urlscan.io logo urlscan.io
SecurityTrails logo

auth.identityscience.ai Open in urlscan Pro
18.66.147.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://baea9a8fd6-is.blueflagsecurity.com/
Effective URL: https://auth.identityscience.ai/realms/baea9a8fd6f1f388b973813a32f37ab6/protocol/openid-connect/auth?client_id=baea9a8fd6f1f388b...
Submission: On March 20 via automatic, source certstream-suspicious — Scanned from IS
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 18.66.147.2, located in United States and belongs to AMAZON-02, US. The main domain is auth.identityscience.ai.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 18th 2024. Valid for: a year.
This is the only time auth.identityscience.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 13.32.121.13 16509 (AMAZON-02)
3 142.250.185.138 15169 (GOOGLE)
2 18.66.147.2 16509 (AMAZON-02)
1 13.32.121.96 16509 (AMAZON-02)
2 13.33.187.79 16509 (AMAZON-02)
12 6
3    13.32.121.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-13.fra60.r.cloudfront.net
baea9a8fd6-is.blueflagsecurity.com
3    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
fonts.googleapis.com
2    18.66.147.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-2.fra60.r.cloudfront.net
auth.identityscience.ai
1    13.32.121.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-96.fra60.r.cloudfront.net
baea9a8fd6-is.identityscience.ai
2    13.33.187.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-79.fra60.r.cloudfront.net
cdn.identityscience.ai
Domain Requested by
3 fonts.googleapis.com baea9a8fd6-is.blueflagsecurity.com
3 baea9a8fd6-is.blueflagsecurity.com baea9a8fd6-is.blueflagsecurity.com
2 cdn.identityscience.ai auth.identityscience.ai
2 auth.identityscience.ai baea9a8fd6-is.blueflagsecurity.com
auth.identityscience.ai
1 baea9a8fd6-is.identityscience.ai baea9a8fd6-is.blueflagsecurity.com
12 5

This site contains no links.

Subject Issuer Validity Valid
baea9a8fd6-is.identityscience.ai
Amazon RSA 2048 M03		 2024-03-20 -
2025-04-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
auth.identityscience.ai
Amazon RSA 2048 M02		 2024-03-18 -
2025-04-16		 a year crt.sh
cdn.identityscience.ai
Amazon RSA 2048 M02		 2023-11-28 -
2024-12-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://auth.identityscience.ai/realms/baea9a8fd6f1f388b973813a32f37ab6/protocol/openid-connect/auth?client_id=baea9a8fd6f1f388b973813a32f37ab6-id&redirect_uri=https%3A%2F%2Fbaea9a8fd6-is.blueflagsecurity.com%2F&state=4a61e384-00f3-432e-a6ad-bc2b05b6a877&response_mode=fragment&response_type=code&scope=openid&nonce=b6d7c2bb-a9e3-423a-a912-38f4eb071144&code_challenge=dk_J1w-1gdgnCfWg6bT8B0Gas2DZMLUs-5VZbcneWt8&code_challenge_method=S256
Frame ID: A07039532835679ADC81BF63CAB8D9C7
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to Viralnation

Page URL History Show full URLs

  1. https://baea9a8fd6-is.blueflagsecurity.com/ Page URL
  2. https://auth.identityscience.ai/realms/baea9a8fd6f1f388b973813a32f37ab6/protocol/openid-connect/auth?client_... Page URL

Page Statistics

12
Requests

92 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

6
IPs

1
Countries

2635 kB
Transfer

6399 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://baea9a8fd6-is.blueflagsecurity.com/ Page URL
  2. https://auth.identityscience.ai/realms/baea9a8fd6f1f388b973813a32f37ab6/protocol/openid-connect/auth?client_id=baea9a8fd6f1f388b973813a32f37ab6-id&redirect_uri=https%3A%2F%2Fbaea9a8fd6-is.blueflagsecurity.com%2F&state=4a61e384-00f3-432e-a6ad-bc2b05b6a877&response_mode=fragment&response_type=code&scope=openid&nonce=b6d7c2bb-a9e3-423a-a912-38f4eb071144&code_challenge=dk_J1w-1gdgnCfWg6bT8B0Gas2DZMLUs-5VZbcneWt8&code_challenge_method=S256 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
baea9a8fd6-is.blueflagsecurity.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://baea9a8fd6-is.blueflagsecurity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-13.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c68a9ce58df72b0723d820e2f199b6340834acfb873bd087a232930f2444f0c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

age
184
content-encoding
gzip
content-type
text/html
date
Wed, 20 Mar 2024 20:21:16 GMT
etag
W/"f48ebee88556270b2232f05503acd751"
last-modified
Thu, 14 Mar 2024 04:19:12 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-amz-cf-id
JMDH82mUROtP7hv2PwzKzXpnjiqZR4iob-uTw7Myn-HZxTY64q1zLg==
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
9MuxSSvMCHyxTPocA_5kfJ0uAx9L580x
x-cache
Hit from cloudfront
css2
fonts.googleapis.com/ 		6 KB
1012 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;1,600;1,700&display=swap
Requested by
Host: baea9a8fd6-is.blueflagsecurity.com
URL: https://baea9a8fd6-is.blueflagsecurity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
9f69d3d5ecf1298b0fe302701ab5a16ed7c030db50d69ef8720b0e722fcb673b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://baea9a8fd6-is.blueflagsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Mar 2024 20:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Mar 2024 20:24:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Mar 2024 20:24:20 GMT
css2
fonts.googleapis.com/ 		30 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;1,100;1,200;1,300;1,400&display=swap
Requested by
Host: baea9a8fd6-is.blueflagsecurity.com
URL: https://baea9a8fd6-is.blueflagsecurity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
a5e26bd9d7315d7941c5b395640f07c7a5c4f77370e62e6925c29fb75234b487
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://baea9a8fd6-is.blueflagsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Mar 2024 20:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Mar 2024 20:24:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Mar 2024 20:24:20 GMT
css2
fonts.googleapis.com/ 		40 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Roboto+Mono:ital,wght@0,100;0,200;0,300;0,400;1,100;1,200;1,300;1,400&display=swap
Requested by
Host: baea9a8fd6-is.blueflagsecurity.com
URL: https://baea9a8fd6-is.blueflagsecurity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
1784fdd37fec52fbb26dc99b20c19e487f133480231405138a33081785c8fa23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://baea9a8fd6-is.blueflagsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Mar 2024 20:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Mar 2024 20:24:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Mar 2024 20:24:20 GMT
main.188e8f2c.js
baea9a8fd6-is.blueflagsecurity.com/static/js/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://baea9a8fd6-is.blueflagsecurity.com/static/js/main.188e8f2c.js
Requested by
Host: baea9a8fd6-is.blueflagsecurity.com
URL: https://baea9a8fd6-is.blueflagsecurity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-13.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
263c08f91478c3a2ba752b8f3d802c0ab8fc1038628e5e9762bab757df1a954d

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://baea9a8fd6-is.blueflagsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 20:21:46 GMT
x-amz-version-id
P8oGAtswS6VkGSu_qIaWgPYW1AT6g.vM
content-encoding
br
last-modified
Thu, 14 Mar 2024 04:19:16 GMT
server
AmazonS3
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"b2a6be60b3f7c298a28c4782e7a5fde6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
age
155
x-amz-cf-id
DYO41gCKtV-n81UsSAg1CoMclOT-x2UMTMPC4bq8sLooIxrwzt4ytw==
main.0c841761.css
baea9a8fd6-is.blueflagsecurity.com/static/css/ 		44 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://baea9a8fd6-is.blueflagsecurity.com/static/css/main.0c841761.css
Requested by
Host: baea9a8fd6-is.blueflagsecurity.com
URL: https://baea9a8fd6-is.blueflagsecurity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-13.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bef4619d765c1aed6a21193b6e92947fd9a56097c3f68d8f40f01604419f14ed

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://baea9a8fd6-is.blueflagsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 20:24:21 GMT
x-amz-version-id
Olw7VPBp2MHEZRa.xt.7GqS0u_FgYjHP
content-encoding
br
last-modified
Thu, 14 Mar 2024 04:19:13 GMT
server
AmazonS3
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"176e7d81ed776d16ffb0fe868b5d5306"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
text/css
x-amz-cf-id
2TnScciu_RClQO6wGJpY6u_L3vOHY4ps3VRON3XCqflm7mS9g8ENOA==
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
is-IS,is;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/webp
Primary Request auth
auth.identityscience.ai/realms/baea9a8fd6f1f388b973813a32f37ab6/protocol/openid-connect/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.identityscience.ai/realms/baea9a8fd6f1f388b973813a32f37ab6/protocol/openid-connect/auth?client_id=baea9a8fd6f1f388b973813a32f37ab6-id&redirect_uri=https%3A%2F%2Fbaea9a8fd6-is.blueflagsecurity.com%2F&state=4a61e384-00f3-432e-a6ad-bc2b05b6a877&response_mode=fragment&response_type=code&scope=openid&nonce=b6d7c2bb-a9e3-423a-a912-38f4eb071144&code_challenge=dk_J1w-1gdgnCfWg6bT8B0Gas2DZMLUs-5VZbcneWt8&code_challenge_method=S256
Requested by
Host: baea9a8fd6-is.blueflagsecurity.com
URL: https://baea9a8fd6-is.blueflagsecurity.com/static/js/main.188e8f2c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-2.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
4b8a992a3aa69462106963bd61ab248db4c075e9c5b646ed85ee6585bb315d68
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://baea9a8fd6-is.blueflagsecurity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-language
en
content-length
1613
content-security-policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Wed, 20 Mar 2024 20:24:21 GMT
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), unload=(), window-placement=(), vertical-scroll=()
pragma
no-cache
referrer-policy
no-referrer
server
CloudFront
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-id
3o2odqsGCqJN3GmNCJcDCOd05Z9gzAmopSZbXp8QYQ6-Cjf-c4MxnQ==
x-amz-cf-pop
FRA60-P4
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
none
x-xss-protection
1; mode=block
self
baea9a8fd6-is.identityscience.ai/api/users/ 		0
0
self
baea9a8fd6-is.identityscience.ai/api/users/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://baea9a8fd6-is.identityscience.ai/api/users/self
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-96.fra60.r.cloudfront.net
Software
uvicorn /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control
Access-Control-Request-Method
GET
Origin
https://baea9a8fd6-is.blueflagsecurity.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
cache-control
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://baea9a8fd6-is.blueflagsecurity.com
access-control-max-age
600
content-length
2
content-type
text/plain; charset=utf-8
date
Wed, 20 Mar 2024 20:24:21 GMT
server
uvicorn
vary
Origin
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
x-amz-cf-id
YzcMzm_cCn3PwZPXcc1WrfuMpdMkZb3frq4Mpj7nAFTmanil3NyF0A==
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
style.css
auth.identityscience.ai/resources/usrx8/login/idscience/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.identityscience.ai/resources/usrx8/login/idscience/css/style.css
Requested by
Host: auth.identityscience.ai
URL: https://auth.identityscience.ai/realms/baea9a8fd6f1f388b973813a32f37ab6/protocol/openid-connect/auth?client_id=baea9a8fd6f1f388b973813a32f37ab6-id&redirect_uri=https%3A%2F%2Fbaea9a8fd6-is.blueflagsecurity.com%2F&state=4a61e384-00f3-432e-a6ad-bc2b05b6a877&response_mode=fragment&response_type=code&scope=openid&nonce=b6d7c2bb-a9e3-423a-a912-38f4eb071144&code_challenge=dk_J1w-1gdgnCfWg6bT8B0Gas2DZMLUs-5VZbcneWt8&code_challenge_method=S256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-2.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
ab069ca6de62c19f5b3e68375f8d2158c39a48d4799aa77433a63659dad7dd5f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; frame-src 'self'; frame-ancestors 'self'; object-src 'none'; img-src 'self' https://cdn.identityscience.ai; script-src 'self' 'unsafe-inline' https://www.google.com; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 20:24:22 GMT
content-encoding
gzip
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self'; frame-src 'self'; frame-ancestors 'self'; object-src 'none'; img-src 'self' https://cdn.identityscience.ai; script-src 'self' 'unsafe-inline' https://www.google.com; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com;
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-length
1057
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
server
CloudFront
x-frame-options
SAMEORIGIN
vary
Origin
content-type
text/css
cache-control
no-cache, no-store, must-revalidate, max-age=0
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), unload=(), window-placement=(), vertical-scroll=()
x-amz-cf-id
JODWuOHqyKn4oLI7aA9gDl-BuTQtQRyVWOpwLH6hygJTcjGfsIFbZQ==
ellipse.png
cdn.identityscience.ai/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.identityscience.ai/images/ellipse.png
Requested by
Host: auth.identityscience.ai
URL: https://auth.identityscience.ai/resources/usrx8/login/idscience/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-79.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
2cde3be13747ad4bf92b328dcba25a3bd45c3a9e1050af8beaf530ce1e1ac0b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
is-IS,is;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
caWEAeEP2fGgxZhDY3D6GslAnWlwMozO
date
Wed, 20 Mar 2024 11:53:15 GMT
via
1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P9
age
30668
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1318092
last-modified
Wed, 03 May 2023 16:20:33 GMT
server
CloudFront
etag
"79db6727c6b49885e9c0054e74fb0649"
vary
Accept-Encoding, Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
uMF8ZATJfGfkK9iLZFkOD6HcceEcerOCklK7G7OlawrvWmumSQMMHw==
logo.svg
cdn.identityscience.ai/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.identityscience.ai/images/logo.svg
Requested by
Host: auth.identityscience.ai
URL: https://auth.identityscience.ai/resources/usrx8/login/idscience/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-79.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
b8be57059ff54e2ac367afa641943f7355c654b425eb10f824d694131d0cbc23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
is-IS,is;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
XjzdfifGmXQ8aRubc_y7tAUQuPNjyvpJ
content-encoding
gzip
via
1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
date
Wed, 20 Mar 2024 11:53:15 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P9
age
30668
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 03 May 2023 16:20:23 GMT
server
CloudFront
etag
W/"21491f3d48f6341cf7a92def00c051dd"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-amz-cf-id
1Wcy6jTL7nJkZj4kQSAtxnCENgt2DwM-1OosDopmLp9A42FAeAz_JQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
baea9a8fd6-is.identityscience.ai
URL
https://baea9a8fd6-is.identityscience.ai/api/users/self

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

16 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'speaker-selection'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'conversion-measurement'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'focus-without-user-activation'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'sync-script'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'trust-token-redemption'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vertical-scroll'.
network error URL: https://auth.identityscience.ai/realms/baea9a8fd6f1f388b973813a32f37ab6/protocol/openid-connect/auth?client_id=baea9a8fd6f1f388b973813a32f37ab6-id&redirect_uri=https%3A%2F%2Fbaea9a8fd6-is.blueflagsecurity.com%2F&state=4a61e384-00f3-432e-a6ad-bc2b05b6a877&response_mode=fragment&response_type=code&scope=openid&nonce=b6d7c2bb-a9e3-423a-a912-38f4eb071144&code_challenge=dk_J1w-1gdgnCfWg6bT8B0Gas2DZMLUs-5VZbcneWt8&code_challenge_method=S256
Message:
Failed to load resource: the server responded with a status of 400 ()