urlscan.io logo urlscan.io
SecurityTrails logo

accounts-test-74.topazdev.oolean.id Open in urlscan Pro
35.240.242.59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://accounts-test-74.topazdev.oolean.id/
Effective URL: https://accounts-test-74.topazdev.oolean.id/Account/Login
Submission: On January 30 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 35.240.242.59, located in Ascension Island and belongs to GOOGLE, US. The main domain is accounts-test-74.topazdev.oolean.id.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 30th 2020. Valid for: 3 months.
This is the only time accounts-test-74.topazdev.oolean.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 35.240.242.59 15169 (GOOGLE)
17 1
Apex Domain
Subdomains		 Transfer
18 oolean.id
accounts-test-74.topazdev.oolean.id
1 MB
17 1
Domain Requested by
18 accounts-test-74.topazdev.oolean.id 1 redirects accounts-test-74.topazdev.oolean.id
17 1

This site contains links to these domains. Also see Links.

Domain
oolean.id
agate.id
Subject Issuer Validity Valid
accounts-test-74.topazdev.oolean.id
Let's Encrypt Authority X3		 2020-01-30 -
2020-04-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://accounts-test-74.topazdev.oolean.id/Account/Login
Frame ID: 25E6F393839BBC6599A87252EEF6AF78
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://accounts-test-74.topazdev.oolean.id/ HTTP 302
    https://accounts-test-74.topazdev.oolean.id/Account/Login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1096 kB
Transfer

2573 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://accounts-test-74.topazdev.oolean.id/ HTTP 302
    https://accounts-test-74.topazdev.oolean.id/Account/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
accounts-test-74.topazdev.oolean.id/Account/
Redirect Chain
  • https://accounts-test-74.topazdev.oolean.id/
  • https://accounts-test-74.topazdev.oolean.id/Account/Login
58 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts-test-74.topazdev.oolean.id/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.242.59 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
59.242.240.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
83eca8498f19eded9e55376cc86e651f02af6ca8f749618a7402a134f49457ff
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: https://storage.googleapis.com/ https://www.google-analytics.com; script-src 'self' https://www.google-analytics.com; connect-src 'self' https://storage.googleapis.com;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: https://storage.googleapis.com/ https://www.google-analytics.com; script-src 'self' https://www.google-analytics.com; connect-src 'self' https://storage.googleapis.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
accounts-test-74.topazdev.oolean.id
:scheme
https
:path
/Account/Login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
cookie
route=bd64666210e21001e420a0e02e486cd1; _ga=OOLEAN.y8KpSJsDBuEbOU.-
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
server
nginx/1.15.9
date
Thu, 30 Jan 2020 03:51:30 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
no-cache, no-store
pragma
no-cache
set-cookie
.AspNetCore.Antiforgery.9TtSrW0hzOs=CfDJ8EPaT_bwsD1OqfVVIfNLQpOxZf2K3T_pawrQ2pIvhvj-scx1nyHxD_NT_wOyiuBByb9mMgbkFJvBR_UoXBPlECeOR-M7OXwYeMvZIiwThnSFkjjlOGqJa6t8uW74X6az_hmNy7dOulc_-8OTci41EuU; path=/; samesite=strict; httponly .AspNetCore.Mvc.CookieTempDataProvider=CfDJ8EPaT_bwsD1OqfVVIfNLQpMQs0AZMBoJZy0gbjJED-__bvrkV3_Tw47Jh4r7ge8-JmWnJLxSq6bHw8rPkH-B0RdsoG7CV8XTG0-Ap9O5_jtP9kcAfd8NMwUizH1X0qEfTZlVCwyzuFaMGLFynQlUN1e_PL-xziRiw7xuWzSIGOm13mq8hCpJnbvqtbiOwjJxT_SwI-HVp5Tn2gel-e84LvdUgt36VgbqAT2oWf_fvjYXjPtdArq4-HlPxWtu3DalzQ; path=/; samesite=lax; httponly
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: https://storage.googleapis.com/ https://www.google-analytics.com; script-src 'self' https://www.google-analytics.com; connect-src 'self' https://storage.googleapis.com;
x-content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: https://storage.googleapis.com/ https://www.google-analytics.com; script-src 'self' https://www.google-analytics.com; connect-src 'self' https://storage.googleapis.com;
referrer-policy
no-referrer
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip

Redirect headers

status
302
server
nginx/1.15.9
date
Thu, 30 Jan 2020 03:51:29 GMT
content-length
0
set-cookie
route=bd64666210e21001e420a0e02e486cd1; Expires=Sat, 01-Feb-20 03:51:29 GMT; Max-Age=172800; Path=/; Secure; HttpOnly _ga=OOLEAN.y8KpSJsDBuEbOU.-; path=/
location
/Account/Login
strict-transport-security
max-age=15724800; includeSubDomains
font-awesome.min.css
accounts-test-74.topazdev.oolean.id/vendors/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts-test-74.topazdev.oolean.id/vendors/font-awesome/css/font-awesome.min.css
Requested by
Host: accounts-test-74.topazdev.oolean.id
URL: https://accounts-test-74.topazdev.oolean.id/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.242.59 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
59.242.240.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 03:51:30 GMT
content-encoding
gzip
last-modified
Tue, 17 Dec 2019 02:54:13 GMT
server
nginx/1.15.9
etag
W/"1d5b485434b8198"
vary
Accept-Encoding
content-type
text/css
status
200
strict-transport-security
max-age=15724800; includeSubDomains
bootstrap.min.css
accounts-test-74.topazdev.oolean.id/vendors/mdbootsrap/css/ 		138 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts-test-74.topazdev.oolean.id/vendors/mdbootsrap/css/bootstrap.min.css
Requested by
Host: accounts-test-74.topazdev.oolean.id
URL: https://accounts-test-74.topazdev.oolean.id/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.242.59 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
59.242.240.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
08ebcb59d11a140df5b124111c23346744d4db486ac01d2a8bfd60248ac37b4c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 03:51:30 GMT
content-encoding
gzip
last-modified
Tue, 17 Dec 2019 02:54:13 GMT
server
nginx/1.15.9
etag
W/"1d5b4854349dee2"
vary
Accept-Encoding
content-type
text/css
status
200
strict-transport-security
max-age=15724800; includeSubDomains
mdb.min.css
accounts-test-74.topazdev.oolean.id/vendors/mdbootsrap/css/ 		389 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts-test-74.topazdev.oolean.id/vendors/mdbootsrap/css/mdb.min.css
Requested by
Host: accounts-test-74.topazdev.oolean.id
URL: https://accounts-test-74.topazdev.oolean.id/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.242.59 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
59.242.240.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
6c2eda851e7054611779c4fd5c3272037cea830a5cc592172ec9566c319d8303
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 03:51:30 GMT
content-encoding
gzip
last-modified
Tue, 17 Dec 2019 02:54:13 GMT
server
nginx/1.15.9
etag
W/"1d5b485434deceb"
vary
Accept-Encoding
content-type
text/css
status
200
strict-transport-security
max-age=15724800; includeSubDomains
oolean-login.css
accounts-test-74.topazdev.oolean.id/Oolean/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts-test-74.topazdev.oolean.id/Oolean/css/oolean-login.css
Requested by
Host: accounts-test-74.topazdev.oolean.id
URL: https://accounts-test-74.topazdev.oolean.id/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.242.59 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
59.242.240.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
f24a8bfe3c0058ac79bd58deff3e6425e567b2388938a57bbf896c38e4b4c53f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 03:51:30 GMT
content-encoding
gzip
last-modified
Fri, 03 Jan 2020 04:01:50 GMT
server
nginx/1.15.9
etag
W/"1d5c1ea867af642"
vary
Accept-Encoding
content-type
text/css
status
200
strict-transport-security
max-age=15724800; includeSubDomains
Oolean.png
accounts-test-74.topazdev.oolean.id/Oolean/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts-test-74.topazdev.oolean.id/Oolean/images/Oolean.png
Requested by
Host: accounts-test-74.topazdev.oolean.id
URL: https://accounts-test-74.topazdev.oolean.id/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.242.59 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
59.242.240.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
4ee2bc811a1614ae8b4f5bd0884ab81d4948a6447fa89098c064c64d5adc1491
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 03:51:30 GMT
last-modified
Tue, 17 Dec 2019 02:54:13 GMT
server
nginx/1.15.9
etag
"1d5b485434bdd62"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
status
200
accept-ranges
bytes
content-length
9698
jquery-3.2.1.min.js
accounts-test-74.topazdev.oolean.id/vendors/mdbootsrap/js/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-test-74.topazdev.oolean.id/vendors/mdbootsrap/js/jquery-3.2.1.min.js
Requested by
Host: accounts-test-74.topazdev.oolean.id
URL: https://accounts-test-74.topazdev.oolean.id/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.242.59 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
59.242.240.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 03:51:30 GMT
content-encoding
gzip
last-modified
Tue, 17 Dec 2019 02:54:13 GMT
server
nginx/1.15.9
etag
W/"1d5b485434aaa03"
vary
Accept-Encoding
content-type
application/javascript
status
200
strict-transport-security
max-age=15724800; includeSubDomains
popper.min.js
accounts-test-74.topazdev.oolean.id/vendors/mdbootsrap/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-test-74.topazdev.oolean.id/vendors/mdbootsrap/js/popper.min.js
Requested by
Host: accounts-test-74.topazdev.oolean.id
URL: https://accounts-test-74.topazdev.oolean.id/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.242.59 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
59.242.240.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
625b022a42ed5d9c39911e42050f4fd9834ea039af978b7716f7800ade95eb55
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 03:51:30 GMT
content-encoding
gzip
last-modified
Tue, 17 Dec 2019 02:54:13 GMT
server
nginx/1.15.9
etag
W/"1d5b485434bb27d"
vary
Accept-Encoding
content-type
application/javascript
status
200
strict-transport-security
max-age=15724800; includeSubDomains
bootstrap.min.js
accounts-test-74.topazdev.oolean.id/vendors/mdbootsrap/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-test-74.topazdev.oolean.id/vendors/mdbootsrap/js/bootstrap.min.js
Requested by
Host: accounts-test-74.topazdev.oolean.id
URL: https://accounts-test-74.topazdev.oolean.id/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.242.59 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
59.242.240.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 03:51:30 GMT
content-encoding
gzip
last-modified
Tue, 17 Dec 2019 02:54:13 GMT
server
nginx/1.15.9
etag
W/"1d5b485434b47b0"
vary
Accept-Encoding
content-type
application/javascript
status
200
strict-transport-security
max-age=15724800; includeSubDomains
mdb.min.js
accounts-test-74.topazdev.oolean.id/vendors/mdbootsrap/js/ 		378 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-test-74.topazdev.oolean.id/vendors/mdbootsrap/js/mdb.min.js
Requested by
Host: accounts-test-74.topazdev.oolean.id
URL: https://accounts-test-74.topazdev.oolean.id/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.242.59 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
59.242.240.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
c4b944713e6cfaa8d67c28dc7e7745bae31e92fa9596403a60f299129276b6e5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 03:51:30 GMT
content-encoding
gzip
last-modified
Tue, 17 Dec 2019 02:54:13 GMT
server
nginx/1.15.9
etag
W/"1d5b485434e1fc8"
vary
Accept-Encoding
content-type
application/javascript
status
200
strict-transport-security
max-age=15724800; includeSubDomains
login.js
accounts-test-74.topazdev.oolean.id/Oolean/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-test-74.topazdev.oolean.id/Oolean/js/login.js
Requested by
Host: accounts-test-74.topazdev.oolean.id
URL: https://accounts-test-74.topazdev.oolean.id/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.242.59 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
59.242.240.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
ddc85d77ca290b3214a602446fc8f3e3f6ef32af619f8c323652c1fa268662a4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 03:51:30 GMT
content-encoding
gzip
last-modified
Tue, 17 Dec 2019 02:54:13 GMT
server
nginx/1.15.9
etag
W/"1d5b485434be145"
vary
Accept-Encoding
content-type
application/javascript
status
200
strict-transport-security
max-age=15724800; includeSubDomains
jquery.validate.js
accounts-test-74.topazdev.oolean.id/lib/jquery-validation/dist/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-test-74.topazdev.oolean.id/lib/jquery-validation/dist/jquery.validate.js
Requested by
Host: accounts-test-74.topazdev.oolean.id
URL: https://accounts-test-74.topazdev.oolean.id/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.242.59 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
59.242.240.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
c9acdf688876497bbcacf7a7c83d9fdfaa4a82b92fe574fe0d0083a59fde0daa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 03:51:30 GMT
content-encoding
gzip
last-modified
Tue, 17 Dec 2019 02:54:13 GMT
server
nginx/1.15.9
etag
W/"1d5b485434b46a4"
vary
Accept-Encoding
content-type
application/javascript
status
200
strict-transport-security
max-age=15724800; includeSubDomains
jquery.validate.unobtrusive.js
accounts-test-74.topazdev.oolean.id/lib/jquery-validation-unobtrusive/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-test-74.topazdev.oolean.id/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.js
Requested by
Host: accounts-test-74.topazdev.oolean.id
URL: https://accounts-test-74.topazdev.oolean.id/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.242.59 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
59.242.240.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
af945f7afff92be2e6f6c6d505262628cf0192ad62bd0350ca96b62d9346b928
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 03:51:30 GMT
content-encoding
gzip
last-modified
Tue, 17 Dec 2019 02:54:13 GMT
server
nginx/1.15.9
etag
W/"1d5b485434bb3f6"
vary
Accept-Encoding
content-type
application/javascript
status
200
strict-transport-security
max-age=15724800; includeSubDomains
OoleanBG.svg
accounts-test-74.topazdev.oolean.id/Oolean/images/ 		1 MB
671 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts-test-74.topazdev.oolean.id/Oolean/images/OoleanBG.svg
Requested by
Host: accounts-test-74.topazdev.oolean.id
URL: https://accounts-test-74.topazdev.oolean.id/vendors/mdbootsrap/js/mdb.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.242.59 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
59.242.240.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
cd1ab09683bf12e67a9a1703d8b425159c15c0ff413e7c9086049d471e6a29b4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://accounts-test-74.topazdev.oolean.id/Oolean/css/oolean-login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 03:51:31 GMT
content-encoding
gzip
last-modified
Tue, 17 Dec 2019 02:54:13 GMT
server
nginx/1.15.9
etag
W/"1d5b4854359082d"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
strict-transport-security
max-age=15724800; includeSubDomains
Google%20Button.svg
accounts-test-74.topazdev.oolean.id/Oolean/images/ 		6 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts-test-74.topazdev.oolean.id/Oolean/images/Google%20Button.svg
Requested by
Host: accounts-test-74.topazdev.oolean.id
URL: https://accounts-test-74.topazdev.oolean.id/vendors/mdbootsrap/js/mdb.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.242.59 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
59.242.240.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
2e3675ef088c45107ea1d28485c4a2cec6e99b81a21a1f82d0ab0c3f93051951
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://accounts-test-74.topazdev.oolean.id/Oolean/css/oolean-login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 03:51:31 GMT
content-encoding
gzip
last-modified
Tue, 17 Dec 2019 02:54:13 GMT
server
nginx/1.15.9
etag
W/"1d5b485434be168"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
strict-transport-security
max-age=15724800; includeSubDomains
OdudoSoft-Regular.otf
accounts-test-74.topazdev.oolean.id/Oolean/css/fonts/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts-test-74.topazdev.oolean.id/Oolean/css/fonts/OdudoSoft-Regular.otf
Requested by
Host: accounts-test-74.topazdev.oolean.id
URL: https://accounts-test-74.topazdev.oolean.id/vendors/mdbootsrap/js/mdb.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.242.59 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
59.242.240.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
4cd9ff4f1c79be85c4402b86587c448d0dd04b44f621e9bfb924ac0c5b0ef3ea
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://accounts-test-74.topazdev.oolean.id/Oolean/css/oolean-login.css
Origin
https://accounts-test-74.topazdev.oolean.id

Response headers

date
Thu, 30 Jan 2020 03:51:31 GMT
last-modified
Tue, 17 Dec 2019 02:54:13 GMT
server
nginx/1.15.9
etag
"1d5b485434b6df4"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
font/otf
status
200
accept-ranges
bytes
content-length
38260
fontawesome-webfont.woff2
accounts-test-74.topazdev.oolean.id/vendors/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts-test-74.topazdev.oolean.id/vendors/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: accounts-test-74.topazdev.oolean.id
URL: https://accounts-test-74.topazdev.oolean.id/vendors/mdbootsrap/js/mdb.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.242.59 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
59.242.240.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://accounts-test-74.topazdev.oolean.id/vendors/font-awesome/css/font-awesome.min.css
Origin
https://accounts-test-74.topazdev.oolean.id

Response headers

date
Thu, 30 Jan 2020 03:51:31 GMT
last-modified
Tue, 17 Dec 2019 02:54:13 GMT
server
nginx/1.15.9
etag
"1d5b485434ad5e8"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
font/woff2
status
200
accept-ranges
bytes
content-length
77160

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| Popper object| bootstrap function| WOW number| OFFSET_TOP function| _typeof number| SMOOTH_SCROLL_DURATION object| dropdownSelectors function| dropdownEffectData function| dropdownEffectStart function| dropdownEffectEnd function| _createClass function| _classCallCheck function| initPhotoSwipeFromDOM function| Color function| Chart object| Waves object| toastr function| Hammer function| Picker function| PhotoSwipe function| PhotoSwipeUI_Default object| PerfectScrollbar object| Ps function| jarallax function| VideoWorker string| $tooltipEmail object| $labelContainer object| $tooltipContainer object| $hiddenDiv

4 Cookies

Domain/Path Name / Value
accounts-test-74.topazdev.oolean.id/ Name: .AspNetCore.Mvc.CookieTempDataProvider
Value: CfDJ8EPaT_bwsD1OqfVVIfNLQpMQs0AZMBoJZy0gbjJED-__bvrkV3_Tw47Jh4r7ge8-JmWnJLxSq6bHw8rPkH-B0RdsoG7CV8XTG0-Ap9O5_jtP9kcAfd8NMwUizH1X0qEfTZlVCwyzuFaMGLFynQlUN1e_PL-xziRiw7xuWzSIGOm13mq8hCpJnbvqtbiOwjJxT_SwI-HVp5Tn2gel-e84LvdUgt36VgbqAT2oWf_fvjYXjPtdArq4-HlPxWtu3DalzQ
accounts-test-74.topazdev.oolean.id/ Name: _ga
Value: OOLEAN.y8KpSJsDBuEbOU.-
accounts-test-74.topazdev.oolean.id/ Name: .AspNetCore.Antiforgery.9TtSrW0hzOs
Value: CfDJ8EPaT_bwsD1OqfVVIfNLQpOxZf2K3T_pawrQ2pIvhvj-scx1nyHxD_NT_wOyiuBByb9mMgbkFJvBR_UoXBPlECeOR-M7OXwYeMvZIiwThnSFkjjlOGqJa6t8uW74X6az_hmNy7dOulc_-8OTci41EuU
accounts-test-74.topazdev.oolean.id/ Name: route
Value: bd64666210e21001e420a0e02e486cd1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: https://storage.googleapis.com/ https://www.google-analytics.com; script-src 'self' https://www.google-analytics.com; connect-src 'self' https://storage.googleapis.com;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: https://storage.googleapis.com/ https://www.google-analytics.com; script-src 'self' https://www.google-analytics.com; connect-src 'self' https://storage.googleapis.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN