urlscan.io logo urlscan.io
SecurityTrails logo

sso.daikinapplied.com Open in urlscan Pro
20.119.128.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://daikin-it-capex-ui-prd.azurewebsites.net/
Effective URL: https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcapexprd%26redirect_uri%...
Submission: On June 07 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 20.119.128.6, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is sso.daikinapplied.com.
TLS certificate: Issued by Thawte TLS RSA CA G1 on July 6th 2023. Valid for: a year.
This is the only time sso.daikinapplied.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 20.119.8.57 8075 (MICROSOFT...)
1 15 20.119.128.6 8075 (MICROSOFT...)
18 2
Apex Domain
Subdomains		 Transfer
15 daikinapplied.com
sso.daikinapplied.com
676 KB
4 azurewebsites.net
daikin-it-capex-ui-prd.azurewebsites.net
401 KB
18 2
Domain Requested by
15 sso.daikinapplied.com 1 redirects daikin-it-capex-ui-prd.azurewebsites.net
sso.daikinapplied.com
4 daikin-it-capex-ui-prd.azurewebsites.net daikin-it-capex-ui-prd.azurewebsites.net
18 2

This site contains no links.

Subject Issuer Validity Valid
*.azurewebsites.net
Microsoft Azure RSA TLS Issuing CA 08		 2024-03-13 -
2025-03-08		 a year crt.sh
*.daikinapplied.com
Thawte TLS RSA CA G1		 2023-07-06 -
2024-08-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcapexprd%26redirect_uri%3Dhttps%253A%252F%252Ftimetracker.daikinapplied.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520username%2520role%2520capexapiprd%2520reportee%2520daikinssoapiprd%26state%3D64bac71640664a52b7cb680afbfc4562%26code_challenge%3Dq_mJwKccSJsVicAuJXn5LG_LeOgspEjjr54gadCYFCs%26code_challenge_method%3DS256
Frame ID: DCF931DE511CBC6B6F7898AD6B9178B8
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Daikin SSO (Single Sign-On)

Page URL History Show full URLs

  1. https://daikin-it-capex-ui-prd.azurewebsites.net/ Page URL
  2. https://sso.daikinapplied.com/connect/authorize?client_id=capexprd&redirect_uri=https%3A%2F%2Ftimetracker.... HTTP 302
    https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcape... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1077 kB
Transfer

2313 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://daikin-it-capex-ui-prd.azurewebsites.net/ Page URL
  2. https://sso.daikinapplied.com/connect/authorize?client_id=capexprd&redirect_uri=https%3A%2F%2Ftimetracker.daikinapplied.com%2Fsignin-oidc&response_type=code&scope=openid+email+profile+username+role+capexapiprd+reportee+daikinssoapiprd&state=64bac71640664a52b7cb680afbfc4562&code_challenge=q_mJwKccSJsVicAuJXn5LG_LeOgspEjjr54gadCYFCs&code_challenge_method=S256 HTTP 302
    https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcapexprd%26redirect_uri%3Dhttps%253A%252F%252Ftimetracker.daikinapplied.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520username%2520role%2520capexapiprd%2520reportee%2520daikinssoapiprd%26state%3D64bac71640664a52b7cb680afbfc4562%26code_challenge%3Dq_mJwKccSJsVicAuJXn5LG_LeOgspEjjr54gadCYFCs%26code_challenge_method%3DS256 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
daikin-it-capex-ui-prd.azurewebsites.net/ 		660 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://daikin-it-capex-ui-prd.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.8.57 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0d503009e36941ae51452fb26d558be152ec4f27d85a6dfc4907403951fb6a5e

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Content-Encoding
gzip
Content-Length
520
Content-Type
text/html
Date
Fri, 07 Jun 2024 02:05:17 GMT
ETag
"0e2479badb5da1:0"
Last-Modified
Mon, 03 Jun 2024 12:00:20 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-Powered-By
ASP.NET
main.514f0c99.js
daikin-it-capex-ui-prd.azurewebsites.net/static/js/ 		862 KB
325 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daikin-it-capex-ui-prd.azurewebsites.net/static/js/main.514f0c99.js
Requested by
Host: daikin-it-capex-ui-prd.azurewebsites.net
URL: https://daikin-it-capex-ui-prd.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.8.57 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ab22a39b24c5042181abb24052a69719896ea7300ac5f3fb44090819b3c2f6c3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://daikin-it-capex-ui-prd.azurewebsites.net/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 07 Jun 2024 02:05:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jun 2024 12:00:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0e2479badb5da1:0"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
main.7baabcd2.css
daikin-it-capex-ui-prd.azurewebsites.net/static/css/ 		347 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://daikin-it-capex-ui-prd.azurewebsites.net/static/css/main.7baabcd2.css
Requested by
Host: daikin-it-capex-ui-prd.azurewebsites.net
URL: https://daikin-it-capex-ui-prd.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.8.57 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fba39d835d5641e56aa44ef3f54dcc5795bf5d88bdbd74a08f39fbd52c0f9705

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://daikin-it-capex-ui-prd.azurewebsites.net/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 07 Jun 2024 02:05:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jun 2024 12:00:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0e2479badb5da1:0"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86400
Accept-Ranges
bytes
openid-configuration
sso.daikinapplied.com/.well-known/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sso.daikinapplied.com/.well-known/openid-configuration
Requested by
Host: daikin-it-capex-ui-prd.azurewebsites.net
URL: https://daikin-it-capex-ui-prd.azurewebsites.net/static/js/main.514f0c99.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4db835ad5a3638fc613cbc92d0a4f2c1beecc53b467a502cef1dc01d37038356
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/jwk-set+json, application/json
Referer
https://daikin-it-capex-ui-prd.azurewebsites.net/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 02:05:21 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://daikin-it-capex-ui-prd.azurewebsites.net
logo.png
daikin-it-capex-ui-prd.azurewebsites.net/ 		765 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://daikin-it-capex-ui-prd.azurewebsites.net/logo.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.8.57 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8cead09e47333df59177d6d8e955acf7f0c5914d0f72b691e8aec66ab9f34848

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://daikin-it-capex-ui-prd.azurewebsites.net/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 07 Jun 2024 02:05:20 GMT
Last-Modified
Tue, 19 Mar 2024 16:02:38 GMT
Server
Microsoft-IIS/10.0
ETag
"0a335dd167ada1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
765
Primary Request Login
sso.daikinapplied.com/Account/
Redirect Chain
  • https://sso.daikinapplied.com/connect/authorize?client_id=capexprd&redirect_uri=https%3A%2F%2Ftimetracker.daikinapplied.com%2Fsignin-oidc&response_type=code&scope=openid+email+profile+username+role...
  • https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcapexprd%26redirect_uri%3Dhttps%253A%252F%252Ftimetracker.daikinapplied.com%252Fsignin-oidc%26r...
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcapexprd%26redirect_uri%3Dhttps%253A%252F%252Ftimetracker.daikinapplied.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520username%2520role%2520capexapiprd%2520reportee%2520daikinssoapiprd%26state%3D64bac71640664a52b7cb680afbfc4562%26code_challenge%3Dq_mJwKccSJsVicAuJXn5LG_LeOgspEjjr54gadCYFCs%26code_challenge_method%3DS256
Requested by
Host: daikin-it-capex-ui-prd.azurewebsites.net
URL: https://daikin-it-capex-ui-prd.azurewebsites.net/static/js/main.514f0c99.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3557fb44183e4aa5666bba02cfa67dff8ff7739b9a4f21dd7b4593909a50c858
Security Headers
Name Value
Content-Security-Policy default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
Strict-Transport-Security max-age=2592000
X-Content-Security-Policy default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://daikin-it-capex-ui-prd.azurewebsites.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
content-type
text/html; charset=utf-8
date
Fri, 07 Jun 2024 02:05:22 GMT
pragma
no-cache
referrer-policy
no-referrer
server
Microsoft-IIS/10.0
strict-transport-security
max-age=2592000
vary
Accept-Encoding
x-content-security-policy
default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET

Redirect headers

content-length
0
date
Fri, 07 Jun 2024 02:05:21 GMT
location
https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcapexprd%26redirect_uri%3Dhttps%253A%252F%252Ftimetracker.daikinapplied.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520username%2520role%2520capexapiprd%2520reportee%2520daikinssoapiprd%26state%3D64bac71640664a52b7cb680afbfc4562%26code_challenge%3Dq_mJwKccSJsVicAuJXn5LG_LeOgspEjjr54gadCYFCs%26code_challenge_method%3DS256
server
Microsoft-IIS/10.0
strict-transport-security
max-age=2592000
x-powered-by
ASP.NET
bootstrap.min.css
sso.daikinapplied.com/lib/bootstrap/css/ 		152 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.daikinapplied.com/lib/bootstrap/css/bootstrap.min.css?v=zX1ksOX8wtuKe8eod5obEahLSUsrr5tiX4uV9Zvkgak
Requested by
Host: sso.daikinapplied.com
URL: https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcapexprd%26redirect_uri%3Dhttps%253A%252F%252Ftimetracker.daikinapplied.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520username%2520role%2520capexapiprd%2520reportee%2520daikinssoapiprd%26state%3D64bac71640664a52b7cb680afbfc4562%26code_challenge%3Dq_mJwKccSJsVicAuJXn5LG_LeOgspEjjr54gadCYFCs%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cd7d64b0e5fcc2db8a7bc7a8779a1b11a84b494b2baf9b625f8b95f59be481a9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 02:05:22 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 17 May 2024 23:01:12 GMT
server
Microsoft-IIS/10.0
etag
"1daa8ae1cb34ccb"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
all.min.css
sso.daikinapplied.com/lib/fontawesome/css/ 		170 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.daikinapplied.com/lib/fontawesome/css/all.min.css?v=-lyzCArkWmZPKDh85EC5xPo7aJLbF4Njfa-hW2acrtM
Requested by
Host: sso.daikinapplied.com
URL: https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcapexprd%26redirect_uri%3Dhttps%253A%252F%252Ftimetracker.daikinapplied.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520username%2520role%2520capexapiprd%2520reportee%2520daikinssoapiprd%26state%3D64bac71640664a52b7cb680afbfc4562%26code_challenge%3Dq_mJwKccSJsVicAuJXn5LG_LeOgspEjjr54gadCYFCs%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fa5cb3080ae45a664f28387ce440b9c4fa3b6892db1783637dafa15b669caed3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 02:05:22 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 17 May 2024 23:01:12 GMT
server
Microsoft-IIS/10.0
etag
"1daa8ae1cb38501"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
sso.min.css
sso.daikinapplied.com/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.daikinapplied.com/css/sso.min.css?v=zq-J2isqiJpuLF5MhclrT5qVborQmBkBqVVHkzP51Kk
Requested by
Host: sso.daikinapplied.com
URL: https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcapexprd%26redirect_uri%3Dhttps%253A%252F%252Ftimetracker.daikinapplied.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520username%2520role%2520capexapiprd%2520reportee%2520daikinssoapiprd%26state%3D64bac71640664a52b7cb680afbfc4562%26code_challenge%3Dq_mJwKccSJsVicAuJXn5LG_LeOgspEjjr54gadCYFCs%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ceaf89da2b2a889a6e2c5e4c85c96b4f9a956e8ad0981901a955479333f9d4a9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 02:05:22 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 17 May 2024 23:01:12 GMT
server
Microsoft-IIS/10.0
etag
"1daa8ae1cb13925"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
jquery.min.js
sso.daikinapplied.com/lib/jquery/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.daikinapplied.com/lib/jquery/jquery.min.js?v=zp0HUArZHsK1JMJwdk7EyaM-eDINjTdOxADt5Ij2JRs
Requested by
Host: sso.daikinapplied.com
URL: https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcapexprd%26redirect_uri%3Dhttps%253A%252F%252Ftimetracker.daikinapplied.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520username%2520role%2520capexapiprd%2520reportee%2520daikinssoapiprd%26state%3D64bac71640664a52b7cb680afbfc4562%26code_challenge%3Dq_mJwKccSJsVicAuJXn5LG_LeOgspEjjr54gadCYFCs%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 02:05:22 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 17 May 2024 23:01:12 GMT
server
Microsoft-IIS/10.0
etag
"1daa8ae1cb0719f"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
Daikin.png
sso.daikinapplied.com/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.daikinapplied.com/images/Daikin.png
Requested by
Host: sso.daikinapplied.com
URL: https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcapexprd%26redirect_uri%3Dhttps%253A%252F%252Ftimetracker.daikinapplied.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520username%2520role%2520capexapiprd%2520reportee%2520daikinssoapiprd%26state%3D64bac71640664a52b7cb680afbfc4562%26code_challenge%3Dq_mJwKccSJsVicAuJXn5LG_LeOgspEjjr54gadCYFCs%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2331c4e0742ceb371dce490bd82187d09ff239667be2b8762f855dc7ed4cd4fe
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 02:05:22 GMT
strict-transport-security
max-age=2592000
last-modified
Fri, 17 May 2024 23:01:12 GMT
server
Microsoft-IIS/10.0
etag
"1daa8ae1cb1190e"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
13582
login.js
sso.daikinapplied.com/js/ 		912 B
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.daikinapplied.com/js/login.js?v=20240603011945
Requested by
Host: sso.daikinapplied.com
URL: https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcapexprd%26redirect_uri%3Dhttps%253A%252F%252Ftimetracker.daikinapplied.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520username%2520role%2520capexapiprd%2520reportee%2520daikinssoapiprd%26state%3D64bac71640664a52b7cb680afbfc4562%26code_challenge%3Dq_mJwKccSJsVicAuJXn5LG_LeOgspEjjr54gadCYFCs%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a035d66e31bcd58838bf7a4e07ddf11ca8720e271951e54d1d9d1d4cb4f67486
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 02:05:22 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 17 May 2024 23:01:12 GMT
server
Microsoft-IIS/10.0
etag
"1daa8ae1cb12f90"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
bootstrap.bundle.min.js
sso.daikinapplied.com/lib/bootstrap/js/ 		77 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.daikinapplied.com/lib/bootstrap/js/bootstrap.bundle.min.js?v=KVUhmryy-FO8u7X2_Rb8yLdQs23JYmhieclSP3peL2Q
Requested by
Host: sso.daikinapplied.com
URL: https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcapexprd%26redirect_uri%3Dhttps%253A%252F%252Ftimetracker.daikinapplied.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520username%2520role%2520capexapiprd%2520reportee%2520daikinssoapiprd%26state%3D64bac71640664a52b7cb680afbfc4562%26code_challenge%3Dq_mJwKccSJsVicAuJXn5LG_LeOgspEjjr54gadCYFCs%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2955219abcb2f853bcbbb5f6fd16fcc8b750b36dc962686279c9523f7a5e2f64
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 02:05:22 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 17 May 2024 23:01:12 GMT
server
Microsoft-IIS/10.0
etag
"1daa8ae1cb01f9d"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
sso.js
sso.daikinapplied.com/js/ 		458 B
422 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.daikinapplied.com/js/sso.js?v=aCbLNKOEA0j4xMgb04IxIsbAEL4kfxp782wx3aehx_M
Requested by
Host: sso.daikinapplied.com
URL: https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcapexprd%26redirect_uri%3Dhttps%253A%252F%252Ftimetracker.daikinapplied.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520username%2520role%2520capexapiprd%2520reportee%2520daikinssoapiprd%26state%3D64bac71640664a52b7cb680afbfc4562%26code_challenge%3Dq_mJwKccSJsVicAuJXn5LG_LeOgspEjjr54gadCYFCs%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ce798862bff982b70bd44de0a2e12a433de670f1d2e1a4e8a75e804257754b49
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 02:05:22 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 17 May 2024 23:01:12 GMT
server
Microsoft-IIS/10.0
etag
"1daa8ae1cb12dca"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
Wallpaper6.jpg
sso.daikinapplied.com/images/ 		301 KB
301 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.daikinapplied.com/images/Wallpaper6.jpg
Requested by
Host: sso.daikinapplied.com
URL: https://sso.daikinapplied.com/css/sso.min.css?v=zq-J2isqiJpuLF5MhclrT5qVborQmBkBqVVHkzP51Kk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
328e0b1e57ec2c34fdb4a9443c579a9b96d34e82488281cca72f9a08400a9777
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sso.daikinapplied.com/css/sso.min.css?v=zq-J2isqiJpuLF5MhclrT5qVborQmBkBqVVHkzP51Kk
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 02:05:23 GMT
strict-transport-security
max-age=2592000
last-modified
Fri, 17 May 2024 23:01:12 GMT
server
Microsoft-IIS/10.0
etag
"1daa8ae1cb59814"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
308244
fa-solid-900.woff2
sso.daikinapplied.com/lib/fontawesome/webfonts/ 		134 KB
134 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso.daikinapplied.com/lib/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: sso.daikinapplied.com
URL: https://sso.daikinapplied.com/lib/fontawesome/css/all.min.css?v=-lyzCArkWmZPKDh85EC5xPo7aJLbF4Njfa-hW2acrtM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sso.daikinapplied.com/lib/fontawesome/css/all.min.css?v=-lyzCArkWmZPKDh85EC5xPo7aJLbF4Njfa-hW2acrtM
Origin
https://sso.daikinapplied.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 02:05:23 GMT
strict-transport-security
max-age=2592000
last-modified
Fri, 17 May 2024 23:01:12 GMT
server
Microsoft-IIS/10.0
etag
"1daa8ae1cb33a78"
x-powered-by
ASP.NET
content-type
font/woff2
accept-ranges
bytes
content-length
136824
favicon.ico
sso.daikinapplied.com/ 		76 KB
76 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sso.daikinapplied.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f8fe897d7214673fe0035041ab8b381bdd5fc769e7cd96f612a60975d3f98ae0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 02:05:23 GMT
strict-transport-security
max-age=2592000
last-modified
Fri, 17 May 2024 23:01:12 GMT
server
Microsoft-IIS/10.0
etag
"1daa8ae1cb01c3b"
x-powered-by
ASP.NET
content-type
image/x-icon
accept-ranges
bytes
content-length
77883
favicon.ico
sso.daikinapplied.com/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://sso.daikinapplied.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.119.128.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f8fe897d7214673fe0035041ab8b381bdd5fc769e7cd96f612a60975d3f98ae0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 02:05:23 GMT
last-modified
Fri, 17 May 2024 23:01:12 GMT
server
Microsoft-IIS/10.0
etag
"1daa8ae1cb01c3b"
x-powered-by
ASP.NET
content-type
image/x-icon
accept-ranges
bytes
content-length
77883

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| uidEvent object| bootstrap function| ShowPassword function| SetShowPasswordEvent function| CheckCaps function| DisplayCapsOn function| DisplayCapsOff

5 Cookies

Domain/Path Name / Value
.daikin-it-capex-ui-prd.azurewebsites.net/ Name: ARRAffinity
Value: e3d9f2a62014becff92297b6b97d0e101c50865993cd5cf8d4af41782a093aeb
.daikin-it-capex-ui-prd.azurewebsites.net/ Name: ARRAffinitySameSite
Value: e3d9f2a62014becff92297b6b97d0e101c50865993cd5cf8d4af41782a093aeb
.sso.daikinapplied.com/ Name: ARRAffinity
Value: fb4d5463fa3a59318f2897f54bc46f826967668a97cb35e11c0a6bb9bce4aab2
.sso.daikinapplied.com/ Name: ARRAffinitySameSite
Value: fb4d5463fa3a59318f2897f54bc46f826967668a97cb35e11c0a6bb9bce4aab2
sso.daikinapplied.com/ Name: .AspNetCore.Antiforgery.zbjUl449ekk
Value: CfDJ8N3QtNL4N1ZGn7tgJ6qn8cMm8Zd-TEZx_vmucLAM93dleZhSwHOiw5gpelyOkK10lfMSfJ4yUDfJqy466VO9nR-MQzYgPcjLyvSknQoMk3k64L5ZUgMo2GLQ3YZkn6tx3FReQ_Vf4_yyIxUpEvC5IA4

3 Console Messages

Source Level URL
Text
security warning URL: https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcapexprd%26redirect_uri%3Dhttps%253A%252F%252Ftimetracker.daikinapplied.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520username%2520role%2520capexapiprd%2520reportee%2520daikinssoapiprd%26state%3D64bac71640664a52b7cb680afbfc4562%26code_challenge%3Dq_mJwKccSJsVicAuJXn5LG_LeOgspEjjr54gadCYFCs%26code_challenge_method%3DS256
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error URL: https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcapexprd%26redirect_uri%3Dhttps%253A%252F%252Ftimetracker.daikinapplied.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520username%2520role%2520capexapiprd%2520reportee%2520daikinssoapiprd%26state%3D64bac71640664a52b7cb680afbfc4562%26code_challenge%3Dq_mJwKccSJsVicAuJXn5LG_LeOgspEjjr54gadCYFCs%26code_challenge_method%3DS256(Line 16)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-pd1nGgve+WSnfZGMUTFSq3uU7kFpwLTozMy99uQX5zE='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://sso.daikinapplied.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcapexprd%26redirect_uri%3Dhttps%253A%252F%252Ftimetracker.daikinapplied.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520username%2520role%2520capexapiprd%2520reportee%2520daikinssoapiprd%26state%3D64bac71640664a52b7cb680afbfc4562%26code_challenge%3Dq_mJwKccSJsVicAuJXn5LG_LeOgspEjjr54gadCYFCs%26code_challenge_method%3DS256(Line 51)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-biLFinpqYMtWHmXfkA1BPeCY0/fNt46SAZ+BBk5YUog='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.