URL: https://oauth.crisisengine.net/
Submission: On May 31 via automatic, source certstream-suspicious

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 2a00:b6e0:1:200:181::1, located in France and belongs to ALWAYSDATA, FR. The main domain is oauth.crisisengine.net.
TLS certificate: Issued by Gandi Standard SSL CA 2 on July 16th 2020. Valid for: a year.
This is the only time oauth.crisisengine.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2a00:b6e0:1:2... 60362 (ALWAYSDATA)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2
Apex Domain
Subdomains
Transfer
4 crisisengine.net
oauth.crisisengine.net
275 KB
2 garda.com
www.garda.com
2 KB
6 2
Domain Requested by
4 oauth.crisisengine.net oauth.crisisengine.net
2 www.garda.com oauth.crisisengine.net
6 2

This site contains links to these domains. Also see Links.

Domain
www.garda.com
Subject Issuer Validity Valid
*.crisisengine.net
Gandi Standard SSL CA 2
2020-07-16 -
2021-07-16
a year crt.sh
www.garda.com
Go Daddy Secure Certificate Authority - G2
2021-05-17 -
2021-10-15
5 months crt.sh

This page contains 1 frames:

Primary Page: https://oauth.crisisengine.net/
Frame ID: D1F2DC80A866FD0B6025E18949EAA117
Requests: 6 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

6
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

277 kB
Transfer

1054 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
oauth.crisisengine.net/
2 KB
1 KB
Document
General
Full URL
https://oauth.crisisengine.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:b6e0:1:200:181::1 , France, ASN60362 (ALWAYSDATA, FR),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
a44e119c37ff85d3e0b1637b54da4eed9f3268d9e5a7fffa41d042c4a40cf581

Request headers

Host
oauth.crisisengine.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx/1.19.10
date
Mon, 31 May 2021 10:03:11 GMT
content-type
text/html; charset=utf-8
transfer-encoding
chunked
vary
Accept-Encoding
content-encoding
gzip
x-iplb-request-id
B91F28B5:E336_894A7DA0:01BB_60B4B45F_78BF:2C83B
x-iplb-instance
37433
Via
1.1 alproxy
69acf38f712b4f1c834151b59b4a413e7ccb2248.css
oauth.crisisengine.net/
131 KB
25 KB
Stylesheet
General
Full URL
https://oauth.crisisengine.net/69acf38f712b4f1c834151b59b4a413e7ccb2248.css?meteor_css_resource=true
Requested by
Host: oauth.crisisengine.net
URL: https://oauth.crisisengine.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:b6e0:1:200:181::1 , France, ASN60362 (ALWAYSDATA, FR),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
b320059ed0df3a87a2c9585fe5c80a49887dd8fcf2a7c02c6e7d460d963c2331

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
oauth.crisisengine.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://oauth.crisisengine.net/
Connection
keep-alive
Referer
https://oauth.crisisengine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:03:11 GMT
content-encoding
gzip
server
nginx/1.19.10
x-iplb-request-id
B91F28B5:E33A_894A7DA0:01BB_60B4B45F_78C1:2C83B
etag
"69acf38f712b4f1c834151b59b4a413e7ccb2248"
x-iplb-instance
37433
vary
User-Agent, Accept-Encoding
content-type
text/css; charset=UTF-8
Via
1.1 alproxy
cache-control
public, max-age=31536000
transfer-encoding
chunked
accept-ranges
bytes
f879579607dec8dd0d24a58226b900756d170c97.js
oauth.crisisengine.net/
917 KB
249 KB
Script
General
Full URL
https://oauth.crisisengine.net/f879579607dec8dd0d24a58226b900756d170c97.js?meteor_js_resource=true
Requested by
Host: oauth.crisisengine.net
URL: https://oauth.crisisengine.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:b6e0:1:200:181::1 , France, ASN60362 (ALWAYSDATA, FR),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
64efa1cb493db861796b630a3da1746cfb62f1fd400f1094bbacbb542cca29f1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
oauth.crisisengine.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://oauth.crisisengine.net/
Connection
keep-alive
Referer
https://oauth.crisisengine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:03:11 GMT
content-encoding
gzip
server
nginx/1.19.10
x-iplb-request-id
B91F28B5:BB08_894A7F94:01BB_60B4B45F_132C:271BB
etag
"f879579607dec8dd0d24a58226b900756d170c97"
x-iplb-instance
38934
vary
User-Agent, Accept-Encoding
content-type
application/javascript; charset=UTF-8
Via
1.1 alproxy
cache-control
public, max-age=31536000
transfer-encoding
chunked
accept-ranges
bytes
GardaWorld.svg
www.garda.com/themes/custom/gw/images/
3 KB
2 KB
Image
General
Full URL
https://www.garda.com/themes/custom/gw/images/GardaWorld.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:bcf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
155a7e6a5f443f82ffe43dd1616093f97b000e74cd78cf1e009a9298885889b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oauth.crisisengine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:03:11 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
2223
x-cache
HIT
x-cache-hits
24
x-ah-environment
prod
content-encoding
br
cf-request-id
0a6379ad1e000016ee919fd000000001
x-request-id
v-f298aee0-af5c-11eb-b0db-0fdaea7d6f9b
last-modified
Tue, 09 Feb 2021 06:34:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1209600
cf-ray
657f5ef4ff2016ee-FRA
expires
Mon, 14 Jun 2021 10:03:11 GMT
info
oauth.crisisengine.net/sockjs/
79 B
477 B
XHR
General
Full URL
https://oauth.crisisengine.net/sockjs/info?cb=agqlt0xw3p
Requested by
Host: oauth.crisisengine.net
URL: https://oauth.crisisengine.net/f879579607dec8dd0d24a58226b900756d170c97.js?meteor_js_resource=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:b6e0:1:200:181::1 , France, ASN60362 (ALWAYSDATA, FR),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
94971685b59a832eabf46e9bc65d12d518386258f5b0bdd864f2c98e4151c1eb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
oauth.crisisengine.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://oauth.crisisengine.net/
Connection
keep-alive
Referer
https://oauth.crisisengine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:03:11 GMT
Via
1.1 alproxy
server
nginx/1.19.10
x-iplb-request-id
B91F28B5:E342_894A7DA0:01BB_60B4B45F_78C4:2C83B
x-iplb-instance
37433
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, no-transform, must-revalidate, max-age=0
transfer-encoding
chunked
image_title_bg.svg
www.garda.com/themes/custom/gw/images/
1 KB
620 B
Image
General
Full URL
https://www.garda.com/themes/custom/gw/images/image_title_bg.svg
Requested by
Host: oauth.crisisengine.net
URL: https://oauth.crisisengine.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:bcf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a111c9f500ec3ddd1724169c1f1245c26bb99a6db7834baf441a483f61476e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oauth.crisisengine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 10:03:11 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-cache
HIT
x-cache-hits
1615
x-ah-environment
prod
content-encoding
br
cf-request-id
0a6379ad1e000016ee81b10000000001
x-request-id
v-3fb18d08-b8d8-11eb-b5c1-0f138b99a8db
last-modified
Tue, 09 Feb 2021 05:58:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1209600
cf-ray
657f5ef4ff2316ee-FRA
expires
Mon, 14 Jun 2021 10:03:11 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| __meteor_runtime_config__ function| require object| Package object| process function| $ function| jQuery object| Iron object| jQuery112100029675534029784956 object| TAPi18next object| toastr object| Mongo function| ReactiveVar object| Tracker object| Deps function| Router function| RouteController object| TAPi18n object| HTTP function| _ function| SimpleSchema function| MongoObject object| AutoForm function| check object| Match object| Random object| Modal object| Meteor object| global object| meteorEnv object| WebApp object| DDP object| LaunchScreen object| Blaze object| UI object| Handlebars object| Spacebars function| Template function| meteorInstall object| Accounts object| Collection2 object| Autoupdate object| Reload object| HTML object| translations object| optionToast function| AccountController

0 Cookies

6 Console Messages

Source Level URL
Text
console-api log URL: https://oauth.crisisengine.net/f879579607dec8dd0d24a58226b900756d170c97.js?meteor_js_resource=true(Line 1)
Message:
You are running a browser with no localStorage or userData support. Logging in from one tab will not cause another tab to be logged in.
console-api log URL: https://oauth.crisisengine.net/f879579607dec8dd0d24a58226b900756d170c97.js?meteor_js_resource=true(Line 240)
Message:
URL ORIGINE
console-api log URL: https://oauth.crisisengine.net/f879579607dec8dd0d24a58226b900756d170c97.js?meteor_js_resource=true(Line 240)
Message:
https://oauth.crisisengine.net/
console-api log URL: https://oauth.crisisengine.net/f879579607dec8dd0d24a58226b900756d170c97.js?meteor_js_resource=true(Line 240)
Message:
URL PARAM
console-api log URL: https://oauth.crisisengine.net/f879579607dec8dd0d24a58226b900756d170c97.js?meteor_js_resource=true(Line 240)
Message:
[object Object]
console-api log URL: https://oauth.crisisengine.net/f879579607dec8dd0d24a58226b900756d170c97.js?meteor_js_resource=true(Line 1)
Message:
Exception in callback of async function: TypeError: Cannot read property 'match' of undefined