ciamsso.sit1.ciam.vodafone.com Open in urlscan Pro
45.60.154.182 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://redflex.sit.vodafone.com/
Effective URL:
https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=fals...
Submission: On January 09 via automatic, source certstream-suspicious (January 9th 2024, 6:55:43 am UTC) — Scanned from IT

Summary HTTP 31 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 31 HTTP transactions. The main IP is 45.60.154.182, located in United States and belongs to INCAPSULA, US. The main domain is ciamsso.sit1.ciam.vodafone.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on January 3rd 2024. Valid for: 6 months.

This is the only time ciamsso.sit1.ciam.vodafone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	139.47.189.197 139.47.189.197	12663 (VODAFONE-...) (VODAFONE-GROUP)
1	151.101.193.175 151.101.193.175	54113 (FASTLY) (FASTLY)
1 17	45.60.154.182 45.60.154.182	19551 (INCAPSULA) (INCAPSULA)
31	4

14 139.47.189.197 (Italy) 1 redirects

ASN12663 (VODAFONE-GROUP, IT)

redflex.sit.vodafone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 45.60.154.182 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

ciamsso.sit1.ciam.vodafone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	vodafone.com 2 redirects redflex.sit.vodafone.com ciamsso.sit1.ciam.vodafone.com	7 MB
1	kampyle.com nebula-cdn.kampyle.com — Cisco Umbrella Rank: 6665	962 B
31	2

	Domain	Requested by
17	ciamsso.sit1.ciam.vodafone.com	1 redirects ciamsso.sit1.ciam.vodafone.com
14	redflex.sit.vodafone.com	1 redirects redflex.sit.vodafone.com
1	nebula-cdn.kampyle.com	redflex.sit.vodafone.com nebula-cdn.kampyle.com
31	3

This site contains links to these domains. Also see Links.

Domain
www.allaboutcookies.org
redflex.sit.vodafone.com
redflex.vodafone.com
www.vodafone.com

Subject Issuer	Validity	Valid
redflex.sit.vodafone.com DigiCert SHA2 Secure Server CA	`2023-01-31` - `2024-01-30`	a year	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-30` - `2024-09-30`	a year	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2024-01-03` - `2024-07-01`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b1b94cad-7af7-4709-ac9a-9fb048dc712e&relyingParty=red_flex_domain&type=samlsso&sp=BYOX-Redflex&isSaaSApp=false&authenticators=SAMLSSOAuthenticator%3AFedCustomerTest-PP%3Avfdev2%3ABP%3BMultiAttributeAuthenticator%3ALOCAL
Frame ID: 22E27DEF2251EEACA52832B6FF2C3132
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login Page

Page URL History Show full URLs

https://redflex.sit.vodafone.com/ HTTP 302
https://redflex.sit.vodafone.com/byox/index.html Page URL
https://redflex.sit.vodafone.com/byox/pub/rest/v1/credentials/login Page URL
https://ciamsso.sit1.ciam.vodafone.com/samlsso HTTP 302
https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=fa... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

97 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

7053 kB
Transfer

7672 kB
Size

8
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.allaboutcookies.org/
Title: www.allaboutcookies.org

Search URL Search Domain Scan URL

URL: https://redflex.sit.vodafone.com/
Title: .st0{fill:#E60000;}.st1{fill:#FFFFFF;}

Search URL Search Domain Scan URL

URL: https://redflex.vodafone.com/byox/termsandconditions
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://redflex.vodafone.com/byox/privacypolicy
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://www.vodafone.com/business/why-vodafone/about-us/global-enterprise
Title: Vodafone Global Enterprise

Search URL Search Domain Scan URL

URL: https://www.vodafone.com/business/carrier-services
Title: Vodafone Carrier Services

Search URL Search Domain Scan URL

URL: http://www.vodafone.com/business/cloud-and-hosting
Title: Vodafone Cloud and Hosting Services

Search URL Search Domain Scan URL

URL: http://www.vodafone.com/business/iot
Title: Internet of Things

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://redflex.sit.vodafone.com/ HTTP 302
https://redflex.sit.vodafone.com/byox/index.html Page URL
https://redflex.sit.vodafone.com/byox/pub/rest/v1/credentials/login Page URL
https://ciamsso.sit1.ciam.vodafone.com/samlsso HTTP 302
https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b1b94cad-7af7-4709-ac9a-9fb048dc712e&relyingParty=red_flex_domain&type=samlsso&sp=BYOX-Redflex&isSaaSApp=false&authenticators=SAMLSSOAuthenticator%3AFedCustomerTest-PP%3Avfdev2%3ABP%3BMultiAttributeAuthenticator%3ALOCAL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://redflex.sit.vodafone.com/ HTTP 302
https://redflex.sit.vodafone.com/byox/index.html

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

index.html Show response
redflex.sit.vodafone.com/byox/
Redirect Chain

https://redflex.sit.vodafone.com/
https://redflex.sit.vodafone.com/byox/index.html

1 KB
1 KB

54ms
53ms

Document
text/html

139.47.189.197
VODAFONE-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://redflex.sit.vodafone.com/byox/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.47.189.197 , Italy, ASN12663 (VODAFONE-GROUP, IT),

Reverse DNS

Software

Apache /

Resource Hash

cad7eb036f86387f0fd3fcf019cfb277f86f33bf6dd1d1d3b9ecc430bab8c7de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src ; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: Content-Type, Origin, Cache-Control
access-control-request-headers: Content-Type, Origin, Cache-control
content-length: 1301
content-security-policy: default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-type: text/html
date: Tue, 09 Jan 2024 06:55:38 GMT
last-modified: Fri, 27 Oct 2023 08:11:15 GMT
referrer-policy: strict-origin
server: Apache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-headers: Content-Type, Origin, Cache-Control
access-control-request-headers: Content-Type, Origin, Cache-control
content-length: 232
content-security-policy: default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-type: text/html; charset=iso-8859-1
date: Tue, 09 Jan 2024 06:55:38 GMT
location: https://redflex.sit.vodafone.com/byox/index.html
referrer-policy: strict-origin
server: Apache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 styles.fb567251545765810336.css
redflex.sit.vodafone.com/byox/ 242 KB
242 KB 87ms
86ms Stylesheet
text/css 139.47.189.197
VODAFONE-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://redflex.sit.vodafone.com/byox/styles.fb567251545765810336.css

Requested by

Host: redflex.sit.vodafone.com
URL: https://redflex.sit.vodafone.com/byox/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.47.189.197 , Italy, ASN12663 (VODAFONE-GROUP, IT),

Reverse DNS

Software

Apache /

Resource Hash

166505513aefcdaafa40949bdf0e04c7e20aaf69c6d0e71b2755d56796d1e22f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src ; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://redflex.sit.vodafone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Fri, 27 Oct 2023 08:11:15 GMT
server: Apache
date: Tue, 09 Jan 2024 06:55:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
access-control-allow-headers: Content-Type, Origin, Cache-Control
content-length: 247802
x-xss-protection: 1; mode=block
access-control-request-headers: Content-Type, Origin, Cache-control

GET
H2 200 embed.js Show response
nebula-cdn.kampyle.com/we/294138/onsite/ 1 KB
962 B 71ms
23ms Script
application/javascript 151.101.193.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/we/294138/onsite/embed.js

Requested by

Host: redflex.sit.vodafone.com
URL: https://redflex.sit.vodafone.com/byox/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

564c0589deab00543d444e29d456199254faedf0e4fea06a589568bba4484810

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://redflex.sit.vodafone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: cn7CITiyaPJQG.zBOwjTh6nOpnR_U_AI
content-encoding: gzip
via: 1.1 varnish
date: Tue, 09 Jan 2024 06:55:38 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: J0Q95G4WEH2E4JDW
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 518
x-amz-id-2: tIEGJS2667uHssoQ1r4d2kNr0z3D1XJuXSqAkqkQlSFo02A7rxVh5toZ5BA/8+64HugyxkBVBk8=
x-served-by: cache-fco2270028-FCO
last-modified: Sun, 31 Dec 2023 13:00:10 GMT
server: AmazonS3
x-timer: S1704783338.469682,VS0,VE0
etag: "f06e45a586ebe4e4ebfa5aae83912911"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 runtime.ec2944dd8b20ec099bf3.js Show response
redflex.sit.vodafone.com/byox/ 1 KB
1 KB 87ms
86ms Script
application/javascript 139.47.189.197
VODAFONE-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://redflex.sit.vodafone.com/byox/runtime.ec2944dd8b20ec099bf3.js

Requested by

Host: redflex.sit.vodafone.com
URL: https://redflex.sit.vodafone.com/byox/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.47.189.197 , Italy, ASN12663 (VODAFONE-GROUP, IT),

Reverse DNS

Software

Apache /

Resource Hash

eb3d5f2600910179bef8b0709214b7c721ea66e92ebb35bc282264beb2631eaf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src ; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://redflex.sit.vodafone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Fri, 27 Oct 2023 08:11:15 GMT
server: Apache
date: Tue, 09 Jan 2024 06:55:38 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
access-control-allow-headers: Content-Type, Origin, Cache-Control
content-length: 1440
x-xss-protection: 1; mode=block
access-control-request-headers: Content-Type, Origin, Cache-control

GET
H2 200 polyfills.11fff344eee0d661a165.js Show response
redflex.sit.vodafone.com/byox/ 149 KB
149 KB 186ms
186ms Script
application/javascript 139.47.189.197
VODAFONE-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://redflex.sit.vodafone.com/byox/polyfills.11fff344eee0d661a165.js

Requested by

Host: redflex.sit.vodafone.com
URL: https://redflex.sit.vodafone.com/byox/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.47.189.197 , Italy, ASN12663 (VODAFONE-GROUP, IT),

Reverse DNS

Software

Apache /

Resource Hash

a49f7581f9077aa601bb8caf3f045cdee84090834234684642f91a0b8a2bb303

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src ; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://redflex.sit.vodafone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Fri, 27 Oct 2023 08:11:15 GMT
server: Apache
date: Tue, 09 Jan 2024 06:55:38 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
access-control-allow-headers: Content-Type, Origin, Cache-Control
content-length: 152680
x-xss-protection: 1; mode=block
access-control-request-headers: Content-Type, Origin, Cache-control

GET
H2 200 main.958f654744e565e4ceb5.js Show response
redflex.sit.vodafone.com/byox/ 4 MB
4 MB 186ms
185ms Script
application/javascript 139.47.189.197
VODAFONE-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://redflex.sit.vodafone.com/byox/main.958f654744e565e4ceb5.js

Requested by

Host: redflex.sit.vodafone.com
URL: https://redflex.sit.vodafone.com/byox/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.47.189.197 , Italy, ASN12663 (VODAFONE-GROUP, IT),

Reverse DNS

Software

Apache /

Resource Hash

ade509884be9c062f4e9f14c11159b829fc469528bc9f23aa83ab57cd2574111

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src ; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://redflex.sit.vodafone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Fri, 27 Oct 2023 08:11:15 GMT
server: Apache
date: Tue, 09 Jan 2024 06:55:38 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
access-control-allow-headers: Content-Type, Origin, Cache-Control
content-length: 4410589
x-xss-protection: 1; mode=block
access-control-request-headers: Content-Type, Origin, Cache-control

GET
H2 200 en.json
redflex.sit.vodafone.com/byox/assets/i18n/ 130 KB
130 KB 55ms
54ms XHR
application/json 139.47.189.197
VODAFONE-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://redflex.sit.vodafone.com/byox/assets/i18n/en.json?timestamp=1704783338887

Requested by

Host: redflex.sit.vodafone.com
URL: https://redflex.sit.vodafone.com/byox/polyfills.11fff344eee0d661a165.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.47.189.197 , Italy, ASN12663 (VODAFONE-GROUP, IT),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src ; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store
Referer: https://redflex.sit.vodafone.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Fri, 27 Oct 2023 08:11:15 GMT
server: Apache
date: Tue, 09 Jan 2024 06:55:38 GMT
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
access-control-allow-headers: Content-Type, Origin, Cache-Control
content-length: 132716
x-xss-protection: 1; mode=block
access-control-request-headers: Content-Type, Origin, Cache-control

POST
H2 403 validation
redflex.sit.vodafone.com/byox/rest/v1/credentials/login/ 9 B
67 B 119ms
118ms XHR
text/html 139.47.189.197
VODAFONE-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://redflex.sit.vodafone.com/byox/rest/v1/credentials/login/validation

Requested by

Host: redflex.sit.vodafone.com
URL: https://redflex.sit.vodafone.com/byox/polyfills.11fff344eee0d661a165.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.47.189.197 , Italy, ASN12663 (VODAFONE-GROUP, IT),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src ; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://redflex.sit.vodafone.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
server: Apache
date: Tue, 09 Jan 2024 06:55:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: redflex.sit.vodafone.com
access-control-allow-headers: Content-Type, Origin, Cache-Control
content-length: 9
x-xss-protection: 1; mode=block
access-control-request-headers: Content-Type, Origin, Cache-control

GET
H2 200 vodafone-logo.png
redflex.sit.vodafone.com/byox/assets/ 3 KB
3 KB 53ms
53ms Image
image/png 139.47.189.197
VODAFONE-GROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redflex.sit.vodafone.com/byox/assets/vodafone-logo.png

Requested by

Host: redflex.sit.vodafone.com
URL: https://redflex.sit.vodafone.com/byox/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.47.189.197 , Italy, ASN12663 (VODAFONE-GROUP, IT),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src ; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://redflex.sit.vodafone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Fri, 27 Oct 2023 08:11:15 GMT
server: Apache
date: Tue, 09 Jan 2024 06:55:38 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
access-control-allow-headers: Content-Type, Origin, Cache-Control
content-length: 2825
x-xss-protection: 1; mode=block
access-control-request-headers: Content-Type, Origin, Cache-control

GET
H2 200 cancel_white.d17aeeeb800563f11c0a.svg
redflex.sit.vodafone.com/byox/ 687 B
737 B 54ms
53ms Image
image/svg+xml 139.47.189.197
VODAFONE-GROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redflex.sit.vodafone.com/byox/cancel_white.d17aeeeb800563f11c0a.svg

Requested by

Host: redflex.sit.vodafone.com
URL: https://redflex.sit.vodafone.com/byox/styles.fb567251545765810336.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.47.189.197 , Italy, ASN12663 (VODAFONE-GROUP, IT),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src ; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://redflex.sit.vodafone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Fri, 27 Oct 2023 08:11:15 GMT
server: Apache
date: Tue, 09 Jan 2024 06:55:38 GMT
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
access-control-allow-headers: Content-Type, Origin, Cache-Control
content-length: 687
x-xss-protection: 1; mode=block
access-control-request-headers: Content-Type, Origin, Cache-control

GET
H2 200 login-banner.6b073a7a75072be5715f.png
redflex.sit.vodafone.com/byox/ 2 MB
2 MB 54ms
54ms Image
image/png 139.47.189.197
VODAFONE-GROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redflex.sit.vodafone.com/byox/login-banner.6b073a7a75072be5715f.png

Requested by

Host: redflex.sit.vodafone.com
URL: https://redflex.sit.vodafone.com/byox/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.47.189.197 , Italy, ASN12663 (VODAFONE-GROUP, IT),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src ; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://redflex.sit.vodafone.com/byox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Fri, 27 Oct 2023 08:11:15 GMT
server: Apache
date: Tue, 09 Jan 2024 06:55:38 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
access-control-allow-headers: Content-Type, Origin, Cache-Control
content-length: 1594636
x-xss-protection: 1; mode=block
access-control-request-headers: Content-Type, Origin, Cache-control

GET
H2 200 Vodafone_Font_Rg.ttf
redflex.sit.vodafone.com/byox/assets/fonts/ 139 KB
139 KB 56ms
56ms Font
font/ttf 139.47.189.197
VODAFONE-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://redflex.sit.vodafone.com/byox/assets/fonts/Vodafone_Font_Rg.ttf

Requested by

Host: redflex.sit.vodafone.com
URL: https://redflex.sit.vodafone.com/byox/styles.fb567251545765810336.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.47.189.197 , Italy, ASN12663 (VODAFONE-GROUP, IT),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src ; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redflex.sit.vodafone.com/
Origin: https://redflex.sit.vodafone.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Fri, 27 Oct 2023 08:11:15 GMT
server: Apache
date: Tue, 09 Jan 2024 06:55:38 GMT
x-frame-options: SAMEORIGIN
content-type: font/ttf
access-control-allow-origin: redflex.sit.vodafone.com
accept-ranges: bytes
access-control-allow-headers: Content-Type, Origin, Cache-Control
content-length: 142548
x-xss-protection: 1; mode=block
access-control-request-headers: Content-Type, Origin, Cache-control

GET
H2 200 Vodafone_Font_Lt.ttf
redflex.sit.vodafone.com/byox/assets/fonts/ 143 KB
143 KB 94ms
93ms Font
font/ttf 139.47.189.197
VODAFONE-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://redflex.sit.vodafone.com/byox/assets/fonts/Vodafone_Font_Lt.ttf

Requested by

Host: redflex.sit.vodafone.com
URL: https://redflex.sit.vodafone.com/byox/styles.fb567251545765810336.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.47.189.197 , Italy, ASN12663 (VODAFONE-GROUP, IT),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src ; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redflex.sit.vodafone.com/
Origin: https://redflex.sit.vodafone.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Fri, 27 Oct 2023 08:11:15 GMT
server: Apache
date: Tue, 09 Jan 2024 06:55:38 GMT
x-frame-options: SAMEORIGIN
content-type: font/ttf
access-control-allow-origin: redflex.sit.vodafone.com
accept-ranges: bytes
access-control-allow-headers: Content-Type, Origin, Cache-Control
content-length: 146408
x-xss-protection: 1; mode=block
access-control-request-headers: Content-Type, Origin, Cache-control

GET generic1704027608801.js
nebula-cdn.kampyle.com/eu/we/294138/onsite/ 0
0

GET
H2 200 login
redflex.sit.vodafone.com/byox/pub/rest/v1/credentials/ 918 B
1 KB 71ms
70ms Document
text/html 139.47.189.197
VODAFONE-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://redflex.sit.vodafone.com/byox/pub/rest/v1/credentials/login

Requested by

Host: redflex.sit.vodafone.com
URL: https://redflex.sit.vodafone.com/byox/main.958f654744e565e4ceb5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.47.189.197 , Italy, ASN12663 (VODAFONE-GROUP, IT),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src ; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redflex.sit.vodafone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-headers: Content-Type, Origin, Cache-Control
access-control-request-headers: Content-Type, Origin, Cache-control
cache-control: no-cache, no-store
content-length: 918
content-security-policy: default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-type: text/html
date: Tue, 09 Jan 2024 06:55:39 GMT
pragma: no-cache
referrer-policy: strict-origin
server: Apache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-oracle-dms-ecid: 9dfd98a2-1fe3-44ab-98b5-a20aaf2ce0a4-0000067f
x-oracle-dms-rid: 0
x-xss-protection: 1; mode=block

GET
H2

200

Primary Request login.do Show response
ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/
Redirect Chain

https://ciamsso.sit1.ciam.vodafone.com/samlsso
https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b1b94cad-7af7-4709-...

33 KB
10 KB

74ms
74ms

Document
text/html

45.60.154.182
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b1b94cad-7af7-4709-ac9a-9fb048dc712e&relyingParty=red_flex_domain&type=samlsso&sp=BYOX-Redflex&isSaaSApp=false&authenticators=SAMLSSOAuthenticator%3AFedCustomerTest-PP%3Avfdev2%3ABP%3BMultiAttributeAuthenticator%3ALOCAL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.182 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

WSO2 Carbon Server /

Resource Hash

df06a8c6fb35cafab4c629b3375e415b195c5a3afee71ea37f8e7e657b79fd5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .vodafone.com; worker-src blob:; font-src 'self' data:; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://redflex.sit.vodafone.com
Referer: https://redflex.sit.vodafone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-headers: Cache-Control,Authorization
content-encoding: gzip
content-security-policy: default-src 'self'; connect-src 'self' *.vodafone.com; worker-src blob:; font-src 'self' data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-type: text/html;charset=UTF-8
date: Tue, 09 Jan 2024 06:55:39 GMT
referrer-policy: strict-origin-when-cross-origin
server: WSO2 Carbon Server
server-timing: dtSInfo;desc="0", dtRpid;desc="462834549"
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-cdn: Imperva
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-iinfo: 2-125609853-125609859 PNNN RT(1704783339060 226) q(0 0 0 -1) r(1 1) U12
x-incap-sess-cookie-hdr: 9ljaGkUR/wUYIfhp3aaeBuvtnGUAAAAAQw7C5YMpaFWfjKwNEe+Byg==
x-oneagent-js-injection: true

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Cache-Control,Authorization
access-control-allow-origin: https://redflex.sit.vodafone.com
content-length: 0
content-security-policy: default-src 'self'; connect-src 'self' *.vodafone.com; worker-src blob:; font-src 'self' data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-src http://vg6612yr.dc-ratingen.de:8081/coveportal.com/samlsso
date: Tue, 09 Jan 2024 06:55:39 GMT
location: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b1b94cad-7af7-4709-ac9a-9fb048dc712e&relyingParty=red_flex_domain&type=samlsso&sp=BYOX-Redflex&isSaaSApp=false&authenticators=SAMLSSOAuthenticator%3AFedCustomerTest-PP%3Avfdev2%3ABP%3BMultiAttributeAuthenticator%3ALOCAL
referrer-policy: strict-origin-when-cross-origin
server: WSO2 Carbon Server
server-timing: dtSInfo;desc="0", dtRpid;desc="140557095", dtTao;desc="1"
strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: *
x-cdn: Imperva
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN ALLOW-FROM https://webserver-cove-mdev.lfr.cloud
x-iinfo: 2-125609853-125609859 NNNN CT(26 29 0) RT(1704783339060 34) q(0 0 1 0) r(1 2) U6
x-incap-sess-cookie-hdr: jMXQYkKpIXoYIfhp3aaeBuvtnGUAAAAACCY8w+dMOlDqZ1gzbmdoEg==
x-oneagent-js-injection: true

GET
H2 200 bootstrap.min.css
ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/libs/bootstrap_3.4.1/css/ 119 KB
19 KB 38ms
37ms Stylesheet
text/css 45.60.154.182
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/libs/bootstrap_3.4.1/css/bootstrap.min.css

Requested by

Host: ciamsso.sit1.ciam.vodafone.com
URL: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b1b94cad-7af7-4709-ac9a-9fb048dc712e&relyingParty=red_flex_domain&type=samlsso&sp=BYOX-Redflex&isSaaSApp=false&authenticators=SAMLSSOAuthenticator%3AFedCustomerTest-PP%3Avfdev2%3ABP%3BMultiAttributeAuthenticator%3ALOCAL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.182 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b1b94cad-7af7-4709-ac9a-9fb048dc712e&relyingParty=red_flex_domain&type=samlsso&sp=BYOX-Redflex&isSaaSApp=false&authenticators=SAMLSSOAuthenticator%3AFedCustomerTest-PP%3Avfdev2%3ABP%3BMultiAttributeAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:55:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Dec 2023 07:36:38 GMT
x-cdn: Imperva
etag: W/"121457-1702366598000"
content-type: text/css
x-iinfo: 2-125609853-0 0CNN RT(1704783339060 304) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=16235, public
content-length: 19736
expires: Tue, 09 Jan 2024 11:26:14 GMT

GET
H2 200 style.css
ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/css/ 12 KB
3 KB 50ms
49ms Stylesheet
text/css 45.60.154.182
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/css/style.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.182 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4d336699da22a2264d8449e0c6ae33772889d8edef43d85e9e3f2d0e7a0f6812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b1b94cad-7af7-4709-ac9a-9fb048dc712e&relyingParty=red_flex_domain&type=samlsso&sp=BYOX-Redflex&isSaaSApp=false&authenticators=SAMLSSOAuthenticator%3AFedCustomerTest-PP%3Avfdev2%3ABP%3BMultiAttributeAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:55:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Dec 2023 07:36:38 GMT
x-cdn: Imperva
etag: W/"12088-1702366598000"
content-type: text/css
x-iinfo: 2-125609853-0 0CNN RT(1704783339060 310) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=16236, public
content-length: 2775
expires: Tue, 09 Jan 2024 11:26:15 GMT

GET
H2 200 ruxitagentjs_ICA27NVfhjqrux_10279231130031246.js Show response
ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/ 217 KB
83 KB 51ms
50ms Script
text/javascript 45.60.154.182
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/ruxitagentjs_ICA27NVfhjqrux_10279231130031246.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.182 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a8f8bf7eff6266053a843e5846e8ec9e0d9437245b295ac951bfc2c2bfecb0ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b1b94cad-7af7-4709-ac9a-9fb048dc712e&relyingParty=red_flex_domain&type=samlsso&sp=BYOX-Redflex&isSaaSApp=false&authenticators=SAMLSSOAuthenticator%3AFedCustomerTest-PP%3Avfdev2%3ABP%3BMultiAttributeAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:55:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
x-cdn: Imperva
etag: "60a5afd5"
content-type: text/javascript; charset=utf-8
x-iinfo: 2-125609853-0 0CNN RT(1704783339060 316) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31216957, public
content-length: 84861
expires: Sat, 04 Jan 2025 14:18:16 GMT

GET
H2 200 jquery-3.6.4.js Show response
ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/libs/jquery_3.6.4/ 286 KB
85 KB 89ms
88ms Script
application/javascript 45.60.154.182
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/libs/jquery_3.6.4/jquery-3.6.4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.182 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6bd8c1051ca05f5061e65b7c1998d70f3c8e07e6d6bdef4488eeed44e52d8ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b1b94cad-7af7-4709-ac9a-9fb048dc712e&relyingParty=red_flex_domain&type=samlsso&sp=BYOX-Redflex&isSaaSApp=false&authenticators=SAMLSSOAuthenticator%3AFedCustomerTest-PP%3Avfdev2%3ABP%3BMultiAttributeAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:55:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Dec 2023 07:36:38 GMT
x-cdn: Imperva
etag: W/"292458-1702366598000"
content-type: application/javascript
x-iinfo: 2-125609853-0 0CNN RT(1704783339060 320) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=16236, public
content-length: 86427
expires: Tue, 09 Jan 2024 11:26:15 GMT

GET
H2 200 private-hub.css
ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/css/ 4 KB
1 KB 91ms
90ms Stylesheet
text/css 45.60.154.182
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/css/private-hub.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.182 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

74841d831a769234cd68e09568b85960aa878609eba31ea2414e00601a2a96e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b1b94cad-7af7-4709-ac9a-9fb048dc712e&relyingParty=red_flex_domain&type=samlsso&sp=BYOX-Redflex&isSaaSApp=false&authenticators=SAMLSSOAuthenticator%3AFedCustomerTest-PP%3Avfdev2%3ABP%3BMultiAttributeAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:55:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Dec 2023 07:36:38 GMT
x-cdn: Imperva
etag: W/"3840-1702366598000"
content-type: text/css
x-iinfo: 2-125609853-0 0CNN RT(1704783339060 324) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=16236, public
content-length: 931
expires: Tue, 09 Jan 2024 11:26:15 GMT

GET
H2 200 bootstrap.min.js Show response
ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/libs/bootstrap_3.4.1/js/ 39 KB
11 KB 101ms
101ms Script
application/javascript 45.60.154.182
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/libs/bootstrap_3.4.1/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.182 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b1b94cad-7af7-4709-ac9a-9fb048dc712e&relyingParty=red_flex_domain&type=samlsso&sp=BYOX-Redflex&isSaaSApp=false&authenticators=SAMLSSOAuthenticator%3AFedCustomerTest-PP%3Avfdev2%3ABP%3BMultiAttributeAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:55:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Dec 2023 07:36:38 GMT
x-cdn: Imperva
etag: W/"39680-1702366598000"
content-type: application/javascript
x-iinfo: 2-125609853-0 0CNN RT(1704783339060 328) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=16236, public
content-length: 10940
expires: Tue, 09 Jan 2024 11:26:15 GMT

GET
H2 200 _Incapsula_Resource Show response
ciamsso.sit1.ciam.vodafone.com/ 141 KB
20 KB 38ms
37ms Script
application/javascript 45.60.154.182
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ciamsso.sit1.ciam.vodafone.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=32185359

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.182 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1faf61293084ff17f2a14a39346babac88d4eeff9c1ad4ea4577670c2f5781a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b1b94cad-7af7-4709-ac9a-9fb048dc712e&relyingParty=red_flex_domain&type=samlsso&sp=BYOX-Redflex&isSaaSApp=false&authenticators=SAMLSSOAuthenticator%3AFedCustomerTest-PP%3Avfdev2%3ABP%3BMultiAttributeAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 20284
content-type: application/javascript

GET
H2 200 login-sprite.png
ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/images/ 5 KB
5 KB 34ms
34ms Image
image/png 45.60.154.182
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/images/login-sprite.png

Requested by

Host: ciamsso.sit1.ciam.vodafone.com
URL: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.182 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b328e23152d28fe394688bebb61f8b08109f48d5699cd174793c5c5267954e39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:55:39 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Dec 2023 07:36:38 GMT
x-cdn: Imperva
etag: W/"5992-1702366598000"
content-type: image/png
x-iinfo: 2-125609853-0 0CNN RT(1704783339060 427) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=16236, public
content-length: 4646
expires: Tue, 09 Jan 2024 11:26:15 GMT

GET
H2 200 login.jpg
ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/images/ 49 KB
43 KB 36ms
35ms Image
image/jpeg 45.60.154.182
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/images/login.jpg

Requested by

Host: ciamsso.sit1.ciam.vodafone.com
URL: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.182 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

44cead5be53a49382f2ce2098f487793f3df2a24b50e4f4929783c87b99a1acd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:55:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Dec 2023 07:36:38 GMT
x-cdn: Imperva
etag: W/"50244-1702366598000"
content-type: image/jpeg
x-iinfo: 2-125609853-0 0CNN RT(1704783339060 430) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=16236, public
content-length: 43492
expires: Tue, 09 Jan 2024 11:26:15 GMT

GET
H2 200 VodafoneRg-Regular.woff
ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/fonts/vodafone/ 51 KB
52 KB 134ms
134ms Font
font/woff 45.60.154.182
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/fonts/vodafone/VodafoneRg-Regular.woff

Requested by

Host: ciamsso.sit1.ciam.vodafone.com
URL: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.182 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

WSO2 Carbon Server /

Resource Hash

5d96e8713fa2bb0634c0218396a94a685d1d423b8f2e8a6d386e17181805ba19

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .vodafone.com; worker-src blob:; font-src 'self' data:; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/css/style.css
Origin: https://ciamsso.sit1.ciam.vodafone.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:55:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'; connect-src 'self' *.vodafone.com; worker-src blob:; font-src 'self' data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-cdn: Imperva
x-oneagent-js-injection: true
x-iinfo: 2-125609853-125606804 2NNN RT(1704783339060 431) q(0 0 0 -1) r(1 1) U12
server-timing: dtSInfo;desc="0", dtRpid;desc="-300787098", dtTao;desc="1"
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Dec 2023 07:36:36 GMT
server: WSO2 Carbon Server
etag: W/"52620-1702366598000:dtagent102792311300312463s17:dtagent102792311300312463s17"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: font/woff
access-control-allow-origin: https://ciamsso.sit1.ciam.vodafone.com
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: 5wLuLrm0QxMYIfhp3aaeBuvtnGUAAAAAL2oHn2PVe2nKRpKCfRRSAg==
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Cache-Control,Authorization

GET
H2 200 VodafoneLt-Regular.woff
ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/fonts/vodafone/ 41 KB
42 KB 140ms
140ms Font
font/woff 45.60.154.182
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/fonts/vodafone/VodafoneLt-Regular.woff

Requested by

Host: ciamsso.sit1.ciam.vodafone.com
URL: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.182 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

WSO2 Carbon Server /

Resource Hash

482a6838347b4a02298cb79d51d83cec50e52b0d8df7428ae17088df94b206e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .vodafone.com; worker-src blob:; font-src 'self' data:; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/custom_libs/css/style.css
Origin: https://ciamsso.sit1.ciam.vodafone.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:55:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'; connect-src 'self' *.vodafone.com; worker-src blob:; font-src 'self' data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-cdn: Imperva
x-oneagent-js-injection: true
x-iinfo: 2-125609853-125603407 2NNN RT(1704783339060 432) q(0 0 0 -1) r(1 1) U12
server-timing: dtSInfo;desc="0", dtRpid;desc="-823161771", dtTao;desc="1"
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Dec 2023 07:36:36 GMT
server: WSO2 Carbon Server
etag: W/"42068-1702366598000:dtagent102792311300312463s17:dtagent102792311300312463s17"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: font/woff
access-control-allow-origin: https://ciamsso.sit1.ciam.vodafone.com
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: BY+tAoZYESkYIfhp3aaeBuvtnGUAAAAAnNXi3aNue6bg1l++6ei0sQ==
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Cache-Control,Authorization

GET
H2 200 _Incapsula_Resource
ciamsso.sit1.ciam.vodafone.com/ 1 B
90 B 32ms
32ms Image
text/plain 45.60.154.182
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ciamsso.sit1.ciam.vodafone.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7375533306756139

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.182 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b1b94cad-7af7-4709-ac9a-9fb048dc712e&relyingParty=red_flex_domain&type=samlsso&sp=BYOX-Redflex&isSaaSApp=false&authenticators=SAMLSSOAuthenticator%3AFedCustomerTest-PP%3Avfdev2%3ABP%3BMultiAttributeAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 logincontext Show response
ciamsso.sit1.ciam.vodafone.com/ 20 B
245 B 66ms
66ms XHR
application/json 45.60.154.182
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ciamsso.sit1.ciam.vodafone.com/logincontext?sessionDataKey=b1b94cad-7af7-4709-ac9a-9fb048dc712e&relyingParty=red_flex_domain&tenantDomain=carbon.super&_=1704783339570

Requested by

Host: ciamsso.sit1.ciam.vodafone.com
URL: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/ruxitagentjs_ICA27NVfhjqrux_10279231130031246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.182 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

WSO2 Carbon Server /

Resource Hash

912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .vodafone.com; worker-src blob:; font-src 'self' data:; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';, frame-src http://vg6612yr.dc-ratingen.de:8081/coveportal.com/samlsso
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b1b94cad-7af7-4709-ac9a-9fb048dc712e&relyingParty=red_flex_domain&type=samlsso&sp=BYOX-Redflex&isSaaSApp=false&authenticators=SAMLSSOAuthenticator%3AFedCustomerTest-PP%3Avfdev2%3ABP%3BMultiAttributeAuthenticator%3ALOCAL
X-Requested-With: XMLHttpRequest
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
x-dtpc: 3$183339546_183h3vEWSCANAFCURKCQJKGMPPHLKTEWFDSCHE-0e0

Response headers

date: Tue, 09 Jan 2024 06:55:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'; connect-src 'self' *.vodafone.com; worker-src blob:; font-src 'self' data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';, frame-src http://vg6612yr.dc-ratingen.de:8081/coveportal.com/samlsso
content-encoding: gzip
server: WSO2 Carbon Server
x-cdn: Imperva
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
x-oneagent-js-injection: true
x-iinfo: 2-125609853-125609859 PNYN RT(1704783339060 631) q(0 0 0 -1) r(1 1) U12
server-timing: dtSInfo;desc="0", dtRpid;desc="-1235428034"
access-control-allow-headers: Cache-Control,Authorization

POST
H2 200 rb_0f42cfd3-d1bb-43e9-a50e-e17bbbf7a8ea Show response
ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/ 121 B
318 B 83ms
82ms XHR
text/plain 45.60.154.182
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/rb_0f42cfd3-d1bb-43e9-a50e-e17bbbf7a8ea?type=js3&sn=v_4_srv_3_sn_BC07CA5B4FC0E5F8FE44D113FF7D4DB1_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1&svrid=3&flavor=post&vi=EWSCANAFCURKCQJKGMPPHLKTEWFDSCHE-0&modifiedSince=1702470046474&rf=https%3A%2F%2Fciamsso.sit1.ciam.vodafone.com%2Fauthenticationendpoint%2Flogin.do%3FcommonAuthCallerPath%3D%252Fsamlsso%26forceAuth%3Dfalse%26passiveAuth%3Dfalse%26tenantDomain%3Dcarbon.super%26sessionDataKey%3Db1b94cad-7af7-4709-ac9a-9fb048dc712e%26relyingParty%3Dred_flex_domain%26type%3Dsamlsso%26sp%3DBYOX-Redflex%26isSaaSApp%3Dfalse%26authenticators%3DSAMLSSOAuthenticator%253AFedCustomerTest-PP%253Avfdev2%253ABP%253BMultiAttributeAuthenticator%253ALOCAL&bp=3&app=ea7c4b59f27d43eb&crc=1955245464&en=8rfy8o7v&end=1

Requested by

Host: ciamsso.sit1.ciam.vodafone.com
URL: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/ruxitagentjs_ICA27NVfhjqrux_10279231130031246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.182 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

b0e6b5b8d3f7d18c8a46aed9b56b1568d15dadd676158b57a35968d2abbd60bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .vodafone.com; worker-src blob:; font-src 'self' data:; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b1b94cad-7af7-4709-ac9a-9fb048dc712e&relyingParty=red_flex_domain&type=samlsso&sp=BYOX-Redflex&isSaaSApp=false&authenticators=SAMLSSOAuthenticator%3AFedCustomerTest-PP%3Avfdev2%3ABP%3BMultiAttributeAuthenticator%3ALOCAL
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 06:55:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' *.vodafone.com; worker-src blob:; font-src 'self' data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-encoding: gzip
server: Apache
x-cdn: Imperva
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://ciamsso.sit1.ciam.vodafone.com
x-iinfo: 2-125609853-125609859 PNYN RT(1704783339060 1798) q(0 0 0 -1) r(1 1) U6
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: LZylARauGXIYIfhp3aaeBuztnGUAAAAAAthA0WFJp+6g1r2voLMUsQ==
access-control-allow-headers: Cache-Control,Authorization

POST
H2 200 rb_0f42cfd3-d1bb-43e9-a50e-e17bbbf7a8ea Show response
ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/ 121 B
293 B 79ms
79ms XHR
text/plain 45.60.154.182
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ciamsso.sit1.ciam.vodafone.com
URL: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/ruxitagentjs_ICA27NVfhjqrux_10279231130031246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.182 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

b0e6b5b8d3f7d18c8a46aed9b56b1568d15dadd676158b57a35968d2abbd60bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .vodafone.com; worker-src blob:; font-src 'self' data:; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ciamsso.sit1.ciam.vodafone.com/authenticationendpoint/login.do?commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b1b94cad-7af7-4709-ac9a-9fb048dc712e&relyingParty=red_flex_domain&type=samlsso&sp=BYOX-Redflex&isSaaSApp=false&authenticators=SAMLSSOAuthenticator%3AFedCustomerTest-PP%3Avfdev2%3ABP%3BMultiAttributeAuthenticator%3ALOCAL
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 06:55:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' *.vodafone.com; worker-src blob:; font-src 'self' data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-encoding: gzip
server: Apache
x-cdn: Imperva
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://ciamsso.sit1.ciam.vodafone.com
x-iinfo: 2-125609853-125609859 PNYN RT(1704783339060 3815) q(0 0 0 -1) r(1 1) U6
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: L7ccOk9jVxMYIfhp3aaeBu7tnGUAAAAAANuGbJTif+8AJe+f1QgNEw==
access-control-allow-headers: Cache-Control,Authorization

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/eu/we/294138/onsite/generic1704027608801.js

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ciamsso.sit1.ciam.vodafone.com/authenticationendpoint	1969-12-31 23:59:59	Name: JSESSIONID Value: FBA498CD46C6ED5BA99837DC61568DA47ED7E90B52E6748BA14F42AE25A7485C07B053B07FC36028985251291173F6DBC43F09FC0EA1DFA7C805C037C92D8044C00CA6B1B2899C8EC5D7C4DDE798466D011BC101A752E8C9A2D8FF0B57E904E3C0694BA15873844E9CF0CFB749A953546206358F3ED9648BF83F0986559DE762
.vodafone.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_3_sn_BC07CA5B4FC0E5F8FE44D113FF7D4DB1_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1
.sit1.ciam.vodafone.com/	1970-01-21 02:18:08	Name: visid_incap_2837347 Value: mb7l+1gtQnCRoa5blV4E4+vtnGUAAAAAQUIPAAAAAADfDWra1IzjvNxov+DbvRAz
.sit1.ciam.vodafone.com/	1969-12-31 23:59:59	Name: incap_ses_477_2837347 Value: c0KQBRsYBFAYIfhp3aaeBuvtnGUAAAAAXIOir5kpftFte2Y3cvWVRg==
.vodafone.com/	1970-01-21 03:09:03	Name: rxVisitor Value: 1704783339547KVR2TBKQJLKMH4IKQQ2F80J287SFHERQ
.vodafone.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.vodafone.com/	1969-12-31 23:59:59	Name: rxvt Value: 1704785139779\|1704783339550
.vodafone.com/	1969-12-31 23:59:59	Name: dtPC Value: 3$183339546_183h-vEWSCANAFCURKCQJKGMPPHLKTEWFDSCHE-0e0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://redflex.sit.vodafone.com/byox/rest/v1/credentials/login/validation Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://ciamsso.sit1.ciam.vodafone.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com ; font-src ; frame-src ; img-src * data:; media-src ; object-src ; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ciamsso.sit1.ciam.vodafone.com
nebula-cdn.kampyle.com
redflex.sit.vodafone.com
nebula-cdn.kampyle.com
139.47.189.197
151.101.193.175
45.60.154.182
166505513aefcdaafa40949bdf0e04c7e20aaf69c6d0e71b2755d56796d1e22f
1faf61293084ff17f2a14a39346babac88d4eeff9c1ad4ea4577670c2f5781a8
44cead5be53a49382f2ce2098f487793f3df2a24b50e4f4929783c87b99a1acd
482a6838347b4a02298cb79d51d83cec50e52b0d8df7428ae17088df94b206e8
4d336699da22a2264d8449e0c6ae33772889d8edef43d85e9e3f2d0e7a0f6812
564c0589deab00543d444e29d456199254faedf0e4fea06a589568bba4484810
5d96e8713fa2bb0634c0218396a94a685d1d423b8f2e8a6d386e17181805ba19
6bd8c1051ca05f5061e65b7c1998d70f3c8e07e6d6bdef4488eeed44e52d8ff1
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
74841d831a769234cd68e09568b85960aa878609eba31ea2414e00601a2a96e6
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a49f7581f9077aa601bb8caf3f045cdee84090834234684642f91a0b8a2bb303
a8f8bf7eff6266053a843e5846e8ec9e0d9437245b295ac951bfc2c2bfecb0ca
ade509884be9c062f4e9f14c11159b829fc469528bc9f23aa83ab57cd2574111
b0e6b5b8d3f7d18c8a46aed9b56b1568d15dadd676158b57a35968d2abbd60bd
b328e23152d28fe394688bebb61f8b08109f48d5699cd174793c5c5267954e39
cad7eb036f86387f0fd3fcf019cfb277f86f33bf6dd1d1d3b9ecc430bab8c7de
df06a8c6fb35cafab4c629b3375e415b195c5a3afee71ea37f8e7e657b79fd5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb3d5f2600910179bef8b0709214b7c721ea66e92ebb35bc282264beb2631eaf

ciamsso.sit1.ciam.vodafone.com Open in urlscan Pro 45.60.154.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

97 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

4 IPs

2 Countries

7053 kBTransfer

7672 kBSize

8 Cookies

8 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ciamsso.sit1.ciam.vodafone.com Open in urlscan Pro
45.60.154.182 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

97 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

7053 kB
Transfer

7672 kB
Size

8
Cookies

31 HTTP transactions
0 data transactions