urlscan.io logo urlscan.io
SecurityTrails logo

oms-womensecretcl.azurewebsites.net Open in urlscan Pro
23.102.161.217  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://oms-womensecretcl.azurewebsites.net/
Effective URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Submission: On May 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 24 HTTP transactions. The main IP is 23.102.161.217, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is oms-womensecretcl.azurewebsites.net.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on March 13th 2024. Valid for: a year.
This is the only time oms-womensecretcl.azurewebsites.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 23.102.161.217 8075 (MICROSOFT...)
2 142.250.186.164 15169 (GOOGLE)
3 104.210.145.181 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
24 4
Apex Domain
Subdomains		 Transfer
22 azurewebsites.net
oms-womensecretcl.azurewebsites.net
fotos-womensecretcl.azurewebsites.net
347 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
884 B
1 gstatic.com
www.gstatic.com
201 KB
24 3
Domain Requested by
19 oms-womensecretcl.azurewebsites.net 1 redirects oms-womensecretcl.azurewebsites.net
3 fotos-womensecretcl.azurewebsites.net oms-womensecretcl.azurewebsites.net
2 www.google.com oms-womensecretcl.azurewebsites.net
www.gstatic.com
1 www.gstatic.com www.google.com
24 4

This site contains no links.

Subject Issuer Validity Valid
*.azurewebsites.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-03-13 -
2025-03-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Frame ID: 4A26FEF8034768C1DB817D1C1C02C817
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenvqsZAAAAAOdrr1U0brFu8XSgwbCluYuwAthd&co=aHR0cHM6Ly9vbXMtd29tZW5zZWNyZXRjbC5henVyZXdlYnNpdGVzLm5ldDo0NDM.&hl=de&v=WQcDpAcHn0sjM6ZiVkU8JwNH&size=invisible&cb=o0b4pyffdih1
Frame ID: 66DB960D8D728A418B5C881EAF698C53
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Women Secret CL

Page URL History Show full URLs

  1. https://oms-womensecretcl.azurewebsites.net/ HTTP 302
    https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

24
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

548 kB
Transfer

1375 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://oms-womensecretcl.azurewebsites.net/ HTTP 302
    https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request LogOn
oms-womensecretcl.azurewebsites.net/Home/
Redirect Chain
  • https://oms-womensecretcl.azurewebsites.net/
  • https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ed1a6d42e11fb7bf7e9a6019c3b1d6a750aee4504072b73b59656c2fefca8660
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private
content-encoding
gzip
content-length
4308
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 03 May 2024 10:05:53 GMT
expect-ct
max-age=7776000, enforce
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
referrer-policy
strict-origin-when-cross-origin
request-context
appId=cid-v1:813c1a28-c1f8-47e5-8f7e-2987fc35ffb5
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
private
content-length
142
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 03 May 2024 10:05:53 GMT
expect-ct
max-age=7776000, enforce
location
/Home/LogOn?ReturnUrl=%2f
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
referrer-policy
strict-origin-when-cross-origin
request-context
appId=cid-v1:813c1a28-c1f8-47e5-8f7e-2987fc35ffb5
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
jquery
oms-womensecretcl.azurewebsites.net/bundles/ 		98 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oms-womensecretcl.azurewebsites.net/bundles/jquery?v=Kbdis3NoCrZfV7Xi0J_XRXbB8VM7xjSeDkD16ugv6Ms1
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f892c337345d5461a1b5f1305ecfd313ab47ae626b56761824ab4882a08c39f6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
44883
x-xss-protection
1; mode=block
request-context
appId=cid-v1:813c1a28-c1f8-47e5-8f7e-2987fc35ffb5
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 10:05:53 GMT
cross-origin-opener-policy
same-origin
expect-ct
max-age=7776000, enforce
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
expires
Sat, 03 May 2025 10:05:53 GMT
jquery-bootstrap-3.3.5
oms-womensecretcl.azurewebsites.net/bundles/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oms-womensecretcl.azurewebsites.net/bundles/jquery-bootstrap-3.3.5?v=w0yDtvKAZWlUy-XT5NyYROLotC27w9V6oafgSM56J141
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
835b11ee8ff85e741e571bfda13625cca5103dbec4da53793cc974032bb50614
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
12799
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 10:05:53 GMT
cross-origin-opener-policy
same-origin
expect-ct
max-age=7776000, enforce
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
expires
Sat, 03 May 2025 10:05:53 GMT
jquery-framework
oms-womensecretcl.azurewebsites.net/bundles/ 		319 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oms-womensecretcl.azurewebsites.net/bundles/jquery-framework?v=KSTEZgheGVQOCKMLHM1QsfUMhtl06xOLfdxxL5LZTAQ1
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7d2e99e9476a2d94ba7cca038e298420d7ca27aac39f9d3cee11e335292f5ab4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
x-xss-protection
1; mode=block
request-context
appId=cid-v1:813c1a28-c1f8-47e5-8f7e-2987fc35ffb5
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 10:05:53 GMT
cross-origin-opener-policy
same-origin
expect-ct
max-age=7776000, enforce
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
expires
Sat, 03 May 2025 10:05:53 GMT
css-framework
oms-womensecretcl.azurewebsites.net/Content/ 		66 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oms-womensecretcl.azurewebsites.net/Content/css-framework?v=R58DReEOvxbzR31p8MdGzPO0bYhbpfm9l-rC9ui2KK41
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e15c2476c1700b506bdcfc44c65ea011f2edf7a2fb7db13e88540aa6a03fe12
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
19832
x-xss-protection
1; mode=block
request-context
appId=cid-v1:813c1a28-c1f8-47e5-8f7e-2987fc35ffb5
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 10:05:53 GMT
cross-origin-opener-policy
same-origin
expect-ct
max-age=7776000, enforce
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
expires
Sat, 03 May 2025 10:05:53 GMT
js-datepicker
oms-womensecretcl.azurewebsites.net/bundles/ 		54 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oms-womensecretcl.azurewebsites.net/bundles/js-datepicker?v=-zlID4xPfKAEAtQ1T7a-GULcT2WBIfZ7s59oCIzAGGI1
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
15eaf1173dc55279ed178a9ce1529d9b78e22dc584d98552d5f20741195b2b78
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
22155
x-xss-protection
1; mode=block
request-context
appId=cid-v1:813c1a28-c1f8-47e5-8f7e-2987fc35ffb5
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 10:05:53 GMT
cross-origin-opener-policy
same-origin
expect-ct
max-age=7776000, enforce
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
expires
Sat, 03 May 2025 10:05:53 GMT
js-mask-water-mark
oms-womensecretcl.azurewebsites.net/bundles/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oms-womensecretcl.azurewebsites.net/bundles/js-mask-water-mark?v=ccqmvkbUrZAoJXptGjMU-XuiwixyJLDxeTsqyN7WRz81
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1c1843896f7a48a5d881f7a8a1bda41fcb0935b7c4001c295d6b748d386c634a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
3744
x-xss-protection
1; mode=block
request-context
appId=cid-v1:813c1a28-c1f8-47e5-8f7e-2987fc35ffb5
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 10:05:53 GMT
cross-origin-opener-policy
same-origin
expect-ct
max-age=7776000, enforce
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
expires
Sat, 03 May 2025 10:05:53 GMT
js-rut
oms-womensecretcl.azurewebsites.net/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oms-womensecretcl.azurewebsites.net/bundles/js-rut?v=8t4cdsn5FV-N96UXN1grodYzOUf4W3WGtCH2aHmqE_81
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
77f3629adf6d3813f79a2d1cb0910824c8fe4d429c5604b38c7ba1f4a9cce75c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
1088
x-xss-protection
1; mode=block
request-context
appId=cid-v1:813c1a28-c1f8-47e5-8f7e-2987fc35ffb5
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 10:05:53 GMT
cross-origin-opener-policy
same-origin
expect-ct
max-age=7776000, enforce
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
expires
Sat, 03 May 2025 10:05:53 GMT
js-blockUI
oms-womensecretcl.azurewebsites.net/bundles/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oms-womensecretcl.azurewebsites.net/bundles/js-blockUI?v=JLPhDL52mGKipppCqvzU24r7_hogN_0AZ_fXWWLWEI81
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9626ec987acaf0df2e6963d3f2029540a71189636dc445b531b8711478000e32
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
4000
x-xss-protection
1; mode=block
request-context
appId=cid-v1:813c1a28-c1f8-47e5-8f7e-2987fc35ffb5
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 10:05:53 GMT
cross-origin-opener-policy
same-origin
expect-ct
max-age=7776000, enforce
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
expires
Sat, 03 May 2025 10:05:53 GMT
js-globalization
oms-womensecretcl.azurewebsites.net/bundles/ 		578 B
541 B 		Script
General
Check archive.org
Download Go to
Full URL
https://oms-womensecretcl.azurewebsites.net/bundles/js-globalization?v=eG2K_1JAO2cSITaYfra5EPxM_-RwSsGHE5EZdoUds1Y1
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8fd8b67af80fd474c63263b082355ff1eb5abb980b78f6a0d342f474a5334f53
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
488
x-xss-protection
1; mode=block
request-context
appId=cid-v1:813c1a28-c1f8-47e5-8f7e-2987fc35ffb5
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 10:05:53 GMT
cross-origin-opener-policy
same-origin
expect-ct
max-age=7776000, enforce
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
expires
Sat, 03 May 2025 10:05:53 GMT
js-shared-generica
oms-womensecretcl.azurewebsites.net/bundles/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oms-womensecretcl.azurewebsites.net/bundles/js-shared-generica?v=8R4WDOrll4uLaXoZExA6up4gTdHLBOrLqVcEUAv2FNo1
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63d257c309bd6dc4d8a7b259b9034e72981a680e45d83eae737b72c5905efa16
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
5238
x-xss-protection
1; mode=block
request-context
appId=cid-v1:813c1a28-c1f8-47e5-8f7e-2987fc35ffb5
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 10:05:53 GMT
cross-origin-opener-policy
same-origin
expect-ct
max-age=7776000, enforce
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
expires
Sat, 03 May 2025 10:05:53 GMT
css-bootstrap-3.3.5
oms-womensecretcl.azurewebsites.net/Content/ 		141 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oms-womensecretcl.azurewebsites.net/Content/css-bootstrap-3.3.5?v=jkW5oEaICEU6aE6VlqRY138SgJFrnC1obqLcKfrzZmI1
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c922c1e6c0b9fedd709a5925c5ecd0850b640e922688fa5de95b97b65f926986
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
31571
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 10:05:53 GMT
cross-origin-opener-policy
same-origin
expect-ct
max-age=7776000, enforce
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
expires
Sat, 03 May 2025 10:05:53 GMT
css-keyboard
oms-womensecretcl.azurewebsites.net/Content/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oms-womensecretcl.azurewebsites.net/Content/css-keyboard?v=taNK_UmL0gr_7lkv19oyt2yG4MiGlC9nAP4LToB4hTs1
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
59015c9603016b64e1bfafc3bd3def6b91d037c8d7ebe4e604dafe06aa19b77a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
2667
x-xss-protection
1; mode=block
request-context
appId=cid-v1:813c1a28-c1f8-47e5-8f7e-2987fc35ffb5
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 10:05:53 GMT
cross-origin-opener-policy
same-origin
expect-ct
max-age=7776000, enforce
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
expires
Sat, 03 May 2025 10:05:53 GMT
js-keyboard
oms-womensecretcl.azurewebsites.net/bundles/ 		43 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oms-womensecretcl.azurewebsites.net/bundles/js-keyboard?v=MfI3Nhf4U1-LOBCjAWDHIW4mU3RMKC5IVyq7dZV49wg1
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d392ca6933c26b71052f18fbbf8ac443ddef4e2aff53ea6387eaf7399278be9e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
18593
x-xss-protection
1; mode=block
request-context
appId=cid-v1:813c1a28-c1f8-47e5-8f7e-2987fc35ffb5
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 10:05:53 GMT
cross-origin-opener-policy
same-origin
expect-ct
max-age=7776000, enforce
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
expires
Sat, 03 May 2025 10:05:53 GMT
css-ecomsur-stepper
oms-womensecretcl.azurewebsites.net/Content/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oms-womensecretcl.azurewebsites.net/Content/css-ecomsur-stepper?v=rcxVgI-CsUaP2ekZU186NFc8-f77SMJPebRsmw3PiTo1
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8f97252754bc8310c7a4bae3674d7f9e768c3c351d9de7b5394f7bb591a6dee6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
1596
x-xss-protection
1; mode=block
request-context
appId=cid-v1:813c1a28-c1f8-47e5-8f7e-2987fc35ffb5
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 10:05:53 GMT
cross-origin-opener-policy
same-origin
expect-ct
max-age=7776000, enforce
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
expires
Sat, 03 May 2025 10:05:53 GMT
api.js
www.google.com/recaptcha/ 		1 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LenvqsZAAAAAOdrr1U0brFu8XSgwbCluYuwAthd
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
d5bcbcce28a0167906bf4184c7a5d993a6cca82c4d0cbae26d571871b20d8ad9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 03 May 2024 10:05:53 GMT
LogoWS.jpg
fotos-womensecretcl.azurewebsites.net/fotosOMS/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fotos-womensecretcl.azurewebsites.net/fotosOMS/LogoWS.jpg
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.210.145.181 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bf486a0d19c4cc801e211e89f4c98607c2bccb9e23e6afbec19d202bda598629

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 03 May 2024 10:05:53 GMT
Last-Modified
Thu, 26 May 2022 00:59:42 GMT
Server
Microsoft-IIS/10.0
ETag
"3319ee29b70d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
46504
loader.gif
oms-womensecretcl.azurewebsites.net/Content/Images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oms-womensecretcl.azurewebsites.net/Content/Images/loader.gif
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
05efdc13ce430a4bf806be687f1b049dd6f898e3db9ab4f49319fcbde8ee5896
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
4167
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 20:38:40 GMT
cross-origin-opener-policy
same-origin
etag
"08f43d9987da1:0"
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/gif
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
accept-ranges
bytes
blank.gif
oms-womensecretcl.azurewebsites.net/Content/Images/ 		42 B
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oms-womensecretcl.azurewebsites.net/Content/Images/blank.gif
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
42
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 20:38:40 GMT
cross-origin-opener-policy
same-origin
etag
"08f43d9987da1:0"
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/gif
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
accept-ranges
bytes
ajax-loader.gif
oms-womensecretcl.azurewebsites.net/Content/Images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oms-womensecretcl.azurewebsites.net/Content/Images/ajax-loader.gif
Requested by
Host: oms-womensecretcl.azurewebsites.net
URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.161.217 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
05efdc13ce430a4bf806be687f1b049dd6f898e3db9ab4f49319fcbde8ee5896
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 10:05:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
4167
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 20:38:40 GMT
cross-origin-opener-policy
same-origin
etag
"08f43d9987da1:0"
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/gif
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
accept-ranges
bytes
recaptcha__de.js
www.gstatic.com/recaptcha/releases/WQcDpAcHn0sjM6ZiVkU8JwNH/ 		501 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/WQcDpAcHn0sjM6ZiVkU8JwNH/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LenvqsZAAAAAOdrr1U0brFu8XSgwbCluYuwAthd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0590d3b5e28ba3e85f33543a2f2325a100f58b0db5355e0e40abd2ec81dc2419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/
Origin
https://oms-womensecretcl.azurewebsites.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 06:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205649
x-xss-protection
0
last-modified
Mon, 29 Apr 2024 04:01:38 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 May 2025 06:44:21 GMT
anchor
www.google.com/recaptcha/api2/ Frame 66DB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenvqsZAAAAAOdrr1U0brFu8XSgwbCluYuwAthd&co=aHR0cHM6Ly9vbXMtd29tZW5zZWNyZXRjbC5henVyZXdlYnNpdGVzLm5ldDo0NDM.&hl=de&v=WQcDpAcHn0sjM6ZiVkU8JwNH&size=invisible&cb=o0b4pyffdih1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/WQcDpAcHn0sjM6ZiVkU8JwNH/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UBH2dYA0BYkXsuXz-1Cxww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://oms-womensecretcl.azurewebsites.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-UBH2dYA0BYkXsuXz-1Cxww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 May 2024 10:05:54 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
favicon.ico
fotos-womensecretcl.azurewebsites.net/fotosOMS/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://fotos-womensecretcl.azurewebsites.net/fotosOMS/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.210.145.181 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
89b7bb4698a375c00779828bbf97083a1635066560134d98a076d11524128f41

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 03 May 2024 10:05:55 GMT
Last-Modified
Thu, 26 May 2022 00:59:42 GMT
Server
Microsoft-IIS/10.0
ETag
"e77b10e29b70d81:0"
X-Powered-By
ASP.NET
Content-Type
image/x-icon
Accept-Ranges
bytes
Content-Length
1150
favicon.ico
fotos-womensecretcl.azurewebsites.net/fotosOMS/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://fotos-womensecretcl.azurewebsites.net/fotosOMS/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.210.145.181 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
89b7bb4698a375c00779828bbf97083a1635066560134d98a076d11524128f41

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oms-womensecretcl.azurewebsites.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 03 May 2024 10:05:55 GMT
Last-Modified
Thu, 26 May 2022 00:59:42 GMT
Server
Microsoft-IIS/10.0
ETag
"e77b10e29b70d81:0"
X-Powered-By
ASP.NET
Content-Type
image/x-icon
Accept-Ranges
bytes
Content-Length
1150

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery function| _gotoToday function| dpFunc function| exportData function| registerCustomValidators function| loadHelpButtons function| loadWaterMarks function| loadMasks function| configSelectableGridRow function| getSelectedIdsFromGrid function| bindClientValidation function| loadErrorToolTips function| isValidForm function| showInfo function| showInfoAppendHtml function| putLoadingDivPopup function| putContentHtmlDivPopup function| putContentHtmlDivPopup_DisableButtons function| putContentHtmlDivPopup_EnabledButtons function| showLoadingMessage function| showWarningMessageTimeOut function| hideLoadingMessage function| hideWarningMessage function| openModal function| openModalPost function| openModalUrlPost function| openModalUrlPostWithParams function| ajaxPostItemId_json function| ajaxPostArray_json function| submit_html function| submitForm function| submitForm_html function| submitFormAndPagination_html function| submitUrlAndPagination_html function| submitFormAndPagination function| submitFormReport function| showMessageNotSelectedRow function| showMessageSingleSelectedRow function| redirectToUrl function| reloadPage function| setCookie function| removeCookie function| getCookie function| removeAllCookies function| convertToBool function| serializeFormDataToArray function| removeTooltipsOfElements function| removeTooltipsFromContainer function| hideTooltips function| setRut function| formatRut function| reloadCombo function| submitFormWithFile function| showInfoConfirm undefined| $msgPopup undefined| loadingObject undefined| loadingMessage undefined| warningMessage function| configSelectableGridRowClickHandler function| configSelectableGridRowDblClickHandler string| urlCalendarImage string| acceptFileTypeErrorMessage string| submitErrorMessage string| notSelectedRowWarningMessage string| urlMenuList string| urlChangePassword object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| urlLogOnMobile object| recaptcha object| closure_lm_102634

3 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AIgNtRUcRTkQ_lGT_Bspv3rdryfz42qKmiRkQ62Jv1vqXP5ZGWHlvDp5mrLFtTxisis3syNXbvve3zd5D9kOqrw
oms-womensecretcl.azurewebsites.net/ Name: __RequestVerificationToken
Value: AwPpi0JXt6mXSNaQ1ewSyX-OJIYySqKFG-4liF55KPwCa5wHVxyZNi54E-SaHHtGlCr4llZhQeFya3zwAU0jwSMYHwMpy8ICNdKb5xv3hZQ1
.fotos-womensecretcl.azurewebsites.net/ Name: ARRAffinitySameSite
Value: ded54571a8b2dedd3c61cb60fd67a05632b4a0ff873dfa2aac2b44058d0139d6

9 Console Messages

Source Level URL
Text
security error URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
other warning URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
recommendation verbose URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
security error URL: https://www.gstatic.com/recaptcha/releases/WQcDpAcHn0sjM6ZiVkU8JwNH/recaptcha__de.js(Line 276)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://www.gstatic.com/recaptcha/releases/WQcDpAcHn0sjM6ZiVkU8JwNH/recaptcha__de.js(Line 278)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://www.gstatic.com/recaptcha/releases/WQcDpAcHn0sjM6ZiVkU8JwNH/recaptcha__de.js(Line 278)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
other warning URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://oms-womensecretcl.azurewebsites.net/Home/LogOn?ReturnUrl=%2f
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net www.google.com www.gstatic.com www.google-analytics.com www.pagespeed-mod.com;style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com;object-src 'none';frame-src 'self' www.google.com;child-src 'self';img-src 'self' https://* 'self';connect-src 'self' *.services.visualstudio.com;manifest-src 'self';base-uri 'self';form-action 'self';media-src 'self';prefetch-src 'self';worker-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fotos-womensecretcl.azurewebsites.net
oms-womensecretcl.azurewebsites.net
www.google.com
www.gstatic.com
104.210.145.181
142.250.186.164
23.102.161.217
2a00:1450:4001:812::2003
0590d3b5e28ba3e85f33543a2f2325a100f58b0db5355e0e40abd2ec81dc2419
05efdc13ce430a4bf806be687f1b049dd6f898e3db9ab4f49319fcbde8ee5896
15eaf1173dc55279ed178a9ce1529d9b78e22dc584d98552d5f20741195b2b78
1c1843896f7a48a5d881f7a8a1bda41fcb0935b7c4001c295d6b748d386c634a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
59015c9603016b64e1bfafc3bd3def6b91d037c8d7ebe4e604dafe06aa19b77a
5e15c2476c1700b506bdcfc44c65ea011f2edf7a2fb7db13e88540aa6a03fe12
63d257c309bd6dc4d8a7b259b9034e72981a680e45d83eae737b72c5905efa16
77f3629adf6d3813f79a2d1cb0910824c8fe4d429c5604b38c7ba1f4a9cce75c
7d2e99e9476a2d94ba7cca038e298420d7ca27aac39f9d3cee11e335292f5ab4
835b11ee8ff85e741e571bfda13625cca5103dbec4da53793cc974032bb50614
89b7bb4698a375c00779828bbf97083a1635066560134d98a076d11524128f41
8f97252754bc8310c7a4bae3674d7f9e768c3c351d9de7b5394f7bb591a6dee6
8fd8b67af80fd474c63263b082355ff1eb5abb980b78f6a0d342f474a5334f53
9626ec987acaf0df2e6963d3f2029540a71189636dc445b531b8711478000e32
bf486a0d19c4cc801e211e89f4c98607c2bccb9e23e6afbec19d202bda598629
c922c1e6c0b9fedd709a5925c5ecd0850b640e922688fa5de95b97b65f926986
d392ca6933c26b71052f18fbbf8ac443ddef4e2aff53ea6387eaf7399278be9e
d5bcbcce28a0167906bf4184c7a5d993a6cca82c4d0cbae26d571871b20d8ad9
ed1a6d42e11fb7bf7e9a6019c3b1d6a750aee4504072b73b59656c2fefca8660
f892c337345d5461a1b5f1305ecfd313ab47ae626b56761824ab4882a08c39f6