urlscan.io logo urlscan.io
SecurityTrails logo

oauth.iveri.com Open in urlscan Pro
196.13.126.202  Public Scan

Go To Rescan Add Verdict Report
URL: https://oauth.iveri.com/
Submission: On July 04 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 196.13.126.202, located in South Africa and belongs to iVeriPaymentTechnologies, ZA. The main domain is oauth.iveri.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on June 7th 2024. Valid for: 3 months.
This is the only time oauth.iveri.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 196.13.126.202 328651 (iVeriPaym...)
8 1
Apex Domain
Subdomains		 Transfer
8 iveri.com
oauth.iveri.com
130 KB
8 1
Domain Requested by
8 oauth.iveri.com oauth.iveri.com
8 1

This site contains links to these domains. Also see Links.

Domain
www.iveri.com
Subject Issuer Validity Valid
oauth.iveri.com
ZeroSSL RSA Domain Secure Site CA		 2024-06-07 -
2024-09-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://oauth.iveri.com/
Frame ID: 60E38388C6F3465DA524DDB5ED9D3C44
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

- IveriUsers IdentityServer

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

130 kB
Transfer

566 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
oauth.iveri.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oauth.iveri.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
196.13.126.202 , South Africa, ASN328651 (iVeriPaymentTechnologies, ZA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2a2935580cc410a748209c7691da170addd20f33ae1d30ddf334f8ef546e1cf0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=2592000
X-Content-Security-Policy default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1025
Content-Security-Policy
default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
Content-Type
text/html; charset=utf-8
Date
Thu, 04 Jul 2024 01:03:35 GMT
Keep-Alive
timeout=3, max=1000
Referrer-Policy
no-referrer
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload max-age=2592000
Vary
Accept-Encoding
X-Content-Security-Policy
default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET
bootstrap.css
oauth.iveri.com/lib/twitter-bootstrap/css/ 		188 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oauth.iveri.com/lib/twitter-bootstrap/css/bootstrap.css
Requested by
Host: oauth.iveri.com
URL: https://oauth.iveri.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
196.13.126.202 , South Africa, ASN328651 (iVeriPaymentTechnologies, ZA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
35fbb6dc3891aacaf1ffa07abec2344fdbc454aab533a2a03bcf93577eb7837b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:03:35 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=2592000
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 07:15:38 GMT
Server
Microsoft-IIS/10.0
ETag
"1d84f064697e65c-gzip"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=999
site.css
oauth.iveri.com/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oauth.iveri.com/css/site.css
Requested by
Host: oauth.iveri.com
URL: https://oauth.iveri.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
196.13.126.202 , South Africa, ASN328651 (iVeriPaymentTechnologies, ZA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6ab5bf327610762cb52e9acd724f97eb5aee48e7c362bb2b29f61ee3cfb67b82
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:03:35 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=2592000
Content-Encoding
gzip
Last-Modified
Thu, 14 Jul 2022 17:38:46 GMT
Server
Microsoft-IIS/10.0
ETag
"1d897a89192123f-gzip"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=1000
Content-Length
653
iveri.css
oauth.iveri.com/css/branding/ 		75 B
555 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oauth.iveri.com/css/branding/iveri.css
Requested by
Host: oauth.iveri.com
URL: https://oauth.iveri.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
196.13.126.202 , South Africa, ASN328651 (iVeriPaymentTechnologies, ZA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ba963a6e14d1d3c1e279c6dbc0e60801f6e54970ecfdc5db1e259a453a4b9839
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:03:35 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=2592000
Content-Encoding
gzip
Last-Modified
Thu, 07 Jul 2022 16:01:48 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8921adce17e4b-gzip"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=1000
Content-Length
85
jquery.js
oauth.iveri.com/lib/jquery/ 		242 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oauth.iveri.com/lib/jquery/jquery.js
Requested by
Host: oauth.iveri.com
URL: https://oauth.iveri.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
196.13.126.202 , South Africa, ASN328651 (iVeriPaymentTechnologies, ZA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:03:35 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=2592000
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 07:15:38 GMT
Server
Microsoft-IIS/10.0
ETag
"1d84f064696ce2d-gzip"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=1000
bootstrap.js
oauth.iveri.com/lib/twitter-bootstrap/js/ 		129 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oauth.iveri.com/lib/twitter-bootstrap/js/bootstrap.js
Requested by
Host: oauth.iveri.com
URL: https://oauth.iveri.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
196.13.126.202 , South Africa, ASN328651 (iVeriPaymentTechnologies, ZA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a65d5b4abb65aad37f302c96f1751362e2422a8869f7f889112556d77e384813
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:03:35 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=2592000
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 07:15:38 GMT
Server
Microsoft-IIS/10.0
ETag
"1d84f0646970b35-gzip"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=1000
iveri.gif
oauth.iveri.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oauth.iveri.com/images/iveri.gif
Requested by
Host: oauth.iveri.com
URL: https://oauth.iveri.com/css/branding/iveri.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
196.13.126.202 , South Africa, ASN328651 (iVeriPaymentTechnologies, ZA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b0664b5480cc8fb53960582991ef5fc7ed735d4987cf54bf3ccefa2583455bbb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://oauth.iveri.com/css/branding/iveri.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:03:37 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=2592000
Last-Modified
Wed, 13 Apr 2022 07:15:38 GMT
Server
Microsoft-IIS/10.0
ETag
"1d84f0646950e92"
X-Powered-By
ASP.NET
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=999
Content-Length
1938
iveri.ico
oauth.iveri.com/images/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://oauth.iveri.com/images/iveri.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
196.13.126.202 , South Africa, ASN328651 (iVeriPaymentTechnologies, ZA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2bee58f00e962baf6b5d8064595a6b3588491787fb68544a88b85bbfe770480c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 01:03:37 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload, max-age=2592000
Last-Modified
Wed, 13 Apr 2022 07:15:38 GMT
Server
Microsoft-IIS/10.0
ETag
"1d84f0646950d7e"
X-Powered-By
ASP.NET
Content-Type
image/x-icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=998
Content-Length
1150

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery object| bootstrap

0 Cookies

1 Console Messages

Source Level URL
Text
security warning URL: https://oauth.iveri.com/
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=2592000
X-Content-Security-Policy default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN