sso.demo.payrollhr.be Open in urlscan Pro
193.190.121.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://demo.mijnhr.lima.payflip.be/
Effective URL:
https://sso.demo.payrollhr.be/auth/realms/payflip/protocol/openid-connect/auth?client_id=idp-payflip-auth0&scope=openid%20prof...
Submission: On April 10 via api (April 10th 2024, 10:40:03 am UTC) from US — Scanned from US

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 5 domains to perform 25 HTTP transactions. The main IP is 193.190.121.28, located in Liège, Belgium and belongs to BELNET, BE. The main domain is sso.demo.payrollhr.be.
TLS certificate: Issued by R3 on February 20th 2024. Valid for: 3 months.

This is the only time sso.demo.payrollhr.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2600:1f18:248... 2600:1f18:2489:8202::c8	14618 (AMAZON-AES) (AMAZON-AES)
4	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
2	52.206.205.81 52.206.205.81	14618 (AMAZON-AES) (AMAZON-AES)
2	20.105.216.0 20.105.216.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2606:4700::68... 2606:4700::6813:9813	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	193.190.121.28 193.190.121.28	2611 (BELNET) (BELNET)
1	13.248.151.210 13.248.151.210	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:807::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
25	8

5 2600:1f18:2489:8202::c8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

demo.mijnhr.lima.payflip.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.206.205.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-205-81.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.105.216.0 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

preview.app-api.payflip.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9813 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

staging.auth.payflip.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 193.190.121.28 (Liège, Belgium)

ASN2611 (BELNET, BE)

sso.demo.payrollhr.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.151.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	payrollhr.be sso.demo.payrollhr.be	94 KB
8	payflip.be 1 redirects demo.mijnhr.lima.payflip.be preview.app-api.payflip.be staging.auth.payflip.be	599 KB
7	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 917 events.launchdarkly.com — Cisco Umbrella Rank: 1452 clientstream.launchdarkly.com — Cisco Umbrella Rank: 1083	1 KB
1	gstatic.com fonts.gstatic.com	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 116	1 KB
25	5

	Domain	Requested by
9	sso.demo.payrollhr.be	demo.mijnhr.lima.payflip.be sso.demo.payrollhr.be
5	demo.mijnhr.lima.payflip.be	demo.mijnhr.lima.payflip.be
4	app.launchdarkly.com	demo.mijnhr.lima.payflip.be
2	preview.app-api.payflip.be	demo.mijnhr.lima.payflip.be
2	events.launchdarkly.com	demo.mijnhr.lima.payflip.be
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	sso.demo.payrollhr.be
1	clientstream.launchdarkly.com
1	staging.auth.payflip.be	1 redirects
25	9

This site contains no links.

Subject Issuer	Validity	Valid
demo.mijnhr.lima.payflip.be R3	`2024-04-10` - `2024-07-09`	3 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M02	`2023-06-21` - `2024-07-20`	a year	crt.sh
preview.app-api.payflip.be GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-03-06` - `2024-09-06`	6 months	crt.sh
demo.payrollhr.be R3	`2024-02-20` - `2024-05-20`	3 months	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M01	`2023-08-09` - `2024-09-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sso.demo.payrollhr.be/auth/realms/payflip/protocol/openid-connect/auth?client_id=idp-payflip-auth0&scope=openid%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fstaging.auth.payflip.be%2Flogin%2Fcallback&response_mode=query&state=nhBK7aKb463xBYuvjbj77OZe0XPf3Edd
Frame ID: 2AA4840B6DB6CC7904FCA09FCEC44FC8
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://demo.mijnhr.lima.payflip.be/ Page URL
https://staging.auth.payflip.be/authorize?audience=https%3A%2F%2Fapp-api.payflip.be&scope=openid%20profile%2... HTTP 302
https://sso.demo.payrollhr.be/auth/realms/payflip/protocol/openid-connect/auth?client_id=idp-payflip-auth0... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

44 %
IPv6

5
Domains

9
Subdomains

8
IPs

3
Countries

739 kB
Transfer

2188 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://demo.mijnhr.lima.payflip.be/ Page URL
https://staging.auth.payflip.be/authorize?audience=https%3A%2F%2Fapp-api.payflip.be&scope=openid%20profile%20email%20read%3Acurrent_user&connection=cipal-idp-demo&client_id=eFNQoKR3IPwTcxiErMsGSYNgZrQlFjxt&redirect_uri=https%3A%2F%2Fdemo.mijnhr.lima.payflip.be&response_type=code&response_mode=query&state=M3Y0WXlMTGdnV3IxLXVMcFcyTC1CclFmMHVZYklXNW5BVkhVV0FpMHBHVQ%3D%3D&nonce=MjlPbWd6VG9ka2ZHV0tfT1lmbUcyN2RrbUpRQmJqQlc0bVFmU004RVQ5Mw%3D%3D&code_challenge=sZubUB3VFIonPdjFmDcBOp4YDUiYi1KNyytmJICbTcI&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4wIn0%3D HTTP 302
https://sso.demo.payrollhr.be/auth/realms/payflip/protocol/openid-connect/auth?client_id=idp-payflip-auth0&scope=openid%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fstaging.auth.payflip.be%2Flogin%2Fcallback&response_mode=query&state=nhBK7aKb463xBYuvjbj77OZe0XPf3Edd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
demo.mijnhr.lima.payflip.be/ 791 B
1015 B 155ms
51ms Document
text/html 2600:1f18:2489:8202::c8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.mijnhr.lima.payflip.be/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202::c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

c456131c7ffa326f6a68aae298e513d8efd4c282cb37d46bd5b8d05a7576791c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 0
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; fwd=miss
content-length: 791
content-type: text/html; charset=UTF-8
date: Wed, 10 Apr 2024 10:39:56 GMT
etag: "5af3d99357d9d98e821b3efbb86d5987-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01HV3SFHJW07CK807SF1NBZJRS

GET
H2 200 runtime.6210ab7502cecc77.js Show response
demo.mijnhr.lima.payflip.be/ 4 KB
2 KB 73ms
72ms Script
application/javascript 2600:1f18:2489:8202::c8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.mijnhr.lima.payflip.be/runtime.6210ab7502cecc77.js

Requested by

Host: demo.mijnhr.lima.payflip.be
URL: https://demo.mijnhr.lima.payflip.be/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202::c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

159bcaf8865e8fd7929b424f588b31bf3f77d5c4b8ddf4e7433ab7a34abfa8f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://demo.mijnhr.lima.payflip.be/
Origin: https://demo.mijnhr.lima.payflip.be
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HV3SFHMPBJG8QK02VF69YX4F
date: Wed, 10 Apr 2024 10:39:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000
server: Netlify
age: 0
cache-status: "Netlify Edge"; fwd=miss
etag: "4de77a4500a7b7f3af584c4e821d9b31-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H2 200 polyfills.e4b306992c595260.js Show response
demo.mijnhr.lima.payflip.be/ 94 KB
33 KB 78ms
77ms Script
application/javascript 2600:1f18:2489:8202::c8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.mijnhr.lima.payflip.be/polyfills.e4b306992c595260.js

Requested by

Host: demo.mijnhr.lima.payflip.be
URL: https://demo.mijnhr.lima.payflip.be/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202::c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

926862f3844128baef61b9f95097c16b1ca827b1de90ae2134c7516df191c1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://demo.mijnhr.lima.payflip.be/
Origin: https://demo.mijnhr.lima.payflip.be
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HV3SFHMPS0QKJC9PAQ5SPGG3
date: Wed, 10 Apr 2024 10:39:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000
server: Netlify
age: 0
cache-status: "Netlify Edge"; fwd=miss
etag: "1a490debff5cc3ac44f4c10d30420a32-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H2 200 main.3c7a9f241bff1c09.js Show response
demo.mijnhr.lima.payflip.be/ 2 MB
559 KB 131ms
130ms Script
application/javascript 2600:1f18:2489:8202::c8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.mijnhr.lima.payflip.be/main.3c7a9f241bff1c09.js

Requested by

Host: demo.mijnhr.lima.payflip.be
URL: https://demo.mijnhr.lima.payflip.be/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202::c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

4f7390d2268ff5124b2ba8838d36356d8071fe0aa52146c412500a535aed5b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://demo.mijnhr.lima.payflip.be/
Origin: https://demo.mijnhr.lima.payflip.be
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HV3SFHMPC6SQSSQ5MP214DC0
date: Wed, 10 Apr 2024 10:39:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000
server: Netlify
age: 0
cache-status: "Netlify Edge"; fwd=miss
etag: "49bf910f912bae5703efc18a145acc19-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H2 200 favicon-32x32.png
demo.mijnhr.lima.payflip.be/assets/ 2 KB
2 KB 51ms
50ms Other
image/png 2600:1f18:2489:8202::c8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.mijnhr.lima.payflip.be/assets/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202::c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://demo.mijnhr.lima.payflip.be/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HV3SFJ3F19XMERV134MS7RKT
date: Wed, 10 Apr 2024 10:39:57 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 0
cache-status: "Netlify Edge"; fwd=miss
etag: "f210a9360b283cd3775c114494011c00-ssl"
content-type: image/png
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 1622

OPTIONS
H2 200 63d8e6a606bcaa12bdc19b5f
app.launchdarkly.com/sdk/goals/ 0
0 95ms
35ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/63d8e6a606bcaa12bdc19b5f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://demo.mijnhr.lima.payflip.be
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Wed, 10 Apr 2024 10:39:57 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-yyz4565-YYZ
x-timer: S1712745597.133289,VS0,VE22

OPTIONS
H2 204 63d8e6a606bcaa12bdc19b5f
events.launchdarkly.com/events/diagnostic/ 0
0 107ms
33ms Preflight 52.206.205.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/63d8e6a606bcaa12bdc19b5f

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.206.205.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-205-81.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://demo.mijnhr.lima.payflip.be
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Wed, 10 Apr 2024 10:39:57 GMT
strict-transport-security: max-age=31536000

OPTIONS
H/1.1 200
OK graphql
preview.app-api.payflip.be/ 0
0 512ms
117ms Preflight 20.105.216.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://preview.app-api.payflip.be/graphql
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.105.216.0 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: apollographql-client-name,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://demo.mijnhr.lima.payflip.be
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: apollographql-client-name,authorization,content-type
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Wed, 10 Apr 2024 10:39:56 GMT

GET
H2 200 63d8e6a606bcaa12bdc19b5f
app.launchdarkly.com/sdk/goals/ 2 B
177 B 45ms
38ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/63d8e6a606bcaa12bdc19b5f

Requested by

Host: demo.mijnhr.lima.payflip.be
URL: https://demo.mijnhr.lima.payflip.be/main.3c7a9f241bff1c09.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.2
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://demo.mijnhr.lima.payflip.be/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.4
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Wed, 10 Apr 2024 10:39:57 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: MISS
content-length: 26
x-served-by: cache-yyz4565-YYZ
x-timer: S1712745597.175896,VS0,VE25
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 0

POST
H2 202 63d8e6a606bcaa12bdc19b5f
events.launchdarkly.com/events/diagnostic/ 0
344 B 35ms
34ms XHR
application/json 52.206.205.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/63d8e6a606bcaa12bdc19b5f

Requested by

Host: demo.mijnhr.lima.payflip.be
URL: https://demo.mijnhr.lima.payflip.be/main.3c7a9f241bff1c09.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.206.205.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-205-81.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.2
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://demo.mijnhr.lima.payflip.be/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.4
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 10:39:57 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

POST
H/1.1 200
OK graphql
preview.app-api.payflip.be/ 652 B
899 B 147ms
147ms Fetch
application/json 20.105.216.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://preview.app-api.payflip.be/graphql
Requested by: Host: demo.mijnhr.lima.payflip.be
URL: https://demo.mijnhr.lima.payflip.be/main.3c7a9f241bff1c09.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.105.216.0 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
apollographql-client-name: admin-client
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
accept: */*
Referer: https://demo.mijnhr.lima.payflip.be/
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 10 Apr 2024 10:39:57 GMT
Cache-Control: no-store
ETag: W/"28c-thjVyrmIujp/DR5kK/JlkHhdLgU"
Content-Length: 652
X-Powered-By: Express
Content-Type: application/json; charset=utf-8

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYWM4YWY1YjAtZjcyNi0xMWVlLWFkYTEtMTU0NTcxNWQ4MDQzIn0
app.launchdarkly.com/sdk/evalx/63d8e6a606bcaa12bdc19b5f/contexts/ 631 B
552 B 128ms
125ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/63d8e6a606bcaa12bdc19b5f/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYWM4YWY1YjAtZjcyNi0xMWVlLWFkYTEtMTU0NTcxNWQ4MDQzIn0
Requested by: Host: demo.mijnhr.lima.payflip.be
URL: https://demo.mijnhr.lima.payflip.be/main.3c7a9f241bff1c09.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.2
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://demo.mijnhr.lima.payflip.be/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.4
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 10:39:57 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 191
x-served-by: cache-yyz4525-YYZ, cache-yyz4565-YYZ
x-timer: S1712745597.176177,VS0,VE111
etag: "2dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

OPTIONS
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYWM4YWY1YjAtZjcyNi0xMWVlLWFkYTEtMTU0NTcxNWQ4MDQzIn0
app.launchdarkly.com/sdk/evalx/63d8e6a606bcaa12bdc19b5f/contexts/ 0
0 93ms
38ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/63d8e6a606bcaa12bdc19b5f/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYWM4YWY1YjAtZjcyNi0xMWVlLWFkYTEtMTU0NTcxNWQ4MDQzIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://demo.mijnhr.lima.payflip.be
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Wed, 10 Apr 2024 10:39:57 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-yyz4565-YYZ
x-timer: S1712745597.133267,VS0,VE22

GET
H/1.1

400
Bad Request

Primary Request auth Show response
sso.demo.payrollhr.be/auth/realms/payflip/protocol/openid-connect/
Redirect Chain

https://staging.auth.payflip.be/authorize?audience=https%3A%2F%2Fapp-api.payflip.be&scope=openid%20profile%20email%20read%3Acurrent_user&connection=cipal-idp-demo&client_id=eFNQoKR3IPwTcxiErMsGSYNg...
https://sso.demo.payrollhr.be/auth/realms/payflip/protocol/openid-connect/auth?client_id=idp-payflip-auth0&scope=openid%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fstaging.auth....

3 KB
4 KB

529ms
123ms

Document
text/html

193.190.121.28
BELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.demo.payrollhr.be/auth/realms/payflip/protocol/openid-connect/auth?client_id=idp-payflip-auth0&scope=openid%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fstaging.auth.payflip.be%2Flogin%2Fcallback&response_mode=query&state=nhBK7aKb463xBYuvjbj77OZe0XPf3Edd

Requested by

Host: demo.mijnhr.lima.payflip.be
URL: https://demo.mijnhr.lima.payflip.be/main.3c7a9f241bff1c09.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.190.121.28 Liège, Belgium, ASN2611 (BELNET, BE),

Reverse DNS

Software

nginx /

Resource Hash

c4db91a4c15755fe140d8e165de0749069434929791a4ce27842da2a6c24d884

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://demo.mijnhr.lima.payflip.be/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Language: en
Content-Length: 3174
Content-Security-Policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Content-Type: text/html;charset=utf-8
Date: Wed, 10 Apr 2024 10:39:57 GMT
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 87221dae4a934bbb-BUF
content-length: 0
date: Wed, 10 Apr 2024 10:39:57 GMT
location: https://sso.demo.payrollhr.be/auth/realms/payflip/protocol/openid-connect/auth?client_id=idp-payflip-auth0&scope=openid%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fstaging.auth.payflip.be%2Flogin%2Fcallback&response_mode=query&state=nhBK7aKb463xBYuvjbj77OZe0XPf3Edd
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-auth0-requestid: 8abdb0d5240c1c5e0a0b
x-content-type-options: nosniff
x-ratelimit-limit: 100
x-ratelimit-remaining: 99
x-ratelimit-reset: 1712745598

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYWM4YWY1YjAtZjcyNi0xMWVlLWFkYTEtMTU0NTcxNWQ4MDQzIn0
clientstream.launchdarkly.com/eval/63d8e6a606bcaa12bdc19b5f/ 652 B
0 117ms
47ms EventSource
text/event-stream 13.248.151.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/63d8e6a606bcaa12bdc19b5f/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYWM4YWY1YjAtZjcyNi0xMWVlLWFkYTEtMTU0NTcxNWQ4MDQzIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.151.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: text/event-stream
Cache-Control: no-cache
Referer: https://demo.mijnhr.lima.payflip.be/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 10:39:57 GMT
strict-transport-security: max-age=31536000
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-content-length: 2003
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H/1.1 200
OK jquery.min.js Show response
sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/js/ 87 KB
36 KB 214ms
212ms Script
text/javascript 193.190.121.28
BELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/js/jquery.min.js

Requested by

Host: sso.demo.payrollhr.be
URL: https://sso.demo.payrollhr.be/auth/realms/payflip/protocol/openid-connect/auth?client_id=idp-payflip-auth0&scope=openid%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fstaging.auth.payflip.be%2Flogin%2Fcallback&response_mode=query&state=nhBK7aKb463xBYuvjbj77OZe0XPf3Edd

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.190.121.28 Liège, Belgium, ASN2611 (BELNET, BE),

Reverse DNS

Software

nginx /

Resource Hash

80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 10:39:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 135ms
45ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c02a03c0eb2897b9508164b1e49cb0f240af1ae1a87717750670bced74b511e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Apr 2024 10:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 09:55:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Apr 2024 10:39:58 GMT

GET
H/1.1 200
OK custom-login.css
sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/css/ 8 KB
2 KB 324ms
125ms Stylesheet
text/css 193.190.121.28
BELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/css/custom-login.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.190.121.28 Liège, Belgium, ASN2611 (BELNET, BE),

Reverse DNS

Software

nginx /

Resource Hash

902c358f73b1d9895472b94a313d749108ee27549f0ff0e56e2bb9533ccced69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 10:39:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK keycloak-override.css
sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/css/ 3 KB
2 KB 325ms
127ms Stylesheet
text/css 193.190.121.28
BELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/css/keycloak-override.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.190.121.28 Liège, Belgium, ASN2611 (BELNET, BE),

Reverse DNS

Software

nginx /

Resource Hash

78ebe7f7131100b045ab81ddede398b3d89ec1c5745e4cf706601c324bbca719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 10:39:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK primeng.min.css
sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/css/ 57 KB
13 KB 399ms
199ms Stylesheet
text/css 193.190.121.28
BELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/css/primeng.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.190.121.28 Liège, Belgium, ASN2611 (BELNET, BE),

Reverse DNS

Software

nginx /

Resource Hash

24add5f4c1787348f0dd946c247bb7f6da5446ef48723b8f88dad909d3cc9297

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 10:39:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK keycloak-override.js Show response
sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/js/ 4 KB
1 KB 327ms
128ms Script
text/javascript 193.190.121.28
BELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/js/keycloak-override.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.190.121.28 Liège, Belgium, ASN2611 (BELNET, BE),

Reverse DNS

Software

nginx /

Resource Hash

02fefb25cf836101fba5525d72b404ae3a47dd25cb1d02e855df74bd88a461e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 10:39:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK background.webp
sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/img/ 27 KB
28 KB 112ms
112ms Image
application/octet-stream 193.190.121.28
BELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/img/background.webp

Requested by

Host: sso.demo.payrollhr.be
URL: https://sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/css/custom-login.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.190.121.28 Liège, Belgium, ASN2611 (BELNET, BE),

Reverse DNS

Software

nginx /

Resource Hash

20c2612e4218fc82e7f91106ae0a7608fa3d52f20f76151eba11524b694beb92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 10:39:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/octet-stream
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Logo.webp
sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/img/ 3 KB
4 KB 110ms
109ms Image
application/octet-stream 193.190.121.28
BELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/img/Logo.webp

Requested by

Host: sso.demo.payrollhr.be
URL: https://sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/css/custom-login.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.190.121.28 Liège, Belgium, ASN2611 (BELNET, BE),

Reverse DNS

Software

nginx /

Resource Hash

1fd67f87965071a6c8fcb95456d964852e95688b7ffeab96adf18733bff53388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 10:39:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/octet-stream
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 3500
X-XSS-Protection: 1; mode=block

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 93ms
28ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://sso.demo.payrollhr.be
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 08:01:46 GMT
x-content-type-options: nosniff
age: 9492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Apr 2025 08:01:46 GMT

GET
H/1.1 200
OK favicon.ico
sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/img/ 4 KB
5 KB 109ms
108ms Other
application/octet-stream 193.190.121.28
BELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.demo.payrollhr.be/auth/resources/kjhho/login/wcs/img/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.190.121.28 Liège, Belgium, ASN2611 (BELNET, BE),

Reverse DNS

Software

nginx /

Resource Hash

f47295b9df3cf6d2fd82e0b2d52afa81bd0efd13c5204b08095a007cb9610dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 10:39:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/octet-stream
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 4563
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| addCSSClassToLabelsOfFormHorizontalInputFieldsOfType function| handleSelect

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
staging.auth.payflip.be/	1970-01-21 04:31:43	Name: did Value: s%3Av0%3Aacbadf50-f726-11ee-9dd0-49ae2a6eacdc.NnjnaytXX0dCBRB1aRMLllOYKB%2B0PzJAF4f5W5AXydA
staging.auth.payflip.be/	1970-01-20 19:50:04	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQBo2VKADLS4V6N6NEVRb2YTKNXqNre_0JyCV1vRUzxDDsVCSLhaQTiSQjPB7rVHHAxsMINmqRG8CeVm7RJnxY8mmY29va2llg6dleHBpcmVz1_9oMF0AZhpg_a5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.beygdpSucJEXzSWKqilnmor%2BCqUGnSgQMd7fk28tQew
staging.auth.payflip.be/	1970-01-21 04:31:43	Name: did_compat Value: s%3Av0%3Aacbadf50-f726-11ee-9dd0-49ae2a6eacdc.NnjnaytXX0dCBRB1aRMLllOYKB%2B0PzJAF4f5W5AXydA
staging.auth.payflip.be/	1970-01-20 19:50:04	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQBo2VKADLS4V6N6NEVRb2YTKNXqNre_0JyCV1vRUzxDDsVCSLhaQTiSQjPB7rVHHAxsMINmqRG8CeVm7RJnxY8mmY29va2llg6dleHBpcmVz1_9oMF0AZhpg_a5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.beygdpSucJEXzSWKqilnmor%2BCqUGnSgQMd7fk28tQew
.staging.auth.payflip.be/	1970-01-20 19:45:47	Name: __cf_bm Value: Qu.4aFZpuU19g7YiYHafYVLvj7JF9Kzxshjrms09F6s-1712745597-1.0.1.1-ko1.3M8znDzmK1uwQO3QOSjN_XdKHMh5Pp1t681mI0MaDywC__DIki9LKRMZdzmr

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sso.demo.payrollhr.be/auth/realms/payflip/protocol/openid-connect/auth?client_id=idp-payflip-auth0&scope=openid%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fstaging.auth.payflip.be%2Flogin%2Fcallback&response_mode=query&state=nhBK7aKb463xBYuvjbj77OZe0XPf3Edd Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
clientstream.launchdarkly.com
demo.mijnhr.lima.payflip.be
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
preview.app-api.payflip.be
sso.demo.payrollhr.be
staging.auth.payflip.be
13.248.151.210
151.101.130.217
193.190.121.28
20.105.216.0
2600:1f18:2489:8202::c8
2606:4700::6813:9813
2607:f8b0:4006:807::200a
2607:f8b0:4006:823::2003
52.206.205.81
02fefb25cf836101fba5525d72b404ae3a47dd25cb1d02e855df74bd88a461e9
159bcaf8865e8fd7929b424f588b31bf3f77d5c4b8ddf4e7433ab7a34abfa8f5
1fd67f87965071a6c8fcb95456d964852e95688b7ffeab96adf18733bff53388
20c2612e4218fc82e7f91106ae0a7608fa3d52f20f76151eba11524b694beb92
24add5f4c1787348f0dd946c247bb7f6da5446ef48723b8f88dad909d3cc9297
4f7390d2268ff5124b2ba8838d36356d8071fe0aa52146c412500a535aed5b3f
5c02a03c0eb2897b9508164b1e49cb0f240af1ae1a87717750670bced74b511e
78ebe7f7131100b045ab81ddede398b3d89ec1c5745e4cf706601c324bbca719
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
902c358f73b1d9895472b94a313d749108ee27549f0ff0e56e2bb9533ccced69
926862f3844128baef61b9f95097c16b1ca827b1de90ae2134c7516df191c1cc
c456131c7ffa326f6a68aae298e513d8efd4c282cb37d46bd5b8d05a7576791c
c4db91a4c15755fe140d8e165de0749069434929791a4ce27842da2a6c24d884
f47295b9df3cf6d2fd82e0b2d52afa81bd0efd13c5204b08095a007cb9610dd1

sso.demo.payrollhr.be Open in urlscan Pro 193.190.121.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

44 %IPv6

5 Domains

9 Subdomains

8 IPs

3 Countries

739 kBTransfer

2188 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

5 Cookies

1 Console Messages

Security Headers

Indicators

sso.demo.payrollhr.be Open in urlscan Pro
193.190.121.28 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

44 %
IPv6

5
Domains

9
Subdomains

8
IPs

3
Countries

739 kB
Transfer

2188 kB
Size

5
Cookies

25 HTTP transactions
0 data transactions