urlscan.io logo urlscan.io
SecurityTrails logo

auth.payflip.be Open in urlscan Pro
2606:4700::6812:f458  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://admin-cafetariaplan.payflip.be/
Effective URL: https://auth.payflip.be/login?state=g6Fo2SBuYzBaV3JKdjZNZy16RnN1ejB5ODhyTVBZWmNGbXo5c6N0aWTZIHVXSm9iWHBEX243a0ItZDFOZkla...
Submission: On February 11 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2606:4700::6812:f458, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth.payflip.be.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 29th 2020. Valid for: a year.
This is the only time auth.payflip.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2a03:b0c0:3:e... 14061 (DIGITALOC...)
1 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 143.204.208.119 16509 (AMAZON-02)
1 2a00:1c98:100... 34762 (COMBELL-AS)
1 65.9.71.184 16509 (AMAZON-02)
13 6
5    2a03:b0c0:3:e0::298:6001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
admin-cafetariaplan.payflip.be
4    2606:4700::6812:f458 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.payflip.be
2    143.204.208.119 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-119.fra53.r.cloudfront.net
cdn.auth0.com
1    2a00:1c98:1000:10d3:0:1:ee41:41b0 (Belgium)

ASN34762 (COMBELL-AS, BE)
payflip.be
1    65.9.71.184 (Seattle, United States)

ASN16509 (AMAZON-02, US)
cdn.eu.auth0.com
Apex Domain
Subdomains		 Transfer
10 payflip.be
admin-cafetariaplan.payflip.be
auth.payflip.be Failed
payflip.be
325 KB
3 auth0.com
cdn.auth0.com
cdn.eu.auth0.com
234 KB
13 2
Domain Requested by
5 admin-cafetariaplan.payflip.be admin-cafetariaplan.payflip.be
4 auth.payflip.be admin-cafetariaplan.payflip.be
cdn.auth0.com
2 cdn.auth0.com auth.payflip.be
cdn.auth0.com
1 cdn.eu.auth0.com cdn.auth0.com
1 payflip.be auth.payflip.be
13 5

This site contains no links.

Subject Issuer Validity Valid
admin-cafetariaplan.payflip.be
R3		 2021-02-11 -
2021-05-12		 3 months crt.sh
auth.payflip.be
Cloudflare Inc ECC CA-3		 2020-10-29 -
2021-10-28		 a year crt.sh
*.auth0.com
Amazon		 2020-05-23 -
2021-06-23		 a year crt.sh
payflip.be
R3		 2020-12-24 -
2021-03-24		 3 months crt.sh
*.eu.auth0.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://auth.payflip.be/login?state=g6Fo2SBuYzBaV3JKdjZNZy16RnN1ejB5ODhyTVBZWmNGbXo5c6N0aWTZIHVXSm9iWHBEX243a0ItZDFOZklaSEtpUHVqbFdPdk1Io2NpZNkgOVFPMFdVVmlsMEhocmk3S2VJYjdhaTZ2d0tBZHBieGM&client=9QO0WUVil0Hhri7KeIb7ai6vwKAdpbxc&protocol=oauth2&audience=https%3A%2F%2Fpaysmart-admin-api.payflip.be&redirect_uri=https%3A%2F%2Fadmin-cafetariaplan.payflip.be&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=eHluSDV4c3gyV0tybE1vR0pDdExJUW1vM1p3b2lhajgxWHRoOVhfQlJpNw%3D%3D&code_challenge=W0l_Q0lNQv6UXSmR-TrGvykEudGzUcfNspMaloN0pz4&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4yLjAifQ%3D%3D
Frame ID: 96394A5CF30B5203D18383EDBE1417D7
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://admin-cafetariaplan.payflip.be/ Page URL
  2. https://auth.payflip.be/authorize?audience=https%3A%2F%2Fpaysmart-admin-api.payflip.be&client_id=9QO... HTTP 302
    https://auth.payflip.be/login?state=g6Fo2SBuYzBaV3JKdjZNZy16RnN1ejB5ODhyTVBZWmNGbXo5c6N0aWTZIHVXSm9i... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^Netlify/i

Page Statistics

13
Requests

92 %
HTTPS

60 %
IPv6

2
Domains

5
Subdomains

6
IPs

3
Countries

557 kB
Transfer

1691 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://admin-cafetariaplan.payflip.be/ Page URL
  2. https://auth.payflip.be/authorize?audience=https%3A%2F%2Fpaysmart-admin-api.payflip.be&client_id=9QO0WUVil0Hhri7KeIb7ai6vwKAdpbxc&redirect_uri=https%3A%2F%2Fadmin-cafetariaplan.payflip.be&scope=openid%20profile%20email&response_type=code&response_mode=query&state=fldRRW5%2Bb0NYWmx5Rmg1ZTN5M1ZxbXI0aGFYQXBQMTJ2Z2JxemNIS0txVg%3D%3D&nonce=eHluSDV4c3gyV0tybE1vR0pDdExJUW1vM1p3b2lhajgxWHRoOVhfQlJpNw%3D%3D&code_challenge=W0l_Q0lNQv6UXSmR-TrGvykEudGzUcfNspMaloN0pz4&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4yLjAifQ%3D%3D HTTP 302
    https://auth.payflip.be/login?state=g6Fo2SBuYzBaV3JKdjZNZy16RnN1ejB5ODhyTVBZWmNGbXo5c6N0aWTZIHVXSm9iWHBEX243a0ItZDFOZklaSEtpUHVqbFdPdk1Io2NpZNkgOVFPMFdVVmlsMEhocmk3S2VJYjdhaTZ2d0tBZHBieGM&client=9QO0WUVil0Hhri7KeIb7ai6vwKAdpbxc&protocol=oauth2&audience=https%3A%2F%2Fpaysmart-admin-api.payflip.be&redirect_uri=https%3A%2F%2Fadmin-cafetariaplan.payflip.be&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=eHluSDV4c3gyV0tybE1vR0pDdExJUW1vM1p3b2lhajgxWHRoOVhfQlJpNw%3D%3D&code_challenge=W0l_Q0lNQv6UXSmR-TrGvykEudGzUcfNspMaloN0pz4&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4yLjAifQ%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
admin-cafetariaplan.payflip.be/ 		1 KB
687 B 		Document
General
Check archive.org
Download Go to
Full URL
https://admin-cafetariaplan.payflip.be/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:e0::298:6001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
e3fbff1d360193096443dc8da4ae860d434352301c792eb8c633ef9756b8d5dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
admin-cafetariaplan.payflip.be
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
public, max-age=0, must-revalidate
content-type
text/html; charset=UTF-8
date
Thu, 11 Feb 2021 21:44:02 GMT
etag
"b03f075106683336c117b8f40852222f-ssl-df"
strict-transport-security
max-age=31536000
content-encoding
br
content-length
459
age
0
server
Netlify
vary
Accept-Encoding
x-nf-request-id
0bb3d1e3-0bae-46dd-99d9-e73d46fa5222-12813780
runtime.46ab1aabdce1cae13182.js
admin-cafetariaplan.payflip.be/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin-cafetariaplan.payflip.be/runtime.46ab1aabdce1cae13182.js
Requested by
Host: admin-cafetariaplan.payflip.be
URL: https://admin-cafetariaplan.payflip.be/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:e0::298:6001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
f6d6e2112a67d40900a5866e6ab90006bb62cf5bc218e0f9c8e87919a5181e07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://admin-cafetariaplan.payflip.be
Referer
https://admin-cafetariaplan.payflip.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id
0bb3d1e3-0bae-46dd-99d9-e73d46fa5222-12813853
date
Thu, 11 Feb 2021 21:44:02 GMT
content-encoding
br
server
Netlify
age
0
etag
"cbf2e4dcbc26825d515d1313c47887ea-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1109
polyfills.c5c4fdadab70353ad788.esm.js
admin-cafetariaplan.payflip.be/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin-cafetariaplan.payflip.be/polyfills.c5c4fdadab70353ad788.esm.js
Requested by
Host: admin-cafetariaplan.payflip.be
URL: https://admin-cafetariaplan.payflip.be/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:e0::298:6001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
14f2f50e859fc3a7ac991e5b9e8d02427427e9e1c283c022b8e4e3d0b21bf5ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://admin-cafetariaplan.payflip.be
Referer
https://admin-cafetariaplan.payflip.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id
0bb3d1e3-0bae-46dd-99d9-e73d46fa5222-12813854
date
Thu, 11 Feb 2021 21:44:02 GMT
content-encoding
br
server
Netlify
age
0
etag
"06eb9a9da22fad7fa95b9b452d9826f3-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
main.dc50d7ec6390084d9146.esm.js
admin-cafetariaplan.payflip.be/ 		736 KB
245 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin-cafetariaplan.payflip.be/main.dc50d7ec6390084d9146.esm.js
Requested by
Host: admin-cafetariaplan.payflip.be
URL: https://admin-cafetariaplan.payflip.be/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:e0::298:6001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
a6b4f8ba225ca9c90e4b48e850678a68c745a1c8e848c092fc7f3f1669e0ad0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://admin-cafetariaplan.payflip.be
Referer
https://admin-cafetariaplan.payflip.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id
0bb3d1e3-0bae-46dd-99d9-e73d46fa5222-12813855
date
Thu, 11 Feb 2021 21:44:02 GMT
content-encoding
br
server
Netlify
age
0
etag
"1141b2bc1a9b46ba4659a1020c3fafbf-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
5.a399fd4e17c844f50a39.esm.js
admin-cafetariaplan.payflip.be/ 		105 B
232 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admin-cafetariaplan.payflip.be/5.a399fd4e17c844f50a39.esm.js
Requested by
Host: admin-cafetariaplan.payflip.be
URL: https://admin-cafetariaplan.payflip.be/runtime.46ab1aabdce1cae13182.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:e0::298:6001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://admin-cafetariaplan.payflip.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id
0bb3d1e3-0bae-46dd-99d9-e73d46fa5222-12814468
date
Thu, 11 Feb 2021 21:44:03 GMT
server
Netlify
age
0
etag
"403bb8f25cac760b5d5e9cb0388b9e09-ssl"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
105
authorize
auth.payflip.be/ 		0
0
Primary Request login
auth.payflip.be/
Redirect Chain
  • https://auth.payflip.be/authorize?audience=https%3A%2F%2Fpaysmart-admin-api.payflip.be&client_id=9QO0WUVil0Hhri7KeIb7ai6vwKAdpbxc&redirect_uri=https%3A%2F%2Fadmin-cafetariaplan.payflip.be&scope=ope...
  • https://auth.payflip.be/login?state=g6Fo2SBuYzBaV3JKdjZNZy16RnN1ejB5ODhyTVBZWmNGbXo5c6N0aWTZIHVXSm9iWHBEX243a0ItZDFOZklaSEtpUHVqbFdPdk1Io2NpZNkgOVFPMFdVVmlsMEhocmk3S2VJYjdhaTZ2d0tBZHBieGM&client=9Q...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.payflip.be/login?state=g6Fo2SBuYzBaV3JKdjZNZy16RnN1ejB5ODhyTVBZWmNGbXo5c6N0aWTZIHVXSm9iWHBEX243a0ItZDFOZklaSEtpUHVqbFdPdk1Io2NpZNkgOVFPMFdVVmlsMEhocmk3S2VJYjdhaTZ2d0tBZHBieGM&client=9QO0WUVil0Hhri7KeIb7ai6vwKAdpbxc&protocol=oauth2&audience=https%3A%2F%2Fpaysmart-admin-api.payflip.be&redirect_uri=https%3A%2F%2Fadmin-cafetariaplan.payflip.be&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=eHluSDV4c3gyV0tybE1vR0pDdExJUW1vM1p3b2lhajgxWHRoOVhfQlJpNw%3D%3D&code_challenge=W0l_Q0lNQv6UXSmR-TrGvykEudGzUcfNspMaloN0pz4&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4yLjAifQ%3D%3D
Requested by
Host: admin-cafetariaplan.payflip.be
URL: https://admin-cafetariaplan.payflip.be/main.dc50d7ec6390084d9146.esm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f458 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
486a9d92178499980711570dde65ea3b36610af912750134b0825c2ae4331d17
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
auth.payflip.be
:scheme
https
:path
/login?state=g6Fo2SBuYzBaV3JKdjZNZy16RnN1ejB5ODhyTVBZWmNGbXo5c6N0aWTZIHVXSm9iWHBEX243a0ItZDFOZklaSEtpUHVqbFdPdk1Io2NpZNkgOVFPMFdVVmlsMEhocmk3S2VJYjdhaTZ2d0tBZHBieGM&client=9QO0WUVil0Hhri7KeIb7ai6vwKAdpbxc&protocol=oauth2&audience=https%3A%2F%2Fpaysmart-admin-api.payflip.be&redirect_uri=https%3A%2F%2Fadmin-cafetariaplan.payflip.be&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=eHluSDV4c3gyV0tybE1vR0pDdExJUW1vM1p3b2lhajgxWHRoOVhfQlJpNw%3D%3D&code_challenge=W0l_Q0lNQv6UXSmR-TrGvykEudGzUcfNspMaloN0pz4&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4yLjAifQ%3D%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://admin-cafetariaplan.payflip.be/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=dc54a358cefd669c1967fdacfc5f86d0c1613079843; did=s%3Av0%3A426adc10-6cb2-11eb-830e-bddfac1a3aec.iHR%2FYhv3cp3box2jXVrxQDavrq7f9hfsrSjMHsDMJ5U; auth0=s%3AJIc7qHJ3c8k-eKAXPUrko0azn8XNpwQY.jw2C9nKx6fWg8Baboq1mJu4cWW2Etf8GFPCZh3ec5f0; did_compat=s%3Av0%3A426adc10-6cb2-11eb-830e-bddfac1a3aec.iHR%2FYhv3cp3box2jXVrxQDavrq7f9hfsrSjMHsDMJ5U; auth0_compat=s%3AJIc7qHJ3c8k-eKAXPUrko0azn8XNpwQY.jw2C9nKx6fWg8Baboq1mJu4cWW2Etf8GFPCZh3ec5f0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://admin-cafetariaplan.payflip.be/

Response headers

date
Thu, 11 Feb 2021 21:44:04 GMT
content-type
text/html; charset=utf-8
cf-ray
62013fc0daf9c2d1-FRA
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
content-encoding
gzip
etag
W/"a7f-dbAMRgtN7z338k33RkUt8XuryYU"
set-cookie
_csrf=gScculrzsnTfNZqCwdV4knMv; Max-Age=864000; Path=/usernamepassword/login; HttpOnly; Secure
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0834a62c850000c2d1661ab000000001
content-security-policy
frame-ancestors 'none'
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
62013fc0daf9c2d1
ot-tracer-sampled
true
ot-tracer-spanid
03b4df204b4a5308
ot-tracer-traceid
5f3907ff336ef967
referrer-policy
same-origin
x-auth0-requestid
0d99537edd6a5c191893
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1613079845
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
server
cloudflare
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Thu, 11 Feb 2021 21:44:03 GMT
content-type
text/html; charset=utf-8
content-length
1394
set-cookie
__cfduid=dc54a358cefd669c1967fdacfc5f86d0c1613079843; expires=Sat, 13-Mar-21 21:44:03 GMT; path=/; domain=.auth.payflip.be; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3A426adc10-6cb2-11eb-830e-bddfac1a3aec.iHR%2FYhv3cp3box2jXVrxQDavrq7f9hfsrSjMHsDMJ5U; Max-Age=31557600; Path=/; Expires=Sat, 12 Feb 2022 03:44:03 GMT; HttpOnly; Secure; SameSite=None auth0=s%3AJIc7qHJ3c8k-eKAXPUrko0azn8XNpwQY.jw2C9nKx6fWg8Baboq1mJu4cWW2Etf8GFPCZh3ec5f0; Path=/; Expires=Sun, 14 Feb 2021 21:44:03 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A426adc10-6cb2-11eb-830e-bddfac1a3aec.iHR%2FYhv3cp3box2jXVrxQDavrq7f9hfsrSjMHsDMJ5U; Max-Age=31557600; Path=/; Expires=Sat, 12 Feb 2022 03:44:03 GMT; HttpOnly; Secure auth0_compat=s%3AJIc7qHJ3c8k-eKAXPUrko0azn8XNpwQY.jw2C9nKx6fWg8Baboq1mJu4cWW2Etf8GFPCZh3ec5f0; Path=/; Expires=Sun, 14 Feb 2021 21:44:03 GMT; HttpOnly; Secure
location
/login?state=g6Fo2SBuYzBaV3JKdjZNZy16RnN1ejB5ODhyTVBZWmNGbXo5c6N0aWTZIHVXSm9iWHBEX243a0ItZDFOZklaSEtpUHVqbFdPdk1Io2NpZNkgOVFPMFdVVmlsMEhocmk3S2VJYjdhaTZ2d0tBZHBieGM&client=9QO0WUVil0Hhri7KeIb7ai6vwKAdpbxc&protocol=oauth2&audience=https%3A%2F%2Fpaysmart-admin-api.payflip.be&redirect_uri=https%3A%2F%2Fadmin-cafetariaplan.payflip.be&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=eHluSDV4c3gyV0tybE1vR0pDdExJUW1vM1p3b2lhajgxWHRoOVhfQlJpNw%3D%3D&code_challenge=W0l_Q0lNQv6UXSmR-TrGvykEudGzUcfNspMaloN0pz4&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4yLjAifQ%3D%3D
cf-ray
62013fc029d4c2d1-FRA
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
strict-transport-security
max-age=31536000
vary
Accept, Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0834a62c150000c2d1bab46000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
62013fc029d4c2d1
ot-tracer-sampled
true
ot-tracer-spanid
397b764244d12c39
ot-tracer-traceid
78874e2960a48008
x-auth0-requestid
4f690da8633c94d3d40f
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1613079844
server
cloudflare
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
lock.min.js
cdn.auth0.com/js/lock/11.26/ 		817 KB
231 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/lock/11.26/lock.min.js
Requested by
Host: auth.payflip.be
URL: https://auth.payflip.be/login?state=g6Fo2SBuYzBaV3JKdjZNZy16RnN1ejB5ODhyTVBZWmNGbXo5c6N0aWTZIHVXSm9iWHBEX243a0ItZDFOZklaSEtpUHVqbFdPdk1Io2NpZNkgOVFPMFdVVmlsMEhocmk3S2VJYjdhaTZ2d0tBZHBieGM&client=9QO0WUVil0Hhri7KeIb7ai6vwKAdpbxc&protocol=oauth2&audience=https%3A%2F%2Fpaysmart-admin-api.payflip.be&redirect_uri=https%3A%2F%2Fadmin-cafetariaplan.payflip.be&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=eHluSDV4c3gyV0tybE1vR0pDdExJUW1vM1p3b2lhajgxWHRoOVhfQlJpNw%3D%3D&code_challenge=W0l_Q0lNQv6UXSmR-TrGvykEudGzUcfNspMaloN0pz4&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4yLjAifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.208.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-208-119.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
866fb4f98f43e3c8124def3f30d32a6d36772e74a969e5618c832768dd92617b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
Fq3Rf_lDUSrVkfpsOKDr33mdY3g3ZWCr
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 19:37:07 GMT
server
AmazonS3
age
10203
etag
W/"a30a19c70195c1da89a685c2bfc2ff83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control
max-age=10800,public
date
Thu, 11 Feb 2021 18:54:56 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
2acvqihzRoBnUEe6yPThtETM5zsLWfpRDxyPboG4ZdtvVVhKTZktcQ==
Logo_Payflip-2.png
payflip.be/wp-content/uploads/2019/09/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payflip.be/wp-content/uploads/2019/09/Logo_Payflip-2.png
Requested by
Host: auth.payflip.be
URL: https://auth.payflip.be/login?state=g6Fo2SBuYzBaV3JKdjZNZy16RnN1ejB5ODhyTVBZWmNGbXo5c6N0aWTZIHVXSm9iWHBEX243a0ItZDFOZklaSEtpUHVqbFdPdk1Io2NpZNkgOVFPMFdVVmlsMEhocmk3S2VJYjdhaTZ2d0tBZHBieGM&client=9QO0WUVil0Hhri7KeIb7ai6vwKAdpbxc&protocol=oauth2&audience=https%3A%2F%2Fpaysmart-admin-api.payflip.be&redirect_uri=https%3A%2F%2Fadmin-cafetariaplan.payflip.be&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=eHluSDV4c3gyV0tybE1vR0pDdExJUW1vM1p3b2lhajgxWHRoOVhfQlJpNw%3D%3D&code_challenge=W0l_Q0lNQv6UXSmR-TrGvykEudGzUcfNspMaloN0pz4&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4yLjAifQ%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a00:1c98:1000:10d3:0:1:ee41:41b0 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
Software
nginx /
Resource Hash
64b2c526e0768dbe10c202dcd5ca7f360c37774daeb4150de27dea1c756cd512

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Feb 2021 21:44:04 GMT
Last-Modified
Tue, 03 Sep 2019 10:12:27 GMT
Server
nginx
ETag
"b507-591a3535bd39e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46343
en.js
cdn.auth0.com/js/lock/11.26.3/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/lock/11.26.3/en.js
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.26/lock.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.208.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-208-119.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f75963df24c9c146b11380a0f1fe36d0e6cbd66594f823d31b751c1df46a2bc4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
qBKMknmjgjJAedw5rMb075fSiYplUPKO
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 19:37:06 GMT
server
AmazonS3
age
22123
etag
W/"1965f492fc53be98849df127e3928a42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control
max-age=2628000,public
date
Thu, 11 Feb 2021 15:35:22 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
zVaJRygYh8kPvqQa8OJen6VxZBurtMRI2HN27DbJt2MKclYRTIgekQ==
9QO0WUVil0Hhri7KeIb7ai6vwKAdpbxc.js
cdn.eu.auth0.com/client/ 		370 B
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eu.auth0.com/client/9QO0WUVil0Hhri7KeIb7ai6vwKAdpbxc.js?t1613079844459
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.26/lock.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.184 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b8be4439f6815711b49b51b84e2c1a324c7ab5f4794560ac5b3dc80c8321657
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 21:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-auth0-requestid
b655acba5f12ab516d50
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0834a62ed60000c290beba5000000001
server
cloudflare
ot-tracer-sampled
true
etag
W/"172-DDVURwDyOvAHGDOHuDIcD3Yj3A8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
ot-tracer-traceid
636b2a60389f221d
cache-control
public, max-age=60
ot-baggage-auth0-request-id
62013fc488b1c290
cf-ray
62013fc488b1c290-FRA
x-amz-cf-id
pgSdvJjAOpDPhYAlSAtCgRYWg3GrBiR5VG5ywk0Rj2TxPq-rp2s2hQ==
ot-tracer-spanid
752805a3681a97b6
challenge
auth.payflip.be/usernamepassword/ 		9 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.payflip.be/usernamepassword/challenge
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.26/lock.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f458 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Auth0-Client
eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4yLjAiLCJlbnYiOnsibG9jay5qcy11bHAiOiIxMS4yNi4zIiwiYXV0aDAuanMtdWxwIjoiOS4xMy40IiwiYXV0aDAuanMiOiI5LjEzLjQifX0=
Referer
https://auth.payflip.be/login?state=g6Fo2SBuYzBaV3JKdjZNZy16RnN1ejB5ODhyTVBZWmNGbXo5c6N0aWTZIHVXSm9iWHBEX243a0ItZDFOZklaSEtpUHVqbFdPdk1Io2NpZNkgOVFPMFdVVmlsMEhocmk3S2VJYjdhaTZ2d0tBZHBieGM&client=9QO0WUVil0Hhri7KeIb7ai6vwKAdpbxc&protocol=oauth2&audience=https%3A%2F%2Fpaysmart-admin-api.payflip.be&redirect_uri=https%3A%2F%2Fadmin-cafetariaplan.payflip.be&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=eHluSDV4c3gyV0tybE1vR0pDdExJUW1vM1p3b2lhajgxWHRoOVhfQlJpNw%3D%3D&code_challenge=W0l_Q0lNQv6UXSmR-TrGvykEudGzUcfNspMaloN0pz4&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4yLjAifQ%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Feb 2021 21:44:04 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-auth0-requestid
3222d7649c5720953a92
strict-transport-security
max-age=31536000
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9
cf-request-id
0834a62e710000c2d1b11cb000000001
server
cloudflare
ot-tracer-sampled
true
etag
W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
ot-tracer-traceid
41178f7e053199f3
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
ot-baggage-auth0-request-id
62013fc3efaac2d1
cf-ray
62013fc3efaac2d1-FRA
ot-tracer-spanid
1f92b94a2cc57a6c
ssodata
auth.payflip.be/user/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.payflip.be/user/ssodata
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.26/lock.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f458 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.payflip.be/login?state=g6Fo2SBuYzBaV3JKdjZNZy16RnN1ejB5ODhyTVBZWmNGbXo5c6N0aWTZIHVXSm9iWHBEX243a0ItZDFOZklaSEtpUHVqbFdPdk1Io2NpZNkgOVFPMFdVVmlsMEhocmk3S2VJYjdhaTZ2d0tBZHBieGM&client=9QO0WUVil0Hhri7KeIb7ai6vwKAdpbxc&protocol=oauth2&audience=https%3A%2F%2Fpaysmart-admin-api.payflip.be&redirect_uri=https%3A%2F%2Fadmin-cafetariaplan.payflip.be&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=eHluSDV4c3gyV0tybE1vR0pDdExJUW1vM1p3b2lhajgxWHRoOVhfQlJpNw%3D%3D&code_challenge=W0l_Q0lNQv6UXSmR-TrGvykEudGzUcfNspMaloN0pz4&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4yLjAifQ%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 21:44:04 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-auth0-requestid
b6b85a4f4ae1447fb047
strict-transport-security
max-age=31536000
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0834a62f360000c2d1893fc000000001
server
cloudflare
ot-tracer-sampled
true
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
ot-tracer-traceid
5826cb840c3737a9
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
ot-baggage-auth0-request-id
62013fc52976c2d1
cf-ray
62013fc52976c2d1-FRA
ot-tracer-spanid
3ccae2d146c0f715

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
auth.payflip.be
URL
https://auth.payflip.be/authorize?audience=https%3A%2F%2Fpaysmart-admin-api.payflip.be&client_id=9QO0WUVil0Hhri7KeIb7ai6vwKAdpbxc&redirect_uri=https%3A%2F%2Fadmin-cafetariaplan.payflip.be&scope=openid%20profile%20email&response_type=code&response_mode=query&state=S356X1NfbEVYWXlzaWNpSzNPZU9EdXNrRW51UXZXT3otUGxHNHVWVWhqSw%3D%3D&nonce=Vkx%2BcFpYNENhbTJYdW00dmdRRjlQRFctTy1od1drNHh%2BZnZNRUdMQVR1eA%3D%3D&code_challenge=DwjuiohdMFNzA4Cot32pkWJ0iru7fXqIbTHxThKm8Zw&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4yLjAifQ%3D%3D

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Auth0 function| Auth0Lock function| Auth0LockPasswordless object| authParams object| lock

3 Cookies

Domain/Path Name / Value
auth.payflip.be/ Name: did_compat
Value: s%3Av0%3A42c3f890-6cb2-11eb-a318-bfab002daaf8.4bz9ijsQLmhrkJ2c4vdm8i8VqdH%2BxVR5Hbd94rJH9RY
auth.payflip.be/ Name: did
Value: s%3Av0%3A42c3f890-6cb2-11eb-a318-bfab002daaf8.4bz9ijsQLmhrkJ2c4vdm8i8VqdH%2BxVR5Hbd94rJH9RY
.auth.payflip.be/ Name: __cfduid
Value: dc01d910c8706a4cfff8ea9d5005a8a941613079844

1 Console Messages

Source Level URL
Text
console-api warning URL: https://cdn.auth0.com/js/lock/11.26/lock.min.js(Line 9)
Message:
There was an error fetching the SSO data. This is expected - and not a problem - if the tenant has Seamless SSO enabled. If the tenant doesn't have Seamless SSO enabled, this could simply mean that there was a problem with the network. But, if a "Origin" error has been logged before this warning, please add "https://auth.payflip.be" to the "Allowed Web Origins" list in the Auth0 dashboard: https://manage.auth0.com/#/applications/9QO0WUVil0Hhri7KeIb7ai6vwKAdpbxc/settings

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000