sandbox-login.atmanco.com Open in urlscan Pro
152.199.21.175  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response sandbox-login.atmanco.com/	1 KB 2 KB	287ms 72ms	Document text/html	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://sandbox-login.atmanco.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8F68) / Resource Hash 0d609efb6895bc2a8d3854bf92953c6342e88b181bcb54bb5063929569725a16 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'none'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src fonts.gstatic.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; connect-src *.atmanco.com; img-src 'self' atmanstorageca.blob.core.windows.net Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :method GET :authority sandbox-login.atmanco.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers accept-ranges bytes age 12941 content-md5 rNWhFZirFIAFnSBMsK+SGw== content-security-policy default-src 'self'; script-src 'self'; object-src 'none'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src fonts.gstatic.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; connect-src *.atmanco.com; img-src 'self' atmanstorageca.blob.core.windows.net content-type text/html date Fri, 01 Oct 2021 00:27:42 GMT etag "0x8D968B54104E531" last-modified Thu, 26 Aug 2021 17:16:33 GMT server ECAcc (frc/8F68) strict-transport-security max-age=63072000 x-cache HIT x-content-type-options nosniff x-frame-options DENY x-ms-error-code ConditionNotMet x-ms-request-id fcffe60b-c01e-0056-1a3d-b63b5e000000 x-ms-version 2018-03-28 x-xss-protection 1; mode=block content-length 1530
GET H2	200	css2 fonts.googleapis.com/	5 KB 1 KB	236ms 83ms	Stylesheet text/css	142.250.185.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Domine:wght@700&family=Quicksand:wght@400;500;600;700&display=swap Requested by Host: sandbox-login.atmanco.com URL: https://sandbox-login.atmanco.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f10.1e100.net Software ESF / Resource Hash 62e97af5c615b510d068dae3fc8a95c37057f3172e6b35306bab450974081486 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sandbox-login.atmanco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 01 Oct 2021 00:27:42 GMT server ESF date Fri, 01 Oct 2021 00:27:42 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Fri, 01 Oct 2021 00:27:42 GMT
GET H2	200	bundle.b62a6ede940701a58810.js Show response sandbox-login.atmanco.com/	8 MB 8 MB	695ms 694ms	Script application/x-javascript	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://sandbox-login.atmanco.com/bundle.b62a6ede940701a58810.js Requested by Host: sandbox-login.atmanco.com URL: https://sandbox-login.atmanco.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 2e3376de5720fa67f4f405efd2ff4b49f7ba14076a91991d55d10b2db31bce86 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'none'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src fonts.gstatic.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; connect-src *.atmanco.com; img-src 'self' atmanstorageca.blob.core.windows.net Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /bundle.b62a6ede940701a58810.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority sandbox-login.atmanco.com referer https://sandbox-login.atmanco.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sandbox-login.atmanco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy default-src 'self'; script-src 'self'; object-src 'none'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src fonts.gstatic.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; connect-src *.atmanco.com; img-src 'self' atmanstorageca.blob.core.windows.net x-content-type-options nosniff content-md5 5ppX5YLqdxzzxLyoPex/Sw== content-length 8861702 x-xss-protection 1; mode=block last-modified Thu, 26 Aug 2021 17:16:34 GMT server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-frame-options DENY date Fri, 01 Oct 2021 00:27:42 GMT strict-transport-security max-age=63072000 x-ec-bbr-enable 1 content-type application/x-javascript x-ms-request-id 2e74a197-c01e-000b-715b-b631da000000 x-ms-version 2018-03-28 etag "0x8D968B5412B11D3" accept-ranges bytes
GET H2	200	bundle.0d1dffd647717ee372d3.css sandbox-login.atmanco.com/	516 KB 517 KB	685ms 685ms	Stylesheet text/css	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://sandbox-login.atmanco.com/bundle.0d1dffd647717ee372d3.css Requested by Host: sandbox-login.atmanco.com URL: https://sandbox-login.atmanco.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash e7d7010466d2ca36869bd6eefdd71f87d331b1fd4036fb703ebc12b98f4dbd7b Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'none'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src fonts.gstatic.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; connect-src *.atmanco.com; img-src 'self' atmanstorageca.blob.core.windows.net Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /bundle.0d1dffd647717ee372d3.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority sandbox-login.atmanco.com referer https://sandbox-login.atmanco.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sandbox-login.atmanco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy default-src 'self'; script-src 'self'; object-src 'none'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src fonts.gstatic.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; connect-src *.atmanco.com; img-src 'self' atmanstorageca.blob.core.windows.net x-content-type-options nosniff content-md5 Hd+hyjY/pNel8oUZnoop9Q== content-length 528745 x-xss-protection 1; mode=block last-modified Thu, 26 Aug 2021 17:16:33 GMT server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-frame-options DENY date Fri, 01 Oct 2021 00:27:42 GMT strict-transport-security max-age=63072000 x-ec-bbr-enable 1 content-type text/css x-ms-request-id 30ea3cde-401e-0077-1d5b-b61f25000000 x-ms-version 2018-03-28 etag "0x8D968B54105F6D1" accept-ranges bytes
GET H2	200	172.85a64cb0751e1c21554f.js Show response sandbox-login.atmanco.com/	3 KB 3 KB	493ms 493ms	Script application/x-javascript	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://sandbox-login.atmanco.com/172.85a64cb0751e1c21554f.js Requested by Host: sandbox-login.atmanco.com URL: https://sandbox-login.atmanco.com/bundle.b62a6ede940701a58810.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 0034aa6ee47d013032670689a2c6dc19fc1694f67e921c4f87a10ea7a8854cba Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'none'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src fonts.gstatic.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; connect-src *.atmanco.com; img-src 'self' atmanstorageca.blob.core.windows.net Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /172.85a64cb0751e1c21554f.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority sandbox-login.atmanco.com referer https://sandbox-login.atmanco.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sandbox-login.atmanco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy default-src 'self'; script-src 'self'; object-src 'none'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src fonts.gstatic.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; connect-src *.atmanco.com; img-src 'self' atmanstorageca.blob.core.windows.net x-content-type-options nosniff last-modified Thu, 26 Aug 2021 17:16:33 GMT server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 content-md5 D01lo0qoL1SFRkUCWahHEA== etag "0x8D968B541055A79" x-frame-options DENY content-type application/x-javascript x-ms-request-id efe47ff0-101e-0027-805b-b6dd75000000 date Fri, 01 Oct 2021 00:27:44 GMT x-ms-version 2018-03-28 strict-transport-security max-age=63072000 accept-ranges bytes content-length 3239 x-xss-protection 1; mode=block
GET H2	200	275.a6bf6da6c6d5accdb5ab.js Show response sandbox-login.atmanco.com/	42 KB 42 KB	499ms 499ms	Script application/x-javascript	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://sandbox-login.atmanco.com/275.a6bf6da6c6d5accdb5ab.js Requested by Host: sandbox-login.atmanco.com URL: https://sandbox-login.atmanco.com/bundle.b62a6ede940701a58810.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash a603c9892d236900c7e37a8b5427f20a04bbf1c74ba8c7949d383b1eabe54140 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'none'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src fonts.gstatic.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; connect-src *.atmanco.com; img-src 'self' atmanstorageca.blob.core.windows.net Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /275.a6bf6da6c6d5accdb5ab.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority sandbox-login.atmanco.com referer https://sandbox-login.atmanco.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sandbox-login.atmanco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy default-src 'self'; script-src 'self'; object-src 'none'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src fonts.gstatic.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; connect-src *.atmanco.com; img-src 'self' atmanstorageca.blob.core.windows.net x-content-type-options nosniff last-modified Thu, 26 Aug 2021 17:16:33 GMT server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 content-md5 YdhlTInks9G5UZTI4sUroA== etag "0x8D968B540FE2D3A" x-frame-options DENY content-type application/x-javascript x-ms-request-id 71dcaecd-d01e-0028-0d5b-b6ab19000000 date Fri, 01 Oct 2021 00:27:44 GMT x-ms-version 2018-03-28 strict-transport-security max-age=63072000 accept-ranges bytes content-length 42864 x-xss-protection 1; mode=block
OPTIONS H/1.1	200 OK	NewsBoxContent sandbox.atmanco.com/api/v1/Security/	0 0	1479ms 219ms	Preflight	52.228.84.34 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://sandbox.atmanco.com/api/v1/Security/NewsBoxContent?languageCode=en Protocol HTTP/1.1 Server 52.228.84.34 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-requested-with Origin https://sandbox-login.atmanco.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers Cache-Control no-cache Pragma no-cache Expires -1 Server Microsoft-IIS/10.0 Access-Control-Allow-Origin https://sandbox-login.atmanco.com Access-Control-Allow-Credentials true Access-Control-Allow-Headers x-requested-with X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Date Fri, 01 Oct 2021 00:27:45 GMT Content-Length 0
GET H2	200	eda1e73ccde529c7df50.png sandbox-login.atmanco.com/	14 KB 15 KB	493ms 493ms	Image image/png	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://sandbox-login.atmanco.com/eda1e73ccde529c7df50.png Requested by Host: sandbox-login.atmanco.com URL: https://sandbox-login.atmanco.com/Unauth/Login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 8ef1283b665acc7acdf141ddbfa08fcd8df97cae51e76e31c915cd4bff0aadf8 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'none'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src fonts.gstatic.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; connect-src *.atmanco.com; img-src 'self' atmanstorageca.blob.core.windows.net Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /eda1e73ccde529c7df50.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sandbox-login.atmanco.com referer https://sandbox-login.atmanco.com/Unauth/Login :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sandbox-login.atmanco.com/Unauth/Login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy default-src 'self'; script-src 'self'; object-src 'none'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src fonts.gstatic.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; connect-src *.atmanco.com; img-src 'self' atmanstorageca.blob.core.windows.net x-content-type-options nosniff last-modified Thu, 26 Aug 2021 17:16:33 GMT server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 content-md5 mcftREfT2p9XkyYz0zsyzQ== etag "0x8D968B541061DEA" x-frame-options DENY content-type image/png x-ms-request-id 82c8fa14-101e-0008-2e5b-b6d0be000000 date Fri, 01 Oct 2021 00:27:44 GMT x-ms-version 2018-03-28 strict-transport-security max-age=63072000 accept-ranges bytes content-length 14819 x-xss-protection 1; mode=block
GET H/1.1	200 OK	NewsBoxContent Show response sandbox.atmanco.com/api/v1/Security/	4 B 924 B	901ms 334ms	XHR application/json	52.228.84.34 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://sandbox.atmanco.com/api/v1/Security/NewsBoxContent?languageCode=en Requested by Host: sandbox-login.atmanco.com URL: https://sandbox-login.atmanco.com/bundle.b62a6ede940701a58810.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.228.84.34 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Request headers Accept application/json, text/plain, */* Referer https://sandbox-login.atmanco.com/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Fri, 01 Oct 2021 00:27:47 GMT Content-Encoding gzip ETag "87262c7e-b5b0-410c-bb55-fa5d64cf8f7d" Last-Modified Fri, 01 Oct 2021 00:27:47 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://sandbox-login.atmanco.com Cache-Control max-age=3600 Transfer-Encoding chunked Access-Control-Allow-Credentials true
GET H2	200	undefined sandbox-login.atmanco.com/	1 KB 1 KB	495ms 495ms	Image text/html	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://sandbox-login.atmanco.com/undefined Requested by Host: sandbox-login.atmanco.com URL: https://sandbox-login.atmanco.com/Unauth/Login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'none'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src fonts.gstatic.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; connect-src *.atmanco.com; img-src 'self' atmanstorageca.blob.core.windows.net Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /undefined pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sandbox-login.atmanco.com referer https://sandbox-login.atmanco.com/Unauth/Login :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sandbox-login.atmanco.com/Unauth/Login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy default-src 'self'; script-src 'self'; object-src 'none'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src fonts.gstatic.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; connect-src *.atmanco.com; img-src 'self' atmanstorageca.blob.core.windows.net x-content-type-options nosniff last-modified Thu, 26 Aug 2021 17:16:33 GMT server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 content-md5 rNWhFZirFIAFnSBMsK+SGw== etag "0x8D968B54104E531" x-frame-options DENY content-type text/html x-ms-request-id 2dc4ff2f-201e-003c-1a5b-b6e376000000 date Fri, 01 Oct 2021 00:27:45 GMT x-ms-version 2018-03-28 strict-transport-security max-age=63072000 accept-ranges bytes content-length 1530 x-xss-protection 1; mode=block
GET H2	200	L0xhDFMnlVwD4h3Lt9JWnbX3jG-2X5XHE1ofEw.woff2 fonts.gstatic.com/s/domine/v11/	17 KB 18 KB	240ms 77ms	Font font/woff2	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/domine/v11/L0xhDFMnlVwD4h3Lt9JWnbX3jG-2X5XHE1ofEw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Domine:wght@700&family=Quicksand:wght@400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash 25136ec5cd82cdac195d72727cc08d898d4ec1306aa2c503f0779cfaef5b77c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://sandbox-login.atmanco.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 24 Sep 2021 04:51:43 GMT x-content-type-options nosniff age 588962 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17516 x-xss-protection 0 last-modified Thu, 28 Jan 2021 22:09:53 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 24 Sep 2022 04:51:43 GMT
GET H2	200	6xKtdSZaM9iE8KbpRA_hK1QN.woff2 fonts.gstatic.com/s/quicksand/v24/	25 KB 25 KB	316ms 153ms	Font font/woff2	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Domine:wght@700&family=Quicksand:wght@400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash 1a77bc9cd8df8f7680ab07cf42d9aef3147f5c6fc7fe2050ccee4ea11b22c6cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://sandbox-login.atmanco.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 04:39:24 GMT x-content-type-options nosniff age 330501 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25700 x-xss-protection 0 last-modified Mon, 26 Jul 2021 18:17:05 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 27 Sep 2022 04:39:24 GMT

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| webpackChunk_atman_login_app function| setImmediate function| clearImmediate object| regeneratorRuntime object| platform number| __mobxInstanceCount object| __mobxGlobals object| FontAwesomeConfig object| ___FONT_AWESOME___

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.sandbox.atmanco.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 54b96f262f01ae317f42c4d5dc4eb4a3558585af7beb47acbd3580cdbeab4c9b
			.sandbox.atmanco.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 54b96f262f01ae317f42c4d5dc4eb4a3558585af7beb47acbd3580cdbeab4c9b

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://sandbox-login.atmanco.com/ Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-zi14r2cCWCj+04urlefgmE1Pe1zv1Xqnnnunarqd4vA='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'none'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; font-src fonts.gstatic.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; connect-src *.atmanco.com; img-src 'self' atmanstorageca.blob.core.windows.net
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
sandbox-login.atmanco.com
sandbox.atmanco.com
142.250.185.138
142.250.185.67
152.199.21.175
52.228.84.34
0034aa6ee47d013032670689a2c6dc19fc1694f67e921c4f87a10ea7a8854cba
0d609efb6895bc2a8d3854bf92953c6342e88b181bcb54bb5063929569725a16
1a77bc9cd8df8f7680ab07cf42d9aef3147f5c6fc7fe2050ccee4ea11b22c6cd
25136ec5cd82cdac195d72727cc08d898d4ec1306aa2c503f0779cfaef5b77c8
2e3376de5720fa67f4f405efd2ff4b49f7ba14076a91991d55d10b2db31bce86
62e97af5c615b510d068dae3fc8a95c37057f3172e6b35306bab450974081486
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
8ef1283b665acc7acdf141ddbfa08fcd8df97cae51e76e31c915cd4bff0aadf8
a603c9892d236900c7e37a8b5427f20a04bbf1c74ba8c7949d383b1eabe54140
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d7010466d2ca36869bd6eefdd71f87d331b1fd4036fb703ebc12b98f4dbd7b