urlscan.io logo urlscan.io
SecurityTrails logo

orange.csod.com Open in urlscan Pro
99.84.144.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.getabstract.com/about-us?l=1&u=orangesso&esid=636250688
Effective URL: https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d...
Submission Tags: phishing malicious Search All
Submission: On January 11 via api from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 99.84.144.19, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is orange.csod.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 7th 2020. Valid for: 2 years.
This is the only time orange.csod.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2001:8a8:6003... 15623 (CYBERLINK...)
2 12 99.84.144.19 16509 (AMAZON-02)
11 2
Apex Domain
Subdomains		 Transfer
12 csod.com
orange.csod.com
3 MB
2 getabstract.com
www.getabstract.com
4 KB
11 2
Domain Requested by
12 orange.csod.com 2 redirects orange.csod.com
2 www.getabstract.com 1 redirects
11 2

This site contains no links.

Subject Issuer Validity Valid
www.getabstract.com
DigiCert SHA2 Extended Validation Server CA		 2020-08-11 -
2022-11-14		 2 years crt.sh
*.csod.com
DigiCert SHA2 Secure Server CA		 2020-08-07 -
2022-08-12		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
Frame ID: CA74CCB47FCBF970E9CBA8A1D60D6550
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.getabstract.com/about-us?l=1&u=orangesso&esid=636250688 HTTP 302
    https://www.getabstract.com/en/about-us?u=orangesso&esid=636250688 Page URL
  2. https://orange.csod.com/OutboundSSO.aspx?ou_id=-100 HTTP 302
    https://orange.csod.com/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou... HTTP 302
    https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboun... Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2930 kB
Transfer

3155 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.getabstract.com/about-us?l=1&u=orangesso&esid=636250688 HTTP 302
    https://www.getabstract.com/en/about-us?u=orangesso&esid=636250688 Page URL
  2. https://orange.csod.com/OutboundSSO.aspx?ou_id=-100 HTTP 302
    https://orange.csod.com/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100 HTTP 302
    https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.getabstract.com/about-us?l=1&u=orangesso&esid=636250688 HTTP 302
  • https://www.getabstract.com/en/about-us?u=orangesso&esid=636250688

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set about-us
www.getabstract.com/en/
Redirect Chain
  • https://www.getabstract.com/about-us?l=1&u=orangesso&esid=636250688
  • https://www.getabstract.com/en/about-us?u=orangesso&esid=636250688
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.getabstract.com/en/about-us?u=orangesso&esid=636250688
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:8a8:6003:10::3 , Switzerland, ASN15623 (CYBERLINK Cyberlink AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
ed1bd68d6814e279b618de22e9e1fc36cd6ed8b57ed12e0c8f2547f4b31da37d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
www.getabstract.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 11 Jan 2021 05:47:33 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
private
X-UA-Compatible
IE=Edge,chrome=1
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.twitter.com *.outbrain.com bam.nr-data.net bat.bing.com *.taboola.com *.facebook.net *.facebook.com *.visualwebsiteoptimizer.com *.doubleclick.net *.hubspot.com api.hubapi.com js.hs-analytics.net js.hsadspixel.net js.hs-scripts.com js.usemessages.com js.driftt.com *.yandex.ru svc.webspellchecker.net *.newrelic.com *.linkedin.com *.leadforensics.com *.bizographics.com *.outbrain.com gateway.zscloud.net www.google-analytics.com www.google.com www.google.ch www.google.ru www.google.co.in www.google.co.jp www.google.co.uk www.google.de www.google.com.sg www.google.com.pe www.google.co.th www.google.bg www.google.at https://www.google.es www.googleadservices.com www.googletagmanager.com *.gravatar.com statics.teams.cdn.office.net; report-uri /csp-reports
Set-Cookie
esid=636250688; path=/; secure; expires=Sun, 11-Apr-2021 05:47:33 GMT; HttpOnly JSESSIONID=aaavNTcWSWd3Xca41ErBx; path=/; secure; HttpOnly;SameSite=None
Content-Length
1087
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive

Redirect headers

Date
Mon, 11 Jan 2021 05:47:33 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
private
X-UA-Compatible
IE=Edge,chrome=1
Location
https://www.getabstract.com/en/about-us?u=orangesso&esid=636250688
Content-Length
104
Content-Type
text/html; charset=utf-8
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.twitter.com *.outbrain.com bam.nr-data.net bat.bing.com *.taboola.com *.facebook.net *.facebook.com *.visualwebsiteoptimizer.com *.doubleclick.net *.hubspot.com api.hubapi.com js.hs-analytics.net js.hsadspixel.net js.hs-scripts.com js.usemessages.com js.driftt.com *.yandex.ru svc.webspellchecker.net *.newrelic.com *.linkedin.com *.leadforensics.com *.bizographics.com *.outbrain.com gateway.zscloud.net www.google-analytics.com www.google.com www.google.ch www.google.ru www.google.co.in www.google.co.jp www.google.co.uk www.google.de www.google.com.sg www.google.com.pe www.google.co.th www.google.bg www.google.at https://www.google.es www.googleadservices.com www.googletagmanager.com *.gravatar.com statics.teams.cdn.office.net; report-uri /csp-reports
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Primary Request Cookie set default.aspx
orange.csod.com/client/orange/
Redirect Chain
  • https://orange.csod.com/OutboundSSO.aspx?ou_id=-100
  • https://orange.csod.com/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
  • https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-19.txl52.r.cloudfront.net
Software
/
Resource Hash
845a6813898d5e3b771c303fd68bd146bbd0a4c51682bec64fbf1466f1f86cde
Security Headers
Name Value
Strict-Transport-Security max-age=156768000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Host
orange.csod.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://www.getabstract.com/en/about-us?u=orangesso&esid=636250688
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ASP.NET_SessionId=rpt4pdsk2wslgf2asugpgzl3
Upgrade-Insecure-Requests
1
Origin
https://www.getabstract.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.getabstract.com/en/about-us?u=orangesso&esid=636250688

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Expires
-1
Server
X-Frame-Options
SAMEORIGIN
Set-Cookie
CYBERU_lastculture=en-US; path=/; secure; HttpOnly; SameSite=None
S-N
ECWT1003
P3P
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Strict-Transport-Security
max-age=156768000; includeSubDomains
Date
Mon, 11 Jan 2021 05:40:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Via
1.1 3987a119dd762046470f5ba503a917ea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL52-C1
X-Amz-Cf-Id
yOvY_7rhSA87IMgIWrWaui_ehskcjOJG6VcDdoDZnU7Ha2nuvRr6-Q==
Age
448

Redirect headers

Content-Type
text/html; charset=utf-8
Content-Length
218
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Expires
-1
Location
/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
Server
X-Robots-Tag
noindex
X-Frame-Options
SAMEORIGIN
Set-Cookie
ASP.NET_SessionId=rpt4pdsk2wslgf2asugpgzl3; path=/; secure; HttpOnly; SameSite=None
true_route
/default.aspx
true_status
Ok
correlation_id
6735c079-c807-4c20-b769-af81a8379003
S-N
ECWT1003
P3P
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Strict-Transport-Security
max-age=156768000; includeSubDomains
Date
Mon, 11 Jan 2021 05:47:32 GMT
X-Cache
Miss from cloudfront
Via
1.1 3987a119dd762046470f5ba503a917ea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL52-C1
X-Amz-Cf-Id
_4TrSCTXM9K1zDPa1CxuobzClIiZooDuK0gurimsR2WF251JrhePSg==
styles.css
orange.csod.com/client/orange/Fonts/ 		845 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orange.csod.com/client/orange/Fonts/styles.css
Requested by
Host: orange.csod.com
URL: https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-19.txl52.r.cloudfront.net
Software
/
Resource Hash
4f8cb4f4cc26afb8b86eb5d01c61d6a7156c1ad9d0f00089141ef9832de548f9
Security Headers
Name Value
Strict-Transport-Security max-age=156768000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=156768000; includeSubDomains
Via
1.1 3987a119dd762046470f5ba503a917ea.cloudfront.net (CloudFront)
ETag
"03ed4244bc8d61:0"
Age
286
X-Cache
Hit from cloudfront
P3P
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
Connection
keep-alive
Content-Length
845
Last-Modified
Wed, 02 Dec 2020 01:33:32 GMT
Server
Cache-Control
max-age=7200
Date
Mon, 11 Jan 2021 05:42:47 GMT
Content-Type
text/css
S-N
ECWT1003
X-Amz-Cf-Pop
TXL52-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
CrQSsN92P_SoT5u0l61BJJWICq8Hiwr2KkItlq7FSwGB0Xx0qXZM9g==
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
WebResource.axd
orange.csod.com/client/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orange.csod.com/client/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZHxccEwv5uzrzlMX4D4SS-bCxI7MzEKbjx5rY82npiqARxepQw2&t=637346534097037378
Requested by
Host: orange.csod.com
URL: https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-19.txl52.r.cloudfront.net
Software
/
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Strict-Transport-Security max-age=156768000; includeSubDomains

Request headers

Referer
https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=156768000; includeSubDomains
Content-Encoding
gzip
Age
83128
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
P3P
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
Connection
keep-alive
Last-Modified
Wed, 02 Sep 2020 21:23:29 GMT
Server
Cache-Control
public
Date
Sun, 10 Jan 2021 06:42:05 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 2d69f677a4a0e3e7eefdf9d24bd43661.cloudfront.net (CloudFront)
Expires
Mon, 10 Jan 2022 01:16:06 GMT
S-N
ECWT1003
X-Amz-Cf-Pop
TXL52-C1
X-Amz-Cf-Id
Nbw6Z1_W8HFsk0F2lYQW7Mtasj8BP4vz10tAT4KSZ-LhThpHJWjcYA==
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
ScriptResource.axd
orange.csod.com/client/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orange.csod.com/client/ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvrsM4JyS-nVsjIQDLkkthQJ1vE56cW9_AKprCPhs92RZ5t70LrMzPCuAiZwYlMrYMw5NpzxGe1qskgtgsTdhFSFYEgROep1XgpXIioXepyjJkzBOXV896tSSAO7KskdipLnAY-Q1&t=ffffffffdfc97409
Requested by
Host: orange.csod.com
URL: https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-19.txl52.r.cloudfront.net
Software
/
Resource Hash
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
Security Headers
Name Value
Strict-Transport-Security max-age=156768000; includeSubDomains

Request headers

Referer
https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=156768000; includeSubDomains
Content-Encoding
gzip
Age
112648
X-Cache
Hit from cloudfront
P3P
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
Connection
keep-alive
Content-Length
25609
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Last-Modified
Sat, 09 Jan 2021 09:01:47 GMT
Server
Date
Sat, 09 Jan 2021 22:30:04 GMT
S-N
ECWT1002
Content-Type
application/x-javascript
Via
1.1 8a8ce1b655547c1da36b64e17700f010.cloudfront.net (CloudFront)
Cache-Control
public
X-Amz-Cf-Pop
TXL52-C1
X-Amz-Cf-Id
BEIGNkrKOxl1BEFCohV4DNvAXfIF57U_I4_OwFEsKiwvhW2pVo4nhQ==
Expires
Sun, 09 Jan 2022 09:01:47 GMT
ScriptResource.axd
orange.csod.com/client/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orange.csod.com/client/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OHXvttwNOPZIjwAW3uQQ65xZ8HG8lJ2bxcDCrFtcyRc9WrS7crvkwueylOsPcgmwKBGZ6GDUcqOl1mE_jugaiUxfXhAmZpK0PcHiPU-ZoSZo6nHl7bThFrgK6JrCu5eVStKRoTA1&t=ffffffffdfc97409
Requested by
Host: orange.csod.com
URL: https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-19.txl52.r.cloudfront.net
Software
/
Resource Hash
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
Security Headers
Name Value
Strict-Transport-Security max-age=156768000; includeSubDomains

Request headers

Referer
https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=156768000; includeSubDomains
Content-Encoding
gzip
Age
150795
X-Cache
Hit from cloudfront
P3P
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
Connection
keep-alive
Content-Length
9984
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Last-Modified
Sat, 09 Jan 2021 02:40:53 GMT
Server
Date
Sat, 09 Jan 2021 11:54:17 GMT
S-N
ECWT1002
Content-Type
application/x-javascript
Via
1.1 6c0a96db840a3c501e2558c2b46fd7ec.cloudfront.net (CloudFront)
Cache-Control
public
X-Amz-Cf-Pop
TXL52-C1
X-Amz-Cf-Id
-i5lOrylD5Z54K_M-N7r-G8LMtLzP-NMgiSnc3JyolGoacm-SRbbYA==
Expires
Sun, 09 Jan 2022 02:40:53 GMT
jquery-3.4.1.min.js
orange.csod.com/client/csodcommon/scripts/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orange.csod.com/client/csodcommon/scripts/jquery-3.4.1.min.js
Requested by
Host: orange.csod.com
URL: https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-19.txl52.r.cloudfront.net
Software
/
Resource Hash
0ba45a120a62f5472e8c932cb61418e9d88a98b94317ee7d90e830d8269b629a
Security Headers
Name Value
Strict-Transport-Security max-age=156768000; includeSubDomains

Request headers

Referer
https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=156768000; includeSubDomains
Content-Encoding
gzip
ETag
"0afa8ff278d61:0"
X-Amz-Cf-Pop
TXL52-C1
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
P3P
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
Connection
keep-alive
Last-Modified
Wed, 01 Apr 2020 13:18:14 GMT
Server
Cache-Control
max-age=7200
Date
Mon, 11 Jan 2021 05:47:33 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 d158c0069ebae5dc0d0401d105ee9c06.cloudfront.net (CloudFront)
S-N
ECWT1002
X-Amz-Cf-Id
6OyTRLkL032oVfh2UeHOjH2PrhbwttdU97Jrc0cvibuyNIz1XEamjg==
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
pop_up_funcs.js
orange.csod.com/core/scripts/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orange.csod.com/core/scripts/pop_up_funcs.js
Requested by
Host: orange.csod.com
URL: https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-19.txl52.r.cloudfront.net
Software
/
Resource Hash
a47c4ed15a0a10c03afe525f6a1ee140f527e98c1b10566692dce3c7c0841d1a
Security Headers
Name Value
Strict-Transport-Security max-age=156768000; includeSubDomains

Request headers

Referer
https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=156768000; includeSubDomains
Content-Encoding
gzip
ETag
W/"080a14ad397d61:0"
true_status
Ok
Age
5122
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
P3P
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
Connection
keep-alive
Last-Modified
Thu, 01 Oct 2020 09:14:40 GMT
Server
Date
Mon, 11 Jan 2021 04:22:10 GMT
true_route
/core/scripts/pop_up_funcs.js
Vary
Accept-Encoding
S-N
ECWT1003
Content-Type
application/javascript
Via
1.1 3987a119dd762046470f5ba503a917ea.cloudfront.net (CloudFront)
Cache-Control
max-age=7200
X-Amz-Cf-Pop
TXL52-C1
X-Amz-Cf-Id
fvlZOWkL1d49uQxdVEFJYQfb9gZxDHGJ4CJIwky3ClQkMnH7DMRLIg==
correlation_id
5d5bc2cc-d005-457a-998d-a812d6338169
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Orange-BG.jpg
orange.csod.com/client/orange/images/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orange.csod.com/client/orange/images/Orange-BG.jpg
Requested by
Host: orange.csod.com
URL: https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-19.txl52.r.cloudfront.net
Software
/
Resource Hash
8a2b98277a48dc394775901a4e8dd535d5df02f9bd8307bd73fb006fe171b13a
Security Headers
Name Value
Strict-Transport-Security max-age=156768000; includeSubDomains

Request headers

Referer
https://orange.csod.com/client/orange/default.aspx?ReturnUrl=https%3a%2f%2forange.csod.com%2fOutboundSSO.aspx%3fou_id%3d-100
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=156768000; includeSubDomains
Via
1.1 2d69f677a4a0e3e7eefdf9d24bd43661.cloudfront.net (CloudFront)
ETag
"03ed4244bc8d61:0"
Age
286
X-Cache
Hit from cloudfront
P3P
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
Connection
keep-alive
Content-Length
2863373
Last-Modified
Wed, 02 Dec 2020 01:33:32 GMT
Server
Cache-Control
max-age=7200
Date
Mon, 11 Jan 2021 05:42:47 GMT
Content-Type
image/jpeg
S-N
ECWT1002
X-Amz-Cf-Pop
TXL52-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
CU0BLAWcpf2t2CYSFkrWltDBmG0kCIIJK-zK3xv0vhC-Tc1THrqicw==
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
HelveticaNeueLTStd-Roman.otf
orange.csod.com/client/orange/Fonts/ 		28 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://orange.csod.com/client/orange/Fonts/HelveticaNeueLTStd-Roman.otf
Requested by
Host: orange.csod.com
URL: https://orange.csod.com/client/orange/Fonts/styles.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-19.txl52.r.cloudfront.net
Software
/
Resource Hash
ee554630913ac7b7359ea477479234f7366c546bbe9a1494ae686f24727701f7
Security Headers
Name Value
Strict-Transport-Security max-age=156768000; includeSubDomains

Request headers

Origin
https://orange.csod.com
Referer
https://orange.csod.com/client/orange/Fonts/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=156768000; includeSubDomains
Content-Encoding
gzip
ETag
W/"03ed4244bc8d61:0"
Age
5123
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
P3P
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
Connection
keep-alive
Last-Modified
Wed, 02 Dec 2020 01:33:32 GMT
Server
Date
Mon, 11 Jan 2021 04:22:10 GMT
Vary
Accept-Encoding
Content-Type
font/otf
Via
1.1 8a8ce1b655547c1da36b64e17700f010.cloudfront.net (CloudFront)
S-N
ECWT1002
X-Amz-Cf-Pop
TXL52-C1
X-Amz-Cf-Id
ZI6zjtNmt1f_K9PZPd-0oFRErZFNH2hf_FuFBr9yAYj3scrZIkiD3w==
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
HelveticaNeueLTStd-Bd.otf
orange.csod.com/client/orange/Fonts/ 		28 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://orange.csod.com/client/orange/Fonts/HelveticaNeueLTStd-Bd.otf
Requested by
Host: orange.csod.com
URL: https://orange.csod.com/client/orange/Fonts/styles.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-19.txl52.r.cloudfront.net
Software
/
Resource Hash
d5d07331db723c013012d0792e68759d3c09bb44f00da0c1471498c7e89a1451
Security Headers
Name Value
Strict-Transport-Security max-age=156768000; includeSubDomains

Request headers

Origin
https://orange.csod.com
Referer
https://orange.csod.com/client/orange/Fonts/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=156768000; includeSubDomains
Content-Encoding
gzip
ETag
W/"03ed4244bc8d61:0"
Age
5123
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
P3P
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
Connection
keep-alive
Last-Modified
Wed, 02 Dec 2020 01:33:32 GMT
Server
Date
Mon, 11 Jan 2021 04:22:10 GMT
Vary
Accept-Encoding
Content-Type
font/otf
Via
1.1 6c0a96db840a3c501e2558c2b46fd7ec.cloudfront.net (CloudFront)
S-N
ECWT1003
X-Amz-Cf-Pop
TXL52-C1
X-Amz-Cf-Id
wYWsYl-f-Po3KcE1bzuPgdHcFf5t_ijRZjKJV9MTErOfQ8D-TzyvEw==
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events function| PageMethods object| htmlElem function| $ function| jQuery object| helpwin object| winVar object| winCal number| relMouseX number| relMouseY function| doPopupAsyncPostback function| popWinDefine function| popWinBlockDetect function| popWin function| popWinResizeable function| showCal function| showPrint function| getObject function| popupWinByName function| CloseWindow function| CloseWindowDlg function| popupWinDlg function| popupWin function| popupWinWithPageRefreshOnClose function| ParentCheckpopupWinIsClosed object| windows function| popupWinNew function| popupTitle function| popupHelpWin function| URLEncode function| popupCalendar function| popupSearch function| popupPSQPreview function| popupSearchNamedWindow function| popupSetSize function| popupCategories function| popupAnswers function| popupQuestionSelection function| popupTestQuestions function| popupSearchLevels function| returnDate function| ShowReport function| ShowExcel function| clearField object| allChecked function| checkAll function| checkAllBySender object| is object| popup function| Body_OnLoad function| Is function| showTimeoutMessage function| newWindow function| MM_preloadImages function| MM_swapImgRestore function| MM_findObj function| MM_swapImage string| custError function| placeholderIsSupported function| doBlurFName

2 Cookies

Domain/Path Name / Value
orange.csod.com/ Name: CYBERU_lastculture
Value: en-US
orange.csod.com/ Name: ASP.NET_SessionId
Value: rpt4pdsk2wslgf2asugpgzl3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block