urlscan.io logo urlscan.io
SecurityTrails logo

ssoa.sterbc.com Open in urlscan Pro
23.45.103.165  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://groupadvantage.istrbc.com/
Effective URL: https://ssoa.sterbc.com/riam/ui/v2/?PARM2=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&PARM1=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjn...
Submission Tags: tag
Submission: On January 14 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 7 domains to perform 18 HTTP transactions. The main IP is 23.45.103.165, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is ssoa.sterbc.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on November 7th 2023. Valid for: a year.
This is the only time ssoa.sterbc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
5 ssoa.sterbc.com ssoa.sterbc.com
3 www.googletagmanager.com ssoa.sterbc.com
www.googletagmanager.com
3 groupadvantage.istrbc.com 1 redirects groupadvantage.istrbc.com
2 connect.facebook.net groupadvantage.istrbc.com
connect.facebook.net
2 bat.bing.com www.googletagmanager.com
bat.bing.com
0 pagead2.googlesyndication.com Failed www.googletagmanager.com
0 www.facebook.com Failed ssoa.sterbc.com
18 7

This site contains no links.

Subject Issuer Validity Valid
steroyalbank.com
Entrust Certification Authority - L1K		 2023-11-07 -
2024-11-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-23 -
2024-01-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ssoa.sterbc.com/riam/ui/v2/?PARM2=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&PARM1=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication&state=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&resumePath=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication
Frame ID: 10D1D1DBFB99BA2F590868BB4E65B222
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://groupadvantage.istrbc.com/ HTTP 301
    https://groupadvantage.istrbc.com/ Page URL
  2. https://groupadvantage.istrbc.com/mga/sps/authsvc?PolicyId=urn:ibm:security:authentication:asf:gaprosp Page URL
  3. https://ssoa.sterbc.com/riam/ui/v2/?PARM2=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&PARM1=/resume/H9VnMNueB1I... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

18
Requests

78 %
HTTPS

75 %
IPv6

7
Domains

7
Subdomains

5
IPs

1
Countries

528 kB
Transfer

2382 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://groupadvantage.istrbc.com/ HTTP 301
    https://groupadvantage.istrbc.com/ Page URL
  2. https://groupadvantage.istrbc.com/mga/sps/authsvc?PolicyId=urn:ibm:security:authentication:asf:gaprosp Page URL
  3. https://ssoa.sterbc.com/riam/ui/v2/?PARM2=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&PARM1=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication&state=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&resumePath=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://groupadvantage.istrbc.com/ HTTP 301
  • https://groupadvantage.istrbc.com/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
groupadvantage.istrbc.com/
Redirect Chain
  • http://groupadvantage.istrbc.com/
  • https://groupadvantage.istrbc.com/
990 B
978 B 		Document
General
Check archive.org
Download Go to
Full URL
https://groupadvantage.istrbc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.103.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-103-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
content-encoding
gzip
content-length
614
content-security-policy
frame-ancestors 'none'
content-type
text/html
date
Sun, 14 Jan 2024 05:07:29 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-edgeconnect-cache-status
0
x-frame-options
DENY
x-xss-protection
1

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 14 Jan 2024 05:07:28 GMT
Location
https://groupadvantage.istrbc.com/
Server
AkamaiGHost
X-EdgeConnect-Cache-Status
0
authsvc
groupadvantage.istrbc.com/mga/sps/ 		563 B
928 B 		Document
General
Check archive.org
Download Go to
Full URL
https://groupadvantage.istrbc.com/mga/sps/authsvc?PolicyId=urn:ibm:security:authentication:asf:gaprosp
Requested by
Host: groupadvantage.istrbc.com
URL: https://groupadvantage.istrbc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.103.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-103-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ccd02c2c1a2b9ae9609a6c96543fd1fb7e91fec6b032688ab8d9f72889d73967
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://groupadvantage.istrbc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache
content-language
en-US
content-length
563
content-type
text/html;charset=UTF-8
date
Sun, 14 Jan 2024 05:07:29 GMT
expires
Thu, 01 Dec 1994 16:00:00 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security
max-age=31536000; includeSubDomains
x-edgeconnect-cache-status
0
x-frame-options
SAMEORIGIN
Primary Request /
ssoa.sterbc.com/riam/ui/v2/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssoa.sterbc.com/riam/ui/v2/?PARM2=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&PARM1=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication&state=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&resumePath=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.103.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-103-165.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ede21d87ca4f43d65c810c84a38051617db275abb6842cfa6696e2203b148b11
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://groupadvantage.istrbc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=0
content-encoding
gzip
content-length
1514
content-type
text/html; charset=UTF-8
date
Sun, 14 Jan 2024 05:07:30 GMT
etag
W/"799-18bd47d66b0:dtagent10279231130031246G5w6"
last-modified
Wed, 15 Nov 2023 19:37:49 GMT
server
nginx
server-timing
dtSInfo;desc="0", dtRpid;desc="-1289667448"
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-edgeconnect-cache-status
0
x-frame-options
SAMEORIGIN SAMEORIGIN
x-oneagent-js-injection
true
x-ruxit-js-agent
true
x-vcap-request-id
61ac2ac0-c6ef-4f84-6531-bc10c8745821
x-xss-protection
1; mode=block 1; mode=block
ruxitagentjs_ICA2NVfqru_10279231130031246.js
ssoa.sterbc.com/ 		185 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssoa.sterbc.com/ruxitagentjs_ICA2NVfqru_10279231130031246.js
Requested by
Host: ssoa.sterbc.com
URL: https://ssoa.sterbc.com/riam/ui/v2/?PARM2=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&PARM1=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication&state=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&resumePath=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.103.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-103-165.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
dbaeb8f5848edbc0288e4c211c79923cfe73e5d6e6692bb4faf1a4bb19ff510c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssoa.sterbc.com/riam/ui/v2/?PARM2=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&PARM1=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication&state=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&resumePath=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2010 07:01:40 GMT
server
nginx
x-edgeconnect-cache-status
1
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
content-length
98864
x-xss-protection
1; mode=block
expires
Fri, 03 Jan 2025 06:02:54 GMT
styles.4d676626c688677465e2.css
ssoa.sterbc.com/riam/ui/v2/ 		205 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ssoa.sterbc.com/riam/ui/v2/styles.4d676626c688677465e2.css
Requested by
Host: ssoa.sterbc.com
URL: https://ssoa.sterbc.com/riam/ui/v2/?PARM2=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&PARM1=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication&state=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&resumePath=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.103.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-103-165.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2651adb860f683126ef5a1345fdc7fa53001c5480e0c65d45567cbab4b74f27c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssoa.sterbc.com/riam/ui/v2/?PARM2=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&PARM1=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication&state=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&resumePath=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff, nosniff
date
Sun, 14 Jan 2024 05:07:34 GMT
x-dns-prefetch-control
off
server-timing
dtSInfo;desc="0", dtRpid;desc="-1836616403"
content-length
55555
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Mon, 20 Nov 2023 15:16:01 GMT
server
nginx
etag
W/"3329c-18bed4d7f68"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css; charset=UTF-8
x-vcap-request-id
25aba04c-c684-43b3-6b7f-67a10946c900
cache-control
public, max-age=0
x-edgeconnect-cache-status
1
accept-ranges
bytes
runtime-es2015.dae9a8a9583d34f57f7e.js
ssoa.sterbc.com/riam/ui/v2/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssoa.sterbc.com/riam/ui/v2/runtime-es2015.dae9a8a9583d34f57f7e.js
Requested by
Host: ssoa.sterbc.com
URL: https://ssoa.sterbc.com/riam/ui/v2/?PARM2=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&PARM1=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication&state=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&resumePath=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.103.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-103-165.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a62c3303cfc60e4b0b6ab4320bb9b8582051f937b20f5284eb99b9ee968c9ae6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://ssoa.sterbc.com/riam/ui/v2/?PARM2=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&PARM1=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication&state=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&resumePath=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication
Origin
https://ssoa.sterbc.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
date
Sun, 14 Jan 2024 05:07:32 GMT
x-content-type-options
nosniff, nosniff
x-dns-prefetch-control
off
server-timing
dtSInfo;desc="0", dtRpid;desc="800373952"
content-length
2364
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Wed, 15 Nov 2023 19:37:49 GMT
server
nginx
etag
W/"93c-18bd47d62c8"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=UTF-8
x-vcap-request-id
5396b34a-e54b-4fb4-541d-7c52c93faf73
cache-control
public, max-age=0
x-edgeconnect-cache-status
1
accept-ranges
bytes
polyfills-es2015.c7e7f1a896a9b5ebbb00.js
ssoa.sterbc.com/riam/ui/v2/ 		0
0
scripts.897e465baae8c4dac428.js
ssoa.sterbc.com/riam/ui/v2/ 		0
0
main-es2015.42e41cd0154a9439b939.js
ssoa.sterbc.com/riam/ui/v2/ 		767 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ssoa.sterbc.com/riam/ui/v2/main-es2015.42e41cd0154a9439b939.js
Requested by
Host: ssoa.sterbc.com
URL: https://ssoa.sterbc.com/riam/ui/v2/?PARM2=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&PARM1=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication&state=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&resumePath=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.103.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-103-165.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://ssoa.sterbc.com/riam/ui/v2/?PARM2=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&PARM1=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication&state=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&resumePath=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication
Origin
https://ssoa.sterbc.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
date
Sun, 14 Jan 2024 05:07:33 GMT
x-content-type-options
nosniff, nosniff
x-dns-prefetch-control
off
server-timing
dtSInfo;desc="0", dtRpid;desc="1024327371"
content-length
931322
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Mon, 20 Nov 2023 15:16:01 GMT
server
nginx
etag
W/"e35fa-18bed4d7f68"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=UTF-8
x-vcap-request-id
7d44e1e5-1c76-4e48-73a7-9f28990f83f9
cache-control
public, max-age=0
x-edgeconnect-cache-status
1
accept-ranges
bytes
gtm.js
www.googletagmanager.com/ 		364 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K5TWTL
Requested by
Host: ssoa.sterbc.com
URL: https://ssoa.sterbc.com/riam/ui/v2/?PARM2=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&PARM1=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication&state=H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp&resumePath=/resume/H9VnMNueB1I5ka1EXRxNvjGDyFSrOjnp/authentication
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d25abdc39ebb5a7aeaee5042685ba4b6834becd759365145fdac41f4fab6574e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssoa.sterbc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:07:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104265
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Jan 2024 05:07:33 GMT
gtm.js
www.googletagmanager.com/ 		269 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NKXCB3X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5TWTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d4fb8150c55e29762aac7bd9890f8c02645cc2f694c17503d0a59b44c4f216b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssoa.sterbc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:07:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91452
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Jan 2024 05:07:33 GMT
js
www.googletagmanager.com/gtag/ 		194 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-22PRMSS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKXCB3X&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30e5eff812a5dc496fcbaeaeee9c847add64eb44ae7aac0036d451512ebf54df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssoa.sterbc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:07:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73220
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Jan 2024 05:07:33 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKXCB3X&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssoa.sterbc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sun, 14 Jan 2024 05:07:33 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BB806D6F1BCB4CBCA5BB98D5D9AB12DA Ref B: LON04EDGE1008 Ref C: 2024-01-14T05:07:33Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
fbevents.js
connect.facebook.net/en_US/ 		212 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: groupadvantage.istrbc.com
URL: https://groupadvantage.istrbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssoa.sterbc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 14 Jan 2024 05:07:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
56915
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
a5DFE0A0Hhe2svioXIDz47eemSIE4EmYpr4yMVpzcWfRnxoA+jQH33GDWjkUwQjTmM3yjuzXhrmxZxFSM2ma5w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
5488685.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5488685.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssoa.sterbc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Sun, 14 Jan 2024 05:07:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B27BB6F7B8654257BC351BC9F2A66A1E Ref B: LON04EDGE1008 Ref C: 2024-01-14T05:07:33Z
x-cache
CONFIG_NOCACHE
360711633069876
connect.facebook.net/signals/config/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/360711633069876?v=2.9.140&r=stable&domain=ssoa.sterbc.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8792ba6b2b16206b3cc5b92d89ac4262bcfd0ec8da2573af05167733473c4c49
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssoa.sterbc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 14 Jan 2024 05:07:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
tXwtACuoGBC/9eyOuMQnp9KcTuhh+guSkiwUS/dsrlTJQAPSjepJmkMxYO1vZPRAbYUJx4e1KP4m1rXO42zKTg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
0
landing
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ssoa.sterbc.com
URL
https://ssoa.sterbc.com/riam/ui/v2/polyfills-es2015.c7e7f1a896a9b5ebbb00.js
Domain
ssoa.sterbc.com
URL
https://ssoa.sterbc.com/riam/ui/v2/scripts.897e465baae8c4dac428.js
Domain
www.facebook.com
URL
https://www.facebook.com/tr/?id=360711633069876&ev=PageView&dl=https%3A%2F%2Fssoa.sterbc.com&rl=https%3A%2F%2Fgroupadvantage.istrbc.com&if=false&ts=1705208854428&sw=1600&sh=1200&v=2.9.140&r=stable&a=gtmss&ec=0&o=4125&fbp=fb.1.1705208854229.268287331&pm=1&hrl=73a308&ler=other&it=1705208853983&coo=false&eid=fa8645e6-5e49-4210-bea4-9a3e54ef1728_1705208853353.1&cs_cc=1&cs_cc=1&cdl=&rqm=GET
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G101&gcd=11p1t1l1l5&rnd=24768233.1705208855&url=https%3A%2F%2Fssoa.sterbc.com%2Friam%2Fui%2Fv2%2F&dma=0&gtm=45He41a0n81NKXCB3Xv897526857

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
groupadvantage.istrbc.com/ Name: PD-S-SESSION-ID
Value: 0_joXWGdtCViU60B3SkYD/elueS7M0ZZH0TBeL8lfSPNe/Lx+fwX8=
groupadvantage.istrbc.com/ Name: originalrequesturl
Value: https%3A//groupadvantage.istrbc.com/
groupadvantage.istrbc.com/ Name: AMWEBJCT!%2Fmga!JSESSIONID
Value: 0000Wzmb6VHj3rSlu8mCZoyOwvR:abe8e442-d828-44f5-9580-1f666943c863
groupadvantage.istrbc.com/ Name: PD_STATEFUL_754fce70-b0c8-11ea-8045-74fe480687b6
Value: %2Fmga
groupadvantage.istrbc.com/ Name: IV_JCT
Value: %2Fmga

1 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/360711633069876?v=2.9.140&r=stable&domain=ssoa.sterbc.com(Line 115)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1