Submitted URL: https://api.prod.atsp.pemo.dev/
Effective URL: https://idp.prod.atsp.pemo.dev/realms/atsp/protocol/openid-connect/auth?response_type=code&client_id=gateway&scope=openid%20pro...
Submission: On July 19 via api from US — Scanned from GB

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 57.153.249.152, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is idp.prod.atsp.pemo.dev.
TLS certificate: Issued by R11 on July 18th 2024. Valid for: 3 months.
This is the only time idp.prod.atsp.pemo.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 8 57.153.249.152 8075 (MICROSOFT...)
7 2
Apex Domain
Subdomains
Transfer
8 pemo.dev
api.prod.atsp.pemo.dev
idp.prod.atsp.pemo.dev
17 KB
7 1
Domain Requested by
6 idp.prod.atsp.pemo.dev idp.prod.atsp.pemo.dev
2 api.prod.atsp.pemo.dev 2 redirects
7 2

This site contains no links.

Subject Issuer Validity Valid
idp.prod.atsp.pemo.dev
R11
2024-07-18 -
2024-10-16
3 months crt.sh

This page contains 1 frames:

Primary Page: https://idp.prod.atsp.pemo.dev/realms/atsp/protocol/openid-connect/auth?response_type=code&client_id=gateway&scope=openid%20profile%20email&state=lL3T7Avyy4xMRVdvrBo6ci98G2E-_TtObg2KByh_GKo%3D&redirect_uri=https://api.prod.atsp.pemo.dev/login/oauth2/code/atfp-idp&nonce=0b_-P4UhB3E_NA7zHx5KvgBfSYJfwkYGcfAyTLb8sq8
Frame ID: 10707878F41B60EE81E3EDD9F3681DD7
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

Apex Trade Services Platform

Page URL History Show full URLs

  1. https://api.prod.atsp.pemo.dev/ HTTP 302
    https://api.prod.atsp.pemo.dev/oauth2/authorization/atfp-idp HTTP 302
    https://idp.prod.atsp.pemo.dev/realms/atsp/protocol/openid-connect/auth?response_type=code&client_id=gatewa... Page URL

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

16 kB
Transfer

35 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://api.prod.atsp.pemo.dev/ HTTP 302
    https://api.prod.atsp.pemo.dev/oauth2/authorization/atfp-idp HTTP 302
    https://idp.prod.atsp.pemo.dev/realms/atsp/protocol/openid-connect/auth?response_type=code&client_id=gateway&scope=openid%20profile%20email&state=lL3T7Avyy4xMRVdvrBo6ci98G2E-_TtObg2KByh_GKo%3D&redirect_uri=https://api.prod.atsp.pemo.dev/login/oauth2/code/atfp-idp&nonce=0b_-P4UhB3E_NA7zHx5KvgBfSYJfwkYGcfAyTLb8sq8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request auth
idp.prod.atsp.pemo.dev/realms/atsp/protocol/openid-connect/
Redirect Chain
  • https://api.prod.atsp.pemo.dev/
  • https://api.prod.atsp.pemo.dev/oauth2/authorization/atfp-idp
  • https://idp.prod.atsp.pemo.dev/realms/atsp/protocol/openid-connect/auth?response_type=code&client_id=gateway&scope=openid%20profile%20email&state=lL3T7Avyy4xMRVdvrBo6ci98G2E-_TtObg2KByh_GKo%3D&redi...
6 KB
7 KB
Document
General
Full URL
https://idp.prod.atsp.pemo.dev/realms/atsp/protocol/openid-connect/auth?response_type=code&client_id=gateway&scope=openid%20profile%20email&state=lL3T7Avyy4xMRVdvrBo6ci98G2E-_TtObg2KByh_GKo%3D&redirect_uri=https://api.prod.atsp.pemo.dev/login/oauth2/code/atfp-idp&nonce=0b_-P4UhB3E_NA7zHx5KvgBfSYJfwkYGcfAyTLb8sq8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.153.249.152 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6cf8b0fb909dc7edc5e404bb9fcd311365b127fc3ad34f1b905ce3b458ee8e5e
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-store, must-revalidate, max-age=0
content-language
en
content-length
5894
content-security-policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Fri, 19 Jul 2024 01:25:25 GMT
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
none
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Fri, 19 Jul 2024 01:25:24 GMT
expires
0
location
https://idp.prod.atsp.pemo.dev/realms/atsp/protocol/openid-connect/auth?response_type=code&client_id=gateway&scope=openid%20profile%20email&state=lL3T7Avyy4xMRVdvrBo6ci98G2E-_TtObg2KByh_GKo%3D&redirect_uri=https://api.prod.atsp.pemo.dev/login/oauth2/code/atfp-idp&nonce=0b_-P4UhB3E_NA7zHx5KvgBfSYJfwkYGcfAyTLb8sq8
pragma
no-cache
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
0
atfp-theme.css
idp.prod.atsp.pemo.dev/resources/vfwpj/login/atfp-keycloak/css/
0
0

login.css
idp.prod.atsp.pemo.dev/resources/vfwpj/login/atfp-keycloak/css/
31 B
272 B
Stylesheet
General
Full URL
https://idp.prod.atsp.pemo.dev/resources/vfwpj/login/atfp-keycloak/css/login.css
Requested by
Host: idp.prod.atsp.pemo.dev
URL: https://idp.prod.atsp.pemo.dev/realms/atsp/protocol/openid-connect/auth?response_type=code&client_id=gateway&scope=openid%20profile%20email&state=lL3T7Avyy4xMRVdvrBo6ci98G2E-_TtObg2KByh_GKo%3D&redirect_uri=https://api.prod.atsp.pemo.dev/login/oauth2/code/atfp-idp&nonce=0b_-P4UhB3E_NA7zHx5KvgBfSYJfwkYGcfAyTLb8sq8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.153.249.152 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5c5835d5075febc716b3d0313c0445c658f5f992b0896d0eb2c1fdaa979e1683
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 01:25:25 GMT
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=2592000
content-length
51
x-xss-protection
1; mode=block
atfpInput.js
idp.prod.atsp.pemo.dev/resources/vfwpj/login/atfp-keycloak/js/
1 KB
570 B
Script
General
Full URL
https://idp.prod.atsp.pemo.dev/resources/vfwpj/login/atfp-keycloak/js/atfpInput.js
Requested by
Host: idp.prod.atsp.pemo.dev
URL: https://idp.prod.atsp.pemo.dev/realms/atsp/protocol/openid-connect/auth?response_type=code&client_id=gateway&scope=openid%20profile%20email&state=lL3T7Avyy4xMRVdvrBo6ci98G2E-_TtObg2KByh_GKo%3D&redirect_uri=https://api.prod.atsp.pemo.dev/login/oauth2/code/atfp-idp&nonce=0b_-P4UhB3E_NA7zHx5KvgBfSYJfwkYGcfAyTLb8sq8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.153.249.152 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
663e5284bfddf9eeb51674c911019807b6e63e6b5ec8d5020809c213fa96713b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 01:25:25 GMT
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
cache-control
max-age=2592000
content-length
343
x-xss-protection
1; mode=block
logo_white.svg
idp.prod.atsp.pemo.dev/resources/vfwpj/login/atfp-keycloak/img/
9 KB
4 KB
Image
General
Full URL
https://idp.prod.atsp.pemo.dev/resources/vfwpj/login/atfp-keycloak/img/logo_white.svg
Requested by
Host: idp.prod.atsp.pemo.dev
URL: https://idp.prod.atsp.pemo.dev/realms/atsp/protocol/openid-connect/auth?response_type=code&client_id=gateway&scope=openid%20profile%20email&state=lL3T7Avyy4xMRVdvrBo6ci98G2E-_TtObg2KByh_GKo%3D&redirect_uri=https://api.prod.atsp.pemo.dev/login/oauth2/code/atfp-idp&nonce=0b_-P4UhB3E_NA7zHx5KvgBfSYJfwkYGcfAyTLb8sq8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.153.249.152 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9a9f5cf1adc11549c0ff02e07dac908f2314db875650d99bb506a46c4febec93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 01:25:25 GMT
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=2592000
content-length
3948
x-xss-protection
1; mode=block
authChecker.js
idp.prod.atsp.pemo.dev/resources/vfwpj/login/atfp-keycloak/js/
2 KB
940 B
Script
General
Full URL
https://idp.prod.atsp.pemo.dev/resources/vfwpj/login/atfp-keycloak/js/authChecker.js
Requested by
Host: idp.prod.atsp.pemo.dev
URL: https://idp.prod.atsp.pemo.dev/realms/atsp/protocol/openid-connect/auth?response_type=code&client_id=gateway&scope=openid%20profile%20email&state=lL3T7Avyy4xMRVdvrBo6ci98G2E-_TtObg2KByh_GKo%3D&redirect_uri=https://api.prod.atsp.pemo.dev/login/oauth2/code/atfp-idp&nonce=0b_-P4UhB3E_NA7zHx5KvgBfSYJfwkYGcfAyTLb8sq8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.153.249.152 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
be91b2216acb6673f2afbeedbcf39aef1535899b9963134c3048303db7ea5557
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://idp.prod.atsp.pemo.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 01:25:25 GMT
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
cache-control
max-age=2592000
content-length
713
x-xss-protection
1; mode=block
favicon.ico
idp.prod.atsp.pemo.dev/resources/vfwpj/login/atfp-keycloak/img/
17 KB
3 KB
Other
General
Full URL
https://idp.prod.atsp.pemo.dev/resources/vfwpj/login/atfp-keycloak/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.153.249.152 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2ecf74db760b1af50aaebc38c254ab4c80ee6eea60eb13a80ce7c4beda170e03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 01:25:25 GMT
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/octet-stream
cache-control
max-age=2592000
content-length
3214
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
idp.prod.atsp.pemo.dev
URL
https://idp.prod.atsp.pemo.dev/resources/vfwpj/login/atfp-keycloak/css/atfp-theme.css

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| atfpInputWrapper function| selectAllTerms function| checkAllTerms

4 Cookies

Domain/Path Name / Value
idp.prod.atsp.pemo.dev/realms/atsp/ Name: AUTH_SESSION_ID
Value: aca4e22b-c182-49b4-bfa8-0b803771b44a.keycloak-5f787d7f44-bff7n-42962
idp.prod.atsp.pemo.dev/realms/atsp/ Name: AUTH_SESSION_ID_LEGACY
Value: aca4e22b-c182-49b4-bfa8-0b803771b44a.keycloak-5f787d7f44-bff7n-42962
idp.prod.atsp.pemo.dev/realms/atsp/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI1ZjVkMDA0OS1kNWM3LTQ0YzQtOGZkZS02NjVjZGNjN2RhZmUifQ.eyJjaWQiOiJnYXRld2F5IiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9hcGkucHJvZC5hdHNwLnBlbW8uZGV2L2xvZ2luL29hdXRoMi9jb2RlL2F0ZnAtaWRwIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCIsImlzcyI6Imh0dHBzOi8vaWRwLnByb2QuYXRzcC5wZW1vLmRldi9yZWFsbXMvYXRzcCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9hcGkucHJvZC5hdHNwLnBlbW8uZGV2L2xvZ2luL29hdXRoMi9jb2RlL2F0ZnAtaWRwIiwic3RhdGUiOiJsTDNUN0F2eXk0eE1SVmR2ckJvNmNpOThHMkUtX1R0T2JnMktCeWhfR0tvPSIsIm5vbmNlIjoiMGJfLVA0VWhCM0VfTkE3ekh4NUt2Z0JmU1lKZndrWUdjZkF5VExiOHNxOCJ9fQ.0v-bmTiXloappMm5dy3BSCK53_6pH5X_9lSqbIbuGJ4
api.prod.atsp.pemo.dev/ Name: SESSION
Value: b33ef2e0-7bc2-4938-a546-d40553cc1437

1 Console Messages

Source Level URL
Text
security error URL: https://idp.prod.atsp.pemo.dev/realms/atsp/protocol/openid-connect/auth?response_type=code&client_id=gateway&scope=openid%20profile%20email&state=lL3T7Avyy4xMRVdvrBo6ci98G2E-_TtObg2KByh_GKo%3D&redirect_uri=https://api.prod.atsp.pemo.dev/login/oauth2/code/atfp-idp&nonce=0b_-P4UhB3E_NA7zHx5KvgBfSYJfwkYGcfAyTLb8sq8
Message:
Refused to apply style from 'https://idp.prod.atsp.pemo.dev/resources/vfwpj/login/atfp-keycloak/css/atfp-theme.css' because its MIME type ('') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block