apply-qa.point.dev
Open in
urlscan Pro
54.157.82.93
Public Scan
Submission Tags: @phishunt_io
Submission: On July 02 via api from DE
Summary
TLS certificate: Issued by R3 on July 1st 2021. Valid for: 3 months.
This is the only time apply-qa.point.dev was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 54.157.82.93 54.157.82.93 | 14618 (AMAZON-AES) (AMAZON-AES) | |
5 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 65.9.84.142 65.9.84.142 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:827::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:831::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:829::200d | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80e::2003 | 15169 (GOOGLE) (GOOGLE) | |
18 | 9 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-82-93.compute-1.amazonaws.com
apply-qa.point.dev |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
cloudflare.com
cdnjs.cloudflare.com |
169 KB |
4 |
google.com
apis.google.com accounts.google.com |
68 KB |
3 |
gstatic.com
fonts.gstatic.com ssl.gstatic.com |
85 KB |
3 |
point.dev
apply-qa.point.dev |
17 KB |
1 |
googleapis.com
fonts.googleapis.com |
553 B |
1 |
cloudfront.net
d2wy8f7a9ursnm.cloudfront.net |
6 KB |
18 | 6 |
Domain | Requested by | |
---|---|---|
5 | cdnjs.cloudflare.com |
apply-qa.point.dev
|
3 | apply-qa.point.dev |
apply-qa.point.dev
|
2 | accounts.google.com |
apis.google.com
ssl.gstatic.com |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | apis.google.com |
apply-qa.point.dev
apis.google.com |
1 | ssl.gstatic.com |
accounts.google.com
|
1 | fonts.googleapis.com |
cdnjs.cloudflare.com
|
1 | d2wy8f7a9ursnm.cloudfront.net |
apply-qa.point.dev
|
18 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
apply-qa.point.dev R3 |
2021-07-01 - 2021-09-29 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
*.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
*.apis.google.com GTS CA 1C3 |
2021-06-07 - 2021-08-30 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-05-31 - 2021-08-23 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-06-07 - 2021-08-30 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2021-06-07 - 2021-08-30 |
3 months | crt.sh |
accounts.google.com GTS CA 1O1 |
2021-06-07 - 2021-08-30 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://apply-qa.point.dev/admin_users/sign_in
Frame ID: ECE22FEF1A3D827D1B67AA3F51970508
Requests: 15 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/iframe
Frame ID: CAE6EC0F24F314668968D7C40EB047B1
Requests: 3 HTTP requests in this frame
Screenshot
Detected technologies
Erlang (Programming Languages) ExpandDetected patterns
- headers server /^Cowboy$/i
Ruby (Programming Languages) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Cowboy (Web Frameworks) Expand
Detected patterns
- headers server /^Cowboy$/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Semantic-ui (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+semantic(?:\.min)\.css"/i
- script /\/semantic(?:-([\d.]+))?(?:\.min)?\.js/i
BugSnag (Analytics) Expand
Detected patterns
- script /\/bugsnag.*\.js/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Plus (Widgets) Expand
Detected patterns
- script /apis\.google\.com\/js\/[a-z]*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
sign_in
apply-qa.point.dev/admin_users/ |
7 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
semantic.min.css
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.2.11/ |
553 KB 72 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application-semantic-3ede4f08bbb9ae8a397385963fa2b0dad99c2d8c4dc6b06dea30ddf76ab91335.css
apply-qa.point.dev/assets/ |
2 KB 959 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bugsnag-3.min.js
d2wy8f7a9ursnm.cloudfront.net/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ |
84 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
semantic.min.js
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.2.11/ |
276 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dropzone.min.js
cdnjs.cloudflare.com/ajax/libs/dropzone/4.3.0/min/ |
33 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application-semantic-e2ef2a3aa92ae7f668d739158e8569d1c096f15d4f7b35259bd1c8671ff7fcd6.js
apply-qa.point.dev/assets/ |
33 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
apis.google.com/js/ |
54 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 553 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
2c2107a1-b708-414e-b6eb-9f62d10044b7
https://apply-qa.point.dev/ |
19 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ |
22 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ |
138 KB 46 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
accounts.google.com/o/oauth2/ Frame CAE6 |
513 B 922 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1716170664-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame CAE6 |
116 KB 40 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
iframerpc
accounts.google.com/o/oauth2/ Frame CAE6 |
15 B 59 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| Bugsnag function| $ function| jQuery function| Dropzone function| getImageOrientation function| JSONFormatter object| gapi object| ___jsl function| onSignIn function| performSignIn function| onFailure function| ask_otp object| osapi3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.google.com/ | Name: NID Value: 218=qCW5ojubbE1KyMuPz9dyL5eVjETpIQGrzgvtM1Z18RMz6l2UwQvP7UlKDkH_lxOeoOQuKbYnBTaEiiKgqZ8PE6WhNjQ-JDNhZXCpuWUImzvl_SDhh0klS8aiYe7XIxqq0oNh_8hccGqawx-rV4sJL3qFCVU-vzIIio-xVWayBu4 |
|
.apply-qa.point.dev/ | Name: G_ENABLED_IDPS Value: google |
|
apply-qa.point.dev/ | Name: _underwrite_session_id Value: 2085f10d84192a56d7c761ee8a0dbd0f |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; frame-src 'self' https://accounts.google.com https://content-sheets.googleapis.com https://s3.amazonaws.com/blob-store.point.com/ https://app.hellosign.com; img-src 'self' data: https://*.googleusercontent.com https://*.doubleclick.net https://maps.gstatic.com https://www.google-analytics.com https://point-com-assets.s3-us-west-2.amazonaws.com https://notify.bugsnag.com https://avatars.slack-edge.com https://*.slack.com https://s3.amazonaws.com/blob-store.point.com/; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://apis.google.com https://ssl.gstatic.com https://d2wy8f7a9ursnm.cloudfront.net https://www.google-analytics.com https://point-com-assets.s3-us-west-2.amazonaws.com https://maps.googleapis.com https://cdn.hellosign.com; connect-src 'self' https://www.google-analytics.com; style-src 'self' 'unsafe-inline' blob: https://cdnjs.cloudflare.com https://fonts.googleapis.com https://ssl.gstatic.com https://point-com-assets.s3-us-west-2.amazonaws.com; font-src 'self' data: https://cdnjs.cloudflare.com https://fonts.gstatic.com; media-src 'none' |
Strict-Transport-Security | max-age=15552000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
apis.google.com
apply-qa.point.dev
cdnjs.cloudflare.com
d2wy8f7a9ursnm.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ssl.gstatic.com
2606:4700::6810:125e
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:827::200e
2a00:1450:4001:829::200d
2a00:1450:4001:831::2003
54.157.82.93
65.9.84.142
02bfc0792607137745f4a91a7569037afef83eee2dde83866962522e71f81309
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
16864b3be81d2edf46c22f0ef1701b0b5328867e2528fbed325943de0f35accf
20568af44ab9b900de7d9f4d286cb26181af272d5ca6d1bb0789ae5483003643
2dc7ba03dc94c1c92328a99cf06b8830081e8c9753076d5d16865cd507021944
3ede4f08bbb9ae8a397385963fa2b0dad99c2d8c4dc6b06dea30ddf76ab91335
5a5ee7896804257dcf74f9fc941cc80c258ed45042604c6342285b4f895d3289
784ff11014aa533531052879008391fe05a873944c31fcb71fac0ec320e26a6d
790ddab5b5f3e0559a4881c9b53c7b52ec0f3529ef146cfe08fe354ad722acf2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
838f87ce5b6d162aa07ae0a7c779b7d3ca346a1b8167ed0247169159f48bd015
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
a35ecbe618c3de66c691f93131423caa726d5ed44b8fe2f5e1cdfe19e7cf381e
a7697c55e2f788bd49d0dc5c5db115b68c98482f956c46eb7b92876f3ab57eaf
af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c58c8c42d6eab58edaab935163b45d5efc13e5faf0c42558e885f2c6a234a6b0
e2ef2a3aa92ae7f668d739158e8569d1c096f15d4f7b35259bd1c8671ff7fcd6