urlscan.io logo urlscan.io
SecurityTrails logo

vk-org.auth-demo.bnntest.com Open in urlscan Pro
34.107.228.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://my-dashboard-service.vk-org.bnntest.com/
Effective URL: https://vk-org.auth-demo.bnntest.com/oidc/login?org_name=vk-org&redirect_uri=https%3A%2F%2Fvk-org.trust-demo.bnntest.com%2Fv2%2Fcallb...
Submission: On September 21 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 34.107.228.77, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is vk-org.auth-demo.bnntest.com.
TLS certificate: Issued by R3 on August 2nd 2022. Valid for: 3 months.
This is the only time vk-org.auth-demo.bnntest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.127.16.73 396982 (GOOGLE-CL...)
1 1 34.82.133.84 396982 (GOOGLE-CL...)
11 34.107.228.77 15169 (GOOGLE)
11 1
Domain Requested by
11 vk-org.auth-demo.bnntest.com vk-org.auth-demo.bnntest.com
1 vk-org.trust-demo.bnntest.com 1 redirects
1 my-dashboard-service.vk-org.bnntest.com 1 redirects
11 3

This site contains no links.

Subject Issuer Validity Valid
demo.bnntest.com
R3		 2022-08-02 -
2022-10-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://vk-org.auth-demo.bnntest.com/oidc/login?org_name=vk-org&redirect_uri=https%3A%2F%2Fvk-org.trust-demo.bnntest.com%2Fv2%2Fcallback&state=c4rvfflrqkehcjtw7mts3gwg7
Frame ID: 453A59BE49B22A23482A2FBAA767F151
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Banyan

Page URL History Show full URLs

  1. https://my-dashboard-service.vk-org.bnntest.com/ HTTP 302
    https://vk-org.trust-demo.bnntest.com/v2/auth?client_id=9L32jikh3nWML4RAngk_1A&nonce=p2iQK_i1Qm9V4mDZjuaVf&redirec... HTTP 303
    https://vk-org.auth-demo.bnntest.com/oidc/login?org_name=vk-org&redirect_uri=https%3A%2F%2Fvk-org.trust-demo.bnnt... Page URL

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

1
IPs

1
Countries

7179 kB
Transfer

7167 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://my-dashboard-service.vk-org.bnntest.com/ HTTP 302
    https://vk-org.trust-demo.bnntest.com/v2/auth?client_id=9L32jikh3nWML4RAngk_1A&nonce=p2iQK_i1Qm9V4mDZjuaVf&redirect_uri=https%3A%2F%2Fmy-dashboard-service.vk-org.bnntest.com%2Fbnn_trust_cb&response_type=code&scope=openid+profile+email&state=47ss4nGb3nMlZZI44xvBXE HTTP 303
    https://vk-org.auth-demo.bnntest.com/oidc/login?org_name=vk-org&redirect_uri=https%3A%2F%2Fvk-org.trust-demo.bnntest.com%2Fv2%2Fcallback&state=c4rvfflrqkehcjtw7mts3gwg7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
vk-org.auth-demo.bnntest.com/oidc/
Redirect Chain
  • https://my-dashboard-service.vk-org.bnntest.com/
  • https://vk-org.trust-demo.bnntest.com/v2/auth?client_id=9L32jikh3nWML4RAngk_1A&nonce=p2iQK_i1Qm9V4mDZjuaVf&redirect_uri=https%3A%2F%2Fmy-dashboard-service.vk-org.bnntest.com%2Fbnn_trust_cb&response...
  • https://vk-org.auth-demo.bnntest.com/oidc/login?org_name=vk-org&redirect_uri=https%3A%2F%2Fvk-org.trust-demo.bnntest.com%2Fv2%2Fcallback&state=c4rvfflrqkehcjtw7mts3gwg7
556 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vk-org.auth-demo.bnntest.com/oidc/login?org_name=vk-org&redirect_uri=https%3A%2F%2Fvk-org.trust-demo.bnntest.com%2Fv2%2Fcallback&state=c4rvfflrqkehcjtw7mts3gwg7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.228.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.228.107.34.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
99053f4471ea698b580008092192474bf0ced351174175f4bfa343ee28f64723
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
556
content-security-policy
default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
content-type
text/html
date
Wed, 21 Sep 2022 06:00:25 GMT
etag
"630feab0-22c"
last-modified
Wed, 31 Aug 2022 23:11:44 GMT
server
nginx/1.23.1
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-frame-options
SAMEORIGIN

Redirect headers

Content-Length
0
Content-Type
text/html
Date
Wed, 21 Sep 2022 06:00:25 GMT
Location
https://vk-org.auth-demo.bnntest.com/oidc/login?org_name=vk-org&redirect_uri=https%3A%2F%2Fvk-org.trust-demo.bnntest.com%2Fv2%2Fcallback&state=c4rvfflrqkehcjtw7mts3gwg7
main.37cd379d.js
vk-org.auth-demo.bnntest.com/static/js/ 		6 MB
6 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk-org.auth-demo.bnntest.com/static/js/main.37cd379d.js
Requested by
Host: vk-org.auth-demo.bnntest.com
URL: https://vk-org.auth-demo.bnntest.com/oidc/login?org_name=vk-org&redirect_uri=https%3A%2F%2Fvk-org.trust-demo.bnntest.com%2Fv2%2Fcallback&state=c4rvfflrqkehcjtw7mts3gwg7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.228.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.228.107.34.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
45ca2fbb90de4fd663e114ec6f69b45f7b80b872ec7d59bca4706e74f4869cc4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vk-org.auth-demo.bnntest.com/oidc/login?org_name=vk-org&redirect_uri=https%3A%2F%2Fvk-org.trust-demo.bnntest.com%2Fv2%2Fcallback&state=c4rvfflrqkehcjtw7mts3gwg7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
via
1.1 google
last-modified
Wed, 31 Aug 2022 23:11:44 GMT
server
nginx/1.23.1
etag
"630feab0-60f32a"
x-frame-options
SAMEORIGIN
content-type
application/javascript
date
Wed, 21 Sep 2022 06:00:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6353706
main.6cdb9add.css
vk-org.auth-demo.bnntest.com/static/css/ 		577 KB
578 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vk-org.auth-demo.bnntest.com/static/css/main.6cdb9add.css
Requested by
Host: vk-org.auth-demo.bnntest.com
URL: https://vk-org.auth-demo.bnntest.com/oidc/login?org_name=vk-org&redirect_uri=https%3A%2F%2Fvk-org.trust-demo.bnntest.com%2Fv2%2Fcallback&state=c4rvfflrqkehcjtw7mts3gwg7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.228.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.228.107.34.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
a5ad32721bde489e3df71ccb4a2adcaf3fbdee0ede2df112e94cf757752969c3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vk-org.auth-demo.bnntest.com/oidc/login?org_name=vk-org&redirect_uri=https%3A%2F%2Fvk-org.trust-demo.bnntest.com%2Fv2%2Fcallback&state=c4rvfflrqkehcjtw7mts3gwg7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
via
1.1 google
last-modified
Wed, 31 Aug 2022 23:11:44 GMT
server
nginx/1.23.1
etag
"630feab0-90374"
x-frame-options
SAMEORIGIN
content-type
text/css
date
Wed, 21 Sep 2022 06:00:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
590708
Banyan-InstallScreens-UpperLeft3.908edc11cc538c26b5b4.svg
vk-org.auth-demo.bnntest.com/static/media/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk-org.auth-demo.bnntest.com/static/media/Banyan-InstallScreens-UpperLeft3.908edc11cc538c26b5b4.svg
Requested by
Host: vk-org.auth-demo.bnntest.com
URL: https://vk-org.auth-demo.bnntest.com/static/css/main.6cdb9add.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.228.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.228.107.34.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
99e63fda849bf639a17dc2f522c6bdc8f47ab75dc28547a3238961f61ce3d985
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vk-org.auth-demo.bnntest.com/static/css/main.6cdb9add.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
via
1.1 google
last-modified
Wed, 31 Aug 2022 23:11:44 GMT
server
nginx/1.23.1
etag
"630feab0-33da"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
date
Wed, 21 Sep 2022 06:00:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13274
Inter-Regular.f80c55a7aedf386182e8.woff2
vk-org.auth-demo.bnntest.com/static/media/ 		87 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vk-org.auth-demo.bnntest.com/static/media/Inter-Regular.f80c55a7aedf386182e8.woff2
Requested by
Host: vk-org.auth-demo.bnntest.com
URL: https://vk-org.auth-demo.bnntest.com/static/css/main.6cdb9add.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.228.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.228.107.34.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
03c75b1b36edb0aad6ff58705f95e22682862b05a6a5e7bfe1005cc8bb260bd2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://vk-org.auth-demo.bnntest.com/static/css/main.6cdb9add.css
Origin
https://vk-org.auth-demo.bnntest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
via
1.1 google
last-modified
Wed, 31 Aug 2022 23:11:44 GMT
server
nginx/1.23.1
etag
"630feab0-15af0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
date
Wed, 21 Sep 2022 06:00:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88816
Inter-Light-BETA.9f78e9c2f58712fc4986.woff2
vk-org.auth-demo.bnntest.com/static/media/ 		95 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vk-org.auth-demo.bnntest.com/static/media/Inter-Light-BETA.9f78e9c2f58712fc4986.woff2
Requested by
Host: vk-org.auth-demo.bnntest.com
URL: https://vk-org.auth-demo.bnntest.com/static/css/main.6cdb9add.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.228.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.228.107.34.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
42b85ccdba2f07f36e65df9023a51bf5fcb57da7fba0f9d8d99033cd6500fe68
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://vk-org.auth-demo.bnntest.com/static/css/main.6cdb9add.css
Origin
https://vk-org.auth-demo.bnntest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
via
1.1 google
last-modified
Wed, 31 Aug 2022 23:11:44 GMT
server
nginx/1.23.1
etag
"630feab0-17c04"
x-frame-options
SAMEORIGIN
content-type
font/woff2
date
Wed, 21 Sep 2022 06:00:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97284
Inter-Bold.3717db0be15085acc210.woff2
vk-org.auth-demo.bnntest.com/static/media/ 		94 KB
94 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vk-org.auth-demo.bnntest.com/static/media/Inter-Bold.3717db0be15085acc210.woff2
Requested by
Host: vk-org.auth-demo.bnntest.com
URL: https://vk-org.auth-demo.bnntest.com/static/css/main.6cdb9add.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.228.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.228.107.34.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
f0f54a061e142b0d4162535b6bae6c101e564a4425311c84e03c81ecf75182ac
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://vk-org.auth-demo.bnntest.com/static/css/main.6cdb9add.css
Origin
https://vk-org.auth-demo.bnntest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
via
1.1 google
last-modified
Wed, 31 Aug 2022 23:11:44 GMT
server
nginx/1.23.1
etag
"630feab0-176b8"
x-frame-options
SAMEORIGIN
content-type
font/woff2
date
Wed, 21 Sep 2022 06:00:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95928
Inter-Medium.be3029dd56c7701e7e9d.woff2
vk-org.auth-demo.bnntest.com/static/media/ 		93 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vk-org.auth-demo.bnntest.com/static/media/Inter-Medium.be3029dd56c7701e7e9d.woff2
Requested by
Host: vk-org.auth-demo.bnntest.com
URL: https://vk-org.auth-demo.bnntest.com/static/css/main.6cdb9add.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.228.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.228.107.34.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
5f310d16c579ab3b1e9e8cb3298e14bb935ed7e802e1b23c35bd1819307d6c59
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://vk-org.auth-demo.bnntest.com/static/css/main.6cdb9add.css
Origin
https://vk-org.auth-demo.bnntest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
via
1.1 google
last-modified
Wed, 31 Aug 2022 23:11:44 GMT
server
nginx/1.23.1
etag
"630feab0-17418"
x-frame-options
SAMEORIGIN
content-type
font/woff2
date
Wed, 21 Sep 2022 06:00:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95256
logo-horiz-black.1a32828f9acc98aea9019f140e4d93db.svg
vk-org.auth-demo.bnntest.com/static/media/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk-org.auth-demo.bnntest.com/static/media/logo-horiz-black.1a32828f9acc98aea9019f140e4d93db.svg
Requested by
Host: vk-org.auth-demo.bnntest.com
URL: https://vk-org.auth-demo.bnntest.com/oidc/login?org_name=vk-org&redirect_uri=https%3A%2F%2Fvk-org.trust-demo.bnntest.com%2Fv2%2Fcallback&state=c4rvfflrqkehcjtw7mts3gwg7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.228.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.228.107.34.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
f90ca7db4a44f4cc16d5a8ea57f5c3a2f3efe583248d08dbb416671f38d7130e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vk-org.auth-demo.bnntest.com/oidc/login?org_name=vk-org&redirect_uri=https%3A%2F%2Fvk-org.trust-demo.bnntest.com%2Fv2%2Fcallback&state=c4rvfflrqkehcjtw7mts3gwg7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
via
1.1 google
last-modified
Wed, 31 Aug 2022 23:11:44 GMT
server
nginx/1.23.1
etag
"630feab0-da9"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
date
Wed, 21 Sep 2022 06:00:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3497
authorize
vk-org.auth-demo.bnntest.com/api/v1/banyanidp/enduser/ 		122 B
137 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vk-org.auth-demo.bnntest.com/api/v1/banyanidp/enduser/authorize?org_name=vk-org&state=c4rvfflrqkehcjtw7mts3gwg7
Requested by
Host: vk-org.auth-demo.bnntest.com
URL: https://vk-org.auth-demo.bnntest.com/static/js/main.37cd379d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.228.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.228.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c9a3c824e451544905010368dc5a9e68403a51c031dd1c6c0ae0016f1d958a28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept
application/json
Referer
https://vk-org.auth-demo.bnntest.com/oidc/login?org_name=vk-org&redirect_uri=https%3A%2F%2Fvk-org.trust-demo.bnntest.com%2Fv2%2Fcallback&state=c4rvfflrqkehcjtw7mts3gwg7
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 06:00:26 GMT
via
1.1 google
x-bnn-request-id
5dbccf11-b4e4-443e-88db-626813174b36
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
figs
vk-org.auth-demo.bnntest.com/api/v2/ 		93 B
124 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vk-org.auth-demo.bnntest.com/api/v2/figs
Requested by
Host: vk-org.auth-demo.bnntest.com
URL: https://vk-org.auth-demo.bnntest.com/static/js/main.37cd379d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.228.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.228.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2f816a28ae573d9dfee82cff8a3bbb074eda7bdf764fee5248b2bfdf9366448d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Referer
https://vk-org.auth-demo.bnntest.com/oidc/login?org_name=vk-org&redirect_uri=https%3A%2F%2Fvk-org.trust-demo.bnntest.com%2Fv2%2Fcallback&state=c4rvfflrqkehcjtw7mts3gwg7
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Sep 2022 06:00:27 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=15768000, max-age=31536000; includeSubDomains
trace-id
Root=1-632aa87b-6f800bba1de8609f75ba7a62
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| regeneratorRuntime object| FontAwesomeConfig object| ___FONT_AWESOME___ object| masterService object| ace

3 Cookies

Domain/Path Name / Value
my-dashboard-service.vk-org.bnntest.com/ Name: bnn_nonce_p2iQK_i1Qm9V4mDZjuaVf47ss4nGb3nMlZZI44xvBXE
Value: Tu6LTVPjKr5iXIeAoMhDwS9Cx8tRGwgfhOCyBZjA6gtg3sqbR6YMIFbumK6dsyPk4XDJAWZU4J7auIrJrFncbw
.bnntest.com/ Name: AMP_6d888654a5
Value: JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMjE2NmI2ZjZlLWE0OWUtNDVkOS1hYTY0LTQ1OTUyM2M3YjBhNyUyMiUyQyUyMmxhc3RFdmVudFRpbWUlMjIlM0ExNjYzNzQwMDI2NjQwJTJDJTIyc2Vzc2lvbklkJTIyJTNBMTY2Mzc0MDAyNjU3NSU3RA==
.bnntest.com/ Name: AMP_MKTG_6d888654a5
Value: JTdCJTdE

1 Console Messages

Source Level URL
Text
network error URL: https://vk-org.auth-demo.bnntest.com/api/v1/banyanidp/enduser/authorize?org_name=vk-org&state=c4rvfflrqkehcjtw7mts3gwg7
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' https://api.amplitude.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self' youtube.com www.youtube.com https://www.google.com/; connect-src 'self' https://docs.banyanops.com https://docs.banyansecurity.io https://api.amplitude.com/; child-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN