Submitted URL: https://account-manager.one-shift.net/
Effective URL: https://accounts.one-shift.net/signin/?uid=P-WrTvTyk0QqlTL6s5F72&sig=4i8_z8BKZ5ddsaRQh50gjtIS1fg
Submission: On November 10 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 13.32.99.107, located in United States and belongs to AMAZON-02, US. The main domain is accounts.one-shift.net.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 10th 2024. Valid for: a year.
This is the only time accounts.one-shift.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 18.66.122.8 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 13.32.99.107 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
17 7
Apex Domain
Subdomains
Transfer
10 one-shift.net
account-manager.one-shift.net
accounts.one-shift.net
673 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
102 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
55 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
17 5
Domain Requested by
8 account-manager.one-shift.net 1 redirects account-manager.one-shift.net
2 region1.google-analytics.com www.googletagmanager.com
2 accounts.one-shift.net 1 redirects account-manager.one-shift.net
accounts.one-shift.net
1 www.googletagmanager.com account-manager.one-shift.net
1 cdn.jsdelivr.net account-manager.one-shift.net
1 fonts.googleapis.com account-manager.one-shift.net
17 6

This site contains no links.

Subject Issuer Validity Valid
account-manager.one-shift.net
Amazon RSA 2048 M03
2023-12-11 -
2025-01-08
a year crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
accounts.one-shift.net
Amazon RSA 2048 M03
2024-11-10 -
2025-12-10
a year crt.sh

This page contains 1 frames:

Primary Page: https://accounts.one-shift.net/signin/?uid=P-WrTvTyk0QqlTL6s5F72&sig=4i8_z8BKZ5ddsaRQh50gjtIS1fg
Frame ID: 58FB71AC1C01BE19D56B7220A3839A8C
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

SHIFT Account

Page URL History Show full URLs

  1. https://account-manager.one-shift.net/ Page URL
  2. https://account-manager.one-shift.net/login/?url=%2F HTTP 302
    https://accounts.one-shift.net/connect/auth?response_type=code&redirect_uri=https%3A%2F%2Faccount-manager.o... HTTP 303
    https://accounts.one-shift.net/signin/?uid=P-WrTvTyk0QqlTL6s5F72&sig=4i8_z8BKZ5ddsaRQh50gjtIS1fg Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

17
Requests

76 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

829 kB
Transfer

2875 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://account-manager.one-shift.net/ Page URL
  2. https://account-manager.one-shift.net/login/?url=%2F HTTP 302
    https://accounts.one-shift.net/connect/auth?response_type=code&redirect_uri=https%3A%2F%2Faccount-manager.one-shift.net%2Flogin%2Fcallback&client_id=eb5c1c07-6bc9-454a-acb6-589c534153c3&state=15c44e817047&scope=openid%20read%3Auser%20write%3Auser%20read%3Aorganization%20read%3Aorganization_user%20write%3Aorganization_user%20read%3Afile_storage%20write%3Afile_storage%20read%3Anotification%20write%3Anotification&code_challenge_method=S256&code_challenge=fSL1VnErr173UycnTkbrqxmqCeZbvJuIX1ZzNXiKrmI&ui_locales=ja&max_age=60 HTTP 303
    https://accounts.one-shift.net/signin/?uid=P-WrTvTyk0QqlTL6s5F72&sig=4i8_z8BKZ5ddsaRQh50gjtIS1fg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
account-manager.one-shift.net/
1 KB
1 KB
Document
General
Full URL
https://account-manager.one-shift.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-8.fra60.r.cloudfront.net
Software
/
Resource Hash
7328c6e47ed48fc55865a698d338d910e67624248bb6a1347d2811199b21f664
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sun, 10 Nov 2024 06:43:11 GMT
etag
W/"472-189dcc3f4a8"
last-modified
Thu, 10 Aug 2023 00:06:17 GMT
origin-agent-cluster
?1
referrer-policy
no-referrer
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
x-amz-cf-id
yR2Cnh_wdq8gUJcALELQu_-uApCmEY_bkrP0Q5oRHFvKuL_XKYFmNQ==
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-xss-protection
0
css
fonts.googleapis.com/
13 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Requested by
Host: account-manager.one-shift.net
URL: https://account-manager.one-shift.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dff47bae4175b044a3e8020eac2480b834691a0c39a3344128b3d2ee958930bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 10 Nov 2024 06:43:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 06:43:11 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 10 Nov 2024 05:13:38 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/
339 KB
55 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Requested by
Host: account-manager.one-shift.net
URL: https://account-manager.one-shift.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"54a02-OVjZUfBzAil15Q3gxxGhe/obcD8"
age
31390
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sun, 10 Nov 2024 06:43:11 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220158-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
55843
x-jsd-version
7.4.47
chunk-vendors.7345da13.css
account-manager.one-shift.net/css/
747 KB
135 KB
Stylesheet
General
Full URL
https://account-manager.one-shift.net/css/chunk-vendors.7345da13.css
Requested by
Host: account-manager.one-shift.net
URL: https://account-manager.one-shift.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-8.fra60.r.cloudfront.net
Software
/
Resource Hash
9a6a97a49767646c9987b09f45f395b43f561ab67ce110ef032c310600c15d6e
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
W/"badb9-189dcc3f4a8"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
6S_5DXFVdHrNUw38-b87n3-V8tQDjVcn160Y4u5leAxKcSYeSaCFBQ==
date
Sun, 10 Nov 2024 06:43:11 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding, Origin
last-modified
Thu, 10 Aug 2023 00:06:17 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
cache-control
no-cache, no-store
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
accept-ranges
bytes
x-xss-protection
0
origin-agent-cluster
?1
x-amz-cf-pop
FRA60-P2
main.bf94dfc2.css
account-manager.one-shift.net/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://account-manager.one-shift.net/css/main.bf94dfc2.css
Requested by
Host: account-manager.one-shift.net
URL: https://account-manager.one-shift.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-8.fra60.r.cloudfront.net
Software
/
Resource Hash
4c32fc1e8726867c381ca08c2d5a04b763db6c40a9729fbe3187fa7902ed58ca
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
W/"fe9-189dcc3f4a8"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
Iw4GXuoZRYtDAyz4jsXbNvAAdG6_Q51ckEl6qrliExqSXShP8QlboQ==
date
Sun, 10 Nov 2024 06:43:11 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding, Origin
last-modified
Thu, 10 Aug 2023 00:06:17 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
cache-control
no-cache, no-store
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
accept-ranges
bytes
x-xss-protection
0
origin-agent-cluster
?1
x-amz-cf-pop
FRA60-P2
chunk-vendors.9d3ce0ff.js
account-manager.one-shift.net/js/
1 MB
489 KB
Script
General
Full URL
https://account-manager.one-shift.net/js/chunk-vendors.9d3ce0ff.js
Requested by
Host: account-manager.one-shift.net
URL: https://account-manager.one-shift.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-8.fra60.r.cloudfront.net
Software
/
Resource Hash
486339c5b7364c45e618dee6b65ebaba0f01983833c5416bd46bac2605626676
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
W/"14c4a9-189dcc3f4a8"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
vx9wHnU96FLne2LYSXdLYPOpUQTjvfjJc_6EGDrLKH1S1ShhCg7X8A==
date
Sun, 10 Nov 2024 06:43:11 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
last-modified
Thu, 10 Aug 2023 00:06:17 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
cache-control
no-cache, no-store
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
accept-ranges
bytes
x-xss-protection
0
origin-agent-cluster
?1
x-amz-cf-pop
FRA60-P2
main.72de198a.js
account-manager.one-shift.net/js/
137 KB
40 KB
Script
General
Full URL
https://account-manager.one-shift.net/js/main.72de198a.js
Requested by
Host: account-manager.one-shift.net
URL: https://account-manager.one-shift.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-8.fra60.r.cloudfront.net
Software
/
Resource Hash
fc946901d13b0a854b5f7433b186f9e39bd01536348ad04fdc7698bf215bb678
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
W/"2241e-189dcc3f4a8"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
-uPLqJGbuWxpvvxR1SK9Qdyzgbki1h0Lu4HAbPBDhVuZQ96pd0wXAA==
date
Sun, 10 Nov 2024 06:43:11 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
last-modified
Thu, 10 Aug 2023 00:06:17 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
cache-control
no-cache, no-store
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
accept-ranges
bytes
x-xss-protection
0
origin-agent-cluster
?1
x-amz-cf-pop
FRA60-P2
js
www.googletagmanager.com/gtag/
298 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2YKLT3K3RE&l=dataLayer
Requested by
Host: account-manager.one-shift.net
URL: https://account-manager.one-shift.net/js/chunk-vendors.9d3ce0ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
89ad42b2cb1663a1d34f4df40b12d8f9dc9e07ef01cfbdcbb533e61867e24c0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 10 Nov 2024 06:43:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 06:43:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104045
x-xss-protection
0
server
Google Tag Manager
token
account-manager.one-shift.net/login/
172 B
857 B
XHR
General
Full URL
https://account-manager.one-shift.net/login/token
Requested by
Host: account-manager.one-shift.net
URL: https://account-manager.one-shift.net/js/chunk-vendors.9d3ce0ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-8.fra60.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer

Response headers

etag
W/"ac-SZajgZshLl/lCEHZ1HbV5ETPhFQ"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Error from cloudfront
x-amz-cf-id
rOmIwKJJ6AhcbLzsP2RQ5X6Ic0ieNOGC77kMP2O9OCgqBO7jvufnZQ==
date
Sun, 10 Nov 2024 06:43:14 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
cache-control
no-cache, no-store
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
content-length
172
x-xss-protection
0
origin-agent-cluster
?1
x-amz-cf-pop
FRA60-P2
favicon.ico
account-manager.one-shift.net/
5 KB
1 KB
Other
General
Full URL
https://account-manager.one-shift.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-8.fra60.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
W/"159e-189dcc3f4a8"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
bGPzwl0FTXlhxeCezh9Oi53uRDf8ONkE9IIAbtSdhFEGkL8asKDkYQ==
date
Sun, 10 Nov 2024 06:43:14 GMT
content-type
image/x-icon
vary
Accept-Encoding, Origin
last-modified
Thu, 10 Aug 2023 00:06:17 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
cache-control
no-cache, no-store
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
accept-ranges
bytes
x-xss-protection
0
origin-agent-cluster
?1
x-amz-cf-pop
FRA60-P2
Primary Request /
accounts.one-shift.net/signin/
Redirect Chain
  • https://account-manager.one-shift.net/login/?url=%2F
  • https://accounts.one-shift.net/connect/auth?response_type=code&redirect_uri=https%3A%2F%2Faccount-manager.one-shift.net%2Flogin%2Fcallback&client_id=eb5c1c07-6bc9-454a-acb6-589c534153c3&state=15c44...
  • https://accounts.one-shift.net/signin/?uid=P-WrTvTyk0QqlTL6s5F72&sig=4i8_z8BKZ5ddsaRQh50gjtIS1fg
908 B
2 KB
Document
General
Full URL
https://accounts.one-shift.net/signin/?uid=P-WrTvTyk0QqlTL6s5F72&sig=4i8_z8BKZ5ddsaRQh50gjtIS1fg
Requested by
Host: account-manager.one-shift.net
URL: https://account-manager.one-shift.net/js/main.72de198a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-107.fra60.r.cloudfront.net
Software
/
Resource Hash
056de4fcf3b124dac6a992412ed13b4da626b02ca82936c07ff0cc9af56c87c0
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store
content-length
908
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sun, 10 Nov 2024 06:43:16 GMT
etag
W/"38c-19077795a00"
last-modified
Wed, 03 Jul 2024 07:22:40 GMT
origin-agent-cluster
?1
referrer-policy
no-referrer
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-id
qM0xm0jEvBtwONnfUAOHQOwsbgy7bm3GP4nNdzkY-s6q0-fTrqUJmw==
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-xss-protection
0

Redirect headers

cache-control
no-store
content-length
171
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sun, 10 Nov 2024 06:43:15 GMT
location
/signin/?uid=P-WrTvTyk0QqlTL6s5F72&sig=4i8_z8BKZ5ddsaRQh50gjtIS1fg
origin-agent-cluster
?1
referrer-policy
no-referrer
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-id
pQGwplo__U6rgv6r76hscfqkTwL2GylCnNTF8MyHQdf-hvKwSaTRcg==
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-xss-protection
0
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2YKLT3K3RE&gtm=45je4b70v879820262za200&_p=1731220993292&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=1781196283.1731220994&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=1&sid=1731220993&sct=1&seg=0&dl=https%3A%2F%2Faccount-manager.one-shift.net%2Flogin%3Furl%3D%252F&dt=Account%20Manager&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90&tfd=4042
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2YKLT3K3RE&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://account-manager.one-shift.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 06:43:14 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2YKLT3K3RE&gtm=45je4b70v879820262za200&_p=1731220993292&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=1781196283.1731220994&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&dp=%2Flogin&dl=https%3A%2F%2Faccount-manager.one-shift.net%2Flogin%3Furl%3D%252F&sid=1731220993&sct=1&seg=1&dt=Account%20Manager&en=page_view&_ee=1&_et=3&tfd=5034
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2YKLT3K3RE&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://account-manager.one-shift.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 06:43:15 GMT
content-type
text/plain
server
Golfe2
chunk-vendors.66402aa2.css
accounts.one-shift.net/css/
0
0

signin.be02c5b3.css
accounts.one-shift.net/css/
0
0

chunk-vendors.f05d85be.js
accounts.one-shift.net/js/
0
0

signin.42f0f8fb.js
accounts.one-shift.net/js/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
accounts.one-shift.net
URL
https://accounts.one-shift.net/css/chunk-vendors.66402aa2.css
Domain
accounts.one-shift.net
URL
https://accounts.one-shift.net/css/signin.be02c5b3.css
Domain
accounts.one-shift.net
URL
https://accounts.one-shift.net/js/chunk-vendors.f05d85be.js
Domain
accounts.one-shift.net
URL
https://accounts.one-shift.net/js/signin.42f0f8fb.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Domain/Path Name / Value
accounts.one-shift.net/connect/auth/P-WrTvTyk0QqlTL6s5F72 Name: _interaction_resume
Value: P-WrTvTyk0QqlTL6s5F72
accounts.one-shift.net/connect/auth/P-WrTvTyk0QqlTL6s5F72 Name: _interaction_resume.sig
Value: SO-egFyuOkuU5B5hegcS25KfISQ
accounts.one-shift.net/signin/ Name: _interaction
Value: P-WrTvTyk0QqlTL6s5F72
accounts.one-shift.net/signin/ Name: _interaction.sig
Value: 4i8_z8BKZ5ddsaRQh50gjtIS1fg
.one-shift.net/ Name: _ga
Value: GA1.1.1781196283.1731220994
account-manager.one-shift.net/ Name: proxy.sid
Value: s%3AqEVcVdBdPGxrhx68Kd6G1TW5KgImpcho.9eSbCe9SyN6GZdTpPBN%2BHbMRYQ02nLpzvL5ffC5R%2FJc
.one-shift.net/ Name: _ga_2YKLT3K3RE
Value: GS1.1.1731220993.1.1.1731220996.0.0.0

1 Console Messages

Source Level URL
Text
network error URL: https://account-manager.one-shift.net/login/token
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0