urlscan.io logo urlscan.io
SecurityTrails logo

api-dev.legitid.org Open in urlscan Pro
43.249.113.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://loyalty-dev.legitid.org/
Effective URL: https://api-dev.legitid.org/auth/realms/Avesta/protocol/openid-connect/auth?client_id=CRM&redirect_uri=https%3A%2F%2Floyalty...
Submission: On November 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 22 HTTP transactions. The main IP is 43.249.113.6, located in Bangkok, Thailand and belongs to UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH. The main domain is api-dev.legitid.org.
TLS certificate: Issued by R10 on September 21st 2024. Valid for: 3 months.
This is the only time api-dev.legitid.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 43.249.113.6 132838 (UIH-RBL-A...)
1 142.250.176.195 15169 (GOOGLE)
22 2
Apex Domain
Subdomains		 Transfer
21 legitid.org
loyalty-dev.legitid.org
api-dev.legitid.org
2 MB
1 gstatic.com
fonts.gstatic.com
32 KB
22 2
Domain Requested by
14 api-dev.legitid.org loyalty-dev.legitid.org
api-dev.legitid.org
7 loyalty-dev.legitid.org loyalty-dev.legitid.org
1 fonts.gstatic.com loyalty-dev.legitid.org
22 3

This site contains no links.

Subject Issuer Validity Valid
loyalty-dev.legitid.org
R10		 2024-11-06 -
2025-02-04		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
api-dev.legitid.org
R10		 2024-09-21 -
2024-12-20		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://api-dev.legitid.org/auth/realms/Avesta/protocol/openid-connect/auth?client_id=CRM&redirect_uri=https%3A%2F%2Floyalty-dev.legitid.org%2F&state=493626a3-5161-4819-86bb-c35ecdc311e6&response_mode=fragment&response_type=code&scope=openid&nonce=e3908571-0b49-4e4e-8954-abc337f587fc
Frame ID: C4D2CC56EE2AAF139D2D265C4C98083A
Requests: 21 HTTP requests in this frame

Frame: https://api-dev.legitid.org/auth/realms/Avesta/protocol/openid-connect/3p-cookies/step1.html
Frame ID: AA09B299D0BEB2A5D8445BCB32D8477F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to Avesta

Page URL History Show full URLs

  1. https://loyalty-dev.legitid.org/ Page URL
  2. https://api-dev.legitid.org/auth/realms/Avesta/protocol/openid-connect/auth?client_id=CRM&redirect_uri=h... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

2294 kB
Transfer

4307 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://loyalty-dev.legitid.org/ Page URL
  2. https://api-dev.legitid.org/auth/realms/Avesta/protocol/openid-connect/auth?client_id=CRM&redirect_uri=https%3A%2F%2Floyalty-dev.legitid.org%2F&state=493626a3-5161-4819-86bb-c35ecdc311e6&response_mode=fragment&response_type=code&scope=openid&nonce=e3908571-0b49-4e4e-8954-abc337f587fc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
loyalty-dev.legitid.org/ 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://loyalty-dev.legitid.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cea6685f984f73f87883a47695ba1a255157ac103ced0b4a45fe19f481a5b878

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 07 Nov 2024 01:05:20 GMT
ETag
W/"672b2f6f-4e28"
Last-Modified
Wed, 06 Nov 2024 08:57:19 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
runtime.4e77259b5c64c57c.js
loyalty-dev.legitid.org/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loyalty-dev.legitid.org/runtime.4e77259b5c64c57c.js
Requested by
Host: loyalty-dev.legitid.org
URL: https://loyalty-dev.legitid.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
51407cbdd157740aa8fbf19c1c60e3e0f3d6d7218c165a3c4f92f96174eae262

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://loyalty-dev.legitid.org
Referer
https://loyalty-dev.legitid.org/

Response headers

ETag
"672b2f6f-b31"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2865
Date
Thu, 07 Nov 2024 01:05:21 GMT
Content-Type
application/javascript
Last-Modified
Wed, 06 Nov 2024 08:57:19 GMT
Server
nginx/1.18.0 (Ubuntu)
polyfills.48032dd0403ca3fa.js
loyalty-dev.legitid.org/ 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loyalty-dev.legitid.org/polyfills.48032dd0403ca3fa.js
Requested by
Host: loyalty-dev.legitid.org
URL: https://loyalty-dev.legitid.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1a6c1892b736a2d6ffbdd7fca431be0583e40f2f6bcd6a2cc6fca4ca3371c9f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://loyalty-dev.legitid.org
Referer
https://loyalty-dev.legitid.org/

Response headers

ETag
"672b2f6f-845a"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33882
Date
Thu, 07 Nov 2024 01:05:21 GMT
Content-Type
application/javascript
Last-Modified
Wed, 06 Nov 2024 08:57:19 GMT
Server
nginx/1.18.0 (Ubuntu)
main.f2182f977a8f6b19.js
loyalty-dev.legitid.org/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://loyalty-dev.legitid.org/main.f2182f977a8f6b19.js
Requested by
Host: loyalty-dev.legitid.org
URL: https://loyalty-dev.legitid.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
98c86034b9cd92c7bc717d6cd679b5d41342e3446d11c08b960a7119b64e6e9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://loyalty-dev.legitid.org
Referer
https://loyalty-dev.legitid.org/

Response headers

ETag
"672b2f6f-13847e"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1279102
Date
Thu, 07 Nov 2024 01:05:21 GMT
Content-Type
application/javascript
Last-Modified
Wed, 06 Nov 2024 08:57:19 GMT
Server
nginx/1.18.0 (Ubuntu)
styles.0818500b14f15f37.css
loyalty-dev.legitid.org/ 		478 KB
479 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://loyalty-dev.legitid.org/styles.0818500b14f15f37.css
Requested by
Host: loyalty-dev.legitid.org
URL: https://loyalty-dev.legitid.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fef58ec9f777b7bffeaae96a37596207c7282057ba92f5bd9461b9aacbf414b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://loyalty-dev.legitid.org/

Response headers

ETag
"672b2f6f-77971"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
489841
Date
Thu, 07 Nov 2024 01:05:21 GMT
Content-Type
text/css
Last-Modified
Wed, 06 Nov 2024 08:57:19 GMT
Server
nginx/1.18.0 (Ubuntu)
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: loyalty-dev.legitid.org
URL: https://loyalty-dev.legitid.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f3.1e100.net
Software
sffe /
Resource Hash
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://loyalty-dev.legitid.org
Referer
https://loyalty-dev.legitid.org/

Response headers

age
536845
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 31 Oct 2025 19:57:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 19:57:56 GMT
last-modified
Wed, 13 Sep 2023 22:39:50 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33148
x-xss-protection
0
server
sffe
styles.0818500b14f15f37.css
loyalty-dev.legitid.org/ 		478 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://loyalty-dev.legitid.org/styles.0818500b14f15f37.css
Requested by
Host: loyalty-dev.legitid.org
URL: https://loyalty-dev.legitid.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fef58ec9f777b7bffeaae96a37596207c7282057ba92f5bd9461b9aacbf414b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://loyalty-dev.legitid.org/

Response headers

Accept-Ranges
bytes
Content-Length
489841
Date
Thu, 07 Nov 2024 01:05:21 GMT
ETag
"672b2f6f-77971"
Content-Type
text/css
Last-Modified
Wed, 06 Nov 2024 08:57:19 GMT
Server
nginx/1.18.0 (Ubuntu)
step1.html
api-dev.legitid.org/auth/realms/Avesta/protocol/openid-connect/3p-cookies/ Frame AA09 		757 B
936 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api-dev.legitid.org/auth/realms/Avesta/protocol/openid-connect/3p-cookies/step1.html
Requested by
Host: loyalty-dev.legitid.org
URL: https://loyalty-dev.legitid.org/main.f2182f977a8f6b19.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://loyalty-dev.legitid.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, must-revalidate, no-transform, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
frame-src 'self'; object-src 'none';
Content-Type
text/html;charset=utf-8
Date
Thu, 07 Nov 2024 01:05:24 GMT
P3P
CP="This is not a P3P policy!"
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
Primary Request auth
api-dev.legitid.org/auth/realms/Avesta/protocol/openid-connect/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api-dev.legitid.org/auth/realms/Avesta/protocol/openid-connect/auth?client_id=CRM&redirect_uri=https%3A%2F%2Floyalty-dev.legitid.org%2F&state=493626a3-5161-4819-86bb-c35ecdc311e6&response_mode=fragment&response_type=code&scope=openid&nonce=e3908571-0b49-4e4e-8954-abc337f587fc
Requested by
Host: loyalty-dev.legitid.org
URL: https://loyalty-dev.legitid.org/main.f2182f977a8f6b19.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a0671a805058ba38b074bf3747ad9c69145e7cbd30d7c26c0fb2eb10cb17aca
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://loyalty-dev.legitid.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Language
en
Content-Security-Policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Content-Type
text/html;charset=utf-8
Date
Thu, 07 Nov 2024 01:05:24 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
package.png
loyalty-dev.legitid.org/assets/logo/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://loyalty-dev.legitid.org/assets/logo/package.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://loyalty-dev.legitid.org/

Response headers

ETag
"672b2f6f-1afe"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6910
Date
Thu, 07 Nov 2024 01:05:24 GMT
Content-Type
image/png
Last-Modified
Wed, 06 Nov 2024 08:57:19 GMT
Server
nginx/1.18.0 (Ubuntu)
base.css
api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 		42 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/web_modules/@patternfly/react-core/dist/styles/base.css
Requested by
Host: api-dev.legitid.org
URL: https://api-dev.legitid.org/auth/realms/Avesta/protocol/openid-connect/auth?client_id=CRM&redirect_uri=https%3A%2F%2Floyalty-dev.legitid.org%2F&state=493626a3-5161-4819-86bb-c35ecdc311e6&response_mode=fragment&response_type=code&scope=openid&nonce=e3908571-0b49-4e4e-8954-abc337f587fc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4891821ebc2db4c531ab849f7ce3231cde07f577c15656d7e0ace02e15f047ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Length
6133
Date
Thu, 07 Nov 2024 01:05:25 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/css;charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
app.css
api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 		1 MB
113 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/web_modules/@patternfly/react-core/dist/styles/app.css
Requested by
Host: api-dev.legitid.org
URL: https://api-dev.legitid.org/auth/realms/Avesta/protocol/openid-connect/auth?client_id=CRM&redirect_uri=https%3A%2F%2Floyalty-dev.legitid.org%2F&state=493626a3-5161-4819-86bb-c35ecdc311e6&response_mode=fragment&response_type=code&scope=openid&nonce=e3908571-0b49-4e4e-8954-abc337f587fc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
68029059006ce6dc8f4233cb57d1f9c021a2f95564f85d7f7c071082eb0cfa0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Date
Thu, 07 Nov 2024 01:05:25 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/css;charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
patternfly.min.css
api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/node_modules/patternfly/dist/css/ 		178 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css
Requested by
Host: api-dev.legitid.org
URL: https://api-dev.legitid.org/auth/realms/Avesta/protocol/openid-connect/auth?client_id=CRM&redirect_uri=https%3A%2F%2Floyalty-dev.legitid.org%2F&state=493626a3-5161-4819-86bb-c35ecdc311e6&response_mode=fragment&response_type=code&scope=openid&nonce=e3908571-0b49-4e4e-8954-abc337f587fc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Date
Thu, 07 Nov 2024 01:05:25 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/css;charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
patternfly-additions.min.css
api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/node_modules/patternfly/dist/css/ 		220 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/node_modules/patternfly/dist/css/patternfly-additions.min.css
Requested by
Host: api-dev.legitid.org
URL: https://api-dev.legitid.org/auth/realms/Avesta/protocol/openid-connect/auth?client_id=CRM&redirect_uri=https%3A%2F%2Floyalty-dev.legitid.org%2F&state=493626a3-5161-4819-86bb-c35ecdc311e6&response_mode=fragment&response_type=code&scope=openid&nonce=e3908571-0b49-4e4e-8954-abc337f587fc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Date
Thu, 07 Nov 2024 01:05:25 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/css;charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
pficon.css
api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/lib/pficon/ 		577 B
709 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/lib/pficon/pficon.css
Requested by
Host: api-dev.legitid.org
URL: https://api-dev.legitid.org/auth/realms/Avesta/protocol/openid-connect/auth?client_id=CRM&redirect_uri=https%3A%2F%2Floyalty-dev.legitid.org%2F&state=493626a3-5161-4819-86bb-c35ecdc311e6&response_mode=fragment&response_type=code&scope=openid&nonce=e3908571-0b49-4e4e-8954-abc337f587fc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Length
323
Date
Thu, 07 Nov 2024 01:05:25 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/css;charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
login.css
api-dev.legitid.org/auth/resources/dmyzk/login/keycloak/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api-dev.legitid.org/auth/resources/dmyzk/login/keycloak/css/login.css
Requested by
Host: api-dev.legitid.org
URL: https://api-dev.legitid.org/auth/realms/Avesta/protocol/openid-connect/auth?client_id=CRM&redirect_uri=https%3A%2F%2Floyalty-dev.legitid.org%2F&state=493626a3-5161-4819-86bb-c35ecdc311e6&response_mode=fragment&response_type=code&scope=openid&nonce=e3908571-0b49-4e4e-8954-abc337f587fc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3b1bb09f65428eb08efc361c2dbc05b3993a8b1cc2f3301e1a15c3f4523d31c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Length
2714
Date
Thu, 07 Nov 2024 01:05:25 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/css;charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
keycloak-bg.png
api-dev.legitid.org/auth/resources/dmyzk/login/keycloak/img/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-dev.legitid.org/auth/resources/dmyzk/login/keycloak/img/keycloak-bg.png
Requested by
Host: api-dev.legitid.org
URL: https://api-dev.legitid.org/auth/resources/dmyzk/login/keycloak/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0825175291be11f7689e8718295e422bb6fa4f8fefccc5610292b720c701ac4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Date
Thu, 07 Nov 2024 01:05:26 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/png
Server
nginx/1.18.0 (Ubuntu)
keycloak-logo-text.png
api-dev.legitid.org/auth/resources/dmyzk/login/keycloak/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-dev.legitid.org/auth/resources/dmyzk/login/keycloak/img/keycloak-logo-text.png
Requested by
Host: api-dev.legitid.org
URL: https://api-dev.legitid.org/auth/resources/dmyzk/login/keycloak/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f23fc071f436807ccaf23fe847ccd7467c4d8c4f9f31207924128dafdf13497d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Date
Thu, 07 Nov 2024 01:05:26 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/png
Server
nginx/1.18.0 (Ubuntu)
OpenSans-Regular-webfont.woff2
api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/node_modules/patternfly/dist/fonts/ 		61 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Regular-webfont.woff2
Requested by
Host: api-dev.legitid.org
URL: https://api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://api-dev.legitid.org
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Date
Thu, 07 Nov 2024 01:05:26 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/octet-stream
Server
nginx/1.18.0 (Ubuntu)
fontawesome-webfont.woff2
api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/node_modules/patternfly/dist/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/node_modules/patternfly/dist/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: api-dev.legitid.org
URL: https://api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://api-dev.legitid.org
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Date
Thu, 07 Nov 2024 01:05:26 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/octet-stream
Server
nginx/1.18.0 (Ubuntu)
OpenSans-Light-webfont.woff2
api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/node_modules/patternfly/dist/fonts/ 		62 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Light-webfont.woff2
Requested by
Host: api-dev.legitid.org
URL: https://api-dev.legitid.org/auth/resources/dmyzk/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://api-dev.legitid.org
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Date
Thu, 07 Nov 2024 01:05:26 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/octet-stream
Server
nginx/1.18.0 (Ubuntu)
favicon.ico
api-dev.legitid.org/auth/resources/dmyzk/login/keycloak/img/ 		627 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://api-dev.legitid.org/auth/resources/dmyzk/login/keycloak/img/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.249.113.6 Bangkok, Thailand, ASN132838 (UIH-RBL-AS-AP United Information Highway Co.,Ltd., TH),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
47dcf1f1a8f1afd68297a294a263849069a7a62b2e86550241416c2cc56c5676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Length
650
Date
Thu, 07 Nov 2024 01:05:26 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/octet-stream
Server
nginx/1.18.0 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
api-dev.legitid.org/auth/realms/Avesta/ Name: AUTH_SESSION_ID
Value: 17594419-11aa-4a8b-b2a8-0123cd1d34fe.97fa827a250d
api-dev.legitid.org/auth/realms/Avesta/ Name: AUTH_SESSION_ID_LEGACY
Value: 17594419-11aa-4a8b-b2a8-0123cd1d34fe.97fa827a250d
api-dev.legitid.org/auth/realms/Avesta/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIzYmY1MzM0Zi1lODY0LTRkZjktOWFjYS0xNjMyNWJlN2M2OGEifQ.eyJjaWQiOiJDUk0iLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL2xveWFsdHktZGV2LmxlZ2l0aWQub3JnLyIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7InNjb3BlIjoib3BlbmlkIiwiaXNzIjoiaHR0cHM6Ly9hcGktZGV2LmxlZ2l0aWQub3JnL2F1dGgvcmVhbG1zL0F2ZXN0YSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9sb3lhbHR5LWRldi5sZWdpdGlkLm9yZy8iLCJzdGF0ZSI6IjQ5MzYyNmEzLTUxNjEtNDgxOS04NmJiLWMzNWVjZGMzMTFlNiIsIm5vbmNlIjoiZTM5MDg1NzEtMGI0OS00ZTRlLTg5NTQtYWJjMzM3ZjU4N2ZjIiwicmVzcG9uc2VfbW9kZSI6ImZyYWdtZW50In19.XVceiGT1AIUro144nbbPlp0mryT76EF2GH5M8Sozv3Q

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-dev.legitid.org
fonts.gstatic.com
loyalty-dev.legitid.org
142.250.176.195
43.249.113.6
0825175291be11f7689e8718295e422bb6fa4f8fefccc5610292b720c701ac4e
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
1a6c1892b736a2d6ffbdd7fca431be0583e40f2f6bcd6a2cc6fca4ca3371c9f4
2a0671a805058ba38b074bf3747ad9c69145e7cbd30d7c26c0fb2eb10cb17aca
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82
3b1bb09f65428eb08efc361c2dbc05b3993a8b1cc2f3301e1a15c3f4523d31c1
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
47dcf1f1a8f1afd68297a294a263849069a7a62b2e86550241416c2cc56c5676
4891821ebc2db4c531ab849f7ce3231cde07f577c15656d7e0ace02e15f047ed
51407cbdd157740aa8fbf19c1c60e3e0f3d6d7218c165a3c4f92f96174eae262
68029059006ce6dc8f4233cb57d1f9c021a2f95564f85d7f7c071082eb0cfa0e
81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd
98c86034b9cd92c7bc717d6cd679b5d41342e3446d11c08b960a7119b64e6e9a
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
cea6685f984f73f87883a47695ba1a255157ac103ced0b4a45fe19f481a5b878
f23fc071f436807ccaf23fe847ccd7467c4d8c4f9f31207924128dafdf13497d
fef58ec9f777b7bffeaae96a37596207c7282057ba92f5bd9461b9aacbf414b3