auth.crisaxscreen.com Open in urlscan Pro
18.188.147.242  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response auth.crisaxscreen.com/	601 B 630 B	337ms 101ms	Document text/html	18.188.147.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://auth.crisaxscreen.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.188.147.242 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-188-147-242.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 0eece9b6271952774486ae6be4f1cf5111467db96c03fbb4ced412b37aab1c0e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sun, 10 Mar 2024 20:29:16 GMT ETag W/"65eb65a4-259" Last-Modified Fri, 08 Mar 2024 19:23:16 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked
GET H2	200	bootstrap.min.css netdna.bootstrapcdn.com/bootstrap/4.4.1/css/	156 KB 25 KB	48ms 21ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netdna.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css Requested by Host: auth.crisaxscreen.com URL: https://auth.crisaxscreen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://auth.crisaxscreen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 20:29:16 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 1078 age 8953346 cdn-cachedat 10/31/2023 19:00:00 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:09 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"7cc40c199d128af6b01e74a28c5900b0" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 72cf279d51e2f6eb8438e95daa688d42 timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 86260e538a659191-FRA cdn-requestpullsuccess True
GET H2	200	bootstrap-icons.min.css cdn.jsdelivr.net/npm/bootstrap-icons@1.11.3/font/	84 KB 14 KB	59ms 43ms	Stylesheet text/css	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.3/font/bootstrap-icons.min.css Requested by Host: auth.crisaxscreen.com URL: https://auth.crisaxscreen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f643d6fe7e679f9de3e16311600c5ef5cd6b098f7a3a8828fcc29255d2b33e62 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://auth.crisaxscreen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 20:29:16 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 5803938 x-jsd-version 1.11.3 content-encoding br x-cache MISS, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230079-FRA, cache-lga21961-LGA x-jsd-version-type version server cloudflare etag W/"14f73-BDozLk9VXMC/015FG+lVtLk5ZqA" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L06ze0El7uP2lY4vA2c9%2BPjkNxB%2BtfdV9w9MZKl6b66%2B4eR1s9tnVAqTFLtNivTdqORoxH4ZfEltt0gV8LuXD9UdGaKDpN46b5nHraO%2BDa2frVhLzDPrB%2Flqaw9FYxzoF1xbB6Pu8sHZH3f2l%2Fk%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 86260e537fce18af-FRA
GET H/1.1	200 OK	main.1290bbab.js Show response auth.crisaxscreen.com/static/js/	474 KB 474 KB	188ms 102ms	Script application/javascript	18.188.147.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://auth.crisaxscreen.com/static/js/main.1290bbab.js Requested by Host: auth.crisaxscreen.com URL: https://auth.crisaxscreen.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.188.147.242 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-188-147-242.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash c56fcf3bc21cb1babfcb458d2bbde58f8e830e06776119b0b6496a308a22fe69 Request headers accept-language de-DE,de;q=0.9 Referer https://auth.crisaxscreen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Sun, 10 Mar 2024 20:29:16 GMT Last-Modified Fri, 08 Mar 2024 19:38:43 GMT Server nginx/1.18.0 (Ubuntu) ETag "65eb6943-76671" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 484977
GET H/1.1	200 OK	main.ddca0fd7.css auth.crisaxscreen.com/static/css/	7 KB 7 KB	102ms 101ms	Stylesheet text/css	18.188.147.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://auth.crisaxscreen.com/static/css/main.ddca0fd7.css Requested by Host: auth.crisaxscreen.com URL: https://auth.crisaxscreen.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.188.147.242 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-188-147-242.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 11c953e97d723ec520327de478777e71682abf11c7e2ffda6d241f9358140b5e Request headers accept-language de-DE,de;q=0.9 Referer https://auth.crisaxscreen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Sun, 10 Mar 2024 20:29:16 GMT Last-Modified Fri, 08 Mar 2024 19:23:16 GMT Server nginx/1.18.0 (Ubuntu) ETag "65eb65a4-1a21" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 6689
OPTIONS H/1.1	204 No Content	refresh-token authapi.liveviewsign.com/user/ Frame	0 0	513ms 110ms	Preflight	193.46.198.174 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://authapi.liveviewsign.com/user/refresh-token Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.46.198.174 Asheville, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,mode Access-Control-Request-Method POST Origin https://auth.crisaxscreen.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Access-Control-Allow-Headers authorization,content-type,mode Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin * Connection keep-alive Content-Length 0 Date Sun, 10 Mar 2024 20:29:18 GMT Server nginx/1.14.0 (Ubuntu) Vary Access-Control-Request-Headers X-Powered-By Express
POST H/1.1	401 Unauthorized	refresh-token Show response authapi.liveviewsign.com/user/	27 B 312 B	110ms 110ms	Fetch application/json	193.46.198.174 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://authapi.liveviewsign.com/user/refresh-token Requested by Host: auth.crisaxscreen.com URL: https://auth.crisaxscreen.com/static/js/main.1290bbab.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.46.198.174 Asheville, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Express Resource Hash 4ec0bf8262b35be3b7623aa4272d537739738377a02f3089130e2a67b593d28d Request headers mode no-cors Referer https://auth.crisaxscreen.com/ accept-language de-DE,de;q=0.9 Authorization Bearer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type application/json Response headers Date Sun, 10 Mar 2024 20:29:18 GMT Server nginx/1.14.0 (Ubuntu) X-Powered-By Express ETag W/"1b-ptDm3ggC53pgcLgMnSH4sPfBUYY" Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Content-Length 27
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.pt_BR.l4Bv_WkVC6g.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOuH5S2uqmF6E8zOW7n3yiqiwhzNQ/	301 KB 104 KB	28ms 7ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.pt_BR.l4Bv_WkVC6g.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOuH5S2uqmF6E8zOW7n3yiqiwhzNQ/cb=gapi.loaded_0 Requested by Host: auth.crisaxscreen.com URL: https://auth.crisaxscreen.com/static/js/main.1290bbab.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d210709f5f638e192d493f1d872b07587b89a17e289826657c1801039b82bdf2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://auth.crisaxscreen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 05 Mar 2024 08:53:49 GMT content-encoding gzip x-content-type-options nosniff age 473729 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 105652 x-xss-protection 0 last-modified Thu, 19 Nov 2020 17:03:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding, Origin report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Wed, 05 Mar 2025 08:53:49 GMT
GET H2	200	api.js Show response apis.google.com/js/	18 KB 7 KB	38ms 22ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/api.js Requested by Host: auth.crisaxscreen.com URL: https://auth.crisaxscreen.com/static/js/main.1290bbab.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6020a5583c2b3017b5a133ceecec82c3dce1140377cbbbacb236ef622127d702 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://auth.crisaxscreen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff date Sun, 10 Mar 2024 20:29:18 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7112 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" etag "f7eb37700b40bd8c" vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 accept-ranges bytes timing-allow-origin * expires Sun, 10 Mar 2024 20:29:18 GMT
GET H/1.1	200 OK	logo.png cms.liveviewsign.com/assets/	17 KB 18 KB	969ms 219ms	Image image/png	193.46.198.174 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://cms.liveviewsign.com/assets/logo.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.46.198.174 Asheville, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Express Resource Hash 7c4aa0e8e67866028bfe07f9c3a4faf572c33879c9f6ef734b603e6b3cf1d042 Request headers accept-language de-DE,de;q=0.9 Referer https://auth.crisaxscreen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Sun, 10 Mar 2024 20:29:19 GMT Last-Modified Wed, 21 Feb 2024 18:28:48 GMT Server nginx/1.14.0 (Ubuntu) X-Powered-By Express ETag W/"45e2-18dcced6bfe" Content-Type image/png Access-Control-Allow-Origin * Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 17890
GET H/1.1	200 OK	1.png digisign24.s3.ap-south-1.amazonaws.com/users-media/web-assets/	322 KB 322 KB	441ms 157ms	Image image/png	52.219.158.154 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://digisign24.s3.ap-south-1.amazonaws.com/users-media/web-assets/1.png Requested by Host: auth.crisaxscreen.com URL: https://auth.crisaxscreen.com/static/css/main.ddca0fd7.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.158.154 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS s3-r-w.ap-south-1.amazonaws.com Software AmazonS3 / Resource Hash 8a23e2fbaeba708b0c52362cfa0381d1856d5d83ffb5fd746774f22a1220dd6a Request headers accept-language de-DE,de;q=0.9 Referer https://auth.crisaxscreen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Sun, 10 Mar 2024 20:29:19 GMT Last-Modified Tue, 24 Oct 2023 19:21:50 GMT Server AmazonS3 x-amz-request-id N88NGBW0XRDMDDKJ ETag "aa359de41db239bcadd157116b55d3d9" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 329314 x-amz-id-2 PusT+W+Z22uOQ3ROjbGvyWYM0ynt5SMSdRlY3/jiFRcoPPkzjMstKf8EpaFCYwQPgyJiN/RPN4E=
GET H/1.1	200 OK	2.png digisign24.s3.ap-south-1.amazonaws.com/users-media/web-assets/	196 KB 197 KB	492ms 202ms	Image image/png	52.219.158.154 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://digisign24.s3.ap-south-1.amazonaws.com/users-media/web-assets/2.png Requested by Host: auth.crisaxscreen.com URL: https://auth.crisaxscreen.com/static/css/main.ddca0fd7.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.158.154 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS s3-r-w.ap-south-1.amazonaws.com Software AmazonS3 / Resource Hash 7e597c36f0d05d3035a12fdcd4df63731d59f0b3c6bd77360422f5aab231a9ec Request headers accept-language de-DE,de;q=0.9 Referer https://auth.crisaxscreen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Sun, 10 Mar 2024 20:29:19 GMT Last-Modified Sun, 04 Feb 2024 22:27:34 GMT Server AmazonS3 x-amz-request-id N88YXMQR0MHHTSAW ETag "3010f2d0926ed3966d50b6b7cf132215" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 200983 x-amz-id-2 1EJYDJQ6xazfZgIibjv0H3kcB2EZH0Pett4ymyJ3ccj5w/JJDB/D181hLpuS7NK06QAlW8uX0AU=
GET H/1.1	200 OK	3.png digisign24.s3.ap-south-1.amazonaws.com/users-media/web-assets/	104 KB 105 KB	462ms 164ms	Image image/png	52.219.158.154 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://digisign24.s3.ap-south-1.amazonaws.com/users-media/web-assets/3.png Requested by Host: auth.crisaxscreen.com URL: https://auth.crisaxscreen.com/static/css/main.ddca0fd7.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.158.154 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS s3-r-w.ap-south-1.amazonaws.com Software AmazonS3 / Resource Hash 759f737554a1396eaa8830d8d56e3c111a38d02cab076f6a17694124ee712838 Request headers accept-language de-DE,de;q=0.9 Referer https://auth.crisaxscreen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Sun, 10 Mar 2024 20:29:19 GMT Last-Modified Sun, 04 Feb 2024 21:44:25 GMT Server AmazonS3 x-amz-request-id N88ZKGRG7NK1QDN5 ETag "2c1e9e4936ccf56bd6e31392909b5b71" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 106749 x-amz-id-2 CHIZijU0tmjZWJ/qaG2gAMYIHnvVpBT1qY0XYTaUCX2MByg4ewELH7LO468CIsHkBqQLle3iAas=
GET H/1.1	200 OK	4.png digisign24.s3.ap-south-1.amazonaws.com/users-media/web-assets/	384 KB 384 KB	463ms 165ms	Image image/png	52.219.158.154 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://digisign24.s3.ap-south-1.amazonaws.com/users-media/web-assets/4.png Requested by Host: auth.crisaxscreen.com URL: https://auth.crisaxscreen.com/static/css/main.ddca0fd7.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.158.154 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS s3-r-w.ap-south-1.amazonaws.com Software AmazonS3 / Resource Hash ecf38a12996cc7a945862214319ffec603c28a6b3fb1cc08099ab50d58982d9f Request headers accept-language de-DE,de;q=0.9 Referer https://auth.crisaxscreen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Sun, 10 Mar 2024 20:29:19 GMT Last-Modified Sun, 04 Feb 2024 21:44:24 GMT Server AmazonS3 x-amz-request-id N88T8C35BCTK7WDC ETag "72d7926480483cdd08462ab28470f0f1" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 393170 x-amz-id-2 GAfaFy1OgMTJZaRb/H5wbY+MPIgHAbcPOfX1EQ+rePphhaXZGZGwGhcMLNsFaQ6CjA7xlbMoLlM=
GET H/1.1	200 OK	5.png digisign24.s3.ap-south-1.amazonaws.com/users-media/web-assets/	111 KB 111 KB	444ms 147ms	Image image/png	52.219.158.154 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://digisign24.s3.ap-south-1.amazonaws.com/users-media/web-assets/5.png Requested by Host: auth.crisaxscreen.com URL: https://auth.crisaxscreen.com/static/css/main.ddca0fd7.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.158.154 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS s3-r-w.ap-south-1.amazonaws.com Software AmazonS3 / Resource Hash a517af4e3c0453f0daea32ef1dffa261bfa675d1070d9c2f9fbe1bea31a301f3 Request headers accept-language de-DE,de;q=0.9 Referer https://auth.crisaxscreen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Sun, 10 Mar 2024 20:29:19 GMT Last-Modified Sun, 04 Feb 2024 21:44:23 GMT Server AmazonS3 x-amz-request-id N88H5R8WYF2ATV8D ETag "2b6a6444fd547df250232fa668ea1b2b" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 113255 x-amz-id-2 b7YhsqbqNF7dclSDQ8g3PqJ6rwpG53X5bfjKUegmkfL2MyrO67hfoay37QqVl1gz0VO67WrtiYY=
GET H2	200	iframe Show response accounts.google.com/o/oauth2/ Frame 6D64	286 B 2 KB	376ms 330ms	Document text/html	2a00:1450:400c:c0a::54 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframe Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.pt_BR.l4Bv_WkVC6g.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOuH5S2uqmF6E8zOW7n3yiqiwhzNQ/cb=gapi.loaded_0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3db5d68d219771d207f5e0d2dc2f531f8c70b4e5617c79e66f47c041037b0378 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-aeJTuf5-aDfL1MLyJMq29A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://auth.crisaxscreen.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-aeJTuf5-aDfL1MLyJMq29A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Sun, 10 Mar 2024 20:29:18 GMT expires Mon, 01 Jan 1990 00:00:00 GMT origin-trial Anx7P+ykxPk2cvb3pmDcFJrtthuvm2pPqF/N9DW2XnD4tw+GvaXWaUhemhtJeK2OiYYjgVfcdmEkym+Al84WUQEAAABReyJvcmlnaW4iOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTl9 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache reporting-endpoints default="/_/IdpIFrameHttp/web-reports?context=eJzjstHikmJw15BiePflJRPP15dMEkCsAcQ7fDxY-NZNZ1UBYt3101lDgdgpfQZrEBD71M9gjQFiIR6OeRt2rGcTWDFx-2YmABfeHBc" server ESF strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-xss-protection 0
GET H2	200	m=base Show response www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.Nj61shhUpUY.es5.O/am=wA/d=1/rs=AOaEmlHdAL7LdOzg01Y1eizN1A77s2BNqg/ Frame 6D64	106 KB 37 KB	29ms 7ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.Nj61shhUpUY.es5.O/am=wA/d=1/rs=AOaEmlHdAL7LdOzg01Y1eizN1A77s2BNqg/m=base Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/iframe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 15cf115965aa997f90860b110a918193cd3f2ed834b88c9ca5ce185c3141e96c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 06 Mar 2024 08:39:49 GMT content-encoding gzip x-content-type-options nosniff age 388169 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36976 x-xss-protection 0 last-modified Fri, 01 Mar 2024 00:04:57 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/identity-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 06 Mar 2025 08:39:49 GMT
GET H2	200	iframerpc Show response accounts.google.com/o/oauth2/ Frame 6D64	49 B 783 B	1222ms 1222ms	XHR application/json	2a00:1450:400c:c0a::54 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fauth.crisaxscreen.com&client_id=294264489735-kjrkmq6mg0ekipfr35iki1faffdpcrgr.apps.googleusercontent.com Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.Nj61shhUpUY.es5.O/am=wA/d=1/rs=AOaEmlHdAL7LdOzg01Y1eizN1A77s2BNqg/m=base Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0b233ef74e66bceb574d4c8ea432703b8bbdfbc6e5d0e5f6c14cf191799d63c7 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-blc8fR-U7nE6oZMPnWAW9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://accounts.google.com/o/oauth2/iframe X-Requested-With XmlHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 20:29:19 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-blc8fR-U7nE6oZMPnWAW9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist content-encoding gzip cross-origin-embedder-policy require-corp p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy same-site alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/IdpIFrameHttp/web-reports?context=eJzjstHikmJw0pBiePflJRPP15dMEkCsAcTbfTxY-NZNZ1UBYt3101lDgdgpfQZrEBD71M9gjQFiIR6O-Rt2rGcTuHHn4k5mABjQHK4" accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin content-type application/json; charset=utf-8 cache-control private, max-age=3600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Sun, 10 Mar 2024 20:29:19 GMT

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| gapi object| ___jsl object| gadgets object| osapi object| oauth2 object| shindig object| googleapis object| iframer object| __gapi_jstiming__ function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.auth.crisaxscreen.com/	1970-01-21 04:37:42	Name: G_ENABLED_IDPS Value: google
			.google.com/	1970-01-20 23:25:13	Name: NID Value: 512=ZyWU4txf0MpfeVzd-xIbSfQnlDztc1IKbPWfDNv_n4uh6t1GHlsO_8sh6H2vWO3hgBwe_1OLm1-oNnTNgdyxqd6G2NMWTjTZfYoO_vQYOtrfS10-vGRjJXd5ADIfSXrGUVJ5uuMPGqbtUWXNlv3QNyVFKu46Vdb-MTv3Osd-XPE

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.pt_BR.l4Bv_WkVC6g.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOuH5S2uqmF6E8zOW7n3yiqiwhzNQ/cb=gapi.loaded_0(Line 278) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://authapi.liveviewsign.com/user/refresh-token Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
other	warning	URL: https://auth.crisaxscreen.com/account/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
auth.crisaxscreen.com
authapi.liveviewsign.com
cdn.jsdelivr.net
cms.liveviewsign.com
digisign24.s3.ap-south-1.amazonaws.com
netdna.bootstrapcdn.com
www.gstatic.com
18.188.147.242
193.46.198.174
2606:4700::6810:5814
2606:4700::6812:bcf
2a00:1450:4001:802::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c0a::54
52.219.158.154
0b233ef74e66bceb574d4c8ea432703b8bbdfbc6e5d0e5f6c14cf191799d63c7
0eece9b6271952774486ae6be4f1cf5111467db96c03fbb4ced412b37aab1c0e
11c953e97d723ec520327de478777e71682abf11c7e2ffda6d241f9358140b5e
15cf115965aa997f90860b110a918193cd3f2ed834b88c9ca5ce185c3141e96c
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3db5d68d219771d207f5e0d2dc2f531f8c70b4e5617c79e66f47c041037b0378
4ec0bf8262b35be3b7623aa4272d537739738377a02f3089130e2a67b593d28d
6020a5583c2b3017b5a133ceecec82c3dce1140377cbbbacb236ef622127d702
759f737554a1396eaa8830d8d56e3c111a38d02cab076f6a17694124ee712838
7c4aa0e8e67866028bfe07f9c3a4faf572c33879c9f6ef734b603e6b3cf1d042
7e597c36f0d05d3035a12fdcd4df63731d59f0b3c6bd77360422f5aab231a9ec
8a23e2fbaeba708b0c52362cfa0381d1856d5d83ffb5fd746774f22a1220dd6a
a517af4e3c0453f0daea32ef1dffa261bfa675d1070d9c2f9fbe1bea31a301f3
c56fcf3bc21cb1babfcb458d2bbde58f8e830e06776119b0b6496a308a22fe69
d210709f5f638e192d493f1d872b07587b89a17e289826657c1801039b82bdf2
ecf38a12996cc7a945862214319ffec603c28a6b3fb1cc08099ab50d58982d9f
f643d6fe7e679f9de3e16311600c5ef5cd6b098f7a3a8828fcc29255d2b33e62