urlscan.io logo urlscan.io
SecurityTrails logo

admin.myoneid.dev Open in urlscan Pro
34.117.165.41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://admin.myoneid.dev/
Effective URL: https://admin.myoneid.dev/auth
Submission Tags: @phish_report
Submission: On February 17 via api from FI — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 15 HTTP transactions. The main IP is 34.117.165.41, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is admin.myoneid.dev.
TLS certificate: Issued by GTS CA 1D4 on December 22nd 2023. Valid for: 3 months.
This is the only time admin.myoneid.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 34.117.165.41 396982 (GOOGLE-CL...)
2 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
2 2620:0:890::100 54113 (FASTLY)
15 6
8    34.117.165.41 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 41.165.117.34.bc.googleusercontent.com
admin.myoneid.dev
2    2404:6800:4006:809::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
www.googleapis.com
1    2404:6800:4006:814::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2404:6800:4006:812::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)
apis.google.com
2    2620:0:890::100 (United States)

ASN54113 (FASTLY, US)
din-oneid-development.firebaseapp.com
Apex Domain
Subdomains		 Transfer
8 myoneid.dev
admin.myoneid.dev
147 KB
2 firebaseapp.com
din-oneid-development.firebaseapp.com
91 KB
2 google.com
apis.google.com — Cisco Umbrella Rank: 128
43 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
www.googleapis.com Failed
798 B
1 gstatic.com
fonts.gstatic.com
37 KB
15 5
Domain Requested by
8 admin.myoneid.dev 1 redirects admin.myoneid.dev
2 din-oneid-development.firebaseapp.com apis.google.com
din-oneid-development.firebaseapp.com
2 apis.google.com admin.myoneid.dev
apis.google.com
1 www.googleapis.com din-oneid-development.firebaseapp.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com admin.myoneid.dev
15 6

This site contains no links.

Subject Issuer Validity Valid
admin.myoneid.dev
GTS CA 1D4		 2023-12-22 -
2024-03-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
firebaseapp.com
GTS CA 1D4		 2024-01-17 -
2024-04-16		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://admin.myoneid.dev/auth
Frame ID: ECBF41227E8538C0E7F004250D021869
Requests: 11 HTTP requests in this frame

Frame: https://din-oneid-development.firebaseapp.com/__/auth/iframe?apiKey=AIzaSyB25w3ac808oQxV9v-8DdxUpFYhKj5S_ls&appName=%5BDEFAULT%5D&v=9.9.4&eid=p&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__
Frame ID: E628CC123E43CC1DD7055C0F3A6EE2E6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OneIDĀ® Management Console [Development]

Page URL History Show full URLs

  1. http://admin.myoneid.dev/ HTTP 307
    https://admin.myoneid.dev/ HTTP 302
    https://admin.myoneid.dev/auth Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-client_id
  • <meta[^>]*google-signin-scope
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

15
Requests

93 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

319 kB
Transfer

595 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://admin.myoneid.dev/ HTTP 307
    https://admin.myoneid.dev/ HTTP 302
    https://admin.myoneid.dev/auth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth
admin.myoneid.dev/
Redirect Chain
  • http://admin.myoneid.dev/
  • https://admin.myoneid.dev/
  • https://admin.myoneid.dev/auth
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.myoneid.dev/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.165.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.165.117.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
05831ebc3549c9bef0506ae12e2044aca840beff10fe1cc719ccfec2c3b84e0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
date
Sat, 17 Feb 2024 11:26:39 GMT
referrer-policy
origin
server
envoy
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
3
x-frame-options
DENY
x-robots-tag
noindex

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28
content-type
text/html; charset=utf-8
date
Sat, 17 Feb 2024 11:26:38 GMT
location
/auth
referrer-policy
origin
server
envoy
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
1
x-frame-options
DENY
x-robots-tag
noindex
css2
fonts.googleapis.com/ 		3 KB
798 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400&display=swap
Requested by
Host: admin.myoneid.dev
URL: https://admin.myoneid.dev/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
546f19b1c4013ff6ecf471ef4085338e414db6f0ab1a1a2fc03b8ad10466bffc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://admin.myoneid.dev/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Feb 2024 11:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Sat, 17 Feb 2024 11:26:39 GMT
managementconsole.css
admin.myoneid.dev/css/ 		32 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.myoneid.dev/css/managementconsole.css
Requested by
Host: admin.myoneid.dev
URL: https://admin.myoneid.dev/auth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.165.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.165.117.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
9b57ffda71ceb6c6722e8fe961ecde53f6593a4ff108eef27c1724f7fc1e42e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://admin.myoneid.dev/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 17 Feb 2024 11:26:39 GMT
referrer-policy
origin
via
1.1 google
server
envoy
x-frame-options
DENY
content-type
text/css; charset=utf-8
x-envoy-upstream-service-time
2
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32329
auth.js
admin.myoneid.dev/js/ 		100 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.myoneid.dev/js/auth.js
Requested by
Host: admin.myoneid.dev
URL: https://admin.myoneid.dev/auth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.165.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.165.117.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
1c57511f37aea7d38634d41a0fd0a18d59b1d202b2038d4a8709e1572744ff4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://admin.myoneid.dev/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 17 Feb 2024 11:26:39 GMT
referrer-policy
origin
via
1.1 google
server
envoy
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
x-envoy-upstream-service-time
2
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102811
icon-solid.svg
admin.myoneid.dev/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.myoneid.dev/images/icon-solid.svg
Requested by
Host: admin.myoneid.dev
URL: https://admin.myoneid.dev/auth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.165.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.165.117.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
fa33fc70bdef162d66277f28b9e8f29d5b34ec307e867c3c7ec9dc2616a74a67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://admin.myoneid.dev/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 17 Feb 2024 11:26:39 GMT
referrer-policy
origin
via
1.1 google
server
envoy
x-frame-options
DENY
content-type
image/svg+xml
x-envoy-upstream-service-time
2
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5975
din-logo.png
admin.myoneid.dev/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.myoneid.dev/images/din-logo.png
Requested by
Host: admin.myoneid.dev
URL: https://admin.myoneid.dev/auth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.165.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.165.117.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
a44805f78e29acece1c08244f989afefceb85f831d944d7c637bc92771e89786
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://admin.myoneid.dev/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 17 Feb 2024 11:26:39 GMT
referrer-policy
origin
via
1.1 google
server
envoy
x-frame-options
DENY
content-type
image/png
x-envoy-upstream-service-time
2
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
google-logo.svg
admin.myoneid.dev/images/ 		836 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.myoneid.dev/images/google-logo.svg
Requested by
Host: admin.myoneid.dev
URL: https://admin.myoneid.dev/css/managementconsole.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.165.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.165.117.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
07f81ee177e5775e2022fe6541a80da64032e2751fad495bdeb23298029254a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://admin.myoneid.dev/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 17 Feb 2024 11:26:40 GMT
referrer-policy
origin
via
1.1 google
server
envoy
x-frame-options
DENY
content-type
image/svg+xml
x-envoy-upstream-service-time
1
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
836
microsoft-logo.svg
admin.myoneid.dev/images/ 		343 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.myoneid.dev/images/microsoft-logo.svg
Requested by
Host: admin.myoneid.dev
URL: https://admin.myoneid.dev/css/managementconsole.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.165.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.165.117.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
929f48f88c8ca7f3f5d294be47ec4caf51acc28ac25340c19a903125d7ecd84a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://admin.myoneid.dev/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 17 Feb 2024 11:26:40 GMT
referrer-policy
origin
via
1.1 google
server
envoy
x-frame-options
DENY
content-type
image/svg+xml
x-envoy-upstream-service-time
1
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
343
rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z9mXg.woff2
fonts.gstatic.com/s/dmsans/v14/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v14/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z9mXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfbbd0037dbc07a549504172d6c1e6f0f95cb2b57da8b934028b218b35af95b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://admin.myoneid.dev
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 16 Feb 2024 03:59:48 GMT
x-content-type-options
nosniff
age
113212
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36860
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 22:07:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Feb 2025 03:59:48 GMT
api.js
apis.google.com/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?onload=__iframefcb698425
Requested by
Host: admin.myoneid.dev
URL: https://admin.myoneid.dev/js/auth.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:812::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4100887fb71aaa1bc11d95f7c0e85a017febf1c31226e422d62c0d3003d2adff
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://admin.myoneid.dev/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 17 Feb 2024 11:26:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7124
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"72014d698ab50103"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Feb 2024 11:26:40 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/ 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?onload=__iframefcb698425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:812::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
355b033c29478e91feeffd27412d9abbde8c535ed40f8aac790bd2095fbd48d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://admin.myoneid.dev/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 16 Feb 2024 07:52:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35908
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 17:51:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Feb 2025 07:52:13 GMT
iframe
din-oneid-development.firebaseapp.com/__/auth/ Frame E628 		364 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://din-oneid-development.firebaseapp.com/__/auth/iframe?apiKey=AIzaSyB25w3ac808oQxV9v-8DdxUpFYhKj5S_ls&appName=%5BDEFAULT%5D&v=9.9.4&eid=p&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1eea8206093f3c645b999e44787c4798a867a5a26bc482313cf9007b778a47d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://admin.myoneid.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=1800
content-encoding
gzip
content-length
244
content-type
text/html; charset=utf-8
date
Sat, 17 Feb 2024 11:26:41 GMT
origin-trial
AsJLZ4vyY2ORU5w3PpXkCY24qwPZPIS5vhU7v2bOIN/0bBRyfdahqmyS8TVFm5y/M0UpaS2paS/SJ+gGGZ9FeA8AAACfeyJvcmlnaW4iOiJodHRwczovL2ZpcmViYXNlYXBwLmNvbTo0NDMiLCJmZWF0dXJlIjoiRGlzYWJsZVRoaXJkUGFydHlTZXNzaW9uU3RvcmFnZVBhcnRpdGlvbmluZ0FmdGVyR2VuZXJhbFBhcnRpdGlvbmluZyIsImV4cGlyeSI6MTcxNDY5NDM5OSwiaXNTdWJkb21haW4iOnRydWV9
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-akl10335-AKL
x-timer
S1708169201.999314,VS0,VE421
iframe.js
din-oneid-development.firebaseapp.com/__/auth/ Frame E628 		285 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://din-oneid-development.firebaseapp.com/__/auth/iframe.js
Requested by
Host: din-oneid-development.firebaseapp.com
URL: https://din-oneid-development.firebaseapp.com/__/auth/iframe?apiKey=AIzaSyB25w3ac808oQxV9v-8DdxUpFYhKj5S_ls&appName=%5BDEFAULT%5D&v=9.9.4&eid=p&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9fca2ee282f0951ac90b724cd668008c10e33734ee6aea125d64f8c9d8e37d00
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://din-oneid-development.firebaseapp.com/__/auth/iframe?apiKey=AIzaSyB25w3ac808oQxV9v-8DdxUpFYhKj5S_ls&appName=%5BDEFAULT%5D&v=9.9.4&eid=p&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-served-by
cache-akl10335-AKL
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Sat, 17 Feb 2024 11:26:42 GMT
x-timer
S1708169201.468149,VS0,VE1483
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
origin-trial
AsJLZ4vyY2ORU5w3PpXkCY24qwPZPIS5vhU7v2bOIN/0bBRyfdahqmyS8TVFm5y/M0UpaS2paS/SJ+gGGZ9FeA8AAACfeyJvcmlnaW4iOiJodHRwczovL2ZpcmViYXNlYXBwLmNvbTo0NDMiLCJmZWF0dXJlIjoiRGlzYWJsZVRoaXJkUGFydHlTZXNzaW9uU3RvcmFnZVBhcnRpdGlvbmluZ0FmdGVyR2VuZXJhbFBhcnRpdGlvbmluZyIsImV4cGlyeSI6MTcxNDY5NDM5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
92737
x-cache-hits
0
getProjectConfig
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame E628 		0
0
getProjectConfig
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleapis.com/identitytoolkit/v3/relyingparty/getProjectConfig?key=AIzaSyB25w3ac808oQxV9v-8DdxUpFYhKj5S_ls&cb=1708169203038
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-client-version
Access-Control-Request-Method
GET
Origin
https://din-oneid-development.firebaseapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers
content-type,x-client-version
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://din-oneid-development.firebaseapp.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 17 Feb 2024 11:26:43 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googleapis.com
URL
https://www.googleapis.com/identitytoolkit/v3/relyingparty/getProjectConfig?key=AIzaSyB25w3ac808oQxV9v-8DdxUpFYhKj5S_ls&cb=1708169203038

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| e function| t function| n function| r function| s function| o function| a function| c function| u object| h undefined| d undefined| p undefined| f undefined| g undefined| m function| v function| y function| E function| O function| C function| A function| R function| N object| U function| X function| Y function| Z function| re function| ue function| he function| de function| ge function| ye function| be function| _e function| Ie function| ke string| Te function| Se function| De function| Re function| Ne function| Pe function| Le function| Me function| Ue function| xe function| je function| He function| Be function| Ve function| $e function| Ge function| Je function| Xe function| Ze function| Qe function| et function| tt function| nt function| st function| at function| ht function| pt function| ft function| gt function| mt function| vt function| yt function| bt function| _t function| wt function| It function| Et function| kt function| Ot function| At function| Dt function| Nt function| Vt function| $t function| Yt function| Qt function| en function| rn function| sn function| on function| an function| un function| hn function| pn function| fn function| gn function| yn function| In function| En function| Tn function| Sn function| An function| Dn function| Nn function| Pn function| Fn function| jn function| Vn function| zn string| Wn object| qn object| Kn object| Gn string| Jn string| Yn string| Zn undefined| Qn function| nr function| rr function| ir function| sr function| or function| __iframefcb698425 object| gapi object| ___jsl object| _F_toggles object| osapi

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY