sso.caas.gov.sg Open in urlscan Pro
2606:4f00::22:64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://atfm.caas.gov.sg/
Effective URL:
https://sso.caas.gov.sg/auth/realms/caas/protocol/openid-connect/auth?response_type=code&client_id=atfm.caas.gov.sg&redi...
Submission: On June 28 via api (June 28th 2024, 12:14:29 am UTC) from SG — Scanned from SG

Summary HTTP 13 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 2606:4f00::22:64, located in United States and belongs to DOSARREST, US. The main domain is sso.caas.gov.sg.
TLS certificate: Issued by Entrust Certification Authority - L1M on June 26th 2024. Valid for: a year.

This is the only time sso.caas.gov.sg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4f00::22:50 2606:4f00::22:50	19324 (DOSARREST) (DOSARREST)
11	2606:4f00::22:64 2606:4f00::22:64	19324 (DOSARREST) (DOSARREST)
13	2

3 2606:4f00::22:50 (United States) 1 redirects

ASN19324 (DOSARREST, US)

atfm.caas.gov.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4f00::22:64 (United States)

ASN19324 (DOSARREST, US)

sso.caas.gov.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	caas.gov.sg 1 redirects atfm.caas.gov.sg sso.caas.gov.sg	363 KB
13	1

	Domain	Requested by
11	sso.caas.gov.sg	sso.caas.gov.sg
3	atfm.caas.gov.sg	1 redirects
13	2

This site contains links to these domains. Also see Links.

Domain
www.caas.gov.sg
www.gov.sg

Subject Issuer	Validity	Valid
atfm.caas.gov.sg Entrust Certification Authority - L1M	`2024-06-26` - `2025-07-26`	a year	crt.sh
sso.caas.gov.sg Entrust Certification Authority - L1M	`2024-06-26` - `2025-07-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sso.caas.gov.sg/auth/realms/caas/protocol/openid-connect/auth?response_type=code&client_id=atfm.caas.gov.sg&redirect_uri=https%3A%2F%2Fatfm.caas.gov.sg%2Fharmonyweb%2Fapp&state=94e7df30-0f8a-4e71-8a7b-e6e8710f1484&login=true&scope=openid
Frame ID: 8A2531D2E6AAD1E9CAA48CC847AEE71D
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in to caas

Page URL History Show full URLs

https://atfm.caas.gov.sg/ Page URL
https://atfm.caas.gov.sg/harmonyweb/app HTTP 302
https://sso.caas.gov.sg/auth/realms/caas/protocol/openid-connect/auth?response_type=code&client_id=a... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

363 kB
Transfer

620 kB
Size

5
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.caas.gov.sg/

Search URL Search Domain Scan URL

URL: https://www.gov.sg/

Search URL Search Domain Scan URL

URL: https://www.caas.gov.sg/about-caas
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.caas.gov.sg/about-caas/contact-us
Title: Contact Info

Search URL Search Domain Scan URL

URL: https://www.caas.gov.sg/rate-this-site
Title: Feedback

Search URL Search Domain Scan URL

URL: https://www.caas.gov.sg/useful-links
Title: Useful Links

Search URL Search Domain Scan URL

URL: https://www.caas.gov.sg/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.caas.gov.sg/privacy-statement
Title: Privacy statement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://atfm.caas.gov.sg/ Page URL
https://atfm.caas.gov.sg/harmonyweb/app HTTP 302
https://sso.caas.gov.sg/auth/realms/caas/protocol/openid-connect/auth?response_type=code&client_id=atfm.caas.gov.sg&redirect_uri=https%3A%2F%2Fatfm.caas.gov.sg%2Fharmonyweb%2Fapp&state=94e7df30-0f8a-4e71-8a7b-e6e8710f1484&login=true&scope=openid Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
atfm.caas.gov.sg/ 279 B
1 KB 3200ms
3148ms Document
text/html 2606:4f00::22:50
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://atfm.caas.gov.sg/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2606:4f00::22:50 , United States, ASN19324 (DOSARREST, US),

Reverse DNS

Software

DOSarrest /

Resource Hash

f35f256d8c7d16404ab0698baeb97b200e278eaf9859a7cb86e402989a9dedb9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .domainname .caas.gov.sg wss://.domainname wss://.caas.gov.sg 'unsafe-inline' data: blob:; img-src 'self' .domainname .caas.gov.sg wss://.domainname wss://.caas.gov.sg data: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' .domainname .caas.gov.sg wss://.domainname wss://.caas.gov.sg 'unsafe-eval' 'unsafe-inline'; frame-ancestors 'self' .domainname .caas.gov.sg wss://.domainname wss://.caas.gov.sg
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=0 no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 279
Content-Security-Policy: default-src 'self' *.domainname *.caas.gov.sg wss://*.domainname wss://*.caas.gov.sg 'unsafe-inline' data: blob:; img-src 'self' *.domainname *.caas.gov.sg wss://*.domainname wss://*.caas.gov.sg data: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' *.domainname *.caas.gov.sg wss://*.domainname wss://*.caas.gov.sg 'unsafe-eval' 'unsafe-inline'; frame-ancestors 'self' *.domainname *.caas.gov.sg wss://*.domainname wss://*.caas.gov.sg
Content-Type: text/html
Date: Fri, 28 Jun 2024 00:14:18 GMT
ETag: "65ef7835-117"
Expires: Fri, 28 Jun 2024 00:14:18 GMT
Keep-Alive: timeout=20
Last-Modified: Mon, 11 Mar 2024 21:31:33 GMT
Referrer-Policy: no-referrer
Server: DOSarrest
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
X-DIS-Request-ID: 90ba125afc63ddd1f2e1503b570d18c5
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

Primary Request auth Show response
sso.caas.gov.sg/auth/realms/caas/protocol/openid-connect/
Redirect Chain

https://atfm.caas.gov.sg/harmonyweb/app
https://sso.caas.gov.sg/auth/realms/caas/protocol/openid-connect/auth?response_type=code&client_id=atfm.caas.gov.sg&redirect_uri=https%3A%2F%2Fatfm.caas.gov.sg%2Fharmonyweb%2Fapp&state=94e7df30-0f8...

14 KB
5 KB

512ms
498ms

Document
text/html

2606:4f00::22:64
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.caas.gov.sg/auth/realms/caas/protocol/openid-connect/auth?response_type=code&client_id=atfm.caas.gov.sg&redirect_uri=https%3A%2F%2Fatfm.caas.gov.sg%2Fharmonyweb%2Fapp&state=94e7df30-0f8a-4e71-8a7b-e6e8710f1484&login=true&scope=openid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2606:4f00::22:64 , United States, ASN19324 (DOSARREST, US),

Reverse DNS

Software

DOSarrest /

Resource Hash

b00ac51a37b3f210f6811ba1017c809822266c5023875a18edb17f46f66edd8c

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Referer: https://atfm.caas.gov.sg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Language: en
Content-Security-Policy: frame-src 'self'
Content-Type: text/html;charset=utf-8
Date: Fri, 28 Jun 2024 00:14:18 GMT
Keep-Alive: timeout=20
Referrer-Policy: no-referrer
Server: DOSarrest
Strict-Transport-Security: max-age=31536000; includeSubdomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-DIS-Request-ID: 19fd57c4c8e3c4facd9db8c0ee90beac
X-Frame-Options: SAMEORIGIN
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 28 Jun 2024 00:14:18 GMT
Expires: Fri, 28 Jun 2024 00:14:18 GMT
Keep-Alive: timeout=20
Location: https://sso.caas.gov.sg/auth/realms/caas/protocol/openid-connect/auth?response_type=code&client_id=atfm.caas.gov.sg&redirect_uri=https%3A%2F%2Fatfm.caas.gov.sg%2Fharmonyweb%2Fapp&state=94e7df30-0f8a-4e71-8a7b-e6e8710f1484&login=true&scope=openid
Server: DOSarrest
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-DIS-Request-ID: f3e5ca09c49259bd5b6b5d8a9439abb3

GET
H/1.1 200
OK favicon.ico
atfm.caas.gov.sg/ 2 KB
2 KB 74ms
68ms Other
text/html 2606:4f00::22:50
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://atfm.caas.gov.sg/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2606:4f00::22:50 , United States, ASN19324 (DOSARREST, US),

Reverse DNS

Software

DOSarrest /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .domainname .caas.gov.sg wss://.domainname wss://.caas.gov.sg 'unsafe-inline' data: blob:; img-src 'self' .domainname .caas.gov.sg wss://.domainname wss://.caas.gov.sg data: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' .domainname .caas.gov.sg wss://.domainname wss://.caas.gov.sg 'unsafe-eval' 'unsafe-inline'; frame-ancestors 'self' .domainname .caas.gov.sg wss://.domainname wss://.caas.gov.sg
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 00:14:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.domainname *.caas.gov.sg wss://*.domainname wss://*.caas.gov.sg 'unsafe-inline' data: blob:; img-src 'self' *.domainname *.caas.gov.sg wss://*.domainname wss://*.caas.gov.sg data: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' *.domainname *.caas.gov.sg wss://*.domainname wss://*.caas.gov.sg 'unsafe-eval' 'unsafe-inline'; frame-ancestors 'self' *.domainname *.caas.gov.sg wss://*.domainname wss://*.caas.gov.sg
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-DIS-Request-ID: 46026d71daa021dc558ebf9198831e10
Referrer-Policy: no-referrer
Last-Modified: Fri, 01 Mar 2024 16:04:19 GMT
Server: DOSarrest
ETag: W/"65e1fc83-997"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, no-cache,no-store,must-revalidate
Keep-Alive: timeout=20
Expires: Fri, 28 Jun 2024 00:14:18 GMT

GET
H/1.1 200
OK patternfly.css
sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/lib/patternfly/css/ 265 KB
39 KB 10ms
7ms Stylesheet
text/css 2606:4f00::22:64
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/lib/patternfly/css/patternfly.css

Requested by

Host: sso.caas.gov.sg
URL: https://sso.caas.gov.sg/auth/realms/caas/protocol/openid-connect/auth?response_type=code&client_id=atfm.caas.gov.sg&redirect_uri=https%3A%2F%2Fatfm.caas.gov.sg%2Fharmonyweb%2Fapp&state=94e7df30-0f8a-4e71-8a7b-e6e8710f1484&login=true&scope=openid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2606:4f00::22:64 , United States, ASN19324 (DOSARREST, US),

Reverse DNS

Software

DOSarrest /

Resource Hash

7685c43289acf173eee8f2234ee18873700fd0c0c80b69fbebbc6f62a19969e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 00:14:18 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Server: DOSarrest
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=20
X-XSS-Protection: 1; mode=block
X-DIS-Request-ID: 35d1f503aaad13886e8806caffbd4087

GET
H/1.1 200
OK zocial.css
sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/lib/zocial/ 43 KB
23 KB 20ms
7ms Stylesheet
text/css 2606:4f00::22:64
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/lib/zocial/zocial.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2606:4f00::22:64 , United States, ASN19324 (DOSARREST, US),

Reverse DNS

Software

DOSarrest /

Resource Hash

1cd1769a899ea4dd16da89e7a10db29a519bd817e094f058bade93b1e4d5aeb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 00:14:18 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Server: DOSarrest
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=20
X-XSS-Protection: 1; mode=block
X-DIS-Request-ID: 94b563285124152c461b2427334f3045

GET
H/1.1 200
OK login.css
sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/css/ 7 KB
2 KB 24ms
9ms Stylesheet
text/css 2606:4f00::22:64
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/css/login.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2606:4f00::22:64 , United States, ASN19324 (DOSARREST, US),

Reverse DNS

Software

DOSarrest /

Resource Hash

96fc1550d5efd0ecea64d920e2afb1f0ebcb5822ddb8d0e8ea9a51c202fa75cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 00:14:18 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Server: DOSarrest
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 1903
X-XSS-Protection: 1; mode=block
X-DIS-Request-ID: 5e48e0c99465de7ab2370c61cecb8354

GET
H/1.1 200
OK styles.css
sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/css/ 255 B
603 B 29ms
5ms Stylesheet
text/css 2606:4f00::22:64
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/css/styles.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2606:4f00::22:64 , United States, ASN19324 (DOSARREST, US),

Reverse DNS

Software

DOSarrest /

Resource Hash

389467456642d365b4bc2de1b790e1eb9693bd6652dccd71ed47b2fd0dae4051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 00:14:18 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Server: DOSarrest
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 153
X-XSS-Protection: 1; mode=block
X-DIS-Request-ID: 80844bca247ff691a874c9adb092f5ee

GET
H/1.1 200
OK harmony.js Show response
sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/js/ 674 B
749 B 90ms
66ms Script
text/javascript 2606:4f00::22:64
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/js/harmony.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2606:4f00::22:64 , United States, ASN19324 (DOSARREST, US),

Reverse DNS

Software

DOSarrest /

Resource Hash

cde33bb261d0910220ae169cca67aaf3ea3e8a9e9f0ba4d2a55704157fa05b17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 00:14:18 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Server: DOSarrest
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 292
X-XSS-Protection: 1; mode=block
X-DIS-Request-ID: 277de3eccc24eb4bc2e88e27337e4488

GET
H/1.1 200
OK CAAS-Harmony-Background.png
sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/img/ 203 KB
203 KB 16ms
14ms Image
image/png 2606:4f00::22:64
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/img/CAAS-Harmony-Background.png

Requested by

Host: sso.caas.gov.sg
URL: https://sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/css/login.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2606:4f00::22:64 , United States, ASN19324 (DOSARREST, US),

Reverse DNS

Software

DOSarrest /

Resource Hash

a3ef636871f176725baefd15d4c77539418679740a8e1f4b154b7f3d4f8d507d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 00:14:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: DOSarrest
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=20
X-XSS-Protection: 1; mode=block
X-DIS-Request-ID: 3777837e7b10a99a5bc22b27e3e9768b

GET
H/1.1 200
OK CAAS_color_logo.PNG
sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/img/ 21 KB
22 KB 18ms
17ms Image
image/png 2606:4f00::22:64
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/img/CAAS_color_logo.PNG

Requested by

Host: sso.caas.gov.sg
URL: https://sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/css/login.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2606:4f00::22:64 , United States, ASN19324 (DOSARREST, US),

Reverse DNS

Software

DOSarrest /

Resource Hash

b83f8935797521f5b249c5de3db4d73e1d14c15aa9c7b78065b598db18a2d4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 00:14:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: DOSarrest
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=20
X-XSS-Protection: 1; mode=block
X-DIS-Request-ID: 340ce154c55dc5a66e78bd492eb00fb8

GET
H/1.1 200
OK CAAS_gov_logo.PNG
sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/img/ 7 KB
7 KB 12ms
11ms Image
image/png 2606:4f00::22:64
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/img/CAAS_gov_logo.PNG

Requested by

Host: sso.caas.gov.sg
URL: https://sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/css/login.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2606:4f00::22:64 , United States, ASN19324 (DOSARREST, US),

Reverse DNS

Software

DOSarrest /

Resource Hash

a89f42c8b949e03341deb7bda47b5d95fa6757cf5a7881de368e469438c84522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 00:14:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: DOSarrest
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 7232
X-XSS-Protection: 1; mode=block
X-DIS-Request-ID: e26039bd991c0f34ee1e957a747597a6

GET
H/1.1 200
OK fontawesome-webfont.woff2
sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/lib/components/font-awesome/fonts/ 55 KB
56 KB 21ms
21ms Font
application/octet-stream 2606:4f00::22:64
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/lib/components/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: sso.caas.gov.sg
URL: https://sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/lib/patternfly/css/patternfly.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2606:4f00::22:64 , United States, ASN19324 (DOSARREST, US),

Reverse DNS

Software

DOSarrest /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://sso.caas.gov.sg
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 00:14:18 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Server: DOSarrest
Transfer-Encoding: chunked
Content-Type: application/octet-stream
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=20
X-XSS-Protection: 1; mode=block
X-DIS-Request-ID: 21ba2fdc9a291e2ae188fa82ee4ca7cf

GET
H/1.1 200
OK favicon.ico
sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/img/ 627 B
1 KB 5ms
3ms Other
application/octet-stream 2606:4f00::22:64
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.caas.gov.sg/auth/resources/erymj/login/theme.sg/img/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2606:4f00::22:64 , United States, ASN19324 (DOSARREST, US),

Reverse DNS

Software

DOSarrest /

Resource Hash

47dcf1f1a8f1afd68297a294a263849069a7a62b2e86550241416c2cc56c5676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 00:14:18 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Server: DOSarrest
Content-Type: application/octet-stream
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 650
X-XSS-Protection: 1; mode=block
X-DIS-Request-ID: db37b21e27b45ef61cd859f031691e65

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sso.caas.gov.sg/auth/realms/caas/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 08d9faa8-59b3-41f5-96a3-01b02f0df5bf.exto-idp-01
sso.caas.gov.sg/auth/realms/caas/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 08d9faa8-59b3-41f5-96a3-01b02f0df5bf.exto-idp-01
sso.caas.gov.sg/auth/realms/caas/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI5YjFlZGQ2MC0xNjJmLTQyODctYTczOS01OWIzZGQwZDAxM2IifQ.eyJjaWQiOiJhdGZtLmNhYXMuZ292LnNnIiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9hdGZtLmNhYXMuZ292LnNnL2hhcm1vbnl3ZWIvYXBwIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQiLCJpc3MiOiJodHRwczovL3Nzby5jYWFzLmdvdi5zZy9hdXRoL3JlYWxtcy9jYWFzIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL2F0Zm0uY2Fhcy5nb3Yuc2cvaGFybW9ueXdlYi9hcHAiLCJzdGF0ZSI6Ijk0ZTdkZjMwLTBmOGEtNGU3MS04YTdiLWU2ZTg3MTBmMTQ4NCIsImNsaWVudF9yZXF1ZXN0X3BhcmFtX2xvZ2luIjoidHJ1ZSJ9fQ.P3nLrSy_5I8uhfYF9bWo8SCwUlr2UQur1g4Qfv_Oi20
atfm.caas.gov.sg/	1969-12-31 23:59:59	Name: JSESSIONID Value: 3C65C1058037AC2507006C3BAAF5A85E
atfm.caas.gov.sg/	1969-12-31 23:59:59	Name: OAuth_Token_Request_State Value: 94e7df30-0f8a-4e71-8a7b-e6e8710f1484

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .domainname .caas.gov.sg wss://.domainname wss://.caas.gov.sg 'unsafe-inline' data: blob:; img-src 'self' .domainname .caas.gov.sg wss://.domainname wss://.caas.gov.sg data: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' .domainname .caas.gov.sg wss://.domainname wss://.caas.gov.sg 'unsafe-eval' 'unsafe-inline'; frame-ancestors 'self' .domainname .caas.gov.sg wss://.domainname wss://.caas.gov.sg
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

atfm.caas.gov.sg
sso.caas.gov.sg
2606:4f00::22:50
2606:4f00::22:64
1cd1769a899ea4dd16da89e7a10db29a519bd817e094f058bade93b1e4d5aeb0
389467456642d365b4bc2de1b790e1eb9693bd6652dccd71ed47b2fd0dae4051
47dcf1f1a8f1afd68297a294a263849069a7a62b2e86550241416c2cc56c5676
7685c43289acf173eee8f2234ee18873700fd0c0c80b69fbebbc6f62a19969e3
96fc1550d5efd0ecea64d920e2afb1f0ebcb5822ddb8d0e8ea9a51c202fa75cd
a3ef636871f176725baefd15d4c77539418679740a8e1f4b154b7f3d4f8d507d
a89f42c8b949e03341deb7bda47b5d95fa6757cf5a7881de368e469438c84522
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b00ac51a37b3f210f6811ba1017c809822266c5023875a18edb17f46f66edd8c
b83f8935797521f5b249c5de3db4d73e1d14c15aa9c7b78065b598db18a2d4bc
cde33bb261d0910220ae169cca67aaf3ea3e8a9e9f0ba4d2a55704157fa05b17
f35f256d8c7d16404ab0698baeb97b200e278eaf9859a7cb86e402989a9dedb9

sso.caas.gov.sg Open in urlscan Pro 2606:4f00::22:64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

100 %IPv6

1 Domains

2 Subdomains

2 IPs

1 Countries

363 kBTransfer

620 kBSize

5 Cookies

8 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

sso.caas.gov.sg Open in urlscan Pro
2606:4f00::22:64 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

363 kB
Transfer

620 kB
Size

5
Cookies

13 HTTP transactions
0 data transactions