlMTQ4IiwidGFnIjoiIn0%3D

1 Console Messages

Source Level URL
Text
network error URL: https://admin.pos.sandbox.cognesive.com/credential/%E2%80%9Chttps://www.googletagmanager.com/gtag/js?id=G-QNZ7G3FEHG%E2%80%9D
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' data:; font-src 'self' https: fonts.googleapis.com: data:; frame-src 'self' data: https: https://www.google.com/recaptcha; img-src 'self' data:; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options sameorigin SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.pos.sandbox.cognesive.com
fonts.googleapis.com
fonts.gstatic.com
www.google.com
www.gstatic.com
2a00:1450:4001:80b::2003
2a00:1450:4001:811::2004
2a00:1450:4001:829::2003
2a00:1450:400e:800::200a
64.225.107.90
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0f00c613337c80319cd83b4768cc97217f99c386259fe7d535222275a7f94d07
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
5b665b2d47998a81a83690bf3eeb33cf0371d60af3fc6b781cbd3817301f3af2
5bc5e5b1f8b791e965dce7e7a8f19417dcd8e611b4897472d44a325103666d17
5e324c2d7d3bd990bf2cbd1ee5b4f96d4f72898476c397aca8625ad0db238c1d
5e58684d6ac764e99adfb50725f37df527bb3de65abd0c35381c8a025674970b
5f431019dbc02c29358a84d7071317fa5c496bf3f934e5f0bcc65a3ae68a5620
657d012c7e3e3bb465f0c70f6088d9844a36835dd74ff9756bac4c78c853b1b3
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8e9f240315a07ae042cb5e0ffc3fe6b75a4b4092c7baf1233a9d96ae4699e4a0
95f0e13b3132f99b868b2c0c8bd5963291824ada7c23350acb3ba9b7c1188ffd
a4d17ab78669e15837bb9d7077539222295cab43a5d87a1c625b066d6416849a
b34ced16460abfe65cc313a2c37f9b07c68c4034624ebd437fa596d3c8df0d4b
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
cd1ba8d91aa28ff79a8e02083e10bb7e5ae906d4a2ea3b7953a58ce7341ea441
cfec10c7b7a0ec3ac325e32303ed23ecb9a6a5f43f9e73472c5110c3d2c8b07d
d09c1c58b405a210dc1ea740d466d698b5846e5478a1e94378711930a7b86039
ebdfdb2af86c06719171613844eb62967c29c8f1ab85ff56e251e162974c986a