view.iffo.com Open in urlscan Pro
40.76.133.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://view.iffo.com/ZWPdvU
Effective URL:
https://view.iffo.com/SignIn/ZWPdvU
Submission: On March 25 via manual (March 25th 2024, 10:55:53 pm UTC) from IN — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 20 HTTP transactions. The main IP is 40.76.133.178, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is view.iffo.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 8th 2023. Valid for: a year.

This is the only time view.iffo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 21	40.76.133.178 40.76.133.178		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
20	2

21 40.76.133.178 (Washington, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

view.iffo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	iffo.com 1 redirects view.iffo.com	2 MB
20	1

	Domain	Requested by
21	view.iffo.com	1 redirects view.iffo.com
20	1

This site contains no links.

Subject Issuer	Validity	Valid
view.iffo.com Go Daddy Secure Certificate Authority - G2	`2023-09-08` - `2024-10-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://view.iffo.com/SignIn/ZWPdvU
Frame ID: FB506BF4C6B83D613BBBF9649F6DCF76
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In | WR11-2024

Page URL History Show full URLs

https://view.iffo.com/ZWPdvU HTTP 302
https://view.iffo.com/SignIn/ZWPdvU Page URL

Detected technologies

Materialize CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

materialize(?:\.min)?\.js

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

2155 kB
Transfer

5063 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://view.iffo.com/ZWPdvU HTTP 302
https://view.iffo.com/SignIn/ZWPdvU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ZWPdvU Show response
view.iffo.com/SignIn/
Redirect Chain

https://view.iffo.com/ZWPdvU
https://view.iffo.com/SignIn/ZWPdvU

2 MB
2 MB

149ms
149ms

Document
text/html

40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

08920f3e79b8aa99eb536f85348eaba52cb6dd7deb45e1977d3e2e08b3cdca4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private,private, max-age=0
content-encoding: gzip
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
content-type: text/html; charset=utf-8
date: Mon, 25 Mar 2024 22:55:46 GMT
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-machine: iis-lb-02
x-ua-compatible: IE=edge
x-xss-protection: 1;mode=block

Redirect headers

cache-control: private,private, max-age=0
content-length: 131
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
content-type: text/html; charset=utf-8
date: Mon, 25 Mar 2024 22:55:46 GMT
location: /SignIn/ZWPdvU
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-machine: iis-lb-02
x-ua-compatible: IE=edge
x-xss-protection: 1;mode=block

GET
H2 200 materialize.min.css
view.iffo.com/Static/Materialize/css/ 139 KB
21 KB 125ms
124ms Stylesheet
text/css 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/Static/Materialize/css/materialize.min.css?version=35

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3b079a3ff21ceabb15fa5cac7f24b887e2cceac470b8eddeb9361fafa335db88

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
date: Mon, 25 Mar 2024 22:55:47 GMT
content-length: 21501
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 11:54:16 GMT
etag: "0248e3bd6fda1:0"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
accept-ranges: bytes

GET
H2 200 materialdesignicons.css
view.iffo.com/Static/Materialize/css/ 99 KB
15 KB 126ms
125ms Stylesheet
text/css 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/Static/Materialize/css/materialdesignicons.css?version=35

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

772063f4567c6a830e7dc243a8cd9a15dbf7c26a088abb543540b6e4cee15a81

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
date: Mon, 25 Mar 2024 22:55:47 GMT
content-length: 15074
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 11:54:16 GMT
etag: "0248e3bd6fda1:0"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
accept-ranges: bytes

GET
H2 200 Portal.css
view.iffo.com/Static/StyleSheets/ 67 KB
12 KB 126ms
126ms Stylesheet
text/css 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/Static/StyleSheets/Portal.css?version=35

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

04da21ad6e65ca5f1fb264994b88424202f0f8cc89c4d8b8bbb397ddc1122857

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
date: Mon, 25 Mar 2024 22:55:47 GMT
content-length: 11987
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 11:54:23 GMT
etag: "8041ba7bd6fda1:0"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
accept-ranges: bytes

GET
H2 200 jquery-3.5.1.min.js Show response
view.iffo.com/Static/Scripts/ 87 KB
30 KB 127ms
127ms Script
application/javascript 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/Static/Scripts/jquery-3.5.1.min.js?version=35

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
date: Mon, 25 Mar 2024 22:55:47 GMT
content-length: 30981
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 11:54:23 GMT
etag: "8041ba7bd6fda1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
accept-ranges: bytes

GET
H2 200 materialize.js Show response
view.iffo.com/Static/Materialize/js/ 375 KB
70 KB 125ms
122ms Script
application/javascript 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/Static/Materialize/js/materialize.js?version=35

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

705a2e5506e4a65e2fdcaf02122aec02c2539df9190779636c0322d4cb1b17e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
date: Mon, 25 Mar 2024 22:55:47 GMT
content-length: 72003
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 11:54:16 GMT
etag: "0248e3bd6fda1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
accept-ranges: bytes

GET
H2 200 modernizr.custom.38341.js Show response
view.iffo.com/Static/Scripts/ 3 KB
2 KB 127ms
125ms Script
application/javascript 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/Static/Scripts/modernizr.custom.38341.js?version=35

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

662de50bd12149dd415eac229076543dc0452f3454ffb3b3066ff66d0c3a51e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
date: Mon, 25 Mar 2024 22:55:47 GMT
content-length: 1630
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 11:54:23 GMT
etag: "d49708bd6fda1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
accept-ranges: bytes

GET
H2 200 jsbn.js Show response
view.iffo.com/Static/Scripts/ 34 KB
10 KB 126ms
124ms Script
application/javascript 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/Static/Scripts/jsbn.js?version=35

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

58a7a2f5bed7a52bb7fde9a06a9bf1b4498b0289ed3673170ab58a8221c6406f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
date: Mon, 25 Mar 2024 22:55:47 GMT
content-length: 10104
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 11:54:23 GMT
etag: "8041ba7bd6fda1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
accept-ranges: bytes

GET
H2 200 rsa.js Show response
view.iffo.com/Static/Scripts/ 13 KB
3 KB 128ms
126ms Script
application/javascript 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/Static/Scripts/rsa.js?version=35

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

290306e28f60cebf0ea224808efbfaaac9938cf1878fbd44189e2289daabeb70

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
date: Mon, 25 Mar 2024 22:55:47 GMT
content-length: 3377
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 11:54:23 GMT
etag: "8041ba7bd6fda1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
accept-ranges: bytes

GET
H2 200 converter.js Show response
view.iffo.com/Static/Scripts/ 1 KB
716 B 128ms
127ms Script
application/javascript 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/Static/Scripts/converter.js?version=35

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

08f4d58039661dd52a6f06dcd415907397e4ddea8faa3bd7c3b9d7bc60c912f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
date: Mon, 25 Mar 2024 22:55:47 GMT
content-length: 652
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 11:54:23 GMT
etag: "736fee7bd6fda1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
accept-ranges: bytes

GET
H2 200 rc4.js Show response
view.iffo.com/Static/Scripts/ 2 KB
756 B 233ms
231ms Script
application/javascript 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/Static/Scripts/rc4.js?version=35

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c0653d1888cb6952cb8ad9768ebc7fbdb7be1b6cbf84429e32fa505976a1c7cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
date: Mon, 25 Mar 2024 22:55:47 GMT
content-length: 692
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 11:54:23 GMT
etag: "9e4718bd6fda1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
accept-ranges: bytes

GET
H2 200 underscore.js Show response
view.iffo.com/Static/Scripts/ 53 KB
15 KB 234ms
232ms Script
application/javascript 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/Static/Scripts/underscore.js?version=35

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

090a1ea13b0d719d185c347f3698723c7ec75f8492d5284e1e540f2d0a97b54b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
date: Mon, 25 Mar 2024 22:55:47 GMT
content-length: 14903
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 11:54:23 GMT
etag: "8041ba7bd6fda1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
accept-ranges: bytes

GET
H2 200 backbone.js Show response
view.iffo.com/Static/Scripts/ 72 KB
20 KB 234ms
232ms Script
application/javascript 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/Static/Scripts/backbone.js?version=35

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f1d12d1c09b0b70d59c44582411f1647b7dfa71d0429fd26e471d4532f099944

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
date: Mon, 25 Mar 2024 22:55:47 GMT
content-length: 20195
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 11:54:23 GMT
etag: "8041ba7bd6fda1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
accept-ranges: bytes

GET
H2 200 vitrium-lib.js Show response
view.iffo.com/Static/Scripts/ 78 KB
14 KB 235ms
233ms Script
application/javascript 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/Static/Scripts/vitrium-lib.js?version=35

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1784ada1b496f236f31e04221c0ecf0b3376f9a001c47b3f0f839d878d70f03c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
date: Mon, 25 Mar 2024 22:55:47 GMT
content-length: 13776
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 11:54:23 GMT
etag: "8041ba7bd6fda1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
accept-ranges: bytes

GET
H2 200 SignIn.js Show response
view.iffo.com/Static/Scripts/ 11 KB
3 KB 235ms
234ms Script
application/javascript 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/Static/Scripts/SignIn.js?version=35

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1faab9ea87a6eb23551f02aa1b9a205ee0f6a7d0687e2f9f4ddc4a2124dd9477

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
date: Mon, 25 Mar 2024 22:55:47 GMT
content-length: 3086
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 11:54:23 GMT
etag: "8041ba7bd6fda1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
accept-ranges: bytes

GET
H2 200 ZWPdvU Show response
view.iffo.com/lang/doc-ui/ 17 KB
7 KB 236ms
235ms Script
text/javascript 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/lang/doc-ui/ZWPdvU

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a3ade179bf16bc4a529c845ca7fdd81a9485fb8b0b1ec383cf2a0fdf3bc298d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
date: Mon, 25 Mar 2024 22:55:47 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: no-cache,private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge

GET
H2 200 SignIn.css
view.iffo.com/Static/StyleSheets/ 3 KB
1015 B 128ms
127ms Stylesheet
text/css 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/Static/StyleSheets/SignIn.css?version=35

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

90aad458bd7d7898050876f6b95ca2397c4738132a8cd2c3f9adb1a80b5bbd70

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
date: Mon, 25 Mar 2024 22:55:47 GMT
content-length: 966
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 11:54:23 GMT
etag: "8041ba7bd6fda1:0"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 29 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f8d370e3ec0a00a0466f01a23e783887ee507e0377b144efe784136ceae73f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 MB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7bc1da43416bafa010ac0105aa76dfc17056d815a2ffb74f6e9f7e94917617

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 materialdesignicons-webfont.woff2
view.iffo.com/Static/Materialize/fonts/ 97 KB
98 KB 123ms
123ms Font
application/font-woff2 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/Static/Materialize/fonts/materialdesignicons-webfont.woff2?v=1.8.36

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/Static/Materialize/css/materialdesignicons.css?version=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4ce10e24ee02c9e4e08f79885f0c5f955a266cf41eee5fa11c0404101d19feae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/Static/Materialize/css/materialdesignicons.css?version=35
Origin: https://view.iffo.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Wed, 06 Mar 2024 11:54:16 GMT
date: Mon, 25 Mar 2024 22:55:48 GMT
etag: "adeeef3bd6fda1:0"
content-type: application/font-woff2
cache-control: private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
accept-ranges: bytes
content-length: 99736
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge

GET
H2 200 favicon
view.iffo.com/api/doc/PORTAL_iffo/ 15 KB
15 KB 125ms
124ms Other
image/x-icon 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/api/doc/PORTAL_iffo/favicon?time=638470041473495375

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9800f7cdadfd5e5b7b3efb7aa8420dc81c575bea80c7142ecb5d5221fb742856

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
date: Mon, 25 Mar 2024 22:55:48 GMT
content-type: image/x-icon
cache-control: no-cache,private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
content-length: 15366
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge

GET
H2 200 thisiswebviewerV2.css
view.iffo.com/Static/PDFViewerUI/ 0
0 124ms
124ms Fetch
text/css 40.76.133.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.iffo.com/Static/PDFViewerUI/thisiswebviewerV2.css

Requested by

Host: view.iffo.com
URL: https://view.iffo.com/SignIn/ZWPdvU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.133.178 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://view.iffo.com/SignIn/ZWPdvU
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; form-action 'self' https://*.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://*.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://*.s3.amazonaws.com * blob:; connect-src 'self' https://*.s3.amazonaws.com * data: ws:; script-src 'self' https://*.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://*.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Wed, 06 Mar 2024 11:54:16 GMT
date: Mon, 25 Mar 2024 22:55:49 GMT
etag: "4eb11f4bd6fda1:0"
content-type: text/css
cache-control: private, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-machine: iis-lb-02
accept-ranges: bytes
content-length: 0
x-xss-protection: 1;mode=block
x-ua-compatible: IE=edge

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.iffo.com/	1970-01-21 04:59:27	Name: CID Value: yvspZPalDKRc6dt12s9cYWeAJp0vaejQaG6ZrSLsiFWU%2fznsPJuKoYXLm06e60FMR283StZpDDcNq9eEEfX0DU5arkpoANJE

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
recommendation	verbose	URL: https://view.iffo.com/SignIn/ZWPdvU Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; form-action 'self' https://.s3.amazonaws.com; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; style-src 'self' https://.s3.amazonaws.com 'unsafe-inline'; media-src 'self' https://.s3.amazonaws.com blob:; connect-src 'self' https://.s3.amazonaws.com data: ws:; script-src 'self' https://.s3.amazonaws.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://.s3.amazonaws.com data: blob:;font-src 'self' https://*.s3.amazonaws.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

view.iffo.com
40.76.133.178
04da21ad6e65ca5f1fb264994b88424202f0f8cc89c4d8b8bbb397ddc1122857
08920f3e79b8aa99eb536f85348eaba52cb6dd7deb45e1977d3e2e08b3cdca4f
08f4d58039661dd52a6f06dcd415907397e4ddea8faa3bd7c3b9d7bc60c912f4
090a1ea13b0d719d185c347f3698723c7ec75f8492d5284e1e540f2d0a97b54b
0f8d370e3ec0a00a0466f01a23e783887ee507e0377b144efe784136ceae73f3
1784ada1b496f236f31e04221c0ecf0b3376f9a001c47b3f0f839d878d70f03c
1faab9ea87a6eb23551f02aa1b9a205ee0f6a7d0687e2f9f4ddc4a2124dd9477
290306e28f60cebf0ea224808efbfaaac9938cf1878fbd44189e2289daabeb70
3b079a3ff21ceabb15fa5cac7f24b887e2cceac470b8eddeb9361fafa335db88
4ce10e24ee02c9e4e08f79885f0c5f955a266cf41eee5fa11c0404101d19feae
58a7a2f5bed7a52bb7fde9a06a9bf1b4498b0289ed3673170ab58a8221c6406f
662de50bd12149dd415eac229076543dc0452f3454ffb3b3066ff66d0c3a51e1
705a2e5506e4a65e2fdcaf02122aec02c2539df9190779636c0322d4cb1b17e1
772063f4567c6a830e7dc243a8cd9a15dbf7c26a088abb543540b6e4cee15a81
90aad458bd7d7898050876f6b95ca2397c4738132a8cd2c3f9adb1a80b5bbd70
9800f7cdadfd5e5b7b3efb7aa8420dc81c575bea80c7142ecb5d5221fb742856
a3ade179bf16bc4a529c845ca7fdd81a9485fb8b0b1ec383cf2a0fdf3bc298d5
aa7bc1da43416bafa010ac0105aa76dfc17056d815a2ffb74f6e9f7e94917617
c0653d1888cb6952cb8ad9768ebc7fbdb7be1b6cbf84429e32fa505976a1c7cb
f1d12d1c09b0b70d59c44582411f1647b7dfa71d0429fd26e471d4532f099944
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

view.iffo.com Open in urlscan Pro 40.76.133.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

2155 kBTransfer

5063 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

1 Cookies

8 Console Messages

Security Headers

Indicators

view.iffo.com Open in urlscan Pro
40.76.133.178 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

2155 kB
Transfer

5063 kB
Size

1
Cookies

20 HTTP transactions
2 data transactions