pre.oclock-medtronic.com Open in urlscan Pro
54.36.60.206 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://oclock-medtronic.com/
Effective URL:
https://pre.oclock-medtronic.com/login
Submission Tags: https://phish.report @phish_report Search All
Submission: On May 24 via api (May 24th 2023, 4:14:36 pm UTC) from FI — Scanned from FR

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 54.36.60.206, located in France and belongs to OVH, FR. The main domain is pre.oclock-medtronic.com.
TLS certificate: Issued by R3 on April 28th 2023. Valid for: 3 months.

This is the only time pre.oclock-medtronic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 17	54.36.60.206 54.36.60.206	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
16	3

17 54.36.60.206 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ns3088966.ip-54-36-60.eu

oclock-medtronic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pre.oclock-medtronic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	oclock-medtronic.com 3 redirects oclock-medtronic.com pre.oclock-medtronic.com	872 KB
1	gstatic.com fonts.gstatic.com	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
16	3

	Domain	Requested by
15	pre.oclock-medtronic.com	1 redirects pre.oclock-medtronic.com
2	oclock-medtronic.com	2 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	pre.oclock-medtronic.com
16	4

This site contains links to these domains. Also see Links.

Domain
oclocksolutions.es

Subject Issuer	Validity	Valid
oclock-medtronic.com R3	`2023-04-28` - `2023-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pre.oclock-medtronic.com/login
Frame ID: E552015A0B258E36713B4813DD3A1803
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oclock

Page URL History Show full URLs

http://oclock-medtronic.com/ HTTP 301
https://oclock-medtronic.com/ HTTP 301
https://pre.oclock-medtronic.com/ HTTP 307
https://pre.oclock-medtronic.com/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

917 kB
Transfer

901 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://oclocksolutions.es/
Title: Conócenos

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://oclock-medtronic.com/ HTTP 301
https://oclock-medtronic.com/ HTTP 301
https://pre.oclock-medtronic.com/ HTTP 307
https://pre.oclock-medtronic.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
pre.oclock-medtronic.com/
Redirect Chain

http://oclock-medtronic.com/
https://oclock-medtronic.com/
https://pre.oclock-medtronic.com/
https://pre.oclock-medtronic.com/login

5 KB
7 KB

42ms
42ms

Document
text/html

54.36.60.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pre.oclock-medtronic.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.60.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3088966.ip-54-36-60.eu

Software

Apache /

Resource Hash

45972ecd6da82c118b50fdf56267e4e74eeeafc02331d968e8f940f6a7c03f47

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload; max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN, DENY ALLOW-FROM https://bluumi.net/, SAMEORIGIN
X-Xss-Protection	1; mode=blo<ck 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Length: 5598
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Content-Type: text/html; charset=UTF-8
Cross-Origin-Embedder-Policy: same-site
Cross-Origin-Opener-Policy: same-site
Date: Wed, 24 May 2023 16:14:31 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=99
Permissions-Policy: geolocation=*
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload; max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY, SAMEORIGIN, DENY ALLOW-FROM https://bluumi.net/, SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=blo<ck 1; mode=block

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Length: 0
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Content-Type: text/html; charset=UTF-8
Cross-Origin-Embedder-Policy: same-site
Cross-Origin-Opener-Policy: same-site
Date: Wed, 24 May 2023 16:14:31 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Location: https://pre.oclock-medtronic.com/login
Permissions-Policy: geolocation=*
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload; max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY, SAMEORIGIN, DENY ALLOW-FROM https://bluumi.net/, SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=blo<ck 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 99ms
37ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,600,700

Requested by

Host: pre.oclock-medtronic.com
URL: https://pre.oclock-medtronic.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

028ccd38b0db2497e9e7c8adbfa9de420382d77ae2b371dd155ddf494275b0d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pre.oclock-medtronic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 May 2023 16:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 May 2023 16:14:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 May 2023 16:14:32 GMT

GET
H/1.1 200
OK bootstrap.min.css
pre.oclock-medtronic.com/front/css/ 118 KB
120 KB 16ms
15ms Stylesheet
text/css 54.36.60.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pre.oclock-medtronic.com/front/css/bootstrap.min.css

Requested by

Host: pre.oclock-medtronic.com
URL: https://pre.oclock-medtronic.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.60.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3088966.ip-54-36-60.eu

Software

Apache /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
X-Xss-Protection	1; mode=blo<ck, 1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pre.oclock-medtronic.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 16:14:31 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: same-site
Connection: Keep-Alive
Content-Length: 121200
X-XSS-Protection: 1; mode=blo<ck, 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 31 Jan 2022 12:18:03 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-site
ETag: "1d970-5d6dfc6bcf8e1"
X-Frame-Options: DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
Content-Type: text/css
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK bootstrap-datepicker.css
pre.oclock-medtronic.com/front/css/ 17 KB
18 KB 48ms
16ms Stylesheet
text/css 54.36.60.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pre.oclock-medtronic.com/front/css/bootstrap-datepicker.css

Requested by

Host: pre.oclock-medtronic.com
URL: https://pre.oclock-medtronic.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.60.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3088966.ip-54-36-60.eu

Software

Apache /

Resource Hash

f70ed7b509ea443bd3866b101df2e65dd0db19ab18b128c5e85497ac387b17a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
X-Xss-Protection	1; mode=blo<ck, 1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pre.oclock-medtronic.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 16:14:31 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: same-site
Connection: Keep-Alive
Content-Length: 17190
X-XSS-Protection: 1; mode=blo<ck, 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 20 May 2019 08:08:38 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-site
ETag: "4326-5894d3d54ad80"
X-Frame-Options: DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
Content-Type: text/css
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK bootstrap-datetimepicker.min.css
pre.oclock-medtronic.com/js/datetimepicker/ 8 KB
9 KB 50ms
18ms Stylesheet
text/css 54.36.60.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pre.oclock-medtronic.com/js/datetimepicker/bootstrap-datetimepicker.min.css

Requested by

Host: pre.oclock-medtronic.com
URL: https://pre.oclock-medtronic.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.60.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3088966.ip-54-36-60.eu

Software

Apache /

Resource Hash

c8c8da579e363feab54671fa5c1c823c37d416198e69f59b78b3e6a8a875d73a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
X-Xss-Protection	1; mode=blo<ck, 1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pre.oclock-medtronic.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 16:14:31 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: same-site
Connection: Keep-Alive
Content-Length: 7785
X-XSS-Protection: 1; mode=blo<ck, 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 31 Jan 2022 12:16:03 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-site
ETag: "1e69-5d6dfbf8b1146"
X-Frame-Options: DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
Content-Type: text/css
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK login.css
pre.oclock-medtronic.com/front/css/ 14 KB
16 KB 49ms
17ms Stylesheet
text/css 54.36.60.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pre.oclock-medtronic.com/front/css/login.css

Requested by

Host: pre.oclock-medtronic.com
URL: https://pre.oclock-medtronic.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.60.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3088966.ip-54-36-60.eu

Software

Apache /

Resource Hash

00935023bcdb426029627169c7c07038289c2ab27bd429963fc093d12aae86be

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
X-Xss-Protection	1; mode=blo<ck, 1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pre.oclock-medtronic.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 16:14:31 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: same-site
Connection: Keep-Alive
Content-Length: 14657
X-XSS-Protection: 1; mode=blo<ck, 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 14 Dec 2020 09:12:12 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-site
ETag: "3941-5b6690992f300"
X-Frame-Options: DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
Content-Type: text/css
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK jquery.min.js Show response
pre.oclock-medtronic.com/front/js/ 85 KB
86 KB 49ms
18ms Script
application/javascript 54.36.60.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pre.oclock-medtronic.com/front/js/jquery.min.js

Requested by

Host: pre.oclock-medtronic.com
URL: https://pre.oclock-medtronic.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.60.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3088966.ip-54-36-60.eu

Software

Apache /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
X-Xss-Protection	1; mode=blo<ck, 1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pre.oclock-medtronic.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 16:14:31 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: same-site
Connection: Keep-Alive
Content-Length: 86927
X-XSS-Protection: 1; mode=blo<ck, 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 31 Jan 2022 12:18:03 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-site
ETag: "1538f-5d6dfc6bd0881"
X-Frame-Options: DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
Content-Type: application/javascript
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK script Show response
pre.oclock-medtronic.com/ 5 KB
7 KB 74ms
43ms Script
application/javascript 54.36.60.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pre.oclock-medtronic.com/script?file=functions.js

Requested by

Host: pre.oclock-medtronic.com
URL: https://pre.oclock-medtronic.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.60.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3088966.ip-54-36-60.eu

Software

Apache /

Resource Hash

d3b39f8c6f83ade99851e45f7c28f1b648cf5d31dc366f1cbdd9cb84329d7fa6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
X-Xss-Protection	1; mode=blo<ck, 1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pre.oclock-medtronic.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 16:14:31 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: same-site
Connection: Keep-Alive
Content-Length: 5054
X-XSS-Protection: 1; mode=blo<ck, 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Cross-Origin-Opener-Policy: same-site
X-Frame-Options: DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Permissions-Policy: geolocation=*
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK logo_black.svg
pre.oclock-medtronic.com/front/images/ 4 KB
5 KB 18ms
17ms Image
image/svg+xml 54.36.60.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pre.oclock-medtronic.com/front/images/logo_black.svg

Requested by

Host: pre.oclock-medtronic.com
URL: https://pre.oclock-medtronic.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.60.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3088966.ip-54-36-60.eu

Software

Apache /

Resource Hash

2c1a4cb65ff6fc0b10fd8c773fd78a0d37bea25ba0bf12d78e72e29f5ce30b3b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
X-Xss-Protection	1; mode=blo<ck, 1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pre.oclock-medtronic.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 16:14:32 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: same-site
Connection: Keep-Alive
Content-Length: 3859
X-XSS-Protection: 1; mode=blo<ck, 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 14 Dec 2020 09:06:52 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-site
ETag: "f13-5b668f6802300"
X-Frame-Options: DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
Content-Type: image/svg+xml
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK bootstrap.min.js Show response
pre.oclock-medtronic.com/front/js/ 36 KB
38 KB 15ms
15ms Script
application/javascript 54.36.60.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pre.oclock-medtronic.com/front/js/bootstrap.min.js

Requested by

Host: pre.oclock-medtronic.com
URL: https://pre.oclock-medtronic.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.60.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3088966.ip-54-36-60.eu

Software

Apache /

Resource Hash

beae6f5e15e658c736bcb709ffb4b1e7aad9704410250ddf2d7fd280ff144290

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
X-Xss-Protection	1; mode=blo<ck, 1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pre.oclock-medtronic.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 16:14:32 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: same-site
Connection: Keep-Alive
Content-Length: 37049
X-XSS-Protection: 1; mode=blo<ck, 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 31 Jan 2022 12:18:03 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-site
ETag: "90b9-5d6dfc6bd0881"
X-Frame-Options: DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
Content-Type: application/javascript
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK bootstrap-datepicker.js Show response
pre.oclock-medtronic.com/front/js/ 56 KB
58 KB 15ms
15ms Script
application/javascript 54.36.60.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pre.oclock-medtronic.com/front/js/bootstrap-datepicker.js

Requested by

Host: pre.oclock-medtronic.com
URL: https://pre.oclock-medtronic.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.60.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3088966.ip-54-36-60.eu

Software

Apache /

Resource Hash

9dc7ad43959c171654dd82308207f03b099ec0b557e121cb06d0d89ebb31a286

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
X-Xss-Protection	1; mode=blo<ck, 1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pre.oclock-medtronic.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 16:14:32 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: same-site
Connection: Keep-Alive
Content-Length: 57647
X-XSS-Protection: 1; mode=blo<ck, 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 20 May 2019 08:09:00 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-site
ETag: "e12f-5894d3ea45f00"
X-Frame-Options: DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
Content-Type: application/javascript
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK bootstrap-datepicker.es.js Show response
pre.oclock-medtronic.com/front/js/locales/ 606 B
2 KB 16ms
16ms Script
application/javascript 54.36.60.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pre.oclock-medtronic.com/front/js/locales/bootstrap-datepicker.es.js

Requested by

Host: pre.oclock-medtronic.com
URL: https://pre.oclock-medtronic.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.60.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3088966.ip-54-36-60.eu

Software

Apache /

Resource Hash

dd4199ce984eed65a2f5e596d9566681ccc1ed233ca8c0a0ac35eea693164e45

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
X-Xss-Protection	1; mode=blo<ck, 1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pre.oclock-medtronic.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 16:14:32 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: same-site
Connection: Keep-Alive
Content-Length: 606
X-XSS-Protection: 1; mode=blo<ck, 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 31 Jan 2022 12:18:03 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-site
ETag: "25e-5d6dfc6bd0881"
X-Frame-Options: DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
Content-Type: application/javascript
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK moment-with-locales.js Show response
pre.oclock-medtronic.com/js/datetimepicker/ 441 KB
443 KB 16ms
15ms Script
application/javascript 54.36.60.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pre.oclock-medtronic.com/js/datetimepicker/moment-with-locales.js

Requested by

Host: pre.oclock-medtronic.com
URL: https://pre.oclock-medtronic.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.60.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3088966.ip-54-36-60.eu

Software

Apache /

Resource Hash

3b0be8a0e264afb5d84851d4322bc6fc4c641344c37ea6ee637c1256cc24903e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
X-Xss-Protection	1; mode=blo<ck, 1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pre.oclock-medtronic.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 16:14:32 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: same-site
Connection: Keep-Alive
Content-Length: 452020
X-XSS-Protection: 1; mode=blo<ck, 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 31 Jan 2022 12:16:03 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-site
ETag: "6e5b4-5d6dfbf8b1146"
X-Frame-Options: DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
Content-Type: application/javascript
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK bootstrap-datetimepicker.min.js Show response
pre.oclock-medtronic.com/js/datetimepicker/ 38 KB
39 KB 17ms
16ms Script
application/javascript 54.36.60.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pre.oclock-medtronic.com/js/datetimepicker/bootstrap-datetimepicker.min.js

Requested by

Host: pre.oclock-medtronic.com
URL: https://pre.oclock-medtronic.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.60.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3088966.ip-54-36-60.eu

Software

Apache /

Resource Hash

e5899ac40c0c8c8a4cad594af3863ff8d8c2a4a9c561af1b59605b50748119f5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
X-Xss-Protection	1; mode=blo<ck, 1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pre.oclock-medtronic.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 16:14:32 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: same-site
Connection: Keep-Alive
Content-Length: 38510
X-XSS-Protection: 1; mode=blo<ck, 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 31 Jan 2022 12:16:03 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-site
ETag: "966e-5d6dfbf8b1146"
X-Frame-Options: DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
Content-Type: application/javascript
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK signature_pad.umd.js Show response
pre.oclock-medtronic.com/front/js/ 21 KB
22 KB 17ms
17ms Script
application/javascript 54.36.60.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pre.oclock-medtronic.com/front/js/signature_pad.umd.js

Requested by

Host: pre.oclock-medtronic.com
URL: https://pre.oclock-medtronic.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.60.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3088966.ip-54-36-60.eu

Software

Apache /

Resource Hash

dc48183d66ac956543d43d9dd505268a50ca9b18f0a25ebcfa7210a856f6624b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
X-Xss-Protection	1; mode=blo<ck, 1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pre.oclock-medtronic.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 24 May 2023 16:14:32 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload;, max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests;, default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: same-site
Connection: Keep-Alive
Content-Length: 21524
X-XSS-Protection: 1; mode=blo<ck, 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 20 May 2019 07:29:04 GMT
Server: Apache
Cross-Origin-Opener-Policy: same-site
ETag: "5414-5894cafd45000"
X-Frame-Options: DENY, SAMEORIGIN, DENY, ALLOW-FROM https://bluumi.net/, SAMEORIGIN
Content-Type: application/javascript
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 98ms
26ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pre.oclock-medtronic.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 18:18:02 GMT
x-content-type-options: nosniff
age: 338190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 18:18:02 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pre.oclock-medtronic.com/	1970-01-20 12:02:32	Name: csrf_cookie_oclock Value: cd179724a3252a0bbbb0bde886df2eca
			pre.oclock-medtronic.com/	1970-01-20 12:02:25	Name: ci_session Value: 81e8466e2cc3a354b9a9fda285f93f97280face4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com cdn.datatables.net cdn.ckeditor.com; script-src-elem 'self' 'unsafe-inline' cdn.datatables.net code.jquery.com cdn.ckeditor.com maps.googleapis.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' maps.googleapis.com; img-src 'self' data: maps.gstatic.com cdn.ckeditor.com maps.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload; max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN, DENY ALLOW-FROM https://bluumi.net/, SAMEORIGIN
X-Xss-Protection	1; mode=blo<ck 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
oclock-medtronic.com
pre.oclock-medtronic.com
2a00:1450:4001:80f::200a
2a00:1450:4001:828::2003
54.36.60.206
00935023bcdb426029627169c7c07038289c2ab27bd429963fc093d12aae86be
028ccd38b0db2497e9e7c8adbfa9de420382d77ae2b371dd155ddf494275b0d8
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2c1a4cb65ff6fc0b10fd8c773fd78a0d37bea25ba0bf12d78e72e29f5ce30b3b
3b0be8a0e264afb5d84851d4322bc6fc4c641344c37ea6ee637c1256cc24903e
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
45972ecd6da82c118b50fdf56267e4e74eeeafc02331d968e8f940f6a7c03f47
9dc7ad43959c171654dd82308207f03b099ec0b557e121cb06d0d89ebb31a286
beae6f5e15e658c736bcb709ffb4b1e7aad9704410250ddf2d7fd280ff144290
c8c8da579e363feab54671fa5c1c823c37d416198e69f59b78b3e6a8a875d73a
d3b39f8c6f83ade99851e45f7c28f1b648cf5d31dc366f1cbdd9cb84329d7fa6
dc48183d66ac956543d43d9dd505268a50ca9b18f0a25ebcfa7210a856f6624b
dd4199ce984eed65a2f5e596d9566681ccc1ed233ca8c0a0ac35eea693164e45
e5899ac40c0c8c8a4cad594af3863ff8d8c2a4a9c561af1b59605b50748119f5
f70ed7b509ea443bd3866b101df2e65dd0db19ab18b128c5e85497ac387b17a8
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

pre.oclock-medtronic.com Open in urlscan Pro 54.36.60.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

67 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

917 kBTransfer

901 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

pre.oclock-medtronic.com Open in urlscan Pro
54.36.60.206 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

917 kB
Transfer

901 kB
Size

2
Cookies

16 HTTP transactions
0 data transactions