app.command.cysiv.com Open in urlscan Pro
35.244.214.119  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response app.command.cysiv.com/	985 B 2 KB	451ms 147ms	Document text/html	35.244.214.119 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app.command.cysiv.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.214.119 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 119.214.244.35.bc.googleusercontent.com Software istio-envoy / Resource Hash dc75fb653dd99acd2e1b812336a848b97e39211f0b103b949a9b40d75d99a12a Security Headers Name Value Content-Security-Policy connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com https://*.command.cysiv.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob: https://*.command.cysiv.com https://command.cysiv.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data: blob:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/ https://content.app.command.cysiv.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob: Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=0 content-length 985 content-security-policy connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com https://*.command.cysiv.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob: https://*.command.cysiv.com https://command.cysiv.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data: blob:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/ https://content.app.command.cysiv.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob: content-type text/html; charset=UTF-8 date Fri, 30 Sep 2022 04:59:05 GMT etag W/"3d9-183332dbcb8" last-modified Mon, 12 Sep 2022 19:29:39 GMT referrer-policy no-referrer-when-downgrade server istio-envoy strict-transport-security max-age=15552000; includeSubDomains vary Accept-Encoding via 1.1 google x-content-type-options nosniff x-correlation-id 9ec3e07b-6f76-47e9-8e31-dbe1831ea791 x-dns-prefetch-control off x-download-options noopen x-envoy-upstream-service-time 10 x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	question.mark.svg app.command.cysiv.com/	1 KB 888 B	143ms 140ms	Image image/svg+xml	35.244.214.119 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://app.command.cysiv.com/question.mark.svg Requested by Host: app.command.cysiv.com URL: https://app.command.cysiv.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.214.119 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 119.214.244.35.bc.googleusercontent.com Software istio-envoy / Resource Hash 33d7a6d050c9c6781de649a469f5b8b7ecc4d50aed99f0ec5d46db7f82ff1937 Security Headers Name Value Content-Security-Policy connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com https://*.command.cysiv.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob: https://*.command.cysiv.com https://command.cysiv.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data: blob:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/ https://content.app.command.cysiv.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob: Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://app.command.cysiv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains x-correlation-id 4dfdc25d-b450-441e-8089-996326e375e3 x-content-type-options nosniff content-security-policy connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com https://*.command.cysiv.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob: https://*.command.cysiv.com https://command.cysiv.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data: blob:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/ https://content.app.command.cysiv.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob: content-encoding gzip date Fri, 30 Sep 2022 04:59:05 GMT via 1.1 google x-dns-prefetch-control off x-envoy-upstream-service-time 6 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Sep 2022 19:29:39 GMT server istio-envoy etag W/"582-183332dbcb8" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes
GET H2	200	lock.min.js Show response app.command.cysiv.com/	770 KB 213 KB	148ms 147ms	Script application/javascript	35.244.214.119 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app.command.cysiv.com/lock.min.js Requested by Host: app.command.cysiv.com URL: https://app.command.cysiv.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.214.119 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 119.214.244.35.bc.googleusercontent.com Software istio-envoy / Resource Hash e2fcb2cb455aeb3b3fd58d4798f7235eca9d03ab031099bbd473db576f4e3b92 Security Headers Name Value Content-Security-Policy connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com https://*.command.cysiv.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob: https://*.command.cysiv.com https://command.cysiv.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data: blob:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/ https://content.app.command.cysiv.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob: Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://app.command.cysiv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains x-correlation-id 0386d8a0-7fa2-496a-9f62-66732be86484 x-content-type-options nosniff content-security-policy connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com https://*.command.cysiv.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob: https://*.command.cysiv.com https://command.cysiv.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data: blob:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/ https://content.app.command.cysiv.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob: content-encoding gzip date Fri, 30 Sep 2022 04:59:05 GMT via 1.1 google x-dns-prefetch-control off x-envoy-upstream-service-time 8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Sep 2022 19:29:39 GMT server istio-envoy etag W/"c0630-183332dbcb8" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes
GET H2	200	helpers.js Show response app.command.cysiv.com/	575 B 700 B	156ms 151ms	Script application/javascript	35.244.214.119 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app.command.cysiv.com/helpers.js Requested by Host: app.command.cysiv.com URL: https://app.command.cysiv.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.214.119 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 119.214.244.35.bc.googleusercontent.com Software istio-envoy / Resource Hash 61daa74e0eb0a1eeb3222afea391b35493a10469fd3ff9f3b3f97d969b83f0d7 Security Headers Name Value Content-Security-Policy connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com https://*.command.cysiv.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob: https://*.command.cysiv.com https://command.cysiv.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data: blob:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/ https://content.app.command.cysiv.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob: Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://app.command.cysiv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains x-correlation-id a8b69d68-eea7-42eb-9cd5-d59217da74aa x-content-type-options nosniff content-security-policy connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com https://*.command.cysiv.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob: https://*.command.cysiv.com https://command.cysiv.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data: blob:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/ https://content.app.command.cysiv.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob: via 1.1 google date Fri, 30 Sep 2022 04:59:05 GMT x-dns-prefetch-control off x-envoy-upstream-service-time 12 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 575 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Sep 2022 19:29:39 GMT server istio-envoy etag W/"23f-183332dbcb8" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes
GET H2	200	loginConfig.js Show response app.command.cysiv.com/	161 B 317 B	155ms 151ms	Script text/javascript	35.244.214.119 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app.command.cysiv.com/loginConfig.js Requested by Host: app.command.cysiv.com URL: https://app.command.cysiv.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.214.119 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 119.214.244.35.bc.googleusercontent.com Software istio-envoy / Resource Hash 6a64345eb5d7e5f88f0e47030fcf4df1bc74ee63b37bda34ebcd2b70f5847849 Security Headers Name Value Content-Security-Policy connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com https://*.command.cysiv.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob: https://*.command.cysiv.com https://command.cysiv.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data: blob:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/ https://content.app.command.cysiv.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob: Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://app.command.cysiv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains x-correlation-id 46612de4-ebb0-4527-b79a-f7fcb583aa89 x-content-type-options nosniff content-security-policy connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com https://*.command.cysiv.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob: https://*.command.cysiv.com https://command.cysiv.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data: blob:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/ https://content.app.command.cysiv.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob: via 1.1 google date Fri, 30 Sep 2022 04:59:05 GMT x-dns-prefetch-control off x-envoy-upstream-service-time 9 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 161 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade server istio-envoy etag W/"a1-2Ygz8roJEk4fBfgCXCwrtEJxarY" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	login.js Show response app.command.cysiv.com/	4 KB 2 KB	155ms 152ms	Script application/javascript	35.244.214.119 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app.command.cysiv.com/login.js Requested by Host: app.command.cysiv.com URL: https://app.command.cysiv.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.214.119 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 119.214.244.35.bc.googleusercontent.com Software istio-envoy / Resource Hash b30a34450193cba97c2d7ff97bf8cf85a4774ed483ac6c67e5ae558c25ada84e Security Headers Name Value Content-Security-Policy connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com https://*.command.cysiv.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob: https://*.command.cysiv.com https://command.cysiv.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data: blob:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/ https://content.app.command.cysiv.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob: Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://app.command.cysiv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains x-correlation-id 50e256f8-7caf-46bd-8f97-fcb8d5447b7b x-content-type-options nosniff content-security-policy connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com https://*.command.cysiv.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob: https://*.command.cysiv.com https://command.cysiv.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data: blob:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/ https://content.app.command.cysiv.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob: content-encoding gzip date Fri, 30 Sep 2022 04:59:05 GMT via 1.1 google x-dns-prefetch-control off x-envoy-upstream-service-time 13 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Sep 2022 19:29:39 GMT server istio-envoy etag W/"11e4-183332dbcb8" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes
GET H2	200	auth-override.css app.command.cysiv.com/css/	9 KB 2 KB	152ms 150ms	Stylesheet text/css	35.244.214.119 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app.command.cysiv.com/css/auth-override.css Requested by Host: app.command.cysiv.com URL: https://app.command.cysiv.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.214.119 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 119.214.244.35.bc.googleusercontent.com Software istio-envoy / Resource Hash c8cf2b9c23d21a10dd6773ac8cbfff6ae53d2131d5f6c0bdf7286e40d2fb1947 Security Headers Name Value Content-Security-Policy connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com https://*.command.cysiv.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob: https://*.command.cysiv.com https://command.cysiv.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data: blob:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/ https://content.app.command.cysiv.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob: Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://app.command.cysiv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains x-correlation-id 7d3ca84d-fc71-4af4-aa66-8f8f8b03deef x-content-type-options nosniff content-security-policy connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com https://*.command.cysiv.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob: https://*.command.cysiv.com https://command.cysiv.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data: blob:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/ https://content.app.command.cysiv.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob: content-encoding gzip date Fri, 30 Sep 2022 04:59:05 GMT via 1.1 google x-dns-prefetch-control off x-envoy-upstream-service-time 5 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Sep 2022 19:29:39 GMT server istio-envoy etag W/"228e-183332dbcb8" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes
GET H3	200	cysiv_aForescoutCompany.svg app.command.cysiv.com/images/	6 KB 2 KB	147ms 147ms	Image image/svg+xml	35.244.214.119 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://app.command.cysiv.com/images/cysiv_aForescoutCompany.svg Requested by Host: app.command.cysiv.com URL: https://app.command.cysiv.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.214.119 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 119.214.244.35.bc.googleusercontent.com Software istio-envoy / Resource Hash 8713a308ef3a428093d64a1a918511f4459c65d110ba5ca479b833372cb93922 Security Headers Name Value Content-Security-Policy connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com https://*.command.cysiv.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob: https://*.command.cysiv.com https://command.cysiv.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data: blob:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/ https://content.app.command.cysiv.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob: Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://app.command.cysiv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains x-correlation-id 551b393d-1d73-4261-88cb-4e83675ec613 x-content-type-options nosniff content-security-policy connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com https://*.command.cysiv.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob: https://*.command.cysiv.com https://command.cysiv.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data: blob:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/ https://content.app.command.cysiv.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob: content-encoding gzip date Fri, 30 Sep 2022 04:59:05 GMT via 1.1 google x-dns-prefetch-control off x-envoy-upstream-service-time 8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Sep 2022 19:29:39 GMT server istio-envoy etag W/"173e-183332dbcb8" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes
GET H2	200	YVA8JDEgPusu23vbKR13w3ja0BiE9nXB.js Show response cdn.auth0.com/client/	2 KB 1 KB	333ms 279ms	Script application/x-javascript	13.32.105.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.auth0.com/client/YVA8JDEgPusu23vbKR13w3ja0BiE9nXB.js?t1664513945815 Requested by Host: app.command.cysiv.com URL: https://app.command.cysiv.com/lock.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.105.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-105-49.fra60.r.cloudfront.net Software cloudflare / Resource Hash 1e8360cb45c7183d5165e2c75b9f9504160730e395ba62da0d616ce36e8aa1ea Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://app.command.cysiv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Fri, 30 Sep 2022 04:59:06 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff cf-cache-status EXPIRED tracestate auth0-request-id=752a6321da3d9bd7 x-auth0-requestid 67e694bf2592d1f6b837 content-encoding gzip x-amz-cf-pop FRA60-P1 via 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront) x-cache Miss from cloudfront server cloudflare ot-tracer-sampled true traceparent 00-13bac2911c85d013-00000000000000005d1a5add06a0f1da-01 etag W/"620-GSHmEBtTx7EThPMEk526ZjgCkF0" ot-tracer-traceid 5d1a5add06a0f1da vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=60, stale-while-revalidate=60, stale-if-error=86400 ot-baggage-auth0-request-id 752a6321da3d9bd7 cf-ray 752a6321da3d9bd7-FRA x-amz-cf-id _T5_akuPYbmJupgnJFZS_GPZmuxYSrp3Az3Jm7UAMxmn62bMzC9O0Q== ot-tracer-spanid 13bac2911c85d013
GET H2	200	authorize Show response serapis-prod.auth0.com/ Frame B003	1 KB 1 KB	310ms 252ms	Document text/html	2606:4700::6810:b9f8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://serapis-prod.auth0.com/authorize?client_id=YVA8JDEgPusu23vbKR13w3ja0BiE9nXB&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fapp.command.cysiv.com%2Fauth&scope=openid%20profile%20email&state=qJAnVXKI13i3Gf2xt89I1qFyf~C2DGt4&nonce=X9-IkbfXphQVYiyfjUgy9FLhdEMJyn9F&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoibG9jay5qcyIsInZlcnNpb24iOiIxMS4xNC4xIiwibGliX3ZlcnNpb24iOnsicmF3IjoiOS4xMC4xIn19 Requested by Host: app.command.cysiv.com URL: https://app.command.cysiv.com/lock.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:b9f8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 643bfaa6a48ac27e3430a40923d234713b5995911d1806b7e0f62eb4fa67ffd9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://app.command.cysiv.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, no-store cf-cache-status DYNAMIC cf-ray 752a63242fec6921-FRA content-encoding br content-type text/html;charset=UTF-8 date Fri, 30 Sep 2022 04:59:06 GMT ot-baggage-auth0-request-id 752a63242fec6921 ot-tracer-sampled true ot-tracer-spanid 3464684400128f83 ot-tracer-traceid 1cc3929f0a31951f pragma no-cache server cloudflare strict-transport-security max-age=31536000 traceparent 00-3464684400128f83-00000000000000001cc3929f0a31951f-01 tracestate auth0-request-id=752a63242fec6921,auth0=true vary Accept-Encoding x-auth0-requestid a5be4f7773706f40c02c x-content-type-options nosniff x-ratelimit-limit 300 x-ratelimit-remaining 299 x-ratelimit-reset 1664513947
GET DATA	200 OK	truncated /	343 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 929f48f88c8ca7f3f5d294be47ec4caf51acc28ac25340c19a903125d7ecd84a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 78f991561757f77208f4502582e9217ce716e6d6504ef8dd1386157636b4718f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Content-Type image/svg+xml

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| Auth0 function| Auth0Lock function| Auth0LockPasswordless function| subdivideQueryValues function| isJSON

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.command.cysiv.com/	1969-12-31 23:59:59	Name: _csrf Value: uouj4b8NTWFEAInwo0ShHp8h
			serapis-prod.auth0.com/	1970-01-20 15:07:51	Name: did Value: s%3Av0%3A9c7e03e0-407c-11ed-be97-b969229390d5.2I456QbMyPdMx62RRZ0iZAl2%2FsHd3SIehjcHsD2yzTc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com https://*.command.cysiv.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob: https://*.command.cysiv.com https://command.cysiv.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data: blob:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/ https://content.app.command.cysiv.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.command.cysiv.com
cdn.auth0.com
serapis-prod.auth0.com
13.32.105.49
2606:4700::6810:b9f8
35.244.214.119
1e8360cb45c7183d5165e2c75b9f9504160730e395ba62da0d616ce36e8aa1ea
33d7a6d050c9c6781de649a469f5b8b7ecc4d50aed99f0ec5d46db7f82ff1937
61daa74e0eb0a1eeb3222afea391b35493a10469fd3ff9f3b3f97d969b83f0d7
643bfaa6a48ac27e3430a40923d234713b5995911d1806b7e0f62eb4fa67ffd9
6a64345eb5d7e5f88f0e47030fcf4df1bc74ee63b37bda34ebcd2b70f5847849
78f991561757f77208f4502582e9217ce716e6d6504ef8dd1386157636b4718f
8713a308ef3a428093d64a1a918511f4459c65d110ba5ca479b833372cb93922
929f48f88c8ca7f3f5d294be47ec4caf51acc28ac25340c19a903125d7ecd84a
b30a34450193cba97c2d7ff97bf8cf85a4774ed483ac6c67e5ae558c25ada84e
c8cf2b9c23d21a10dd6773ac8cbfff6ae53d2131d5f6c0bdf7286e40d2fb1947
dc75fb653dd99acd2e1b812336a848b97e39211f0b103b949a9b40d75d99a12a
e2fcb2cb455aeb3b3fd58d4798f7235eca9d03ab031099bbd473db576f4e3b92