Submitted URL: http://one-os-apac-test.b2x.com/
Effective URL: https://one-os-apac-test.b2x.com/web/login
Submission Tags: @phish_report
Submission: On December 28 via api from FI — Scanned from NZ

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 52.17.104.0, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is one-os-apac-test.b2x.com.
TLS certificate: Issued by R3 on December 28th 2023. Valid for: 3 months.
This is the only time one-os-apac-test.b2x.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 16 52.17.104.0 16509 (AMAZON-02)
13 1
Apex Domain
Subdomains
Transfer
16 b2x.com
one-os-apac-test.b2x.com
1 MB
13 1
Domain Requested by
16 one-os-apac-test.b2x.com 3 redirects one-os-apac-test.b2x.com
13 1

This site contains no links.

Subject Issuer Validity Valid
one-os-apac-test.b2x.com
R3
2023-12-28 -
2024-03-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://one-os-apac-test.b2x.com/web/login
Frame ID: B2FA8DAF74ACAA4A995F59E8160D43A6
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

ONE-OS

Page URL History Show full URLs

  1. http://one-os-apac-test.b2x.com/ HTTP 301
    https://one-os-apac-test.b2x.com/ HTTP 303
    https://one-os-apac-test.b2x.com/web HTTP 303
    https://one-os-apac-test.b2x.com/web/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1042 kB
Transfer

2660 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://one-os-apac-test.b2x.com/ HTTP 301
    https://one-os-apac-test.b2x.com/ HTTP 303
    https://one-os-apac-test.b2x.com/web HTTP 303
    https://one-os-apac-test.b2x.com/web/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
one-os-apac-test.b2x.com/web/
Redirect Chain
  • http://one-os-apac-test.b2x.com/
  • https://one-os-apac-test.b2x.com/
  • https://one-os-apac-test.b2x.com/web
  • https://one-os-apac-test.b2x.com/web/login
5 KB
2 KB
Document
General
Full URL
https://one-os-apac-test.b2x.com/web/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.104.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-104-0.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
720b391ce50b58285724c2d435233615c7b7f8e8dcf3dfa1ae2434225c41be72
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 28 Dec 2023 07:29:06 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
DENY

Redirect headers

content-length
227
content-type
text/html; charset=utf-8
date
Thu, 28 Dec 2023 07:29:06 GMT
location
https://one-os-apac-test.b2x.com/web/login
server
nginx
fontawesome-webfont.woff2
one-os-apac-test.b2x.com/web/static/lib/fontawesome/fonts/
96 KB
96 KB
Font
General
Full URL
https://one-os-apac-test.b2x.com/web/static/lib/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: one-os-apac-test.b2x.com
URL: https://one-os-apac-test.b2x.com/web/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.104.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-104-0.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer
https://one-os-apac-test.b2x.com/web/login
Origin
https://one-os-apac-test.b2x.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 28 Dec 2023 07:29:07 GMT
last-modified
Mon, 24 Oct 2016 15:52:54 GMT
server
nginx
etag
"wzsdm-1477324374-98024-2223376861"
content-type
font/woff2
cache-control
max-age=864000
content-length
98024
expires
Sun, 07 Jan 2024 07:29:07 GMT
web.assets_common.min.css
one-os-apac-test.b2x.com/web/assets/14451-d794522/
158 KB
31 KB
Stylesheet
General
Full URL
https://one-os-apac-test.b2x.com/web/assets/14451-d794522/web.assets_common.min.css
Requested by
Host: one-os-apac-test.b2x.com
URL: https://one-os-apac-test.b2x.com/web/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.104.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-104-0.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4377f72b0a52cf32726a3f8fee3b3896f2dfb6d3b83cef7a0ee1de1af1a82255
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-os-apac-test.b2x.com/web/login
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 28 Dec 2023 07:29:07 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
web.assets_frontend.min.css
one-os-apac-test.b2x.com/web/assets/14401-895a52d/
340 KB
59 KB
Stylesheet
General
Full URL
https://one-os-apac-test.b2x.com/web/assets/14401-895a52d/web.assets_frontend.min.css
Requested by
Host: one-os-apac-test.b2x.com
URL: https://one-os-apac-test.b2x.com/web/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.104.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-104-0.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
70997ce5234954c3bed0b66269499292797c24983b5b422486553d85c8dfb90d
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-os-apac-test.b2x.com/web/login
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 28 Dec 2023 07:29:07 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
web.assets_common_minimal.min.js
one-os-apac-test.b2x.com/web/assets/14402-796b097/
25 KB
9 KB
Script
General
Full URL
https://one-os-apac-test.b2x.com/web/assets/14402-796b097/web.assets_common_minimal.min.js
Requested by
Host: one-os-apac-test.b2x.com
URL: https://one-os-apac-test.b2x.com/web/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.104.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-104-0.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b0663e96e593feceb9fd1cd34779cdefcfb08568eb4d705a4236bc8f037b318d
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-os-apac-test.b2x.com/web/login
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 28 Dec 2023 07:29:08 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
web.assets_frontend_minimal.min.js
one-os-apac-test.b2x.com/web/assets/14403-dc970c2/
3 KB
1 KB
Script
General
Full URL
https://one-os-apac-test.b2x.com/web/assets/14403-dc970c2/web.assets_frontend_minimal.min.js
Requested by
Host: one-os-apac-test.b2x.com
URL: https://one-os-apac-test.b2x.com/web/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.104.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-104-0.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0775ef6fdcdd663e4f3e80c2e3368cecd9f34ab5be2177414a6f2f8a4cbcfa9d
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-os-apac-test.b2x.com/web/login
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 28 Dec 2023 07:29:08 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
company_logo
one-os-apac-test.b2x.com/web/binary/
16 KB
16 KB
Image
General
Full URL
https://one-os-apac-test.b2x.com/web/binary/company_logo
Requested by
Host: one-os-apac-test.b2x.com
URL: https://one-os-apac-test.b2x.com/web/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.104.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-104-0.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e15b67c1adc20b40e91ae30b886690405cc9f1db3481deee1baa8744e39a7a7f
Security Headers
Name Value
Content-Security-Policy default-src 'none'

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-os-apac-test.b2x.com/web/login
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 28 Dec 2023 07:29:07 GMT
content-security-policy
default-src 'none'
last-modified
Wed, 07 Sep 2022 10:57:01 GMT
server
nginx
etag
"odoo-2022-09-07 10:57:01.792645-16109-240190245"
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
none
expires
Thu, 04 Jan 2024 07:29:07 GMT
Roboto-Regular.ttf
one-os-apac-test.b2x.com/web/static/fonts/google/Roboto/
298 KB
299 KB
Font
General
Full URL
https://one-os-apac-test.b2x.com/web/static/fonts/google/Roboto/Roboto-Regular.ttf
Requested by
Host: one-os-apac-test.b2x.com
URL: https://one-os-apac-test.b2x.com/web/assets/14451-d794522/web.assets_common.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.104.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-104-0.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
797e35f7f5d6020a5c6ea13b42ecd668bcfb3bbc4baa0e74773527e5b6cb3174

Request headers

Referer
https://one-os-apac-test.b2x.com/web/assets/14451-d794522/web.assets_common.min.css
Origin
https://one-os-apac-test.b2x.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 28 Dec 2023 07:29:08 GMT
last-modified
Wed, 02 Aug 2017 11:56:25 GMT
server
nginx
etag
"wzsdm-1501674985-305608-1099040497"
content-type
application/x-font-ttf
cache-control
max-age=864000
content-length
305608
expires
Sun, 07 Jan 2024 07:29:08 GMT
web.assets_common_lazy.min.js
one-os-apac-test.b2x.com/web/assets/14452-1401bd5/
1 MB
391 KB
Script
General
Full URL
https://one-os-apac-test.b2x.com/web/assets/14452-1401bd5/web.assets_common_lazy.min.js
Requested by
Host: one-os-apac-test.b2x.com
URL: https://one-os-apac-test.b2x.com/web/assets/14403-dc970c2/web.assets_frontend_minimal.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.104.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-104-0.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c97f1cb46d857d5ef8c8b64079b70ad97beb2544627018bde69d7f28d9d4c4ce
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-os-apac-test.b2x.com/web/login
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 28 Dec 2023 07:29:09 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
web.assets_frontend_lazy.min.js
one-os-apac-test.b2x.com/web/assets/14405-c52fe87/
432 KB
131 KB
Script
General
Full URL
https://one-os-apac-test.b2x.com/web/assets/14405-c52fe87/web.assets_frontend_lazy.min.js
Requested by
Host: one-os-apac-test.b2x.com
URL: https://one-os-apac-test.b2x.com/web/assets/14403-dc970c2/web.assets_frontend_minimal.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.104.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-104-0.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9e2e1a86a4a2be8153cd3e2b1a65548b5640ccec243cb8c6f44dd626a5be5935
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-os-apac-test.b2x.com/web/login
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 28 Dec 2023 07:29:09 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
63c39b9719623b23090242bff39258f3aa29fe2b
one-os-apac-test.b2x.com/website/translations/
268 B
497 B
XHR
General
Full URL
https://one-os-apac-test.b2x.com/website/translations/63c39b9719623b23090242bff39258f3aa29fe2b
Requested by
Host: one-os-apac-test.b2x.com
URL: https://one-os-apac-test.b2x.com/web/assets/14452-1401bd5/web.assets_common_lazy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.104.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-104-0.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
46374a951fc82c665394eb32db84efa228e7ddf503db74ce86347a9287dbb5bd

Request headers

Accept
*/*
Referer
https://one-os-apac-test.b2x.com/web/login
X-Requested-With
XMLHttpRequest
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 28 Dec 2023 07:29:09 GMT
cache-control
public, max-age=31536000
server
nginx
content-length
268
content-type
application/json
1703748550147
one-os-apac-test.b2x.com/web/webclient/qweb/
23 KB
7 KB
Fetch
General
Full URL
https://one-os-apac-test.b2x.com/web/webclient/qweb/1703748550147?bundle=web.assets_frontend
Requested by
Host: one-os-apac-test.b2x.com
URL: https://one-os-apac-test.b2x.com/web/assets/14405-c52fe87/web.assets_frontend_lazy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.104.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-104-0.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
89ebba53860c0dcce30b995ff38b41fcb32a006e1a084e51012d028a59c2f5f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-os-apac-test.b2x.com/web/login
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 28 Dec 2023 07:29:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
63c39b9719623b23090242bff39258f3aa29fe2b
one-os-apac-test.b2x.com/website/translations/
268 B
467 B
Fetch
General
Full URL
https://one-os-apac-test.b2x.com/website/translations/63c39b9719623b23090242bff39258f3aa29fe2b
Requested by
Host: one-os-apac-test.b2x.com
URL: https://one-os-apac-test.b2x.com/web/assets/14405-c52fe87/web.assets_frontend_lazy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.104.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-104-0.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
46374a951fc82c665394eb32db84efa228e7ddf503db74ce86347a9287dbb5bd

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-os-apac-test.b2x.com/web/login
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 28 Dec 2023 07:29:10 GMT
cache-control
public, max-age=31536000
server
nginx
content-length
268
content-type
application/json

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| odoo function| ES6Promise object| version object| QWeb2 function| _renderImageOnCanvas function| _ function| moment object| owl function| $ function| jQuery function| Popper object| Util function| Alert function| Button function| Carousel function| Collapse function| Dropdown function| Modal function| Tooltip function| Popover function| ScrollSpy function| Tab function| Toast object| Select2 function| ClipboardJS number| ix object| vkbeautify function| _Markup object| luxon

3 Cookies

Domain/Path Name / Value
one-os-apac-test.b2x.com/ Name: session_id
Value: 17b2547b8055d0bd934ff9612e6ee89577e5b620
one-os-apac-test.b2x.com/ Name: tz
Value: Pacific/Auckland
one-os-apac-test.b2x.com/ Name: frontend_lang
Value: en_US

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY