azapp-viw-web-uat-staging.azurewebsites.net Open in urlscan Pro
52.162.107.8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch
Submission: On October 23 via manual (October 23rd 2023, 5:29:17 pm UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 14 HTTP transactions. The main IP is 52.162.107.8, located in Chicago, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is azapp-viw-web-uat-staging.azurewebsites.net.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 01 on August 1st 2023. Valid for: a year.

This is the only time azapp-viw-web-uat-staging.azurewebsites.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	52.162.107.8 52.162.107.8	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
14	3

11 52.162.107.8 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

azapp-viw-web-uat-staging.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	azurewebsites.net azapp-viw-web-uat-staging.azurewebsites.net	245 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
0	googletagmanager.com Failed www.googletagmanager.com Failed
14	3

	Domain	Requested by
11	azapp-viw-web-uat-staging.azurewebsites.net	azapp-viw-web-uat-staging.azurewebsites.net
2	www.google-analytics.com	azapp-viw-web-uat-staging.azurewebsites.net www.google-analytics.com
0	www.googletagmanager.com Failed	www.google-analytics.com
14	3

This site contains links to these domains. Also see Links.

Domain
www.ally.com

Subject Issuer	Validity	Valid
*.azurewebsites.net Microsoft Azure TLS Issuing CA 01	`2023-08-01` - `2024-06-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch
Frame ID: 91D92A5208B5923B2C32814AE939F844
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vehicle Inspection Search

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

14
Requests

93 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

266 kB
Transfer

694 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ally.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request CustomerSearch Show response
azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/ 6 KB
4 KB 445ms
118ms Document
text/html 52.162.107.8
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.107.8 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a478c43b91d8cca2b00e246cee17735e8607f7adccc36f9f0a4ae0fed5c1d6c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' .smartauctionlogin.com .smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store,no-cache
content-encoding: gzip
content-security-policy: default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' *.smartauctionlogin.com *.smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
content-type: text/html; charset=utf-8
date: Mon, 23 Oct 2023 17:29:11 GMT
pragma: no-cache
request-context: appId=cid-v1:0b817ea7-a0d2-4401-8f74-efc102d56d1c
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

GET
H2 200 jquery-ui.css
azapp-viw-web-uat-staging.azurewebsites.net/lib/jqueryui/ 38 KB
11 KB 197ms
195ms Stylesheet
text/css 52.162.107.8
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://azapp-viw-web-uat-staging.azurewebsites.net/lib/jqueryui/jquery-ui.css

Requested by

Host: azapp-viw-web-uat-staging.azurewebsites.net
URL: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.107.8 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

dd06fef6b720110a47b58b60fc648e9d1927e475f1bf7172c709e51a985212fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' .smartauctionlogin.com .smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 17:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Mon, 23 Oct 2023 14:47:34 GMT
server: Microsoft-IIS/10.0
content-security-policy: default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' *.smartauctionlogin.com *.smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
etag: "1da05bfdb7a51ee"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:0b817ea7-a0d2-4401-8f74-efc102d56d1c

GET
H2 200 bundle-vendor-top.min.js Show response
azapp-viw-web-uat-staging.azurewebsites.net/js/ 97 KB
43 KB 309ms
308ms Script
application/javascript 52.162.107.8
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://azapp-viw-web-uat-staging.azurewebsites.net/js/bundle-vendor-top.min.js?v=er9rnVRkNIOoRExjrVYWgkAJIRsGwuQ0MzxPuDD1bW4

Requested by

Host: azapp-viw-web-uat-staging.azurewebsites.net
URL: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.107.8 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7abf6b9d54643483a8444c63ad5616824009211b06c2e434333c4fb830f56d6e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' .smartauctionlogin.com .smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 17:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Mon, 23 Oct 2023 14:53:58 GMT
server: Microsoft-IIS/10.0
content-security-policy: default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' *.smartauctionlogin.com *.smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
etag: "1da05c0c05d04a1"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:0b817ea7-a0d2-4401-8f74-efc102d56d1c

GET
H2 200 bundle-viw-all.min.css
azapp-viw-web-uat-staging.azurewebsites.net/css/ 54 KB
13 KB 198ms
197ms Stylesheet
text/css 52.162.107.8
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://azapp-viw-web-uat-staging.azurewebsites.net/css/bundle-viw-all.min.css?v=XV3w_dUC0_1kfJPM_HTDU-OoXGzMerj9yMvB0-brnKc

Requested by

Host: azapp-viw-web-uat-staging.azurewebsites.net
URL: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.107.8 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5d5df0fdd502d3fd647c93ccfc74c353e3a85c6ccc7ab8fdc8cbc1d3e6eb9ca7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' .smartauctionlogin.com .smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 17:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Mon, 23 Oct 2023 14:53:58 GMT
server: Microsoft-IIS/10.0
content-security-policy: default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' *.smartauctionlogin.com *.smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
etag: "1da05c0c05c5eca"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:0b817ea7-a0d2-4401-8f74-efc102d56d1c

GET
H2 200 google-analytics Show response
azapp-viw-web-uat-staging.azurewebsites.net/js/ 459 B
542 B 167ms
166ms Script
text/javascript 52.162.107.8
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://azapp-viw-web-uat-staging.azurewebsites.net/js/google-analytics

Requested by

Host: azapp-viw-web-uat-staging.azurewebsites.net
URL: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.107.8 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

aa96cf438ce900d038aa12a060302f162b0cae58c424d316aba0ad12c7da451a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' .smartauctionlogin.com .smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 17:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
server: Microsoft-IIS/10.0
content-security-policy: default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' *.smartauctionlogin.com *.smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
content-type: text/javascript
cache-control: no-store
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:0b817ea7-a0d2-4401-8f74-efc102d56d1c

GET
H2 200 ally_logo.gif
azapp-viw-web-uat-staging.azurewebsites.net/img/ 2 KB
2 KB 189ms
188ms Image
image/gif 52.162.107.8
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://azapp-viw-web-uat-staging.azurewebsites.net/img/ally_logo.gif

Requested by

Host: azapp-viw-web-uat-staging.azurewebsites.net
URL: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.107.8 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f604eadf23cd8edf636af38a1df20e38ef51eebcccb329a67323a65f30835b36

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' .smartauctionlogin.com .smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 17:29:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' *.smartauctionlogin.com *.smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
last-modified: Mon, 23 Oct 2023 14:47:34 GMT
server: Microsoft-IIS/10.0
etag: "1da05bfdb7ac099"
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
content-type: image/gif
accept-ranges: bytes
content-length: 1945
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:0b817ea7-a0d2-4401-8f74-efc102d56d1c

GET
H2 200 bundle-vendor-bottom.min.js Show response
azapp-viw-web-uat-staging.azurewebsites.net/js/ 432 KB
164 KB 418ms
417ms Script
application/javascript 52.162.107.8
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://azapp-viw-web-uat-staging.azurewebsites.net/js/bundle-vendor-bottom.min.js?v=1KFSFyEgXzMlYc8mAzpdmYG1Ph6qXfRf7EvcgFxWbmk

Requested by

Host: azapp-viw-web-uat-staging.azurewebsites.net
URL: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.107.8 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d4a1521721205f332561cf26033a5d9981b53e1eaa5df45fec4bdc805c566e69

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' .smartauctionlogin.com .smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 17:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Mon, 23 Oct 2023 14:53:58 GMT
server: Microsoft-IIS/10.0
content-security-policy: default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' *.smartauctionlogin.com *.smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
etag: "1da05c0c05a399c"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:0b817ea7-a0d2-4401-8f74-efc102d56d1c

GET
H2 200 bundle-viw-common-bottom.min.js Show response
azapp-viw-web-uat-staging.azurewebsites.net/js/ 11 KB
5 KB 345ms
345ms Script
application/javascript 52.162.107.8
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://azapp-viw-web-uat-staging.azurewebsites.net/js/bundle-viw-common-bottom.min.js?v=khbaABXGwWt4xZzl2A2yRwPkJHoBj4peeRO_DImuIEg

Requested by

Host: azapp-viw-web-uat-staging.azurewebsites.net
URL: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.107.8 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

9216da0015c6c16b78c59ce5d80db24703e4247a018f8a5e7913bf0c89ae2048

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' .smartauctionlogin.com .smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 17:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Mon, 23 Oct 2023 14:53:58 GMT
server: Microsoft-IIS/10.0
content-security-policy: default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' *.smartauctionlogin.com *.smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
etag: "1da05c0c05cac5c"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:0b817ea7-a0d2-4401-8f74-efc102d56d1c

GET
H2 200 customer-search.js Show response
azapp-viw-web-uat-staging.azurewebsites.net/js/inspection/inspectionReport/ 1 KB
622 B 153ms
152ms Script
application/javascript 52.162.107.8
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://azapp-viw-web-uat-staging.azurewebsites.net/js/inspection/inspectionReport/customer-search.js?v=N7MYsruhF42YUJCKR_fw2IPKjrzaFDN1CN78h42BMmk

Requested by

Host: azapp-viw-web-uat-staging.azurewebsites.net
URL: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.107.8 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

bb538124d3e88ecf1535f79269b348634c140130ed0aa81816691ea0bd4348c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' .smartauctionlogin.com .smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 17:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Mon, 23 Oct 2023 14:47:34 GMT
server: Microsoft-IIS/10.0
content-security-policy: default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' *.smartauctionlogin.com *.smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
etag: "1da05bfdb7ac30c"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:0b817ea7-a0d2-4401-8f74-efc102d56d1c

GET
H2 200 quick-links.js Show response
azapp-viw-web-uat-staging.azurewebsites.net/js/ 1 KB
704 B 149ms
149ms Script
application/javascript 52.162.107.8
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://azapp-viw-web-uat-staging.azurewebsites.net/js/quick-links.js?v=DmyfSmpPiCZEjj4UsO0nubRLCqU5ciqS4F-vCxTAS_8

Requested by

Host: azapp-viw-web-uat-staging.azurewebsites.net
URL: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.107.8 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

739e0b16bef96b120cbf6ee07f8ef16944f2b0c762d5b21ccf7539ae59814a96

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' .smartauctionlogin.com .smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://azapp-viw-web-uat-staging.azurewebsites.net/Inspection/Report/CustomerSearch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 17:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Mon, 23 Oct 2023 14:47:34 GMT
server: Microsoft-IIS/10.0
content-security-policy: default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' *.smartauctionlogin.com *.smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
etag: "1da05bfdb7ac26b"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:0b817ea7-a0d2-4401-8f74-efc102d56d1c

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 46ms
14ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: azapp-viw-web-uat-staging.azurewebsites.net
URL: https://azapp-viw-web-uat-staging.azurewebsites.net/js/google-analytics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://azapp-viw-web-uat-staging.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 23 Oct 2023 16:11:04 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4688
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 23 Oct 2023 18:11:04 GMT

GET
H2 200 report-detail-bg.gif
azapp-viw-web-uat-staging.azurewebsites.net/img/ 204 B
269 B 148ms
147ms Image
image/gif 52.162.107.8
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://azapp-viw-web-uat-staging.azurewebsites.net/img/report-detail-bg.gif

Requested by

Host: azapp-viw-web-uat-staging.azurewebsites.net
URL: https://azapp-viw-web-uat-staging.azurewebsites.net/css/bundle-viw-all.min.css?v=XV3w_dUC0_1kfJPM_HTDU-OoXGzMerj9yMvB0-brnKc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.107.8 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

cd44ba2959a7e73fecb60b75616b231d4c4bd1888b6939861d60bda29bcf0f71

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' .smartauctionlogin.com .smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://azapp-viw-web-uat-staging.azurewebsites.net/css/bundle-viw-all.min.css?v=XV3w_dUC0_1kfJPM_HTDU-OoXGzMerj9yMvB0-brnKc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 17:29:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' *.smartauctionlogin.com *.smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
last-modified: Mon, 23 Oct 2023 14:47:34 GMT
server: Microsoft-IIS/10.0
etag: "1da05bfdb7ac7cc"
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
content-type: image/gif
accept-ranges: bytes
content-length: 204
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:0b817ea7-a0d2-4401-8f74-efc102d56d1c

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
241 B 18ms
17ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1904881616&t=pageview&_s=1&dl=https%3A%2F%2Fazapp-viw-web-uat-staging.azurewebsites.net%2FInspection%2FReport%2FCustomerSearch&ul=en-us&de=UTF-8&dt=Vehicle%20Inspection%20Search&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1066714842&gjid=372828848&cid=1043595305.1698082153&tid=UA-41995618-1&_gid=662745803.1698082153&_r=1&_slc=1&z=1464090880

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9be18099d84d398256425e2f918e955ffb144b390d3c06ea23bf739301004147

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://azapp-viw-web-uat-staging.azurewebsites.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 17:29:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://azapp-viw-web-uat-staging.azurewebsites.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET js
www.googletagmanager.com/gtag/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XKC1173KZG&cx=c&_slc=1

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.azapp-viw-web-uat-staging.azurewebsites.net/	1970-01-21 01:17:22	Name: _ga Value: GA1.3.1043595305.1698082153
.azapp-viw-web-uat-staging.azurewebsites.net/	1970-01-20 15:42:48	Name: _gid Value: GA1.3.662745803.1698082153
.azapp-viw-web-uat-staging.azurewebsites.net/	1970-01-20 15:41:22	Name: _gat Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.google-analytics.com/analytics.js(Line 23) Message: Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-XKC1173KZG&cx=c&_slc=1' because it violates the following Content Security Policy directive: "script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'sha256-RTDWrDv9ynz0SJ872RVQzo/uFMulDUQy1DvbcnEb/Gs=' https://ssl.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com/ga.js blob:; img-src 'self' https://stimagesuatstage.blob.core.windows.net https://saimg.blob.core.windows.net https://az32078.vo.msecnd.net https://az391101.vo.msecnd.net https://ssl.google-analytics.com https://www.google-analytics.com blob: data:; style-src 'self' 'unsafe-inline' https://use.fontawesome.com; frame-src 'self'; frame-ancestors 'self' .smartauctionlogin.com .smartauctionhome.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://www.clearplay.com https://ssl.google-analytics.com; worker-src 'self'; connect-src 'self' https://azapp-viw-api-uat-1-staging.azurewebsites.net https://test.inspections.ally.com https://ssl.google-analytics.com https://www.google-analytics.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://sauat2.smartauctionlogin.com https://www.smartauctionlogin.com
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

azapp-viw-web-uat-staging.azurewebsites.net
www.google-analytics.com
www.googletagmanager.com
www.googletagmanager.com
2001:4860:4802:34::178
52.162.107.8
5d5df0fdd502d3fd647c93ccfc74c353e3a85c6ccc7ab8fdc8cbc1d3e6eb9ca7
739e0b16bef96b120cbf6ee07f8ef16944f2b0c762d5b21ccf7539ae59814a96
7abf6b9d54643483a8444c63ad5616824009211b06c2e434333c4fb830f56d6e
9216da0015c6c16b78c59ce5d80db24703e4247a018f8a5e7913bf0c89ae2048
9be18099d84d398256425e2f918e955ffb144b390d3c06ea23bf739301004147
a478c43b91d8cca2b00e246cee17735e8607f7adccc36f9f0a4ae0fed5c1d6c4
aa96cf438ce900d038aa12a060302f162b0cae58c424d316aba0ad12c7da451a
bb538124d3e88ecf1535f79269b348634c140130ed0aa81816691ea0bd4348c1
cd44ba2959a7e73fecb60b75616b231d4c4bd1888b6939861d60bda29bcf0f71
d4a1521721205f332561cf26033a5d9981b53e1eaa5df45fec4bdc805c566e69
dd06fef6b720110a47b58b60fc648e9d1927e475f1bf7172c709e51a985212fd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
f604eadf23cd8edf636af38a1df20e38ef51eebcccb329a67323a65f30835b36

azapp-viw-web-uat-staging.azurewebsites.net Open in urlscan Pro 52.162.107.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

266 kBTransfer

694 kBSize

3 Cookies

1 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

azapp-viw-web-uat-staging.azurewebsites.net Open in urlscan Pro
52.162.107.8 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

266 kB
Transfer

694 kB
Size

3
Cookies

14 HTTP transactions
0 data transactions