login.vaultintel.com Open in urlscan Pro
13.72.225.236 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%...
Submission: On September 10 via manual (September 10th 2021, 3:42:24 am UTC) from AU — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 13.72.225.236, located in Sydney, Australia and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.vaultintel.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 7th 2021. Valid for: a year.

This is the only time login.vaultintel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	13.72.225.236 13.72.225.236		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.74.10 142.250.74.10		15169 (GOOGLE) (GOOGLE)
1	142.250.74.67 142.250.74.67		15169 (GOOGLE) (GOOGLE)
11	3

9 13.72.225.236 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.vaultintel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.10 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s21-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.67 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s23-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	vaultintel.com login.vaultintel.com	186 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	googleapis.com fonts.googleapis.com	932 B
11	3

	Domain	Requested by
9	login.vaultintel.com	login.vaultintel.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	login.vaultintel.com
11	3

This site contains no links.

Subject Issuer	Validity	Valid
*.vaultintel.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-07` - `2022-04-07`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
Frame ID: 2F29F47691D1D53DC41E172AF665CC50
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Damstra Login

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

218 kB
Transfer

699 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
login.vaultintel.com/ 11 KB
4 KB 1114ms
543ms Document
text/html 13.72.225.236
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.72.225.236 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/7.1.5
Resource Hash: 250c54c7af2432b64f1a8b7976cf246a9fe0d7601ba7caaba3641d1874d10c65

Request headers

:method: GET
:authority: login.vaultintel.com
:scheme: https
:path: /?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: gzip
expires: Thu, 19 Nov 1981 08:52:00 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.1.5
set-cookie: PHPSESSID=2douahnderbl4vkp9unl7con78; path=/
vserver: 01
date: Fri, 10 Sep 2021 03:42:14 GMT
content-length: 3766

GET
H2 200 jquery-2.1.1.min.js Show response
login.vaultintel.com/js/libs/ 82 KB
29 KB 277ms
275ms Script
application/javascript 13.72.225.236
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.vaultintel.com/js/libs/jquery-2.1.1.min.js?v=2021091003
Requested by: Host: login.vaultintel.com
URL: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.72.225.236 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204

Request headers

:path: /js/libs/jquery-2.1.1.min.js?v=2021091003
pragma: no-cache
cookie: PHPSESSID=2douahnderbl4vkp9unl7con78
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.vaultintel.com
referer: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 03:42:14 GMT
content-encoding: gzip
last-modified: Tue, 09 Jul 2019 01:49:08 GMT
server: Microsoft-IIS/10.0
etag: "0823a7ff835d51:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 29569
vserver: 01

GET
H2 200 jquery-ui-1.10.3.min.js Show response
login.vaultintel.com/js/libs/ 223 KB
59 KB 548ms
546ms Script
application/javascript 13.72.225.236
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.vaultintel.com/js/libs/jquery-ui-1.10.3.min.js?v=2021091003
Requested by: Host: login.vaultintel.com
URL: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.72.225.236 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 80f0b48433481a3bfce324a74412f878a0e45a86f98986c478fa719c4dcec01c

Request headers

:path: /js/libs/jquery-ui-1.10.3.min.js?v=2021091003
pragma: no-cache
cookie: PHPSESSID=2douahnderbl4vkp9unl7con78
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.vaultintel.com
referer: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 03:42:14 GMT
content-encoding: gzip
last-modified: Tue, 09 Jul 2019 01:49:08 GMT
server: Microsoft-IIS/10.0
etag: "0823a7ff835d51:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 60663
vserver: 01

GET
H2 200 bootstrap.min.css
login.vaultintel.com/css/ 230 KB
37 KB 820ms
818ms Stylesheet
text/css 13.72.225.236
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.vaultintel.com/css/bootstrap.min.css
Requested by: Host: login.vaultintel.com
URL: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.72.225.236 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 57f4ce4c56150cf473f368caae06be51371ee574b5f643d95ee205e25ef2ca23

Request headers

:path: /css/bootstrap.min.css
pragma: no-cache
cookie: PHPSESSID=2douahnderbl4vkp9unl7con78
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.vaultintel.com
referer: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 03:42:14 GMT
content-encoding: gzip
last-modified: Tue, 09 Jul 2019 01:49:08 GMT
server: Microsoft-IIS/10.0
etag: "0823a7ff835d51:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 38279
vserver: 01

GET
H2 200 font-awesome.min.css
login.vaultintel.com/css/ 27 KB
6 KB 546ms
545ms Stylesheet
text/css 13.72.225.236
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.vaultintel.com/css/font-awesome.min.css
Requested by: Host: login.vaultintel.com
URL: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.72.225.236 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 16974ab980f19ffd933a3b2de0004a7520acb42863e92c069dd85c5d17397553

Request headers

:path: /css/font-awesome.min.css
pragma: no-cache
cookie: PHPSESSID=2douahnderbl4vkp9unl7con78
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.vaultintel.com
referer: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 03:42:14 GMT
content-encoding: gzip
last-modified: Tue, 09 Jul 2019 01:49:08 GMT
server: Microsoft-IIS/10.0
etag: "0823a7ff835d51:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 6205
vserver: 01

GET
H2 200 jquery.validate.min.js Show response
login.vaultintel.com/js/plugin/jquery-validate/ 21 KB
7 KB 822ms
820ms Script
application/javascript 13.72.225.236
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.vaultintel.com/js/plugin/jquery-validate/jquery.validate.min.js?v=
Requested by: Host: login.vaultintel.com
URL: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.72.225.236 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ed02d6499e8f84614fdbd922735a410359d7fad9f3619f7eba23ceab2f8392db

Request headers

:path: /js/plugin/jquery-validate/jquery.validate.min.js?v=
pragma: no-cache
cookie: PHPSESSID=2douahnderbl4vkp9unl7con78
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.vaultintel.com
referer: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 03:42:14 GMT
content-encoding: gzip
last-modified: Tue, 09 Jul 2019 01:49:08 GMT
server: Microsoft-IIS/10.0
etag: "0823a7ff835d51:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6840
vserver: 01

GET
H2 200 css
fonts.googleapis.com/ 2 KB
932 B 170ms
59ms Stylesheet
text/css 142.250.74.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,600&display=swap

Requested by

Host: login.vaultintel.com
URL: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s21-in-f10.1e100.net

Software

ESF /

Resource Hash

c78c71f96b51896e53e4652d3f2e62b233d08474a2e2bc39eb9cb47acc19f67d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.vaultintel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 03:42:19 GMT
server: ESF
date: Fri, 10 Sep 2021 03:42:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Sep 2021 03:42:19 GMT

GET
H2 200 login.css
login.vaultintel.com/css/ 3 KB
1 KB 818ms
817ms Stylesheet
text/css 13.72.225.236
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.vaultintel.com/css/login.css
Requested by: Host: login.vaultintel.com
URL: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.72.225.236 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 59a9dc2cf81d1bb67d1a257193134ba41b839a021e3844a791eb82053b578d43

Request headers

:path: /css/login.css
pragma: no-cache
cookie: PHPSESSID=2douahnderbl4vkp9unl7con78
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.vaultintel.com
referer: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 03:42:14 GMT
content-encoding: gzip
last-modified: Wed, 17 Mar 2021 07:01:33 GMT
server: Microsoft-IIS/10.0
etag: "8044fe5cfb1ad71:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 968
vserver: 01

GET
H2 200 bootstrap.min.js Show response
login.vaultintel.com/js/bootstrap/ 36 KB
10 KB 1084ms
1083ms Script
application/javascript 13.72.225.236
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.vaultintel.com/js/bootstrap/bootstrap.min.js
Requested by: Host: login.vaultintel.com
URL: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.72.225.236 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 64ce2bdd6671685f2827543b378f8cded8d522310d35b4bf0d99e551233c380f

Request headers

:path: /js/bootstrap/bootstrap.min.js
pragma: no-cache
cookie: PHPSESSID=2douahnderbl4vkp9unl7con78
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.vaultintel.com
referer: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 03:42:14 GMT
content-encoding: gzip
last-modified: Tue, 09 Jul 2019 01:49:08 GMT
server: Microsoft-IIS/10.0
etag: "0823a7ff835d51:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 9822
vserver: 01

GET
H2 200 Damstra_logo_white.png
login.vaultintel.com/img/ 33 KB
33 KB 274ms
274ms Image
image/png 13.72.225.236
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.vaultintel.com/img/Damstra_logo_white.png
Requested by: Host: login.vaultintel.com
URL: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.72.225.236 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 6820b28ef66060a084953ac9be969f98bb53e40c0fc9ff8545fe7d33895bd9d9

Request headers

:path: /img/Damstra_logo_white.png
pragma: no-cache
cookie: PHPSESSID=2douahnderbl4vkp9unl7con78
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: login.vaultintel.com
referer: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://login.vaultintel.com/?pass=%242y%2410%24PgKRwTxz89XNmtoYNMjw%2FeVtEEP5APSM3IKppdrFi%2Fr2Kyusq.g%2F.&username=abc.def%40suncorp.com.au&cid=34CF29F3-53A9-435F-8400-8D9C2D328E1C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 03:42:15 GMT
vserver: 01
last-modified: Wed, 17 Mar 2021 07:01:33 GMT
server: Microsoft-IIS/10.0
etag: "2867685dfb1ad71:0"
content-type: image/png
accept-ranges: bytes
content-length: 33549

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ 30 KB
31 KB 168ms
51ms Font
font/woff2 142.250.74.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,600&display=swap

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://login.vaultintel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 15:25:20 GMT
x-content-type-options: nosniff
age: 217020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 15:25:20 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| pagespeed function| processkeys

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			login.vaultintel.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2douahnderbl4vkp9unl7con78

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
login.vaultintel.com
13.72.225.236
142.250.74.10
142.250.74.67
16974ab980f19ffd933a3b2de0004a7520acb42863e92c069dd85c5d17397553
250c54c7af2432b64f1a8b7976cf246a9fe0d7601ba7caaba3641d1874d10c65
57f4ce4c56150cf473f368caae06be51371ee574b5f643d95ee205e25ef2ca23
59a9dc2cf81d1bb67d1a257193134ba41b839a021e3844a791eb82053b578d43
64ce2bdd6671685f2827543b378f8cded8d522310d35b4bf0d99e551233c380f
6820b28ef66060a084953ac9be969f98bb53e40c0fc9ff8545fe7d33895bd9d9
80f0b48433481a3bfce324a74412f878a0e45a86f98986c478fa719c4dcec01c
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
c78c71f96b51896e53e4652d3f2e62b233d08474a2e2bc39eb9cb47acc19f67d
ed02d6499e8f84614fdbd922735a410359d7fad9f3619f7eba23ceab2f8392db