urlscan.io logo urlscan.io
SecurityTrails logo

auth.openappsec.io Open in urlscan Pro
52.49.155.178  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://my.openappsec.io/
Effective URL: https://auth.openappsec.io/u/login?state=hKFo2SBkSnFYRFYxNjhRRWpLVW51MUhIVGxyUk5CbWRWQlhqQ6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE...
Submission: On May 10 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main IP is 52.49.155.178, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is auth.openappsec.io.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 2nd 2023. Valid for: a year.
This is the only time auth.openappsec.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 52.48.212.82 16509 (AMAZON-02)
2 172.253.115.95 15169 (GOOGLE)
1 142.251.111.97 15169 (GOOGLE)
1 216.239.38.178 15169 (GOOGLE)
1 3 52.49.155.178 16509 (AMAZON-02)
1 18.164.107.47 16509 (AMAZON-02)
1 52.92.16.58 16509 (AMAZON-02)
12 8
2    52.48.212.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-212-82.eu-west-1.compute.amazonaws.com
my.openappsec.io
2    172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net
fonts.googleapis.com
1    142.251.111.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net
www.googletagmanager.com
1    216.239.38.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    52.49.155.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-155-178.eu-west-1.compute.amazonaws.com
auth.openappsec.io
1    18.164.107.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-107-47.jfk50.r.cloudfront.net
cdn.auth0.com
1    52.92.16.58 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com
i2-s3-ui-static-content-prod-10.s3.eu-west-1.amazonaws.com
Apex Domain
Subdomains		 Transfer
5 openappsec.io
my.openappsec.io
auth.openappsec.io
6 MB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 amazonaws.com
i2-s3-ui-static-content-prod-10.s3.eu-west-1.amazonaws.com
14 KB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 6742
63 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
254 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
90 KB
12 6
Domain Requested by
3 auth.openappsec.io 1 redirects my.openappsec.io
2 fonts.googleapis.com my.openappsec.io
client
2 my.openappsec.io my.openappsec.io
1 i2-s3-ui-static-content-prod-10.s3.eu-west-1.amazonaws.com auth.openappsec.io
1 cdn.auth0.com auth.openappsec.io
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com my.openappsec.io
12 7

This site contains no links.

Subject Issuer Validity Valid
my.openappsec.io
Amazon RSA 2048 M02		 2023-12-21 -
2025-01-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.openappsec.io
Go Daddy Secure Certificate Authority - G2		 2023-08-02 -
2024-09-02		 a year crt.sh
*.auth0.com
Amazon RSA 2048 M03		 2024-01-25 -
2025-02-22		 a year crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon RSA 2048 M01		 2024-01-31 -
2025-01-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://auth.openappsec.io/u/login?state=hKFo2SBkSnFYRFYxNjhRRWpLVW51MUhIVGxyUk5CbWRWQlhqQ6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIERUQUFLUkk1LXRSNFRldkt2OU8zQ2lpVmM2b3JTM3R4o2NpZNkgMVF4ZjRTNWpPV2hwSWVicGN1U0t6N0V3cDE3ZmNzM3I
Frame ID: E47AA9425019A77442B2806F16F2081F
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in | open-appsec

Page URL History Show full URLs

  1. https://my.openappsec.io/ Page URL
  2. https://auth.openappsec.io/authorize?audience=https%3A%2F%2Fprod-inext-api-gateway.com&client_id=1Qxf4S... HTTP 302
    https://auth.openappsec.io/u/login?state=hKFo2SBkSnFYRFYxNjhRRWpLVW51MUhIVGxyUk5CbWRWQlhqQ6Fur3VuaXZlcn... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

12
Requests

83 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

8
IPs

2
Countries

6104 kB
Transfer

6480 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://my.openappsec.io/ Page URL
  2. https://auth.openappsec.io/authorize?audience=https%3A%2F%2Fprod-inext-api-gateway.com&client_id=1Qxf4S5jOWhpIebpcuSKz7Ewp17fcs3r&redirect_uri=https%3A%2F%2Fmy.openappsec.io%2F&screen_hint=login&scope=openid%20profile%20email&response_type=code&response_mode=query&state=TXVac3dGUX5zc3pBS0VvWEdTS29Cc1d6ZU9NMkJGUWxTaDVFTXEwdXNxRQ%3D%3D&nonce=QkpGU0JZdnlQZ0ZBaGpQbGR2R3ZETG1ZSzlRd2hyQmo3Zmp1MWxafkZVeQ%3D%3D&code_challenge=ww7WMBF6XCWDl7IlY0k0nZ0nkvqTwpeif6wU77OfQOo&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMC4yIn0%3D HTTP 302
    https://auth.openappsec.io/u/login?state=hKFo2SBkSnFYRFYxNjhRRWpLVW51MUhIVGxyUk5CbWRWQlhqQ6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIERUQUFLUkk1LXRSNFRldkt2OU8zQ2lpVmM2b3JTM3R4o2NpZNkgMVF4ZjRTNWpPV2hwSWVicGN1U0t6N0V3cDE3ZmNzM3I Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
my.openappsec.io/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.openappsec.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.212.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-212-82.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
554654f8e951cdae757ae649406073319bf12b943cfd3dfb5f5f0b4f04f3f8de

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
84621
content-encoding
gzip
content-type
text/html
date
Fri, 10 May 2024 21:06:37 GMT
etag
W/"1f4890eb5ab4061432e2d8fbea68f5e0"
last-modified
Thu, 21 Jul 2022 17:27:07 GMT
server
nginx
vary
Accept-Encoding
via
1.1 1a6dae3e64a702be248e9bf62b719afc.cloudfront.net (CloudFront)
x-amz-cf-id
5_zrRppS15xknpCt3oOlFpCVsISJ3Cwgjv8dlBpar5n_s2Ynkzh6jw==
x-amz-cf-pop
DUB56-P2
x-amz-version-id
MUIS_bd.epzH.H2Bjy9OpUkNJa_q9PRY
x-cache
Hit from cloudfront
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: my.openappsec.io
URL: https://my.openappsec.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.openappsec.io/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 May 2024 21:06:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 May 2024 20:59:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 May 2024 21:06:38 GMT
js
www.googletagmanager.com/gtag/ 		256 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EWLQBEV7QL
Requested by
Host: my.openappsec.io
URL: https://my.openappsec.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
3c8527f9a57e0198539899e104537da639308d9f4627f107f48fc12e336a432d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.openappsec.io/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:06:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91617
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 10 May 2024 21:06:38 GMT
bundle.js
my.openappsec.io/ 		6 MB
6 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.openappsec.io/bundle.js
Requested by
Host: my.openappsec.io
URL: https://my.openappsec.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.212.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-212-82.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
95e4d65803adf3fa8db4330dc945fbba1172d5dd7cdc4cdde606e6c9459a48ea

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.openappsec.io/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:06:38 GMT
x-amz-version-id
3cRcUXrpqly1zOjClyS35ReI.tmtbNL9
via
1.1 380b8df86a308d480e89105be202d464.cloudfront.net (CloudFront)
last-modified
Mon, 06 May 2024 14:17:45 GMT
server
nginx
x-amz-cf-pop
DUB56-P2
age
8991
etag
"3d1e0bdf14157bf738cd99b73a15d0cb"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
6030833
x-amz-cf-id
USN24RbeFuUmcU1ZYe7VJDua5UN63wjD6KIhcL9vJ5bz9babm3pSKQ==
collect
www.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-EWLQBEV7QL&gtm=45je4580v889964335za200&_p=1715375198097&gcd=13l3l3l3l1&npa=0&dma=0&cid=951011398.1715375198&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715375198&sct=1&seg=0&dl=https%3A%2F%2Fmy.openappsec.io%2F&dt=open-appsec&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=752
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EWLQBEV7QL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.openappsec.io/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 21:06:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://my.openappsec.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		3 KB
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.openappsec.io/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 May 2024 21:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 May 2024 20:09:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 May 2024 21:06:39 GMT
Primary Request login
auth.openappsec.io/u/
Redirect Chain
  • https://auth.openappsec.io/authorize?audience=https%3A%2F%2Fprod-inext-api-gateway.com&client_id=1Qxf4S5jOWhpIebpcuSKz7Ewp17fcs3r&redirect_uri=https%3A%2F%2Fmy.openappsec.io%2F&screen_hint=login&sc...
  • https://auth.openappsec.io/u/login?state=hKFo2SBkSnFYRFYxNjhRRWpLVW51MUhIVGxyUk5CbWRWQlhqQ6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIERUQUFLUkk1LXRSNFRldkt2OU8zQ2lpVmM2b3JTM3R4o2NpZNkgMVF4ZjRTNWpPV2hwSWVicGN1...
35 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.openappsec.io/u/login?state=hKFo2SBkSnFYRFYxNjhRRWpLVW51MUhIVGxyUk5CbWRWQlhqQ6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIERUQUFLUkk1LXRSNFRldkt2OU8zQ2lpVmM2b3JTM3R4o2NpZNkgMVF4ZjRTNWpPV2hwSWVicGN1U0t6N0V3cDE3ZmNzM3I
Requested by
Host: my.openappsec.io
URL: https://my.openappsec.io/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.155.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-155-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
451ac19e320e38270d12f1233d179fff6e826992c12850fa16e32c89fb3650a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://my.openappsec.io/#/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
881ce4f7af065709-DUB
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 10 May 2024 21:06:40 GMT
etag
W/"8a0e-zaImyK5L/YDx4+Nm4VJT7m4UZ3A"
expires
Fri, 10 May 2024 21:06:40 GMT
pragma
no-cache
referrer-policy
same-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-requestid
a75c1a3367f2eef63e75
x-content-type-options
nosniff
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1715375207
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
881ce4f5aa845703-DUB
content-length
424
content-type
text/html; charset=utf-8
date
Fri, 10 May 2024 21:06:39 GMT
location
/u/login?state=hKFo2SBkSnFYRFYxNjhRRWpLVW51MUhIVGxyUk5CbWRWQlhqQ6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIERUQUFLUkk1LXRSNFRldkt2OU8zQ2lpVmM2b3JTM3R4o2NpZNkgMVF4ZjRTNWpPV2hwSWVicGN1U0t6N0V3cDE3ZmNzM3I
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-requestid
1369a715b682fc5ca1ca
x-content-type-options
nosniff
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1715375200
collect
www.google-analytics.com/g/ 		0
0
collect
www.google-analytics.com/g/ 		0
0
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.93.19/css/ 		273 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/ulp/react-components/1.93.19/css/main.cdn.min.css
Requested by
Host: auth.openappsec.io
URL: https://auth.openappsec.io/u/login?state=hKFo2SBkSnFYRFYxNjhRRWpLVW51MUhIVGxyUk5CbWRWQlhqQ6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIERUQUFLUkk1LXRSNFRldkt2OU8zQ2lpVmM2b3JTM3R4o2NpZNkgMVF4ZjRTNWpPV2hwSWVicGN1U0t6N0V3cDE3ZmNzM3I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.107.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-107-47.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9a6f37d17a8993853094d5f87ca5c188ade95d355656650c40be5f1fae9f368
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
jh5Z5O0k_c4deeOWhH.bcyEGgAKrrC80
content-encoding
gzip
via
1.1 578ec28f8e6f7c6503e2a4d2ab7532a2.cloudfront.net (CloudFront)
date
Fri, 10 May 2024 15:31:25 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
JFK50-P6
age
20116
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
last-modified
Wed, 01 May 2024 15:58:09 GMT
server
AmazonS3
etag
W/"bdc86ec677c2d46e26013f9ec54fd70a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
x-robots-tag
noindex
x-amz-cf-id
rlNt5Xl1edguNimB-Y4EsOdwlxux-6vj_4eXwGdX5tCRhr0ixAiW5w==
tree-no-bg-256.png
i2-s3-ui-static-content-prod-10.s3.eu-west-1.amazonaws.com/elpis/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2-s3-ui-static-content-prod-10.s3.eu-west-1.amazonaws.com/elpis/tree-no-bg-256.png
Requested by
Host: auth.openappsec.io
URL: https://auth.openappsec.io/u/login?state=hKFo2SBkSnFYRFYxNjhRRWpLVW51MUhIVGxyUk5CbWRWQlhqQ6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIERUQUFLUkk1LXRSNFRldkt2OU8zQ2lpVmM2b3JTM3R4o2NpZNkgMVF4ZjRTNWpPV2hwSWVicGN1U0t6N0V3cDE3ZmNzM3I
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.92.16.58 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8f15a23bb3c0b22a23413f058ee448f94cd8947931a8f6f9946597597cb4d44c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 21:06:41 GMT
Last-Modified
Sun, 28 Aug 2022 23:00:17 GMT
Server
AmazonS3
x-amz-request-id
CAKA61EXB695603S
ETag
"6de6edeceff0759a42db0b81701d19a6"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
13992
x-amz-id-2
GxXur4IDARKs3RVgHJYjxmWo2IUSeWuk1JghqI9sLbQE/ZQiXteIDGzHpKSD04A2SDwXrVUWJhI=
truncated
/ 		650 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

Referer
Origin
https://auth.openappsec.io
Accept-Language
en-CA,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		688 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd0c91dae3964654557348546b167581cdac13a2e00555b3c5b73e0981d4b165

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		829 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
398694b37a019361e5ef43115595c5ef1612104be4bd5341e5096f33a787d9ee

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
favicon.ico
auth.openappsec.io/ 		9 B
565 B 		Other
General
Check archive.org
Download Go to
Full URL
https://auth.openappsec.io/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.155.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-155-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://auth.openappsec.io/u/login?state=hKFo2SBkSnFYRFYxNjhRRWpLVW51MUhIVGxyUk5CbWRWQlhqQ6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIERUQUFLUkk1LXRSNFRldkt2OU8zQ2lpVmM2b3JTM3R4o2NpZNkgMVF4ZjRTNWpPV2hwSWVicGN1U0t6N0V3cDE3ZmNzM3I
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:06:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-auth0-not-found
1
cf-cache-status
EXPIRED
x-auth0-requestid
474a235618c8949abca5
x-content-type-options
nosniff
etag
W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
cache-control
public, max-age=300
access-control-allow-credentials
true
cf-ray
881ce4fc8ac81b74-DUB
alt-svc
h3=":443"; ma=86400
content-length
9

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-EWLQBEV7QL&gtm=45je4580v889964335za200&_p=1715375198097&gcd=13l3l3l3l1&npa=0&dma=0&cid=951011398.1715375198&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1715375198&sct=1&seg=0&dl=https%3A%2F%2Fmy.openappsec.io%2F&dt=open-appsec&en=scroll&epn.percent_scrolled=90&_et=7&tfd=2775
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-EWLQBEV7QL&gtm=45je4580v889964335za200&_p=1715375198097&gcd=13l3l3l3l1&npa=0&dma=0&cid=951011398.1715375198&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=3&sid=1715375198&sct=1&seg=0&dl=https%3A%2F%2Fmy.openappsec.io%2F&dt=open-appsec&en=user_engagement&_et=2008&tfd=2776

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ulpFlags

6 Cookies

Domain/Path Name / Value
.openappsec.io/ Name: _ga
Value: GA1.1.951011398.1715375198
auth.openappsec.io/ Name: did
Value: s%3Av0%3A31dbbe00-0f11-11ef-9fb0-8783887e6d5d.YeOS7QLzojH7cnOd4rl5dqxdHWpILfqhrFSdPpQUpyc
auth.openappsec.io/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQMDez0QVZbHx-w61zUqx_mWZgesceUmR-RVLNBv2AFo6QSWqjOOpgAIyyRT0bh82_jcolgKVVMlwBDrFPboRMdemY29va2llg6dleHBpcmVz1_-7oqsAZkKA365vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.nw26lIF3kOE76sP5eKZp8o8k33gytcEC2ksnsk8ZQGo
auth.openappsec.io/ Name: did_compat
Value: s%3Av0%3A31dbbe00-0f11-11ef-9fb0-8783887e6d5d.YeOS7QLzojH7cnOd4rl5dqxdHWpILfqhrFSdPpQUpyc
auth.openappsec.io/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQMDez0QVZbHx-w61zUqx_mWZgesceUmR-RVLNBv2AFo6QSWqjOOpgAIyyRT0bh82_jcolgKVVMlwBDrFPboRMdemY29va2llg6dleHBpcmVz1_-7oqsAZkKA365vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.nw26lIF3kOE76sP5eKZp8o8k33gytcEC2ksnsk8ZQGo
.openappsec.io/ Name: _ga_EWLQBEV7QL
Value: GS1.1.1715375198.1.0.1715375200.0.0.0

1 Console Messages

Source Level URL
Text
network error URL: https://auth.openappsec.io/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()