urlscan.io logo urlscan.io
SecurityTrails logo

sso.acceptto.com Open in urlscan Pro
52.200.12.142  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nexus.secureauth.com/
Effective URL: https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15
Submission: On July 30 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 52.200.12.142, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is sso.acceptto.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 6th 2023. Valid for: a year.
This is the only time sso.acceptto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 68.225.24.248 32524 (GRUPO-SMS)
1 12 52.200.12.142 14618 (AMAZON-AES)
3 34.236.142.20 14618 (AMAZON-AES)
2 54.175.47.132 14618 (AMAZON-AES)
17 4
Apex Domain
Subdomains		 Transfer
17 acceptto.com
sso.acceptto.com
faye.acceptto.com
dbfp.acceptto.com
524 KB
2 secureauth.com
nexus.secureauth.com
1 KB
17 2
Domain Requested by
12 sso.acceptto.com 1 redirects sso.acceptto.com
3 faye.acceptto.com faye.acceptto.com
2 dbfp.acceptto.com dbfp.acceptto.com
2 nexus.secureauth.com 2 redirects
17 4

This site contains links to these domains. Also see Links.

Domain
www.secureauth.com
Subject Issuer Validity Valid
*.acceptto.com
Go Daddy Secure Certificate Authority - G2		 2023-08-06 -
2024-09-06		 a year crt.sh
dbfp.acceptto.us
Amazon RSA 2048 M02		 2023-12-13 -
2025-01-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15
Frame ID: 28387126ABA7477695E36BACBF48A987
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Acceptto Single Sign-On

Page URL History Show full URLs

  1. https://nexus.secureauth.com/ HTTP 302
    https://nexus.secureauth.com/sso/login HTTP 302
    https://sso.acceptto.com/secureauth/saml/auth?SAMLRequest=hVNNj9owEL3vr4hyJ58UggWRKPQDiUIE2R56qVxn0rW... HTTP 302
    https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15 Page URL

Page Statistics

17
Requests

94 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

1
Countries

523 kB
Transfer

919 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nexus.secureauth.com/ HTTP 302
    https://nexus.secureauth.com/sso/login HTTP 302
    https://sso.acceptto.com/secureauth/saml/auth?SAMLRequest=hVNNj9owEL3vr4hyJ58UggWRKPQDiUIE2R56qVxn0rWU2Kln0qX%2FvnZgBSu1rC%2B2xvOe35sZz5G3TceWPT2pA%2FzqAenB805to5ANVwu%2FN4ppjhKZ4i0gI8GOyy9blgQR64wmLXTjvwLdx3BEMCS1cqDNeuHvdx%2B2%2B0%2Bb3fc05ulkHKdiktUc0mRcz2bpLHuXVVMRp1k6ndTxLEsqB%2FwKBi3HwreUAxFiDxuFxBXZYJSMR9F0lEZlkrIoY9H4m8taW39ScRqQT0QdsjBE1AEXAjoiHQjdhgiiN8BtTUJnJ3Qnhy4ubt9LVUn1877NH%2BckZJ%2FLshgV%2B2PpKJYv5ldaYd%2BCOYL5LQU8HrZXQQpOPQZXFWdRqEMu0M8ti%2BfNnTA2mDb5m7gWiFec%2BDy8hV2JOraz%2BjfrQjdS%2FBnibn3UpuX0f5txEA8RWY3qIZX1CjsQspYwNOm8lk2jn1dWEsHCJ9OD74WvHr8MHlTDGNrKEJzIW%2Bm240aiaxWcuKCL9av92%2FRVY%2BfqAHV%2Bd%2FQEEy7Phgu7PWtTuZ6CsG%2BXhlvx2tClSP8kP6sO78jOH16ub%2F9U%2Fhc%3D&RelayState=https%3A%2F%2Fnexus.secureauth.com%2Fsso%2Flogin HTTP 302
    https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth
sso.acceptto.com/secureauth/saml/
Redirect Chain
  • https://nexus.secureauth.com/
  • https://nexus.secureauth.com/sso/login
  • https://sso.acceptto.com/secureauth/saml/auth?SAMLRequest=hVNNj9owEL3vr4hyJ58UggWRKPQDiUIE2R56qVxn0rWU2Kln0qX%2FvnZgBSu1rC%2B2xvOe35sZz5G3TceWPT2pA%2FzqAenB805to5ANVwu%2FN4ppjhKZ4i0gI8GOyy9blgQR64w...
  • https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15
8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.12.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-12-142.compute-1.amazonaws.com
Software
/
Resource Hash
4b4a89488fa9df56bc9bba038ecca0926709f065d975c4f09227d1a855b198d2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-length
7964
content-security-policy-report-only
default-src 'self' https:; child-src 'self'; frame-ancestors 'self'; font-src 'self'; img-src 'self' https: data:; object-src 'none'; script-src 'self' faye.acceptto.com dbfp.acceptto.com 'report-sample' 'nonce-iyGr/OW3QRJMcTM4i1uM3A=='; style-src 'self' 'report-sample' 'unsafe-inline'; connect-src 'self' wss://faye.acceptto.com/faye https://faye.acceptto.com/faye dbfp.acceptto.com; report-uri /csp-violation
content-type
text/html; charset=utf-8
date
Tue, 30 Jul 2024 23:08:04 GMT
etag
W/"4b4a89488fa9df56bc9bba038ecca092"
link
</saml/assets/application-87654042d29d717074e3d626009f59e5e213abe8d27a973edbbcf3ca79a9a97f.css>; rel=preload; as=style; nopush,<https://faye.acceptto.com/faye/faye.js>; rel=preload; as=script; nopush,</saml/assets/application-f390487c2fd287ebd34a5821db6aa5d74fa4095966362a71a2d88bb31937a7e1.js>; rel=preload; as=script; nopush,<https://dbfp.acceptto.com/bfp.js>; rel=preload; as=script; nopush
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
87557cd3-d59e-4ccb-97c9-0ac50408d3d5
x-runtime
0.085133
x-xss-protection
0

Redirect headers

cache-control
no-cache
content-security-policy-report-only
default-src 'self' https:; child-src 'self'; frame-ancestors 'self'; font-src 'self'; img-src 'self' https: data:; object-src 'none'; script-src 'self' faye.acceptto.com dbfp.acceptto.com 'report-sample' 'nonce-7PwtJwoVXxdCbT1EJavxNg=='; style-src 'self' 'report-sample' 'unsafe-inline'; connect-src 'self' wss://faye.acceptto.com/faye https://faye.acceptto.com/faye dbfp.acceptto.com; report-uri /csp-violation
content-type
text/html; charset=utf-8
date
Tue, 30 Jul 2024 23:08:04 GMT
location
https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
73997b3b-94b6-4aa2-b66a-3a630f5ec1f1
x-runtime
0.083369
x-xss-protection
0
application-87654042d29d717074e3d626009f59e5e213abe8d27a973edbbcf3ca79a9a97f.css
sso.acceptto.com/saml/assets/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.acceptto.com/saml/assets/application-87654042d29d717074e3d626009f59e5e213abe8d27a973edbbcf3ca79a9a97f.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.12.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-12-142.compute-1.amazonaws.com
Software
/
Resource Hash
0da94a66a4597057bcd8356df2db4d561ceb35e6f78e3ed15570edf594297ea3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 23:08:04 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 19 Jun 2024 03:27:28 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=172800
content-length
3647
faye.js
faye.acceptto.com/faye/ 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://faye.acceptto.com/faye/faye.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.142.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-142-20.compute-1.amazonaws.com
Software
/
Resource Hash
6c1919e0a6e401642b4e7e552536629c3fe3988861b6da78b3d0d578f94caeaf

Request headers

Referer
https://sso.acceptto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 23:08:05 GMT
last-modified
Thu, 01 Feb 2024 20:05:44 GMT
etag
615af0f59f1e1ad9c99c90f24dc91ba58a166572
content-length
38413
content-type
text/javascript; charset=utf-8
application-f390487c2fd287ebd34a5821db6aa5d74fa4095966362a71a2d88bb31937a7e1.js
sso.acceptto.com/saml/assets/ 		353 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.acceptto.com/saml/assets/application-f390487c2fd287ebd34a5821db6aa5d74fa4095966362a71a2d88bb31937a7e1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.12.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-12-142.compute-1.amazonaws.com
Software
/
Resource Hash
62aa858179313c64f9d1552ad34db751bfd42646878b70065ef74d6eb2eab390
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 23:08:04 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 19 Jun 2024 03:27:28 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
content-length
100814
bfp.js
dbfp.acceptto.com/ 		81 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dbfp.acceptto.com/bfp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.47.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-47-132.compute-1.amazonaws.com
Software
/
Resource Hash
748455905e5e7857a496a7fe3cd4aecdc44d9533f2e7406d4e1d6db682415d6a
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sso.acceptto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 23:08:05 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-encoding
br
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
24524
x-xss-protection
0
x-response-time
1.964ms
referrer-policy
no-referrer
last-modified
Wed, 26 Jun 2024 21:40:12 GMT
etag
W/"5fcc-190567dee60"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
arculix-logo-e9d028e2400eb63d66250adaec98606113ef6c15f49abe4dd5dbfd168dcb78d6.svg
sso.acceptto.com/saml/assets/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.acceptto.com/saml/assets/arculix-logo-e9d028e2400eb63d66250adaec98606113ef6c15f49abe4dd5dbfd168dcb78d6.svg
Requested by
Host: sso.acceptto.com
URL: https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.12.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-12-142.compute-1.amazonaws.com
Software
/
Resource Hash
29120223645cb164a1cc2afe4761321fc113d54172ae051875bada2db6ab8ea1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 23:08:04 GMT
cache-control
public, max-age=172800
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 19 Jun 2024 03:27:28 GMT
content-length
6190
content-type
image/svg+xml
runtime-6aacc4abcf36c1d0dc22.js
sso.acceptto.com/packs/js/ 		2 KB
965 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.acceptto.com/packs/js/runtime-6aacc4abcf36c1d0dc22.js
Requested by
Host: sso.acceptto.com
URL: https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.12.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-12-142.compute-1.amazonaws.com
Software
/
Resource Hash
8cd18670dfa5c5b4a383cf2c2b79d5acecaf89d289c154fcc90ef8d83493a04f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 23:08:05 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 19 Jun 2024 03:27:50 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
content-length
749
840-2f6a2773789585dce92c.js
sso.acceptto.com/packs/js/ 		103 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.acceptto.com/packs/js/840-2f6a2773789585dce92c.js
Requested by
Host: sso.acceptto.com
URL: https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.12.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-12-142.compute-1.amazonaws.com
Software
/
Resource Hash
23636c901963d139afdf57174e5e79af0758fad10ce37ee55180db0a926a5e41
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 23:08:05 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 19 Jun 2024 03:27:50 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
content-length
26595
login-32620a3ad7e9d642a1e7.js
sso.acceptto.com/packs/js/ 		2 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.acceptto.com/packs/js/login-32620a3ad7e9d642a1e7.js
Requested by
Host: sso.acceptto.com
URL: https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.12.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-12-142.compute-1.amazonaws.com
Software
/
Resource Hash
ccd4014cff74690d484844e733ecf1a3b4408fd562b7666ca0dc09b93ca6b7cb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 23:08:05 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 19 Jun 2024 03:27:50 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
content-length
774
OpenSans-Regular-f20d5ed577a1ddc48fd428b61d9538ef88d6ddcc1ccd8565a2cf7e9f03bd4cc7.ttf
sso.acceptto.com/saml/assets/ 		95 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso.acceptto.com/saml/assets/OpenSans-Regular-f20d5ed577a1ddc48fd428b61d9538ef88d6ddcc1ccd8565a2cf7e9f03bd4cc7.ttf
Requested by
Host: sso.acceptto.com
URL: https://sso.acceptto.com/saml/assets/application-87654042d29d717074e3d626009f59e5e213abe8d27a973edbbcf3ca79a9a97f.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.12.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-12-142.compute-1.amazonaws.com
Software
/
Resource Hash
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://sso.acceptto.com/saml/assets/application-87654042d29d717074e3d626009f59e5e213abe8d27a973edbbcf3ca79a9a97f.css
Origin
https://sso.acceptto.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 23:08:05 GMT
cache-control
public, max-age=172800
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 19 Jun 2024 03:27:28 GMT
content-length
96932
content-type
application/octet-stream
OpenSans-SemiBold-b3185de4446e67a69ed55fd1337466f660afc5f7eb161137865d21ae69778df1.ttf
sso.acceptto.com/saml/assets/ 		98 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso.acceptto.com/saml/assets/OpenSans-SemiBold-b3185de4446e67a69ed55fd1337466f660afc5f7eb161137865d21ae69778df1.ttf
Requested by
Host: sso.acceptto.com
URL: https://sso.acceptto.com/saml/assets/application-87654042d29d717074e3d626009f59e5e213abe8d27a973edbbcf3ca79a9a97f.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.12.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-12-142.compute-1.amazonaws.com
Software
/
Resource Hash
5e8d9e1a89083cd1b0849993fe2f3acc9aa33b7f439f7e8616872f6897f30684
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://sso.acceptto.com/saml/assets/application-87654042d29d717074e3d626009f59e5e213abe8d27a973edbbcf3ca79a9a97f.css
Origin
https://sso.acceptto.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 23:08:05 GMT
cache-control
public, max-age=172800
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 19 Jun 2024 03:27:28 GMT
content-length
100820
content-type
application/octet-stream
qr.svg
sso.acceptto.com/secureauth/qr_login/acaed0efa416e524e1ad3670/1828f8ae488efc04165542fe2b86e6daec783d13a895d7c98c7aed23b9d3c487/5d309ee3fc54bcfd99b0534a60fb6e15/ 		115 KB
116 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sso.acceptto.com/secureauth/qr_login/acaed0efa416e524e1ad3670/1828f8ae488efc04165542fe2b86e6daec783d13a895d7c98c7aed23b9d3c487/5d309ee3fc54bcfd99b0534a60fb6e15/qr.svg
Requested by
Host: sso.acceptto.com
URL: https://sso.acceptto.com/saml/assets/application-f390487c2fd287ebd34a5821db6aa5d74fa4095966362a71a2d88bb31937a7e1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.12.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-12-142.compute-1.amazonaws.com
Software
/
Resource Hash
b03d7dae2076ba8f03ab4627746944e5c0fdf0ec9180eb5a8ad3fd84add79cae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-runtime
0.223327
date
Tue, 30 Jul 2024 23:08:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
x-permitted-cross-domain-policies
none
etag
W/"b03d7dae2076ba8f03ab4627746944e5"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-security-policy-report-only
default-src 'self' https:; child-src 'self'; frame-ancestors 'self'; font-src 'self'; img-src 'self' https: data:; object-src 'none'; script-src 'self' faye.acceptto.com dbfp.acceptto.com 'report-sample' 'nonce-MZj/ErlC7SZKmd4hb0Q3aA=='; style-src 'self' 'report-sample' 'unsafe-inline'; connect-src 'self' wss://faye.acceptto.com/faye https://faye.acceptto.com/faye dbfp.acceptto.com; report-uri /csp-violation
content-type
image/svg+xml; charset=utf-8
cache-control
max-age=0, private, must-revalidate
content-length
117682
x-xss-protection
0
x-request-id
43420160-5adc-4f6a-a05c-5f37a5ca495b
faye
faye.acceptto.com/ 		326 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://faye.acceptto.com/faye?message=%5B%7B%22channel%22%3A%22%2Fmeta%2Fhandshake%22%2C%22version%22%3A%221.0%22%2C%22supportedConnectionTypes%22%3A%5B%22websocket%22%2C%22eventsource%22%2C%22long-polling%22%2C%22cross-origin-long-polling%22%2C%22callback-polling%22%5D%2C%22id%22%3A%221%22%7D%5D&jsonp=__jsonp1__
Requested by
Host: faye.acceptto.com
URL: https://faye.acceptto.com/faye/faye.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.142.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-142-20.compute-1.amazonaws.com
Software
/
Resource Hash
5f26b3dd3fbdf3f9b07d29acc2a4832c05322c8b6518da9ec5b9d09142de70c8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sso.acceptto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 23:08:05 GMT
cache-control
no-cache, no-store
x-content-type-options
nosniff
content-disposition
attachment; filename=f.txt
content-length
326
content-type
text/javascript; charset=utf-8
faye
faye.acceptto.com/ 		332 B
497 B 		Script
General
Check archive.org
Download Go to
Full URL
https://faye.acceptto.com/faye?message=%5B%7B%22channel%22%3A%22%2Fmeta%2Fconnect%22%2C%22clientId%22%3A%226gdvo6gpxs4657zys387gfjdd1ts11e%22%2C%22connectionType%22%3A%22callback-polling%22%2C%22id%22%3A%222%22%2C%22advice%22%3A%7B%22timeout%22%3A0%7D%7D%2C%7B%22channel%22%3A%22%2Fmeta%2Fsubscribe%22%2C%22clientId%22%3A%226gdvo6gpxs4657zys387gfjdd1ts11e%22%2C%22subscription%22%3A%22%2Fmessages%2Facaed0efa416e524e1ad3670%22%2C%22id%22%3A%223%22%7D%5D&jsonp=__jsonp2__
Requested by
Host: faye.acceptto.com
URL: https://faye.acceptto.com/faye/faye.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.142.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-142-20.compute-1.amazonaws.com
Software
/
Resource Hash
d7649a25c2a9890f884059cd4c83d40975ac2cd4aaf61c6e58106b665af8af45
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sso.acceptto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 23:08:05 GMT
cache-control
no-cache, no-store
x-content-type-options
nosniff
content-disposition
attachment; filename=f.txt
content-length
332
content-type
text/javascript; charset=utf-8
faye
faye.acceptto.com/ 		0
0
arculix-favicon-50eaacd951ff02ab08608949340619002f380c1a5e9b6e83104d2789206bd1b4.svg
sso.acceptto.com/saml/assets/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sso.acceptto.com/saml/assets/arculix-favicon-50eaacd951ff02ab08608949340619002f380c1a5e9b6e83104d2789206bd1b4.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.12.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-12-142.compute-1.amazonaws.com
Software
/
Resource Hash
48b09128fceb8af12d780c678d9957055e41a8a75f19a3d676123e45e1e4496b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://sso.acceptto.com/secureauth/saml/auth?tdi=5d309ee3fc54bcfd99b0534a60fb6e15
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 23:08:05 GMT
cache-control
public, max-age=172800
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 19 Jun 2024 03:27:28 GMT
content-length
1741
content-type
image/svg+xml
fingerprint
dbfp.acceptto.com/data/ 		1009 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dbfp.acceptto.com/data/fingerprint
Requested by
Host: dbfp.acceptto.com
URL: https://dbfp.acceptto.com/bfp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.47.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-47-132.compute-1.amazonaws.com
Software
/
Resource Hash
144e7b6af4d9220190848e7a4a4eab0990cb964ab53ca47b4ca22581bee152bc
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sso.acceptto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jul 2024 23:08:10 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
1009
x-xss-protection
0
x-response-time
16.724ms
referrer-policy
no-referrer
etag
W/"3f1-XfYXUdTLIrHa4MdlpmECz2FwKOs"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
faye.acceptto.com
URL
https://faye.acceptto.com/faye?message=%5B%7B%22channel%22%3A%22%2Fmeta%2Fconnect%22%2C%22clientId%22%3A%226gdvo6gpxs4657zys387gfjdd1ts11e%22%2C%22connectionType%22%3A%22callback-polling%22%2C%22id%22%3A%224%22%7D%5D&jsonp=__jsonp3__

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Faye function| animateDisplayTransition function| showElement function| hideElement object| Rails boolean| _rails_loaded function| $ function| jQuery object| Turbolinks function| a1b function| a1a function| detectIncognito object| SecureAuth object| webpackChunkapp

1 Cookies

Domain/Path Name / Value
sso.acceptto.com/ Name: _acceptto_saml_idp_session
Value: l3Z%2B%2B%2BdRjedtVzl%2BgvcRNNGOhdltisgX5uKYHyDdyt3JMooXXylicKmSE1HS4WIi8c27bG9jnaIqdeRtN0CisYdszNPf%2FTHOl0rlMn8gkqonh%2B7b9XAtQ6OkAfYiFzfxOq9WllF4IwLNfBUoI2dxFqILWAF%2FyEA%2F8JwAd2W39uVZjWaF6lE%2BoDcX3r%2F1mE8U1j8Csyq2S8rsvMH%2BMGb3J%2FwNY4ZoS9EqY5Kd5seWmjak1jMkSOORHGDnBymqxyw5AAEn0XeZVn63ZeFnLICX32nFKge98%2FzKZxU%2B3dCKcbJBAgXr%2FHEpJOI58ny9ZtEO6X0%3D--koynGq0B9i1WbdEE--Z83dmDTDusKfKrkmY%2BWyjg%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0