urlscan.io logo urlscan.io
SecurityTrails logo

clientdashboard.test.env.taxdoo.com Open in urlscan Pro
52.58.64.197  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clientdashboard.test.env.taxdoo.com/
Effective URL: https://clientdashboard.test.env.taxdoo.com/login.php
Submission: On July 25 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 52.58.64.197, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is clientdashboard.test.env.taxdoo.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 11th 2023. Valid for: a year.
This is the only time clientdashboard.test.env.taxdoo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 52.58.64.197 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:266... 16509 (AMAZON-02)
2 54.93.135.129 16509 (AMAZON-02)
10 5
Apex Domain
Subdomains		 Transfer
8 taxdoo.com
clientdashboard.test.env.taxdoo.com
feature-flag.test.env.taxdoo.com
1 MB
1 osano.com
cmp.osano.com — Cisco Umbrella Rank: 7730
94 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
139 KB
10 3
Domain Requested by
6 clientdashboard.test.env.taxdoo.com 1 redirects clientdashboard.test.env.taxdoo.com
2 feature-flag.test.env.taxdoo.com clientdashboard.test.env.taxdoo.com
1 cmp.osano.com www.googletagmanager.com
1 www.googletagmanager.com clientdashboard.test.env.taxdoo.com
10 4

This site contains links to these domains. Also see Links.

Domain
booking.test.env.taxdoo.com
www.taxdoo.com
Subject Issuer Validity Valid
clientdashboard.test.env.taxdoo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-09		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.osano.com
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-15		 a year crt.sh
feature-flag.test.env.taxdoo.com
Amazon RSA 2048 M02		 2023-10-23 -
2024-11-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://clientdashboard.test.env.taxdoo.com/login.php
Frame ID: D7DB02B69B6031764BDE46A0F82BB299
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Taxdoo: Login

Page URL History Show full URLs

  1. https://clientdashboard.test.env.taxdoo.com/ HTTP 302
    https://clientdashboard.test.env.taxdoo.com/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

10
Requests

90 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

1716 kB
Transfer

7457 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clientdashboard.test.env.taxdoo.com/ HTTP 302
    https://clientdashboard.test.env.taxdoo.com/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
clientdashboard.test.env.taxdoo.com/
Redirect Chain
  • https://clientdashboard.test.env.taxdoo.com/
  • https://clientdashboard.test.env.taxdoo.com/login.php
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clientdashboard.test.env.taxdoo.com/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.64.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-64-197.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4e450760dc031bd8af83f1288e5c4b1a182b7981bd0b2cb273a975450ad49f39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Thu, 25 Jul 2024 08:01:20 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 25 Jul 2024 08:01:20 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
login.php
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
authorization.1bd0fb822af7efd328e8.js
clientdashboard.test.env.taxdoo.com/build/ 		2 MB
487 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientdashboard.test.env.taxdoo.com/build/authorization.1bd0fb822af7efd328e8.js
Requested by
Host: clientdashboard.test.env.taxdoo.com
URL: https://clientdashboard.test.env.taxdoo.com/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.64.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-64-197.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
715a8cdc080dfe8a85203677688199c700285d75fb1cd6675692c26a4af44a46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://clientdashboard.test.env.taxdoo.com/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 08:01:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2024 21:08:01 GMT
server
Apache
content-encoding
gzip
etag
"798f0-61e04ac6db76f"
x-frame-options
SAMEORIGIN
vary
Accept-encoding
content-type
text/javascript
accept-ranges
bytes
content-length
497904
shared.016bec1af2c754b9a825.js
clientdashboard.test.env.taxdoo.com/build/ 		4 MB
928 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientdashboard.test.env.taxdoo.com/build/shared.016bec1af2c754b9a825.js
Requested by
Host: clientdashboard.test.env.taxdoo.com
URL: https://clientdashboard.test.env.taxdoo.com/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.64.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-64-197.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
012e1ac7849b54c293fedd5b1d6f07030d712c4aeddde7643e278dddc8331a46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://clientdashboard.test.env.taxdoo.com/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 08:01:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2024 21:08:04 GMT
server
Apache
content-encoding
gzip
etag
"e7938-61e04ac9227ab"
x-frame-options
SAMEORIGIN
vary
Accept-encoding
content-type
text/javascript
accept-ranges
bytes
content-length
948536
gtm.js
www.googletagmanager.com/ 		465 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KSBG7SF
Requested by
Host: clientdashboard.test.env.taxdoo.com
URL: https://clientdashboard.test.env.taxdoo.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
540ddbd80ab46e3341dee0ad82b900ccc69e22a9abb8f8aabca2c8e4d4ae4975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://clientdashboard.test.env.taxdoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 08:01:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142218
x-xss-protection
0
last-modified
Thu, 25 Jul 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 25 Jul 2024 08:01:21 GMT
osano.js
cmp.osano.com/AzZcuhS3gahlF1YVL/409d1488-3d27-4c2c-9d75-206eab0cb99b/ 		359 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/AzZcuhS3gahlF1YVL/409d1488-3d27-4c2c-9d75-206eab0cb99b/osano.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSBG7SF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:5200:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ab54801231042cd7d5717833575d6137971d4098bbf946f48ad89f8b8b564cb5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clientdashboard.test.env.taxdoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:39:51 GMT
content-encoding
br
via
1.1 9eb1733bea847c3a8f4910adebcc8146.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P8
age
1291
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
94966
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 26 Jun 2024 15:16:26 GMT
server
CloudFront
etag
"1a74124efa9059aa0b180324b8ccdbf4"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id
VNzrosB_pDtoWfS3mLE6dtsO7DXMLSYF0Jn2wJDnB4IYsaKlU5Z2WQ==
proxy
feature-flag.test.env.taxdoo.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://feature-flag.test.env.taxdoo.com/proxy?project=clientDashboard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.93.135.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://clientdashboard.test.env.taxdoo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
OPTIONS,GET,PUT,POST,DELETE,PATCH,HEAD
access-control-allow-origin
https://clientdashboard.test.env.taxdoo.com
date
Thu, 25 Jul 2024 08:01:22 GMT
vary
Origin
x-amz-apigw-id
bdXtAEE_FiAEAiw=
x-amzn-requestid
1e2ce0a6-ad59-4871-9415-1e9d4a3034a1
proxy
feature-flag.test.env.taxdoo.com/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://feature-flag.test.env.taxdoo.com/proxy?project=clientDashboard
Requested by
Host: clientdashboard.test.env.taxdoo.com
URL: https://clientdashboard.test.env.taxdoo.com/build/shared.016bec1af2c754b9a825.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.93.135.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1e6ff975943bc743dcaf6d2bc0c709efa0919696117a4988e3031d0638138a4a

Request headers

Referer
https://clientdashboard.test.env.taxdoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-api-key
3NvxWU,2jS7,MeM,ejyScKS8X76pd,i,

Response headers

date
Thu, 25 Jul 2024 08:01:23 GMT
x-amzn-requestid
468c0275-f3e4-4132-976a-fb8761ee2443
x-amzn-trace-id
Root=1-66a20653-328f7f435cade5474acaf907;Parent=6ad9a3467138aaf5;Sampled=0;lineage=7e50b2d4:0
access-control-allow-methods
OPTIONS,GET
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-apigw-id
bdXtBHIHliAEHZA=
content-length
1393
access-control-allow-headers
Content-Type
logo-xx.png
clientdashboard.test.env.taxdoo.com/assets/img/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clientdashboard.test.env.taxdoo.com/assets/img/logo-xx.png
Requested by
Host: clientdashboard.test.env.taxdoo.com
URL: https://clientdashboard.test.env.taxdoo.com/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.64.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-64-197.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
9e45773c382b0d2f4e9d63fa9b251d6857299b09515c87d65654b8d40e70ed83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://clientdashboard.test.env.taxdoo.com/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 08:01:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2024 11:31:08 GMT
server
Apache
etag
"ba3e-61dfc9d487700"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
47678
018f102f-bb79-4b14-851a-e9452c926d7b
https://clientdashboard.test.env.taxdoo.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://clientdashboard.test.env.taxdoo.com/018f102f-bb79-4b14-851a-e9452c926d7b
Requested by
Host: clientdashboard.test.env.taxdoo.com
URL: https://clientdashboard.test.env.taxdoo.com/login.php
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a0f1d2a7be2bb5dc4779ad066c38a0aaf3d58100ea0d6bdfe7df53323286ddf

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
logo-fav.png
clientdashboard.test.env.taxdoo.com/assets/img/ 		16 KB
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://clientdashboard.test.env.taxdoo.com/assets/img/logo-fav.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.64.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-64-197.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
51ac093654a8c38b0e6caa0add53108881b9aba7ae840a0f59889c2ea8902e1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://clientdashboard.test.env.taxdoo.com/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 08:01:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2024 11:31:08 GMT
server
Apache
etag
"3fa5-61dfc9d487700"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
16293

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| webpackChunkclient_dashboard object| google_tag_manager object| google_tag_data object| __APOLLO_CLIENT__ object| url object| elem object| optimizely function| onYouTubeIframeAPIReady function| Osano function| __uspapi object| litHtmlVersions

5 Cookies

Domain/Path Name / Value
clientdashboard.test.env.taxdoo.com/ Name: PHPSESSID
Value: kadcvvt6kqnltd9g3ph6bcd90c
clientdashboard.test.env.taxdoo.com/ Name: csrf-cookie-token
Value: 500a3775be01fef189b5ac9016b125bbfb4922923cec69ab64d7dcf31c50bed0
clientdashboard.test.env.taxdoo.com/ Name: cdb-language
Value: de
clientdashboard.test.env.taxdoo.com/ Name: AWSALB
Value: h05Gc3GSwGM1cKvAAwlEucv/UAmwhbPifAxB0Jr6jCCDhSYIZkV67hLAB35f7Qb/7I4u70qJcCkusrwzVDKRIq+o1m2dZHJBwaXysHIZJYAoA4HkT9EX8SJ0Jsuv
clientdashboard.test.env.taxdoo.com/ Name: AWSALBCORS
Value: h05Gc3GSwGM1cKvAAwlEucv/UAmwhbPifAxB0Jr6jCCDhSYIZkV67hLAB35f7Qb/7I4u70qJcCkusrwzVDKRIq+o1m2dZHJBwaXysHIZJYAoA4HkT9EX8SJ0Jsuv

1 Console Messages

Source Level URL
Text
recommendation warning URL: https://clientdashboard.test.env.taxdoo.com/login.php
Message:
[DOM] Found 2 elements with non-unique id #field-:r0:: (More info: https://goo.gl/9p2vKq) %o %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN