Submitted URL: https://securelogin-uat.cpai-test2.com
Effective URL: https://securelogin-uat.cpai-test2.com/sso/Login
Submission: On October 09 via automatic , source certstream-suspicious

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 24 HTTP transactions.
The main IP is 204.232.130.241, located in San Antonio, United States and belongs to RACKSPACE - Rackspace Hosting, US. The main domain is securelogin-uat.cpai-test2.com.
TLS certificate: Issued by DigiCert Global CA G2 on December 6th 2018. Valid for: a year.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
1 17 204.232.130.241 27357 (RACKSPACE)
1 1 46.137.111.69 16509 (AMAZON-02)
7 143.204.101.75 16509 (AMAZON-02)
24 3
Domain
Subdomains
Transfer
17 cpai-test2.com
683 KB
8 unblu.com
515 KB
0 fonts.googleapis.com Failed
.fonts.googleapis.com Failed
0 B
24 3
Domain Requested by
17 securelogin-uat.cpai-test2.com 1 redirects securelogin-uat.cpai-test2.com
7 cdn.unblu.com securelogin-uat.cpai-test2.com
cdn.unblu.com
1 start.unblu.com 1 redirects
0 fonts.googleapis.com Failed cdn.unblu.com
24 4

This site contains links to these domains. Also see Links.

Domain
www.cpai.com
www.scanalert.com
Subject / Issuer Validity Valid
*.cpai-test2.com
DigiCert Global CA G2
2018-12-06 -
2019-12-07
a year
*.unblu.com
COMODO RSA Domain Validation Secure Server CA
2016-10-28 -
2019-11-17
3 years

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set Login
/sso
Redirect Chain
  • https://securelogin-uat.cpai-test2.com/
  • https://securelogin-uat.cpai-test2.com/sso/Login
10 KB
5 KB
Document
General
Full URL
https://securelogin-uat.cpai-test2.com/sso/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
/
Resource Hash
e71fbdf697513c53055d5a88f282b86903b1024ef2cb858c86d8bcc2134b94e4
Security Headers
Name Value
Content-Security-Policy script-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com 'unsafe-inline';style-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.aspnetcdn.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
securelogin-uat.cpai-test2.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Cache-Control
no-cache,no-cache, no-store, must-revalidate
Pragma
no-cache,no-cache
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Set-Cookie
.AspNetCore.Antiforgery.eJaNqKidQnM=CfDJ8Nmr7L79oCdKoJ2Jkgpf7yt_GpT7G9OKJbYYOFsDG5EB4kFCXS2uoiWcRPS1PjJ3O2qKQdNHLXi9YA_UGvpvDRTL1BXyeDB94aGMRx_AfNdK106_wx5kUGIOV70R5kAgmq4ctfa4qDqll6a7wvkHGwM; path=/; secure; samesite=strict; httponly .AspNetCore.Mvc.CookieTempDataProvider=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; secure; samesite=strict; httponly .AspNetCore.Session=CfDJ8Nmr7L79oCdKoJ2Jkgpf7yuUKmRY%2B4%2FVgK%2FBZQmQJKVkexau4SqxSQEoVia1hKMPwgzkLSU7Fh6DDkLCaqxM8rro69zeks%2FMH3f59KEPWnOIwrwp6pWs8GkYYGFuWxHmwXTOSqtHm2%2F9Rh1fhgKxrueMok8R%2FHF9Ij5BsgVoyixs; path=/; secure; samesite=lax; httponly
Content-Security-Policy
script-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com 'unsafe-inline';style-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com 'unsafe-inline'
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.aspnetcdn.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
Date
Wed, 09 Oct 2019 23:02:04 GMT

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Location
/sso/Login
Content-Security-Policy
script-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com 'unsafe-inline';style-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com 'unsafe-inline'
Strict-Transport-Security
max-age=31536000
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Date
Wed, 09 Oct 2019 23:02:03 GMT
Content-Length
0
jquery-3.2.1.min.js
/js
85 KB
38 KB
Script
General
Full URL
https://securelogin-uat.cpai-test2.com/js/jquery-3.2.1.min.js
Requested by
Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
/
Resource Hash
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 17:26:20 GMT
X-Frame-Options
SAMEORIGIN
ETag
"1d57a0faba21487"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Date
Wed, 09 Oct 2019 23:02:04 GMT
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
bootstrap.min.js
/js
36 KB
13 KB
Script
General
Full URL
https://securelogin-uat.cpai-test2.com/js/bootstrap.min.js
Requested by
Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
/
Resource Hash
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 17:26:20 GMT
X-Frame-Options
SAMEORIGIN
ETag
"1d57a0faba3d6bb"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Date
Wed, 09 Oct 2019 23:02:05 GMT
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
bootstrap-datepicker.js
/js
51 KB
17 KB
Script
General
Full URL
https://securelogin-uat.cpai-test2.com/js/bootstrap-datepicker.js
Requested by
Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
/
Resource Hash
5d8577aa5bcd511006d5ef6e76ff401464de1d10a5ed5129b7d49f002960668b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 17:26:20 GMT
X-Frame-Options
SAMEORIGIN
ETag
"1d57a0faba38c78"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Date
Wed, 09 Oct 2019 23:02:04 GMT
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
bootstrap.min.css
/css
118 KB
28 KB
Stylesheet
General
Full URL
https://securelogin-uat.cpai-test2.com/css/bootstrap.min.css
Requested by
Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
/
Resource Hash
443f1a636fb52044a58fd27973f15a00dc6704a38c93af0b9fe2643239cd05b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 17:26:18 GMT
X-Frame-Options
SAMEORIGIN
ETag
"1d57a0faa73c075"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Date
Wed, 09 Oct 2019 23:02:04 GMT
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
styles.css
/css
31 KB
9 KB
Stylesheet
General
Full URL
https://securelogin-uat.cpai-test2.com/css/styles.css
Requested by
Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
/
Resource Hash
770b2d7b4dc98cf3c5eb92cc572c07869fe068f75a08baeef50da3d82a065a9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 17:26:18 GMT
X-Frame-Options
SAMEORIGIN
ETag
"1d57a0faa726278"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Date
Wed, 09 Oct 2019 23:02:05 GMT
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
bootstrap-datepicker.min.css
/css
17 KB
3 KB
Stylesheet
General
Full URL
https://securelogin-uat.cpai-test2.com/css/bootstrap-datepicker.min.css
Requested by
Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
/
Resource Hash
d1bdb74cc164a8a3195c9fd4593ab92c08381849e4f15ed5f61f21c9a41e548a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 17:26:18 GMT
X-Frame-Options
SAMEORIGIN
ETag
"1d57a0faa725b73"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Date
Wed, 09 Oct 2019 23:02:05 GMT
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
bootstrap-select.css
/css
8 KB
3 KB
Stylesheet
General
Full URL
https://securelogin-uat.cpai-test2.com/css/bootstrap-select.css
Requested by
Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
/
Resource Hash
021564a5c2a1309fec4e0533ef1980ca6fce2ec4cc5aa737fc9b3d117dd5d244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 17:26:18 GMT
X-Frame-Options
SAMEORIGIN
ETag
"1d57a0faa720679"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Date
Wed, 09 Oct 2019 23:02:04 GMT
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
aicpa-aon-logo.png
/images
16 KB
16 KB
Image
General
Full URL
https://securelogin-uat.cpai-test2.com/images/aicpa-aon-logo.png
Requested by
Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
/
Resource Hash
6ad27c3f233085ff40713d36ec8060b97e8275654d0cf76b9e6c45f9d0c78a20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 17:26:20 GMT
ETag
"1d57a0faba30613"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Date
Wed, 09 Oct 2019 23:02:05 GMT
Accept-Ranges
bytes
Content-Length
16403
X-XSS-Protection
1; mode=block
bg-image-secure-login-img.jpg
/images
362 KB
362 KB
Image
General
Full URL
https://securelogin-uat.cpai-test2.com/images/bg-image-secure-login-img.jpg
Requested by
Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
/
Resource Hash
53b65edfd5a4dd445856d6631065e0d7eaa41c03417c5a8bd2c6c50157143852
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 17:26:20 GMT
ETag
"1d57a0faba6e189"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Date
Wed, 09 Oct 2019 23:02:04 GMT
Accept-Ranges
bytes
Content-Length
370569
X-XSS-Protection
1; mode=block
year-of-service.png
/images
22 KB
22 KB
Image
General
Full URL
https://securelogin-uat.cpai-test2.com/images/year-of-service.png
Requested by
Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
/
Resource Hash
af005068528c69fffe96dc7b9a9f3593fad5f603e8a8cf6495c1f2ed2a374e62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 17:26:20 GMT
ETag
"1d57a0faba311c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Date
Wed, 09 Oct 2019 23:02:04 GMT
Accept-Ranges
bytes
Content-Length
22464
X-XSS-Protection
1; mode=block
McAfee.png
/images
3 KB
4 KB
Image
General
Full URL
https://securelogin-uat.cpai-test2.com/images/McAfee.png
Requested by
Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
/
Resource Hash
9c7f0233f64674d89d923eae195662d32761340ef2f3a06b3f120586721e1376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 17:26:20 GMT
ETag
"1d57a0faba34acb"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Date
Wed, 09 Oct 2019 23:02:04 GMT
Accept-Ranges
bytes
Content-Length
3275
X-XSS-Protection
1; mode=block
app.js
/js
552 B
847 B
Script
General
Full URL
https://securelogin-uat.cpai-test2.com/js/app.js
Requested by
Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
/
Resource Hash
844065ac84f410624b2dbd17e36558bdd6fda4a15aa09a0094ebc6664f3af08b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 17:26:20 GMT
X-Frame-Options
SAMEORIGIN
ETag
"1d57a0faba34428"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Date
Wed, 09 Oct 2019 23:02:05 GMT
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
com.unblu.core.client.siteintegration
cdn.unblu.com/unblu/static/js/xmd1570658598000/xcv1570524053975/xpi0
Redirect Chain
  • https://start.unblu.com/starter.js
  • https://cdn.unblu.com/unblu/static/js/xmd1570658598000/xcv1570524053975/xpi0/com.unblu.core.client.siteintegration
52 KB
15 KB
Script
General
Full URL
https://cdn.unblu.com/unblu/static/js/xmd1570658598000/xcv1570524053975/xpi0/com.unblu.core.client.siteintegration
Requested by
Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-75.fra50.r.cloudfront.net
Software
/
Resource Hash
132513ab779439e40a028cf41c7158875d4f5cac83b1e323eef95aaf81009f6b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 09 Oct 2019 23:01:52 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 09 Oct 2019 22:03:18 GMT
Age
13
x-unblu-start-time
1570328267872
X-Cache
Hit from cloudfront
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315619200, no-cache="set-cookie"
X-Amz-Cf-Pop
FRA50-C1
Content-Length
14612
Via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
xAFbj53Vq_OKIsuJqnoLQZu7LZhKeABrYKnRL-lpd2snmznYW2vhpw==
Expires
Tue, 09 Oct 2029 23:01:52 GMT

Redirect headers

pragma
no-cache
x-unblu-start-time
1570328267872
Content-Type
text/javascript;charset=UTF-8
Location
https://cdn.unblu.com/unblu/static/js/xmd1570658598000/xcv1570524053975/xpi0/com.unblu.core.client.siteintegration
Cache-Control
no-cache, no-store, must-revalidate, max-age=1, no-cache="set-cookie"
Connection
keep-alive
Content-Length
0
Expires
Tue, 08 Oct 2019 23:02:05 GMT
icon-sprite.png
/images
31 KB
32 KB
Image
General
Full URL
https://securelogin-uat.cpai-test2.com/images/icon-sprite.png
Requested by
Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
/
Resource Hash
63aff0dd6a6f62a8b785960e29baeaf4a20674eca0f4b5fad0bb6d03617750b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://securelogin-uat.cpai-test2.com/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 17:26:20 GMT
ETag
"1d57a0faba33b4b"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Date
Wed, 09 Oct 2019 23:02:05 GMT
Accept-Ranges
bytes
Content-Length
32075
X-XSS-Protection
1; mode=block
RobotoRegular.woff2
/fonts
65 KB
65 KB
Font
General
Full URL
https://securelogin-uat.cpai-test2.com/fonts/RobotoRegular.woff2
Requested by
Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
/
Resource Hash
01a2d70c44d360552709539006a6e8f801196798f30b88133c50d142b0a18eba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://securelogin-uat.cpai-test2.com/css/styles.css
Origin
https://securelogin-uat.cpai-test2.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 17:26:20 GMT
ETag
"1d57a0faba24448"
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Access-Control-Allow-Origin
https://securelogin-uat.cpai-test2.com
X-XSS-Protection
1; mode=block
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Vary
Origin
Content-Length
66120
Date
Wed, 09 Oct 2019 23:02:05 GMT
RobotoLight.woff2
/fonts
64 KB
65 KB
Font
General
Full URL
https://securelogin-uat.cpai-test2.com/fonts/RobotoLight.woff2
Requested by
Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
/
Resource Hash
06e83c3bbf9c198cd27903124bae51d7f7bdbeac91a9a5ef9882f637f90c3860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://securelogin-uat.cpai-test2.com/css/styles.css
Origin
https://securelogin-uat.cpai-test2.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 17:26:20 GMT
ETag
"1d57a0faba3b9f0"
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Access-Control-Allow-Origin
https://securelogin-uat.cpai-test2.com
X-XSS-Protection
1; mode=block
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Vary
Origin
Content-Length
65520
Date
Wed, 09 Oct 2019 23:02:05 GMT
com.unblu.platform.client.core,com.unblu.platform.client.ojr.classlib,com.unblu.meta.shared.nio,com.unblu.platform.client.nio,com.unblu.meta.shared.core,com.unblu.platform.shared.core,com.unblu.cor...
cdn.unblu.com/unblu/config/xmd1570524053975/all/null/null/https$securelogin-uat.cpai-test2.com/o2SbHkLuQieDP6pWywKGRg/null/null
32 KB
9 KB
Script
General
Full URL
https://cdn.unblu.com/unblu/config/xmd1570524053975/all/null/null/https$securelogin-uat.cpai-test2.com/o2SbHkLuQieDP6pWywKGRg/null/null/com.unblu.platform.client.core,com.unblu.platform.client.ojr.classlib,com.unblu.meta.shared.nio,com.unblu.platform.client.nio,com.unblu.meta.shared.core,com.unblu.platform.shared.core,com.unblu.core.shared.core,com.unblu.core.client.siteintegration.orchestration.backend.common,com.unblu.core.shared.visual,com.unblu.core.client.visual,com.unblu.platform.client.uwt,com.unblu.platform.client.component,com.unblu.core.client.instructionplayer,com.unblu.core.client.core,com.unblu.core.client.siteintegration.task,com.unblu.core.client.ui,com.unblu.core.client.siteintegration.orchestration.backend.spi,com.unblu.core.client.siteintegration,com.unblu.core.client.siteintegration.orchestration.backend.ui,com.unblu.core.client.siteintegration.orchestration.backend.core,com.unblu.core.client.siteintegration.api,testbundle.com.unblu.core.client.siteintegration.orchestration.backend.spi.mock
Requested by
Host: cdn.unblu.com
URL: https://cdn.unblu.com/unblu/static/js/xmd1570658598000/xcv1570524053975/xpi0/com.unblu.core.client.siteintegration
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-75.fra50.r.cloudfront.net
Software
/
Resource Hash
aa44a05d5524c3301cb2680a6ace96d6fb516bc21d9523b57ae30f075f8c5b3b

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 09 Oct 2019 23:02:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Oct 2019 09:25:23 GMT
X-Amz-Cf-Pop
FRA50-C1
x-unblu-start-time
1570526723996
X-Cache
Miss from cloudfront
Content-Type
text/javascript;charset=UTF-8
Via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
Cache-Control
max-age=315619200, no-cache="set-cookie"
Connection
keep-alive
Content-Length
8149
X-Amz-Cf-Id
RwHEiE9gUK5grpH05GTy_0QLpR3ldGyBdCnu243oVt2aWZZF9u02bg==
Expires
Tue, 09 Oct 2029 23:02:05 GMT
com.unblu.core.client.siteintegration-library
cdn.unblu.com/unblu/static/js/xmd1570328284926/xpi13
3 MB
474 KB
Script
General
Full URL
https://cdn.unblu.com/unblu/static/js/xmd1570328284926/xpi13/com.unblu.core.client.siteintegration-library
Requested by
Host: cdn.unblu.com
URL: https://cdn.unblu.com/unblu/static/js/xmd1570658598000/xcv1570524053975/xpi0/com.unblu.core.client.siteintegration
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-75.fra50.r.cloudfront.net
Software
/
Resource Hash
9d33046312d5bd5ac3ac9fcede129a962fffb3b78d926a637b5e9064180fd44f

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 06 Oct 2019 04:45:49 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Sun, 06 Oct 2019 02:32:21 GMT
Age
52407
x-unblu-start-time
1570329123120
X-Cache
Hit from cloudfront
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315619200, no-cache="set-cookie"
X-Amz-Cf-Pop
FRA50-C1
Content-Length
485101
Via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
xbgGR8nx3GFEiwe8R_uKXi9R0bvkIePg8rzlk1BZ9wfjIaIZz5KWYA==
Expires
Sat, 06 Oct 2029 04:45:48 GMT
xmd1570328267872
cdn.unblu.com/unblu/xdmproxy
0
0
Document
General
Full URL
https://cdn.unblu.com/unblu/xdmproxy/xmd1570328267872
Requested by
Host: cdn.unblu.com
URL: https://cdn.unblu.com/unblu/static/js/xmd1570328284926/xpi13/com.unblu.core.client.siteintegration-library
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-75.fra50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Host
cdn.unblu.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate

Response headers

Content-Type
text/html;charset=UTF-8
Content-Length
353
Connection
keep-alive
Date
Wed, 09 Oct 2019 02:29:32 GMT
Cache-Control
no-cache="set-cookie"
p3p
CP="CAO PSA OUR"
x-unblu-start-time
1570329123120
X-Cache
Hit from cloudfront
Via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
Ba4m2XU4FAaBeTnlF-NKw-MTLgT7LK8y65UCuEBKLsZfShn9C5tBSQ==
Age
70431
uwt.css
cdn.unblu.com/unblu/static/resources/com.unblu.platform.client.uwt/xmd1570328267872/css
2 KB
2 KB
Stylesheet
General
Full URL
https://cdn.unblu.com/unblu/static/resources/com.unblu.platform.client.uwt/xmd1570328267872/css/uwt.css
Requested by
Host: cdn.unblu.com
URL: https://cdn.unblu.com/unblu/static/js/xmd1570328284926/xpi13/com.unblu.core.client.siteintegration-library
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-75.fra50.r.cloudfront.net
Software
/
Resource Hash
7d8347c38330f7fa7c8490704f3509a0941ead9b94c1b56aa2bc672919c1549c

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 06 Oct 2019 02:29:02 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 30 Sep 2019 15:23:58 GMT
Age
159558
x-unblu-start-time
1570328267872
X-Cache
Hit from cloudfront
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315619200, no-cache="set-cookie"
X-Amz-Cf-Pop
FRA50-C1
Content-Length
946
Via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Le2Cd9tMK2c77fqgNprQuz27-tDtXG8qbLV2VJfiVNHRc5ogmD-DbQ==
Expires
Sat, 06 Oct 2029 02:29:02 GMT
css?family=Source+Sans+Pro:300,300i,400,400i,600,600i,700&subset=latin-ext
fonts.googleapis.com
0
0

main.css
cdn.unblu.com/unblu/static/resources/com.unblu.core.client.ui/xmd1570328267872/css
0
616 B
Stylesheet
General
Full URL
https://cdn.unblu.com/unblu/static/resources/com.unblu.core.client.ui/xmd1570328267872/css/main.css
Requested by
Host: cdn.unblu.com
URL: https://cdn.unblu.com/unblu/static/js/xmd1570328284926/xpi13/com.unblu.core.client.siteintegration-library
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-75.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 06 Oct 2019 02:29:02 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 30 Sep 2019 15:23:58 GMT
Age
159558
x-unblu-start-time
1569994926733
X-Cache
Hit from cloudfront
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315619200, no-cache="set-cookie"
X-Amz-Cf-Pop
FRA50-C1
Content-Length
20
Via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
CxSCG9Vb3QTpR_cAYO3AE1LOAYKBgZh8z70V0shkyhSlY2fapLKqFA==
Expires
Sat, 06 Oct 2029 02:29:02 GMT
style.min.css
cdn.unblu.com/unblu/static/resources/com.unblu.core.client.ui/xmd1570328267872/font/x-unblu-iconfont
34 KB
15 KB
Stylesheet
General
Full URL
https://cdn.unblu.com/unblu/static/resources/com.unblu.core.client.ui/xmd1570328267872/font/x-unblu-iconfont/style.min.css
Requested by
Host: cdn.unblu.com
URL: https://cdn.unblu.com/unblu/static/js/xmd1570328284926/xpi13/com.unblu.core.client.siteintegration-library
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-75.fra50.r.cloudfront.net
Software
/
Resource Hash
4c1c3f45635cb962e6cd3a71a976fb0a0d0c49d9d27a0375b9ba48de026bc26f

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 06 Oct 2019 02:44:26 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 30 Sep 2019 15:23:58 GMT
Age
58492
x-unblu-start-time
1569994952491
X-Cache
Hit from cloudfront
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315619200, no-cache="set-cookie"
X-Amz-Cf-Pop
FRA50-C1
Content-Length
14736
Via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
X-Amz-Cf-Id
qd2O601v7T_KvrK3zRhL_95d2PZxp3ztk4m1zIuClYt-7zhOMZjUFw==
Expires
Sat, 06 Oct 2029 02:44:26 GMT
data:truncated
data:truncated
17 KB
17 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1d11f616b94470af4792a997dac5fd5548715097f68e796262506d8c6836dc5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://securelogin-uat.cpai-test2.com

Response headers

Content-Type
application/x-font-ttf;charset=utf-8

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • https://securelogin-uat.cpai-test2.com/
  • https://securelogin-uat.cpai-test2.com/sso/Login
Request 13
  • https://start.unblu.com/starter.js
  • https://cdn.unblu.com/unblu/static/js/xmd1570658598000/xcv1570524053975/xpi0/com.unblu.core.client.siteintegration

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,300i,400,400i,600,600i,700&subset=latin-ext

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| getCookie string| istestautomation object| unblu string| x-unblu-tmp-window-name boolean| x-unblu-tmp-dom-ready object| _unblu_572F594F_21AA_4D30_8081_40F2793592AF object| hj string| _unblu_572F594F_21AA_4D30_8081_40F2793592AF253744e3-1874_4669_b286_e7ecf75aeb5f boolean| x-unblu-tmp-window-alive object| ev$

2 Cookies

Domain/Path Name / Value
securelogin-uat.cpai-test2.com/ Name: .AspNetCore.Session
Value: CfDJ8Nmr7L79oCdKoJ2Jkgpf7yuUKmRY%2B4%2FVgK%2FBZQmQJKVkexau4SqxSQEoVia1hKMPwgzkLSU7Fh6DDkLCaqxM8rro69zeks%2FMH3f59KEPWnOIwrwp6pWs8GkYYGFuWxHmwXTOSqtHm2%2F9Rh1fhgKxrueMok8R%2FHF9Ij5BsgVoyixs
securelogin-uat.cpai-test2.com/ Name: .AspNetCore.Antiforgery.eJaNqKidQnM
Value: CfDJ8Nmr7L79oCdKoJ2Jkgpf7yt_GpT7G9OKJbYYOFsDG5EB4kFCXS2uoiWcRPS1PjJ3O2qKQdNHLXi9YA_UGvpvDRTL1BXyeDB94aGMRx_AfNdK106_wx5kUGIOV70R5kAgmq4ctfa4qDqll6a7wvkHGwM

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.unblu.com/unblu/static/js/xmd1570328284926/xpi13/com.unblu.core.client.siteintegration-library, Line 1219, Column1743
Message:
com.unblu.core.client.ui.fonticon.DK DEBUG: x-unblu-iconfont successfully loaded.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com 'unsafe-inline';style-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.aspnetcdn.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

cdn.unblu.com
fonts.googleapis.com
securelogin-uat.cpai-test2.com
start.unblu.com

fonts.googleapis.com

143.204.101.75
204.232.130.241
46.137.111.69

01a2d70c44d360552709539006a6e8f801196798f30b88133c50d142b0a18eba
021564a5c2a1309fec4e0533ef1980ca6fce2ec4cc5aa737fc9b3d117dd5d244
06e83c3bbf9c198cd27903124bae51d7f7bdbeac91a9a5ef9882f637f90c3860
132513ab779439e40a028cf41c7158875d4f5cac83b1e323eef95aaf81009f6b
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
443f1a636fb52044a58fd27973f15a00dc6704a38c93af0b9fe2643239cd05b5
4c1c3f45635cb962e6cd3a71a976fb0a0d0c49d9d27a0375b9ba48de026bc26f
53b65edfd5a4dd445856d6631065e0d7eaa41c03417c5a8bd2c6c50157143852
5d8577aa5bcd511006d5ef6e76ff401464de1d10a5ed5129b7d49f002960668b
63aff0dd6a6f62a8b785960e29baeaf4a20674eca0f4b5fad0bb6d03617750b4
6ad27c3f233085ff40713d36ec8060b97e8275654d0cf76b9e6c45f9d0c78a20
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
770b2d7b4dc98cf3c5eb92cc572c07869fe068f75a08baeef50da3d82a065a9b
7d8347c38330f7fa7c8490704f3509a0941ead9b94c1b56aa2bc672919c1549c
844065ac84f410624b2dbd17e36558bdd6fda4a15aa09a0094ebc6664f3af08b
9c7f0233f64674d89d923eae195662d32761340ef2f3a06b3f120586721e1376
9d33046312d5bd5ac3ac9fcede129a962fffb3b78d926a637b5e9064180fd44f
aa44a05d5524c3301cb2680a6ace96d6fb516bc21d9523b57ae30f075f8c5b3b
af005068528c69fffe96dc7b9a9f3593fad5f603e8a8cf6495c1f2ed2a374e62
d1bdb74cc164a8a3195c9fd4593ab92c08381849e4f15ed5f61f21c9a41e548a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71fbdf697513c53055d5a88f282b86903b1024ef2cb858c86d8bcc2134b94e4
f1d11f616b94470af4792a997dac5fd5548715097f68e796262506d8c6836dc5