urlscan.io logo urlscan.io
SecurityTrails logo

www.testsso.divoy.org Open in urlscan Pro
93.90.146.110  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.testsso.divoy.org/
Submission: On March 20 via automatic, source certstream-suspicious — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 4 HTTP transactions. The main IP is 93.90.146.110, located in Sweden and belongs to NET-BINERO-STHLM1, SE. The main domain is www.testsso.divoy.org.
TLS certificate: Issued by R3 on January 19th 2023. Valid for: 3 months.
This is the only time www.testsso.divoy.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 93.90.146.110 35041 (NET-BINER...)
1 69.16.175.42 20446 (STACKPATH...)
2 213.189.165.92 12392 (ASBRUTELE...)
4 3
Apex Domain
Subdomains		 Transfer
2 cap300.be
128.cap300.be
6 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 686
29 KB
1 divoy.org
www.testsso.divoy.org
3 KB
4 3
Domain Requested by
2 128.cap300.be www.testsso.divoy.org
128.cap300.be
1 code.jquery.com www.testsso.divoy.org
1 www.testsso.divoy.org
4 3

This site contains no links.

Subject Issuer Validity Valid
testsso.divoy.org
R3		 2023-01-19 -
2023-04-19		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
128.cap300.be
R3		 2023-02-26 -
2023-05-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.testsso.divoy.org/
Frame ID: C2A3E096BC15DD1219182C0B7CD33599
Requests: 3 HTTP requests in this frame

Frame: https://128.cap300.be/webman/sso/SSOOauth.cgi?app_id=c9e9d7eceb20fa3d8f6dd58073138a44&scope=user_id&redirect_uri=https%3A%2F%2F128.cap300.be&synossoJSSDK=true&synossoJSSDKQuery=true&state=0bk2xceur4&inframe_id=99nw3y0d68
Frame ID: D311D24DC449EC6A9C870DE53801D303
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Test SSO

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

38 kB
Transfer

90 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.testsso.divoy.org/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.testsso.divoy.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
93.90.146.110 , Sweden, ASN35041 (NET-BINERO-STHLM1, SE),
Reverse DNS
ser-apache-10.servage.net
Software
Apache /
Resource Hash
d7cc5dc4a7de0d7ec90b73431ae294c4c3205a48d2d04d1c6fd8973493088e17

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

accept-ranges
bytes
content-length
2490
content-type
text/html
date
Mon, 20 Mar 2023 16:58:29 GMT
etag
"e924da05f-9ba-5d9c8c8f8fa00"
last-modified
Wed, 09 Mar 2022 13:07:52 GMT
server
Apache
jquery-2.1.1.min.js
code.jquery.com/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.1.1.min.js
Requested by
Host: www.testsso.divoy.org
URL: https://www.testsso.divoy.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.testsso.divoy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 16:58:29 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14915"
vary
Accept-Encoding
x-hw
1679331509.dop026.sk1.t,1679331509.cds202.sk1.hn,1679331509.cds262.sk1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29482
synoSSO-1.0.0.js
128.cap300.be/webman/sso/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://128.cap300.be/webman/sso/synoSSO-1.0.0.js
Requested by
Host: www.testsso.divoy.org
URL: https://www.testsso.divoy.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.189.165.92 Brussels, Belgium, ASN12392 (ASBRUTELE VOO, BE),
Reverse DNS
host-213-189-165-92.dynamic.voo.be
Software
nginx /
Resource Hash
89f5cb8fd5a1648b36d6c80488b8e605baa82c982aef01a537cf4287f940bf5d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.testsso.divoy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 16:58:29 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
last-modified
Wed, 08 Mar 2023 16:29:45 GMT
server
nginx
etag
"6408b7f9-1094"
content-type
application/javascript
accept-ranges
bytes
content-length
4244
SSOOauth.cgi
128.cap300.be/webman/sso/ Frame D311 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://128.cap300.be/webman/sso/SSOOauth.cgi?app_id=c9e9d7eceb20fa3d8f6dd58073138a44&scope=user_id&redirect_uri=https%3A%2F%2F128.cap300.be&synossoJSSDK=true&synossoJSSDKQuery=true&state=0bk2xceur4&inframe_id=99nw3y0d68
Requested by
Host: 128.cap300.be
URL: https://128.cap300.be/webman/sso/synoSSO-1.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.189.165.92 Brussels, Belgium, ASN12392 (ASBRUTELE VOO, BE),
Reverse DNS
host-213-189-165-92.dynamic.voo.be
Software
nginx /
Resource Hash
9ed00a641f2ffe2176da3cdea3c940437237766177b8425beaf71d5a4f17a8c2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.testsso.divoy.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

content-type
text/html; charset="UTF-8"
date
Mon, 20 Mar 2023 16:58:32 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery object| SYNOSSO function| synoSSO function| authCallback

0 Cookies

1 Console Messages

Source Level URL
Text
security error URL: https://128.cap300.be/webman/sso/SSOOauth.cgi?app_id=c9e9d7eceb20fa3d8f6dd58073138a44&scope=user_id&redirect_uri=https%3A%2F%2F128.cap300.be&synossoJSSDK=true&synossoJSSDKQuery=true&state=0bk2xceur4&inframe_id=99nw3y0d68(Line 34)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://128.cap300.be') does not match the recipient window's origin ('https://www.testsso.divoy.org').