securelogin-uat.cpai-test2.com Open in urlscan Pro
204.232.130.241 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://securelogin-uat.cpai-test2.com/
Effective URL:
https://securelogin-uat.cpai-test2.com/sso/Login
Submission: On October 09 via automatic, source certstream-suspicious (October 9th 2019, 11:02:21 pm UTC)

Summary HTTP 24 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 24 HTTP transactions. The main IP is 204.232.130.241, located in San Antonio, United States and belongs to RACKSPACE - Rackspace Hosting, US. The main domain is securelogin-uat.cpai-test2.com.
TLS certificate: Issued by DigiCert Global CA G2 on December 6th 2018. Valid for: a year.

This is the only time securelogin-uat.cpai-test2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	204.232.130.241 204.232.130.241	27357 (RACKSPACE) (RACKSPACE - Rackspace Hosting)
1 1	46.137.111.69 46.137.111.69	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	143.204.101.75 143.204.101.75	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
24	3

17 204.232.130.241 (San Antonio, United States) 1 redirects

ASN27357 (RACKSPACE - Rackspace Hosting, US)

securelogin-uat.cpai-test2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.137.111.69 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-46-137-111-69.eu-west-1.compute.amazonaws.com

start.unblu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.101.75 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-75.fra50.r.cloudfront.net

cdn.unblu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	cpai-test2.com 1 redirects securelogin-uat.cpai-test2.com	683 KB
8	unblu.com 1 redirects start.unblu.com cdn.unblu.com	515 KB
0	googleapis.com Failed fonts.googleapis.com Failed
24	3

	Domain	Requested by
17	securelogin-uat.cpai-test2.com	1 redirects securelogin-uat.cpai-test2.com
7	cdn.unblu.com	securelogin-uat.cpai-test2.com cdn.unblu.com
1	start.unblu.com	1 redirects
0	fonts.googleapis.com Failed	cdn.unblu.com
24	4

This site contains links to these domains. Also see Links.

Domain
www.cpai.com
www.scanalert.com

Subject Issuer	Validity	Valid
*.cpai-test2.com DigiCert Global CA G2	`2018-12-06` - `2019-12-07`	a year	crt.sh
*.unblu.com COMODO RSA Domain Validation Secure Server CA	`2016-10-28` - `2019-11-17`	3 years	crt.sh

This page contains 2 frames:

Primary Page: https://securelogin-uat.cpai-test2.com/sso/Login
Frame ID: A5489A9BFD26183EE8C2C16A93369A75
Requests: 24 HTTP requests in this frame

Frame: https://cdn.unblu.com/unblu/xdmproxy/xmd1570328267872
Frame ID: 133DABA6759735530F2391FF89BD1F4C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://securelogin-uat.cpai-test2.com/ HTTP 302
https://securelogin-uat.cpai-test2.com/sso/Login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

24
Requests

96 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

1215 kB
Transfer

3769 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.cpai.com/
Title: CPAI Home

Search URL Search Domain Scan URL

URL: http://www.cpai.com/about-us/insurance-license-information?from=footer
Title: Insurance License Information

Search URL Search Domain Scan URL

URL: http://www.cpai.com/about-us/privacy?from=footer
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.scanalert.com/RatingVerify?ref=www.cpai.com
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://securelogin-uat.cpai-test2.com/ HTTP 302
https://securelogin-uat.cpai-test2.com/sso/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://start.unblu.com/starter.js HTTP 302
https://cdn.unblu.com/unblu/static/js/xmd1570658598000/xcv1570524053975/xpi0/com.unblu.core.client.siteintegration

24 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set Login Show response
securelogin-uat.cpai-test2.com/sso/
Redirect Chain

https://securelogin-uat.cpai-test2.com/
https://securelogin-uat.cpai-test2.com/sso/Login

10 KB
5 KB

119ms
118ms

Document
text/html

204.232.130.241
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://securelogin-uat.cpai-test2.com/sso/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

Software

Resource Hash

e71fbdf697513c53055d5a88f282b86903b1024ef2cb858c86d8bcc2134b94e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com 'unsafe-inline';style-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.aspnetcdn.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: securelogin-uat.cpai-test2.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Cache-Control: no-cache,no-cache, no-store, must-revalidate
Pragma: no-cache,no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Set-Cookie: .AspNetCore.Antiforgery.eJaNqKidQnM=CfDJ8Nmr7L79oCdKoJ2Jkgpf7yt_GpT7G9OKJbYYOFsDG5EB4kFCXS2uoiWcRPS1PjJ3O2qKQdNHLXi9YA_UGvpvDRTL1BXyeDB94aGMRx_AfNdK106_wx5kUGIOV70R5kAgmq4ctfa4qDqll6a7wvkHGwM; path=/; secure; samesite=strict; httponly .AspNetCore.Mvc.CookieTempDataProvider=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; secure; samesite=strict; httponly .AspNetCore.Session=CfDJ8Nmr7L79oCdKoJ2Jkgpf7yuUKmRY%2B4%2FVgK%2FBZQmQJKVkexau4SqxSQEoVia1hKMPwgzkLSU7Fh6DDkLCaqxM8rro69zeks%2FMH3f59KEPWnOIwrwp6pWs8GkYYGFuWxHmwXTOSqtHm2%2F9Rh1fhgKxrueMok8R%2FHF9Ij5BsgVoyixs; path=/; secure; samesite=lax; httponly
Content-Security-Policy: script-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com 'unsafe-inline';style-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com 'unsafe-inline'
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.aspnetcdn.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Date: Wed, 09 Oct 2019 23:02:04 GMT

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Location: /sso/Login
Content-Security-Policy: script-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com 'unsafe-inline';style-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com 'unsafe-inline'
Strict-Transport-Security: max-age=31536000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Wed, 09 Oct 2019 23:02:03 GMT
Content-Length: 0

GET
H/1.1 200
OK jquery-3.2.1.min.js Show response
securelogin-uat.cpai-test2.com/js/ 85 KB
38 KB 319ms
107ms Script
application/javascript 204.232.130.241
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://securelogin-uat.cpai-test2.com/js/jquery-3.2.1.min.js

Requested by

Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

Software

Resource Hash

75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 17:26:20 GMT
X-Frame-Options: SAMEORIGIN
ETag: "1d57a0faba21487"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Date: Wed, 09 Oct 2019 23:02:04 GMT
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.js Show response
securelogin-uat.cpai-test2.com/js/ 36 KB
13 KB 322ms
109ms Script
application/javascript 204.232.130.241
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://securelogin-uat.cpai-test2.com/js/bootstrap.min.js

Requested by

Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

Software

Resource Hash

36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 17:26:20 GMT
X-Frame-Options: SAMEORIGIN
ETag: "1d57a0faba3d6bb"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Date: Wed, 09 Oct 2019 23:02:05 GMT
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap-datepicker.js Show response
securelogin-uat.cpai-test2.com/js/ 51 KB
17 KB 331ms
112ms Script
application/javascript 204.232.130.241
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://securelogin-uat.cpai-test2.com/js/bootstrap-datepicker.js

Requested by

Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

Software

Resource Hash

5d8577aa5bcd511006d5ef6e76ff401464de1d10a5ed5129b7d49f002960668b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 17:26:20 GMT
X-Frame-Options: SAMEORIGIN
ETag: "1d57a0faba38c78"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Date: Wed, 09 Oct 2019 23:02:04 GMT
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.css
securelogin-uat.cpai-test2.com/css/ 118 KB
28 KB 113ms
108ms Stylesheet
text/css 204.232.130.241
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://securelogin-uat.cpai-test2.com/css/bootstrap.min.css

Requested by

Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

Software

Resource Hash

443f1a636fb52044a58fd27973f15a00dc6704a38c93af0b9fe2643239cd05b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 17:26:18 GMT
X-Frame-Options: SAMEORIGIN
ETag: "1d57a0faa73c075"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Date: Wed, 09 Oct 2019 23:02:04 GMT
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK styles.css
securelogin-uat.cpai-test2.com/css/ 31 KB
9 KB 314ms
106ms Stylesheet
text/css 204.232.130.241
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://securelogin-uat.cpai-test2.com/css/styles.css

Requested by

Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

Software

Resource Hash

770b2d7b4dc98cf3c5eb92cc572c07869fe068f75a08baeef50da3d82a065a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 17:26:18 GMT
X-Frame-Options: SAMEORIGIN
ETag: "1d57a0faa726278"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Date: Wed, 09 Oct 2019 23:02:05 GMT
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap-datepicker.min.css
securelogin-uat.cpai-test2.com/css/ 17 KB
3 KB 313ms
106ms Stylesheet
text/css 204.232.130.241
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://securelogin-uat.cpai-test2.com/css/bootstrap-datepicker.min.css

Requested by

Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

Software

Resource Hash

d1bdb74cc164a8a3195c9fd4593ab92c08381849e4f15ed5f61f21c9a41e548a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 17:26:18 GMT
X-Frame-Options: SAMEORIGIN
ETag: "1d57a0faa725b73"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Date: Wed, 09 Oct 2019 23:02:05 GMT
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap-select.css
securelogin-uat.cpai-test2.com/css/ 8 KB
3 KB 319ms
108ms Stylesheet
text/css 204.232.130.241
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://securelogin-uat.cpai-test2.com/css/bootstrap-select.css

Requested by

Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

Software

Resource Hash

021564a5c2a1309fec4e0533ef1980ca6fce2ec4cc5aa737fc9b3d117dd5d244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 17:26:18 GMT
X-Frame-Options: SAMEORIGIN
ETag: "1d57a0faa720679"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Date: Wed, 09 Oct 2019 23:02:04 GMT
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK aicpa-aon-logo.png
securelogin-uat.cpai-test2.com/images/ 16 KB
16 KB 105ms
105ms Image
image/png 204.232.130.241
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securelogin-uat.cpai-test2.com/images/aicpa-aon-logo.png

Requested by

Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

Software

Resource Hash

6ad27c3f233085ff40713d36ec8060b97e8275654d0cf76b9e6c45f9d0c78a20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 17:26:20 GMT
ETag: "1d57a0faba30613"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 09 Oct 2019 23:02:05 GMT
Accept-Ranges: bytes
Content-Length: 16403
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bg-image-secure-login-img.jpg
securelogin-uat.cpai-test2.com/images/ 362 KB
362 KB 108ms
108ms Image
image/jpeg 204.232.130.241
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securelogin-uat.cpai-test2.com/images/bg-image-secure-login-img.jpg

Requested by

Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

Software

Resource Hash

53b65edfd5a4dd445856d6631065e0d7eaa41c03417c5a8bd2c6c50157143852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 17:26:20 GMT
ETag: "1d57a0faba6e189"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 09 Oct 2019 23:02:04 GMT
Accept-Ranges: bytes
Content-Length: 370569
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK year-of-service.png
securelogin-uat.cpai-test2.com/images/ 22 KB
22 KB 108ms
107ms Image
image/png 204.232.130.241
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securelogin-uat.cpai-test2.com/images/year-of-service.png

Requested by

Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

Software

Resource Hash

af005068528c69fffe96dc7b9a9f3593fad5f603e8a8cf6495c1f2ed2a374e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 17:26:20 GMT
ETag: "1d57a0faba311c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 09 Oct 2019 23:02:04 GMT
Accept-Ranges: bytes
Content-Length: 22464
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK McAfee.png
securelogin-uat.cpai-test2.com/images/ 3 KB
4 KB 111ms
110ms Image
image/png 204.232.130.241
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securelogin-uat.cpai-test2.com/images/McAfee.png

Requested by

Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

Software

Resource Hash

9c7f0233f64674d89d923eae195662d32761340ef2f3a06b3f120586721e1376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 17:26:20 GMT
ETag: "1d57a0faba34acb"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 09 Oct 2019 23:02:04 GMT
Accept-Ranges: bytes
Content-Length: 3275
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app.js Show response
securelogin-uat.cpai-test2.com/js/ 552 B
847 B 105ms
105ms Script
application/javascript 204.232.130.241
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://securelogin-uat.cpai-test2.com/js/app.js

Requested by

Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

Software

Resource Hash

844065ac84f410624b2dbd17e36558bdd6fda4a15aa09a0094ebc6664f3af08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 17:26:20 GMT
X-Frame-Options: SAMEORIGIN
ETag: "1d57a0faba34428"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Date: Wed, 09 Oct 2019 23:02:05 GMT
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

com.unblu.core.client.siteintegration Show response
cdn.unblu.com/unblu/static/js/xmd1570658598000/xcv1570524053975/xpi0/
Redirect Chain

https://start.unblu.com/starter.js
https://cdn.unblu.com/unblu/static/js/xmd1570658598000/xcv1570524053975/xpi0/com.unblu.core.client.siteintegration

52 KB
15 KB

98ms
38ms

Script
text/javascript

143.204.101.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblu.com/unblu/static/js/xmd1570658598000/xcv1570524053975/xpi0/com.unblu.core.client.siteintegration
Requested by: Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-75.fra50.r.cloudfront.net
Software: /
Resource Hash: 132513ab779439e40a028cf41c7158875d4f5cac83b1e323eef95aaf81009f6b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 23:01:52 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 09 Oct 2019 22:03:18 GMT
Age: 13
x-unblu-start-time: 1570328267872
X-Cache: Hit from cloudfront
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315619200, no-cache="set-cookie"
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 14612
Via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: xAFbj53Vq_OKIsuJqnoLQZu7LZhKeABrYKnRL-lpd2snmznYW2vhpw==
Expires: Tue, 09 Oct 2029 23:01:52 GMT

Redirect headers

pragma: no-cache
x-unblu-start-time: 1570328267872
Content-Type: text/javascript;charset=UTF-8
Location: https://cdn.unblu.com/unblu/static/js/xmd1570658598000/xcv1570524053975/xpi0/com.unblu.core.client.siteintegration
Cache-Control: no-cache, no-store, must-revalidate, max-age=1, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 0
Expires: Tue, 08 Oct 2019 23:02:05 GMT

GET
H/1.1 200
OK icon-sprite.png
securelogin-uat.cpai-test2.com/images/ 31 KB
32 KB 105ms
105ms Image
image/png 204.232.130.241
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securelogin-uat.cpai-test2.com/images/icon-sprite.png

Requested by

Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

Software

Resource Hash

63aff0dd6a6f62a8b785960e29baeaf4a20674eca0f4b5fad0bb6d03617750b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securelogin-uat.cpai-test2.com/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 17:26:20 GMT
ETag: "1d57a0faba33b4b"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 09 Oct 2019 23:02:05 GMT
Accept-Ranges: bytes
Content-Length: 32075
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK RobotoRegular.woff2
securelogin-uat.cpai-test2.com/fonts/ 65 KB
65 KB 108ms
108ms Font
font/woff2 204.232.130.241
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://securelogin-uat.cpai-test2.com/fonts/RobotoRegular.woff2

Requested by

Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

Software

Resource Hash

01a2d70c44d360552709539006a6e8f801196798f30b88133c50d142b0a18eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://securelogin-uat.cpai-test2.com/css/styles.css
Origin: https://securelogin-uat.cpai-test2.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 17:26:20 GMT
ETag: "1d57a0faba24448"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Access-Control-Allow-Origin: https://securelogin-uat.cpai-test2.com
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Vary: Origin
Content-Length: 66120
Date: Wed, 09 Oct 2019 23:02:05 GMT

GET
H/1.1 200
OK RobotoLight.woff2
securelogin-uat.cpai-test2.com/fonts/ 64 KB
65 KB 105ms
105ms Font
font/woff2 204.232.130.241
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://securelogin-uat.cpai-test2.com/fonts/RobotoLight.woff2

Requested by

Host: securelogin-uat.cpai-test2.com
URL: https://securelogin-uat.cpai-test2.com/sso/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.232.130.241 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

Software

Resource Hash

06e83c3bbf9c198cd27903124bae51d7f7bdbeac91a9a5ef9882f637f90c3860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://securelogin-uat.cpai-test2.com/css/styles.css
Origin: https://securelogin-uat.cpai-test2.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 17:26:20 GMT
ETag: "1d57a0faba3b9f0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Access-Control-Allow-Origin: https://securelogin-uat.cpai-test2.com
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Vary: Origin
Content-Length: 65520
Date: Wed, 09 Oct 2019 23:02:05 GMT

GET
H/1.1 200
OK com.unblu.platform.client.core,com.unblu.platform.client.ojr.classlib,com.unblu.meta.shared.nio,com.unblu.platform.client.nio,com.unblu.meta.shared.core,com.unblu.platform.shared.core,com.unblu.cor... Show response
cdn.unblu.com/unblu/config/xmd1570524053975/all/null/null/https$securelogin-uat.cpai-test2.com/o2SbHkLuQieDP6pWywKGRg/null/null/ 32 KB
9 KB 139ms
138ms Script
text/javascript 143.204.101.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblu.com/unblu/config/xmd1570524053975/all/null/null/https$securelogin-uat.cpai-test2.com/o2SbHkLuQieDP6pWywKGRg/null/null/com.unblu.platform.client.core,com.unblu.platform.client.ojr.classlib,com.unblu.meta.shared.nio,com.unblu.platform.client.nio,com.unblu.meta.shared.core,com.unblu.platform.shared.core,com.unblu.core.shared.core,com.unblu.core.client.siteintegration.orchestration.backend.common,com.unblu.core.shared.visual,com.unblu.core.client.visual,com.unblu.platform.client.uwt,com.unblu.platform.client.component,com.unblu.core.client.instructionplayer,com.unblu.core.client.core,com.unblu.core.client.siteintegration.task,com.unblu.core.client.ui,com.unblu.core.client.siteintegration.orchestration.backend.spi,com.unblu.core.client.siteintegration,com.unblu.core.client.siteintegration.orchestration.backend.ui,com.unblu.core.client.siteintegration.orchestration.backend.core,com.unblu.core.client.siteintegration.api,testbundle.com.unblu.core.client.siteintegration.orchestration.backend.spi.mock
Requested by: Host: cdn.unblu.com
URL: https://cdn.unblu.com/unblu/static/js/xmd1570658598000/xcv1570524053975/xpi0/com.unblu.core.client.siteintegration
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-75.fra50.r.cloudfront.net
Software: /
Resource Hash: aa44a05d5524c3301cb2680a6ace96d6fb516bc21d9523b57ae30f075f8c5b3b

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 23:02:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Oct 2019 09:25:23 GMT
X-Amz-Cf-Pop: FRA50-C1
x-unblu-start-time: 1570526723996
X-Cache: Miss from cloudfront
Content-Type: text/javascript;charset=UTF-8
Via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
Cache-Control: max-age=315619200, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 8149
X-Amz-Cf-Id: RwHEiE9gUK5grpH05GTy_0QLpR3ldGyBdCnu243oVt2aWZZF9u02bg==
Expires: Tue, 09 Oct 2029 23:02:05 GMT

GET
H/1.1 200
OK com.unblu.core.client.siteintegration-library Show response
cdn.unblu.com/unblu/static/js/xmd1570328284926/xpi13/ 3 MB
474 KB 31ms
30ms Script
text/javascript 143.204.101.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblu.com/unblu/static/js/xmd1570328284926/xpi13/com.unblu.core.client.siteintegration-library
Requested by: Host: cdn.unblu.com
URL: https://cdn.unblu.com/unblu/static/js/xmd1570658598000/xcv1570524053975/xpi0/com.unblu.core.client.siteintegration
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-75.fra50.r.cloudfront.net
Software: /
Resource Hash: 9d33046312d5bd5ac3ac9fcede129a962fffb3b78d926a637b5e9064180fd44f

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 04:45:49 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sun, 06 Oct 2019 02:32:21 GMT
Age: 52407
x-unblu-start-time: 1570329123120
X-Cache: Hit from cloudfront
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315619200, no-cache="set-cookie"
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 485101
Via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: xbgGR8nx3GFEiwe8R_uKXi9R0bvkIePg8rzlk1BZ9wfjIaIZz5KWYA==
Expires: Sat, 06 Oct 2029 04:45:48 GMT

GET
H/1.1 200
OK xmd1570328267872
cdn.unblu.com/unblu/xdmproxy/ Frame 133D 0
0 27ms
27ms Document
text/html 143.204.101.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblu.com/unblu/xdmproxy/xmd1570328267872
Requested by: Host: cdn.unblu.com
URL: https://cdn.unblu.com/unblu/static/js/xmd1570328284926/xpi13/com.unblu.core.client.siteintegration-library
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-75.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Host: cdn.unblu.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

Content-Type: text/html;charset=UTF-8
Content-Length: 353
Connection: keep-alive
Date: Wed, 09 Oct 2019 02:29:32 GMT
Cache-Control: no-cache="set-cookie"
p3p: CP="CAO PSA OUR"
x-unblu-start-time: 1570329123120
X-Cache: Hit from cloudfront
Via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: Ba4m2XU4FAaBeTnlF-NKw-MTLgT7LK8y65UCuEBKLsZfShn9C5tBSQ==
Age: 70431

GET
H/1.1 200
OK uwt.css
cdn.unblu.com/unblu/static/resources/com.unblu.platform.client.uwt/xmd1570328267872/css/ 2 KB
2 KB 44ms
25ms Stylesheet
text/css 143.204.101.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblu.com/unblu/static/resources/com.unblu.platform.client.uwt/xmd1570328267872/css/uwt.css
Requested by: Host: cdn.unblu.com
URL: https://cdn.unblu.com/unblu/static/js/xmd1570328284926/xpi13/com.unblu.core.client.siteintegration-library
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-75.fra50.r.cloudfront.net
Software: /
Resource Hash: 7d8347c38330f7fa7c8490704f3509a0941ead9b94c1b56aa2bc672919c1549c

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 02:29:02 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 30 Sep 2019 15:23:58 GMT
Age: 159558
x-unblu-start-time: 1570328267872
X-Cache: Hit from cloudfront
Content-Type: text/css;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315619200, no-cache="set-cookie"
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 946
Via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Le2Cd9tMK2c77fqgNprQuz27-tDtXG8qbLV2VJfiVNHRc5ogmD-DbQ==
Expires: Sat, 06 Oct 2029 02:29:02 GMT

GET css
fonts.googleapis.com/ 0
0

GET
H/1.1 200
OK main.css
cdn.unblu.com/unblu/static/resources/com.unblu.core.client.ui/xmd1570328267872/css/ 0
616 B 69ms
25ms Stylesheet
text/css 143.204.101.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblu.com/unblu/static/resources/com.unblu.core.client.ui/xmd1570328267872/css/main.css
Requested by: Host: cdn.unblu.com
URL: https://cdn.unblu.com/unblu/static/js/xmd1570328284926/xpi13/com.unblu.core.client.siteintegration-library
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-75.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 02:29:02 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 30 Sep 2019 15:23:58 GMT
Age: 159558
x-unblu-start-time: 1569994926733
X-Cache: Hit from cloudfront
Content-Type: text/css;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315619200, no-cache="set-cookie"
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 20
Via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: CxSCG9Vb3QTpR_cAYO3AE1LOAYKBgZh8z70V0shkyhSlY2fapLKqFA==
Expires: Sat, 06 Oct 2029 02:29:02 GMT

GET
H/1.1 200
OK style.min.css
cdn.unblu.com/unblu/static/resources/com.unblu.core.client.ui/xmd1570328267872/font/x-unblu-iconfont/ 34 KB
15 KB 26ms
26ms Stylesheet
text/css 143.204.101.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblu.com/unblu/static/resources/com.unblu.core.client.ui/xmd1570328267872/font/x-unblu-iconfont/style.min.css
Requested by: Host: cdn.unblu.com
URL: https://cdn.unblu.com/unblu/static/js/xmd1570328284926/xpi13/com.unblu.core.client.siteintegration-library
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-75.fra50.r.cloudfront.net
Software: /
Resource Hash: 4c1c3f45635cb962e6cd3a71a976fb0a0d0c49d9d27a0375b9ba48de026bc26f

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 02:44:26 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 30 Sep 2019 15:23:58 GMT
Age: 58492
x-unblu-start-time: 1569994952491
X-Cache: Hit from cloudfront
Content-Type: text/css;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315619200, no-cache="set-cookie"
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 14736
Via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
X-Amz-Cf-Id: qd2O601v7T_KvrK3zRhL_95d2PZxp3ztk4m1zIuClYt-7zhOMZjUFw==
Expires: Sat, 06 Oct 2029 02:44:26 GMT

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1d11f616b94470af4792a997dac5fd5548715097f68e796262506d8c6836dc5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://securelogin-uat.cpai-test2.com

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,300i,400,400i,600,600i,700&subset=latin-ext

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			securelogin-uat.cpai-test2.com/	1969-12-31 23:59:59	Name: .AspNetCore.Session Value: CfDJ8Nmr7L79oCdKoJ2Jkgpf7yuUKmRY%2B4%2FVgK%2FBZQmQJKVkexau4SqxSQEoVia1hKMPwgzkLSU7Fh6DDkLCaqxM8rro69zeks%2FMH3f59KEPWnOIwrwp6pWs8GkYYGFuWxHmwXTOSqtHm2%2F9Rh1fhgKxrueMok8R%2FHF9Ij5BsgVoyixs
			securelogin-uat.cpai-test2.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.eJaNqKidQnM Value: CfDJ8Nmr7L79oCdKoJ2Jkgpf7yt_GpT7G9OKJbYYOFsDG5EB4kFCXS2uoiWcRPS1PjJ3O2qKQdNHLXi9YA_UGvpvDRTL1BXyeDB94aGMRx_AfNdK106_wx5kUGIOV70R5kAgmq4ctfa4qDqll6a7wvkHGwM

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.unblu.com/unblu/static/js/xmd1570328284926/xpi13/com.unblu.core.client.siteintegration-library(Line 1219) Message: com.unblu.core.client.ui.fonticon.DK DEBUG: x-unblu-iconfont successfully loaded.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com 'unsafe-inline';style-src 'self' ajax.aspnetcdn.com cdn.unblu.com start.unblu.com 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.aspnetcdn.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.unblu.com
fonts.googleapis.com
securelogin-uat.cpai-test2.com
start.unblu.com
fonts.googleapis.com
143.204.101.75
204.232.130.241
46.137.111.69
01a2d70c44d360552709539006a6e8f801196798f30b88133c50d142b0a18eba
021564a5c2a1309fec4e0533ef1980ca6fce2ec4cc5aa737fc9b3d117dd5d244
06e83c3bbf9c198cd27903124bae51d7f7bdbeac91a9a5ef9882f637f90c3860
132513ab779439e40a028cf41c7158875d4f5cac83b1e323eef95aaf81009f6b
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
443f1a636fb52044a58fd27973f15a00dc6704a38c93af0b9fe2643239cd05b5
4c1c3f45635cb962e6cd3a71a976fb0a0d0c49d9d27a0375b9ba48de026bc26f
53b65edfd5a4dd445856d6631065e0d7eaa41c03417c5a8bd2c6c50157143852
5d8577aa5bcd511006d5ef6e76ff401464de1d10a5ed5129b7d49f002960668b
63aff0dd6a6f62a8b785960e29baeaf4a20674eca0f4b5fad0bb6d03617750b4
6ad27c3f233085ff40713d36ec8060b97e8275654d0cf76b9e6c45f9d0c78a20
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
770b2d7b4dc98cf3c5eb92cc572c07869fe068f75a08baeef50da3d82a065a9b
7d8347c38330f7fa7c8490704f3509a0941ead9b94c1b56aa2bc672919c1549c
844065ac84f410624b2dbd17e36558bdd6fda4a15aa09a0094ebc6664f3af08b
9c7f0233f64674d89d923eae195662d32761340ef2f3a06b3f120586721e1376
9d33046312d5bd5ac3ac9fcede129a962fffb3b78d926a637b5e9064180fd44f
aa44a05d5524c3301cb2680a6ace96d6fb516bc21d9523b57ae30f075f8c5b3b
af005068528c69fffe96dc7b9a9f3593fad5f603e8a8cf6495c1f2ed2a374e62
d1bdb74cc164a8a3195c9fd4593ab92c08381849e4f15ed5f61f21c9a41e548a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71fbdf697513c53055d5a88f282b86903b1024ef2cb858c86d8bcc2134b94e4
f1d11f616b94470af4792a997dac5fd5548715097f68e796262506d8c6836dc5

securelogin-uat.cpai-test2.com Open in urlscan Pro 204.232.130.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

96 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

1215 kBTransfer

3769 kBSize

2 Cookies

4 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

securelogin-uat.cpai-test2.com Open in urlscan Pro
204.232.130.241 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

96 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

1215 kB
Transfer

3769 kB
Size

2
Cookies

24 HTTP transactions
1 data transactions