erp2.bss.biz Open in urlscan Pro
84.16.245.53 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9
Effective URL:
https://erp2.bss.biz/sso/Account/Login?ReturnUrl=%2Fsso%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D960861C5-1B8A-...
Submission: On August 19 via manual (August 19th 2024, 6:57:01 am UTC) from BG — Scanned from DE

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 37 HTTP transactions. The main IP is 84.16.245.53, located in Unterföhring, Germany and belongs to LEASEWEB-DE-FRA-10, DE. The main domain is erp2.bss.biz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 31st 2023. Valid for: a year.

This is the only time erp2.bss.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 37	84.16.245.53 84.16.245.53		28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
37	2

37 84.16.245.53 (Unterföhring, Germany) 1 redirects

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com

erp2.bss.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	bss.biz 1 redirects erp2.bss.biz	2 MB
0	Failed function sub() { [native code] }. Failed
37	2

	Domain	Requested by
37	erp2.bss.biz	1 redirects erp2.bss.biz
0	localhost Failed	erp2.bss.biz
37	2

This site contains no links.

Subject Issuer	Validity	Valid
*.bss.biz Sectigo RSA Domain Validation Secure Server CA	`2023-07-31` - `2024-08-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://erp2.bss.biz/sso/Account/Login?ReturnUrl=%2Fsso%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D960861C5-1B8A-4FEC-B6D7-786D65B740C0%26scope%3Dopenid%2520profile%2520roles%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Ferp2.bss.biz%252Fportalas%252Fauth-callback%26code_challenge_method%3DS256%26code_challenge%3DZrtAlu96zkqGVGt8wUezyTNPrIwKnJ8BkgQYo7FW7GY%26env%3D2391
Frame ID: 37371DAB4CF28A8586459798BB283BFD
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BSS IT

Page URL History Show full URLs

https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9 Page URL
https://erp2.bss.biz/sso/connect/authorize?client_id=960861C5-1B8A-4FEC-B6D7-786D65B740C0&scope=o... HTTP 302
https://erp2.bss.biz/sso/Account/Login?ReturnUrl=%2Fsso%2Fconnect%2Fauthorize%2Fcallback%3Fclient... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

97 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

2437 kB
Transfer

6746 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9 Page URL
https://erp2.bss.biz/sso/connect/authorize?client_id=960861C5-1B8A-4FEC-B6D7-786D65B740C0&scope=openid%20profile%20roles&response_type=code&redirect_uri=https://erp2.bss.biz/portalas/auth-callback&code_challenge_method=S256&code_challenge=ZrtAlu96zkqGVGt8wUezyTNPrIwKnJ8BkgQYo7FW7GY&env=2391 HTTP 302
https://erp2.bss.biz/sso/Account/Login?ReturnUrl=%2Fsso%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D960861C5-1B8A-4FEC-B6D7-786D65B740C0%26scope%3Dopenid%2520profile%2520roles%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Ferp2.bss.biz%252Fportalas%252Fauth-callback%26code_challenge_method%3DS256%26code_challenge%3DZrtAlu96zkqGVGt8wUezyTNPrIwKnJ8BkgQYo7FW7GY%26env%3D2391 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 32347 Show response
erp2.bss.biz/portalas/documents/profile/ 7 KB
3 KB 49ms
15ms Document
text/html 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

518047c10a8f10ce82a81a382ba3e1943bdd36ade8258b0d767a1f7ba4b59516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 2534
content-type: text/html
date: Mon, 19 Aug 2024 06:56:55 GMT
etag: "806411ab3ee4da1:0"
expires: 0
last-modified: Thu, 01 Aug 2024 18:14:37 GMT
server
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 runtime.b439df0fdcb0e6a2.js Show response
erp2.bss.biz/portalas/ 3 KB
2 KB 9ms
7ms Script
application/javascript 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/portalas/runtime.b439df0fdcb0e6a2.js

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

a53771f0cdb85fe255853909bbc980400c9481e7d2fadeff082f939752cb5a75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9
Origin: https://erp2.bss.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 06:56:55 GMT
last-modified: Thu, 01 Aug 2024 18:14:38 GMT
server
etag: "0fba9ab3ee4da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private, must-revalidate, max-age=604800, stale-while-revalidate=3600
accept-ranges: bytes
content-length: 1877
x-xss-protection: 1; mode=block

GET
H2 200 polyfills.e7c1f436ad39ce07.js Show response
erp2.bss.biz/portalas/ 73 KB
23 KB 10ms
9ms Script
application/javascript 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/portalas/polyfills.e7c1f436ad39ce07.js

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

7bcb8f87511d43305f93fd43efd99bc6a1132e6bed048a1f18a58f063866bb77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9
Origin: https://erp2.bss.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 06:56:55 GMT
last-modified: Thu, 01 Aug 2024 18:14:38 GMT
server
etag: "0fba9ab3ee4da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private, must-revalidate, max-age=604800, stale-while-revalidate=3600
accept-ranges: bytes
content-length: 23788
x-xss-protection: 1; mode=block

GET
H2 200 scripts.384460e09770ecc4.js Show response
erp2.bss.biz/portalas/ 354 KB
73 KB 20ms
19ms Script
application/javascript 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/portalas/scripts.384460e09770ecc4.js

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

409babd66534803a0ef5352df2c6cc64f865fc4cf304389867fd65eaca221282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 06:56:55 GMT
last-modified: Thu, 01 Aug 2024 18:14:38 GMT
server
etag: "0fba9ab3ee4da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private, must-revalidate, max-age=604800, stale-while-revalidate=3600
accept-ranges: bytes
content-length: 75096
x-xss-protection: 1; mode=block

GET
H2 200 main.c699a4f0d57f3021.js Show response
erp2.bss.biz/portalas/ 3 MB
672 KB 15ms
15ms Script
application/javascript 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/portalas/main.c699a4f0d57f3021.js

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

38013d3208825e6b1544c10702543eb3ddd1e9cc48053f8d44f446c526b381ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9
Origin: https://erp2.bss.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 06:56:55 GMT
last-modified: Thu, 01 Aug 2024 18:14:37 GMT
server
etag: "806411ab3ee4da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private, must-revalidate, max-age=604800, stale-while-revalidate=3600
accept-ranges: bytes
content-length: 687921
x-xss-protection: 1; mode=block

GET
H2 200 styles.7fa407775a70fb49.css
erp2.bss.biz/portalas/ 599 KB
57 KB 28ms
28ms Stylesheet
text/css 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/portalas/styles.7fa407775a70fb49.css

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

08a362ebe1a542499a14e99be3a86e3b0582218b9e61228228a531cf23fbc1cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 06:56:55 GMT
last-modified: Thu, 01 Aug 2024 18:14:38 GMT
server
etag: "0fba9ab3ee4da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: private, must-revalidate, max-age=604800, stale-while-revalidate=3600
accept-ranges: bytes
content-length: 58775
x-xss-protection: 1; mode=block

GET
H2 200 app.settings.json Show response
erp2.bss.biz/portalas/settings/ 4 KB
4 KB 7ms
7ms Fetch
application/json 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/portalas/settings/app.settings.json

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/portalas/polyfills.e7c1f436ad39ce07.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

a8205afe78c0c72045fed7ab56e5e83a02df4c18b51d57280abf361e9468d3dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 19 Aug 2024 06:56:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Aug 2024 18:14:39 GMT
server
etag: "e4bc59ac3ee4da1:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 3630
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 core.settings.json Show response
erp2.bss.biz/portalas/settings/ 241 B
300 B 7ms
7ms Fetch
application/json 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/portalas/settings/core.settings.json

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/portalas/polyfills.e7c1f436ad39ce07.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

d6f945f2a06ebf9b287d78ee85e941003c235386f8cc49a1762b5714fe66f771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 19 Aug 2024 06:56:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Aug 2024 18:14:38 GMT
server
etag: "f3715ac3ee4da1:0"
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 241
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 favicon.ico
erp2.bss.biz/portalas/ 15 KB
15 KB 7ms
7ms Other
image/x-icon 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/portalas/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

fda0496ec333312e9c1890e933f53d61a91a52945b18edb1817a4df63d37a968

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 19 Aug 2024 06:56:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Aug 2024 18:14:36 GMT
server
etag: "9563b7aa3ee4da1:0"
x-frame-options: SAMEORIGIN
content-type: image/x-icon
cache-control: private, must-revalidate, max-age=604800, stale-while-revalidate=3600
accept-ranges: bytes
content-length: 15086
x-xss-protection: 1; mode=block

GET
H2 401 auth Show response
erp2.bss.biz/customer-portal-middleware/api/ 0
43 B 8ms
8ms XHR
application/text 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/customer-portal-middleware/api/auth

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/portalas/polyfills.e7c1f436ad39ce07.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 19 Aug 2024 06:56:55 GMT
x-content-type-options: nosniff
server
x-frame-options: SAMEORIGIN
content-type: application/text
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 settings Show response
erp2.bss.biz/customer-portal-middleware/api/auth/identityServer/ 156 B
216 B 38ms
37ms XHR
application/json 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/customer-portal-middleware/api/auth/identityServer/settings

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/portalas/polyfills.e7c1f436ad39ce07.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

0807f3c38205c57f4f42a57a6f71d29391f6c50e7e0d524428ddec8476c48d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 19 Aug 2024 06:56:55 GMT
x-content-type-options: nosniff
server
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 401 auth Show response
erp2.bss.biz/customer-portal-middleware/api/ 0
28 B 8ms
7ms XHR
application/text 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/customer-portal-middleware/api/auth

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/portalas/polyfills.e7c1f436ad39ce07.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 19 Aug 2024 06:56:55 GMT
x-content-type-options: nosniff
server
x-frame-options: SAMEORIGIN
content-type: application/text
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 604.b26a540d68639bd0.js Show response
erp2.bss.biz/portalas/ 493 KB
133 KB 8ms
7ms Script
application/javascript 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/portalas/604.b26a540d68639bd0.js

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/portalas/runtime.b439df0fdcb0e6a2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

e9125f12afe47aa5d27984bf77315c3d79f8eb0808468d73508f73b1eb5ca0c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9
Origin: https://erp2.bss.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 06:56:55 GMT
last-modified: Thu, 01 Aug 2024 18:14:36 GMT
server
etag: "0ce78aa3ee4da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private, must-revalidate, max-age=604800, stale-while-revalidate=3600
accept-ranges: bytes
content-length: 135685
x-xss-protection: 1; mode=block

GET
H2 200 common.03100bd5fd509305.js Show response
erp2.bss.biz/portalas/ 7 KB
3 KB 9ms
9ms Script
application/javascript 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/portalas/common.03100bd5fd509305.js

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/portalas/runtime.b439df0fdcb0e6a2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

2558f154dffc6966417b20c6e095b70ac4adbd85f490b7071ec7f95d2804973f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9
Origin: https://erp2.bss.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 06:56:55 GMT
last-modified: Thu, 01 Aug 2024 18:14:36 GMT
server
etag: "0ce78aa3ee4da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private, must-revalidate, max-age=604800, stale-while-revalidate=3600
accept-ranges: bytes
content-length: 2590
x-xss-protection: 1; mode=block

GET
H2 200 177.e02b119c81816a41.js Show response
erp2.bss.biz/portalas/ 686 KB
142 KB 10ms
10ms Script
application/javascript 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/portalas/177.e02b119c81816a41.js

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/portalas/runtime.b439df0fdcb0e6a2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

618d73bb4e8f246b918d410e3c4fc354f35bb1a5622d1d3c3799b7ee01e59c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9
Origin: https://erp2.bss.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 06:56:55 GMT
last-modified: Thu, 01 Aug 2024 18:14:36 GMT
server
etag: "0ce78aa3ee4da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private, must-revalidate, max-age=604800, stale-while-revalidate=3600
accept-ranges: bytes
content-length: 144966
x-xss-protection: 1; mode=block

GET
H2 200 52.b2f61432d0cd2016.js Show response
erp2.bss.biz/portalas/ 39 KB
8 KB 23ms
22ms Script
application/javascript 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/portalas/52.b2f61432d0cd2016.js

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/portalas/runtime.b439df0fdcb0e6a2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

1aaee369bda5996aa28bdd5f783b7fb7b1e48dc95038df8bcac78a4d54ac3828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9
Origin: https://erp2.bss.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 06:56:55 GMT
last-modified: Thu, 01 Aug 2024 18:14:36 GMT
server
etag: "0ce78aa3ee4da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private, must-revalidate, max-age=604800, stale-while-revalidate=3600
accept-ranges: bytes
content-length: 7977
x-xss-protection: 1; mode=block

POST
H2 200 url
erp2.bss.biz/customer-portal-middleware/api/auth/sso/ 352 B
434 B 26ms
24ms XHR
application/json 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/customer-portal-middleware/api/auth/sso/url

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/portalas/polyfills.e7c1f436ad39ce07.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://erp2.bss.biz/portalas/documents/profile/32347?opts=eyJlbnYiOjIzOTF9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 19 Aug 2024 06:56:55 GMT
x-content-type-options: nosniff
server
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://erp2.bss.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

Primary Request Login Show response
erp2.bss.biz/sso/Account/
Redirect Chain

https://erp2.bss.biz/sso/connect/authorize?client_id=960861C5-1B8A-4FEC-B6D7-786D65B740C0&scope=openid%20profile%20roles&response_type=code&redirect_uri=https://erp2.bss.biz/portalas/auth-callback&...
https://erp2.bss.biz/sso/Account/Login?ReturnUrl=%2Fsso%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D960861C5-1B8A-4FEC-B6D7-786D65B740C0%26scope%3Dopenid%2520profile%2520roles%26response_type%3D...

10 KB
3 KB

12ms
12ms

Document
text/html

84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/sso/Account/Login?ReturnUrl=%2Fsso%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D960861C5-1B8A-4FEC-B6D7-786D65B740C0%26scope%3Dopenid%2520profile%2520roles%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Ferp2.bss.biz%252Fportalas%252Fauth-callback%26code_challenge_method%3DS256%26code_challenge%3DZrtAlu96zkqGVGt8wUezyTNPrIwKnJ8BkgQYo7FW7GY%26env%3D2391

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/portalas/main.c699a4f0d57f3021.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

efd5b2d6e5e67c925827d3194e1ccd818969f9cdfcd2ee38ccdc05b5d5051521

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-cache,no-store
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
content-type: text/html; charset=utf-8
date: Mon, 19 Aug 2024 06:56:55 GMT
expires: -1
pragma: no-cache
referrer-policy: no-referrer
server
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
date: Mon, 19 Aug 2024 06:56:55 GMT
location: https://erp2.bss.biz/sso/Account/Login?ReturnUrl=%2Fsso%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D960861C5-1B8A-4FEC-B6D7-786D65B740C0%26scope%3Dopenid%2520profile%2520roles%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Ferp2.bss.biz%252Fportalas%252Fauth-callback%26code_challenge_method%3DS256%26code_challenge%3DZrtAlu96zkqGVGt8wUezyTNPrIwKnJ8BkgQYo7FW7GY%26env%3D2391
referrer-policy: no-referrer
server
strict-transport-security: max-age=31536000; includeSubDomains
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 site.css
erp2.bss.biz/sso/css/ 16 KB
5 KB 12ms
11ms Stylesheet
text/css 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/sso/css/site.css?v2

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/sso/Account/Login?ReturnUrl=%2Fsso%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D960861C5-1B8A-4FEC-B6D7-786D65B740C0%26scope%3Dopenid%2520profile%2520roles%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Ferp2.bss.biz%252Fportalas%252Fauth-callback%26code_challenge_method%3DS256%26code_challenge%3DZrtAlu96zkqGVGt8wUezyTNPrIwKnJ8BkgQYo7FW7GY%26env%3D2391

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

c01bd1b0a44dcf2d9c30063c215cac4e87f14da3d739dbb8f27a872377b625d0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 10 Jul 2024 18:46:14 GMT
server
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
etag: "1dad2f970ae5e61"
date: Mon, 19 Aug 2024 06:56:55 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';

GET
H2 200 select.css
erp2.bss.biz/sso/css/ 3 KB
1 KB 11ms
10ms Stylesheet
text/css 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/sso/css/select.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

f0a213e6980d426c9fe658de86ad2a994782d024bda4e944f739dbf81407db11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 10 Jul 2024 18:46:14 GMT
server
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
etag: "1dad2f970ae1390"
date: Mon, 19 Aug 2024 06:56:55 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';

GET
H2 200 dropdown-down-icon.svg
erp2.bss.biz/sso/images/icons/ 172 B
231 B 10ms
10ms Image
image/svg+xml 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://erp2.bss.biz/sso/images/icons/dropdown-down-icon.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

1f4b5e601b843b3f02d985275666f03cde39e5780821def997d8e2b6e0e97009

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 10 Jul 2024 18:46:14 GMT
server
date: Mon, 19 Aug 2024 06:56:55 GMT
etag: "1dad2f970ae1fac"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 172
x-xss-protection: 1; mode=block
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';

GET
H2 200 visibility-off.svg
erp2.bss.biz/sso/images/icons/ 756 B
856 B 9ms
9ms Image
image/svg+xml 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://erp2.bss.biz/sso/images/icons/visibility-off.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

0bd5b08a23761a956e4d9c9c0606cf2702baca4108518ef08ff53574d9b75fb6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 10 Jul 2024 18:46:14 GMT
server
date: Mon, 19 Aug 2024 06:56:55 GMT
etag: "1dad2f970ae1df4"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 756
x-xss-protection: 1; mode=block
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';

GET
H2 200 visibility-on.svg
erp2.bss.biz/sso/images/icons/ 427 B
487 B 14ms
14ms Image
image/svg+xml 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://erp2.bss.biz/sso/images/icons/visibility-on.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

d2af7cb5d61176e30c6fd40d899f0c5642521fe01856f61369869630b2a58f2f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 10 Jul 2024 18:46:14 GMT
server
date: Mon, 19 Aug 2024 06:56:55 GMT
etag: "1dad2f970ae1eab"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 427
x-xss-protection: 1; mode=block
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';

GET
H2 200 left-arrow-icon.svg
erp2.bss.biz/sso/images/icons/ 199 B
259 B 12ms
12ms Image
image/svg+xml 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://erp2.bss.biz/sso/images/icons/left-arrow-icon.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

b51b6d880c175da33d714482e44de7bb6c06458a7a0e33cb9d2691e6e882bda0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 10 Jul 2024 18:46:14 GMT
server
date: Mon, 19 Aug 2024 06:56:55 GMT
etag: "1dad2f970ae1fc7"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 199
x-xss-protection: 1; mode=block
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';

GET
H2 200 welcome-screen2.png
erp2.bss.biz/sso/images/ 533 KB
534 KB 11ms
9ms Image
image/png 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://erp2.bss.biz/sso/images/welcome-screen2.png?v2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

59ae0fff1252dc26b24d55c2e8ad435370d127127e85a736bd7515602aab0c90

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 10 Jul 2024 18:46:14 GMT
server
date: Mon, 19 Aug 2024 06:56:55 GMT
etag: "1dad2f970a64a54"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 546132
x-xss-protection: 1; mode=block
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';

GET
H2 200 select.js Show response
erp2.bss.biz/sso/js/ 7 KB
2 KB 13ms
11ms Script
application/javascript 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/sso/js/select.js?v=638596582165592715

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

c1b6b4c59bd56ae4659475d5ab10165c9605d6adbab9781f624379437d75ad76

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
date: Mon, 19 Aug 2024 06:56:55 GMT
content-length: 2454
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 10 Jul 2024 18:46:14 GMT
server
etag: "1dad2f970ae02d7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';

GET
H2 200 script.js Show response
erp2.bss.biz/sso/js/ 14 KB
4 KB 17ms
16ms Script
application/javascript 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/sso/js/script.js?v=638596582165592715

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

ec179eb53faab9e763776337451b8440b9a6dc776e11d6c4ae57d4a1a1a11146

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 10 Jul 2024 18:46:14 GMT
server
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
etag: "1dad2f970ae2679"
date: Mon, 19 Aug 2024 06:56:55 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';

GET
H2 200 signalr.min.js Show response
erp2.bss.biz/sso/js/signalr/dist/browser/ 129 KB
35 KB 15ms
14ms Script
application/javascript 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/sso/js/signalr/dist/browser/signalr.min.js?v=638596582165592715

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

876e4c021e69296bdf4ddd694cfeea2e97c7b917c0ef2d9d2840f73f67606551

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 10 Jul 2024 18:46:14 GMT
server
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
etag: "1dad2f970ac1b66"
date: Mon, 19 Aug 2024 06:56:55 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';

GET
H2 200 notifications-client.js Show response
erp2.bss.biz/sso/js/ 1 KB
731 B 12ms
11ms Script
application/javascript 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/sso/js/notifications-client.js?v=638596582165592715

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

5fb1ed7ac21d8c6dea15c45d2085b643084b9fe5bf2dcca088e9aa2687a5225d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
date: Mon, 19 Aug 2024 06:56:55 GMT
content-length: 646
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 10 Jul 2024 18:46:15 GMT
server
etag: "1dad2f97146b115"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';

GET
H2 200 jquery.min.js Show response
erp2.bss.biz/sso/lib/jquery/ 85 KB
38 KB 16ms
15ms Script
application/javascript 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/sso/lib/jquery/jquery.min.js?v=638596582165592715

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

2f56dbf9eea757066622f0f930aff53f4b8f34d5496833e72bead8b2f801ab9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 10 Jul 2024 18:46:14 GMT
server
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
etag: "1dad2f970af4afd"
date: Mon, 19 Aug 2024 06:56:55 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';

GET
H2 200 jquery.signalR.min.js Show response
erp2.bss.biz/sso/lib/signalr.js/ 40 KB
16 KB 16ms
15ms Script
application/javascript 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/sso/lib/signalr.js/jquery.signalR.min.js?v=638596582165592715

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

b1e4d05a0b37b7208e13eb879e1b0180708fbbfe4e7c3630b8e7b851a0a927df

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 10 Jul 2024 18:46:14 GMT
server
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
etag: "1dad2f970ae8058"
date: Mon, 19 Aug 2024 06:56:55 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';

GET
H2 200 rfid-client.js Show response
erp2.bss.biz/sso/js/ 888 B
680 B 12ms
11ms Script
application/javascript 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/sso/js/rfid-client.js?v=638596582165592715

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

6b874e8e0b24ee03c7f1c7101c49692a3976561678ab584839db23d2460bf6f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 10 Jul 2024 18:46:14 GMT
server
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
etag: "1dad2f970ae1c78"
date: Mon, 19 Aug 2024 06:56:55 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';

GET
H2 206 bssdvsanimacija.webm
erp2.bss.biz/sso/videos/ 657 KB
658 KB 40ms
40ms Media
video/webm 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/sso/videos/bssdvsanimacija.webm?v2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

f0e1f4a42fcbe117a3353caf504b0ac994d38530cd42c8e4ec4292c13f0c97e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 10 Jul 2024 18:46:14 GMT
server
date: Mon, 19 Aug 2024 06:56:55 GMT
etag: "1dad2f970a45a4d"
x-frame-options: SAMEORIGIN
content-type: video/webm
Content-Range: bytes 0-673100/673101
accept-ranges: bytes
Content-Length: 673101
x-xss-protection: 1; mode=block
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';

GET
H2 200 bss-logo.svg
erp2.bss.biz/sso/images/ 865 B
925 B 56ms
56ms Image
image/svg+xml 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://erp2.bss.biz/sso/images/bss-logo.svg

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/sso/css/site.css?v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

d385b6a5aa04569f4ad4b13a0915d8e7341c2b9830e918ce5f80d4e292b54ec0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 10 Jul 2024 18:46:14 GMT
server
date: Mon, 19 Aug 2024 06:56:55 GMT
etag: "1dad2f970ae1c61"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 865
x-xss-protection: 1; mode=block
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';

POST
H2 200 negotiate Show response
erp2.bss.biz/notify/ 316 B
466 B 12ms
11ms Fetch
application/json 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/notify/negotiate?negotiateVersion=1

Requested by

Host: erp2.bss.biz
URL: https://erp2.bss.biz/sso/js/signalr/dist/browser/signalr.min.js?v=638596582165592715

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

c3bd39324ec3c653b463e7511b4574e90ee10aa8a54cb5299b2af8115e230340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-SignalR-User-Agent: Microsoft SignalR/5.0 (5.0.8; Unknown OS; Browser; Unknown Runtime Version)
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 19 Aug 2024 06:56:56 GMT
x-content-type-options: nosniff
server
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://erp2.bss.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 316
x-xss-protection: 1; mode=block
expires: 0

GET negotiate
localhost/signalr/ 0
0

GET
H2 200 favicon-16x16.png
erp2.bss.biz/sso/images/ 163 B
690 B 13ms
13ms Other
image/png 84.16.245.53
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://erp2.bss.biz/sso/images/favicon-16x16.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.16.245.53 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

Resource Hash

24d8b3f15e9cc8e0604e175ff673009ac21ef4a4125001fb46436bb58430118f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 10 Jul 2024 18:46:14 GMT
server
date: Mon, 19 Aug 2024 06:56:56 GMT
etag: "1dad2f970ae1fa3"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 163
x-xss-protection: 1; mode=block
x-content-security-policy: default-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; object-src 'self'; frame-ancestors 'self'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; connect-src 'self' wss://localhost:* http://localhost:*; script-src 'self' 'unsafe-inline';

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: localhost
URL: https://localhost:35520/signalr/negotiate?clientProtocol=2.1&connectionData=%5B%7B%22name%22%3A%22rfidreaderhub%22%7D%5D&_=1724050616662

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			erp2.bss.biz/sso	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.tQSeDiuXLbY Value: CfDJ8Jm0rbLNCXhNhIzq3o6OPNu56G0trHLt3Yq3C-GuNmQ-zSUWyO_6tjhtWQd2bAWAOpp1FNR2d9WF0KEIX4-h1RSa3FPwAt00cwwO1978VQCH-pn2fsSMere-l4NknC-krESAo9vGsV6NH2t9qtWV9O4
			erp2.bss.biz/	1969-12-31 23:59:59	Name: .IdentityServer.Session Value: CfDJ8Jm0rbLNCXhNhIzq3o6OPNuZAr8p2phAV9ZneFoJ0nNmce0%2FRpWXUkXBAqSVnzN2FrnDmc16ngyZq36tymAr7V4Jz24pMjjjURF9gHv5M3yfJloZZ6UV72mN5v8L8KukBnm%2FC8iyFrLrjhhRrgvbqWlDUZFO7692CeB%2FGriQuICG

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://erp2.bss.biz/customer-portal-middleware/api/auth Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://erp2.bss.biz/customer-portal-middleware/api/auth Message: Failed to load resource: the server responded with a status of 401 ()
security	warning	URL: https://erp2.bss.biz/sso/Account/Login?ReturnUrl=%2Fsso%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D960861C5-1B8A-4FEC-B6D7-786D65B740C0%26scope%3Dopenid%2520profile%2520roles%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Ferp2.bss.biz%252Fportalas%252Fauth-callback%26code_challenge_method%3DS256%26code_challenge%3DZrtAlu96zkqGVGt8wUezyTNPrIwKnJ8BkgQYo7FW7GY%26env%3D2391 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
recommendation	warning	URL: https://erp2.bss.biz/sso/Account/Login?ReturnUrl=%2Fsso%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D960861C5-1B8A-4FEC-B6D7-786D65B740C0%26scope%3Dopenid%2520profile%2520roles%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Ferp2.bss.biz%252Fportalas%252Fauth-callback%26code_challenge_method%3DS256%26code_challenge%3DZrtAlu96zkqGVGt8wUezyTNPrIwKnJ8BkgQYo7FW7GY%26env%3D2391 Message: [DOM] Found 2 elements with non-unique id #login: (More info: https://goo.gl/9p2vKq) %o %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

erp2.bss.biz
localhost
localhost
84.16.245.53
0807f3c38205c57f4f42a57a6f71d29391f6c50e7e0d524428ddec8476c48d0e
08a362ebe1a542499a14e99be3a86e3b0582218b9e61228228a531cf23fbc1cb
0bd5b08a23761a956e4d9c9c0606cf2702baca4108518ef08ff53574d9b75fb6
1aaee369bda5996aa28bdd5f783b7fb7b1e48dc95038df8bcac78a4d54ac3828
1f4b5e601b843b3f02d985275666f03cde39e5780821def997d8e2b6e0e97009
24d8b3f15e9cc8e0604e175ff673009ac21ef4a4125001fb46436bb58430118f
2558f154dffc6966417b20c6e095b70ac4adbd85f490b7071ec7f95d2804973f
2f56dbf9eea757066622f0f930aff53f4b8f34d5496833e72bead8b2f801ab9f
38013d3208825e6b1544c10702543eb3ddd1e9cc48053f8d44f446c526b381ba
409babd66534803a0ef5352df2c6cc64f865fc4cf304389867fd65eaca221282
518047c10a8f10ce82a81a382ba3e1943bdd36ade8258b0d767a1f7ba4b59516
59ae0fff1252dc26b24d55c2e8ad435370d127127e85a736bd7515602aab0c90
5fb1ed7ac21d8c6dea15c45d2085b643084b9fe5bf2dcca088e9aa2687a5225d
618d73bb4e8f246b918d410e3c4fc354f35bb1a5622d1d3c3799b7ee01e59c93
6b874e8e0b24ee03c7f1c7101c49692a3976561678ab584839db23d2460bf6f3
7bcb8f87511d43305f93fd43efd99bc6a1132e6bed048a1f18a58f063866bb77
876e4c021e69296bdf4ddd694cfeea2e97c7b917c0ef2d9d2840f73f67606551
a53771f0cdb85fe255853909bbc980400c9481e7d2fadeff082f939752cb5a75
a8205afe78c0c72045fed7ab56e5e83a02df4c18b51d57280abf361e9468d3dd
b1e4d05a0b37b7208e13eb879e1b0180708fbbfe4e7c3630b8e7b851a0a927df
b51b6d880c175da33d714482e44de7bb6c06458a7a0e33cb9d2691e6e882bda0
c01bd1b0a44dcf2d9c30063c215cac4e87f14da3d739dbb8f27a872377b625d0
c1b6b4c59bd56ae4659475d5ab10165c9605d6adbab9781f624379437d75ad76
c3bd39324ec3c653b463e7511b4574e90ee10aa8a54cb5299b2af8115e230340
d2af7cb5d61176e30c6fd40d899f0c5642521fe01856f61369869630b2a58f2f
d385b6a5aa04569f4ad4b13a0915d8e7341c2b9830e918ce5f80d4e292b54ec0
d6f945f2a06ebf9b287d78ee85e941003c235386f8cc49a1762b5714fe66f771
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9125f12afe47aa5d27984bf77315c3d79f8eb0808468d73508f73b1eb5ca0c2
ec179eb53faab9e763776337451b8440b9a6dc776e11d6c4ae57d4a1a1a11146
efd5b2d6e5e67c925827d3194e1ccd818969f9cdfcd2ee38ccdc05b5d5051521
f0a213e6980d426c9fe658de86ad2a994782d024bda4e944f739dbf81407db11
f0e1f4a42fcbe117a3353caf504b0ac994d38530cd42c8e4ec4292c13f0c97e7
fda0496ec333312e9c1890e933f53d61a91a52945b18edb1817a4df63d37a968

erp2.bss.biz Open in urlscan Pro 84.16.245.53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

97 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

2437 kBTransfer

6746 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

erp2.bss.biz Open in urlscan Pro
84.16.245.53 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

97 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

2437 kB
Transfer

6746 kB
Size

2
Cookies

37 HTTP transactions
0 data transactions