Submitted URL: https://client.sortlist-test.com/
Effective URL: https://auth.sortlist.com/login?state=g6Fo2SBqN05qdzgxWEh2aDdqZ0w4alVqWFFzMHFSU2hOemZDSKN0aWTZIHdNcExkLUFXZ1JFbkhSR1IyZmVy...
Submission: On March 24 via automatic, source certstream-suspicious

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 9 HTTP transactions. The main IP is 34.216.95.178, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is auth.sortlist.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 4th 2020. Valid for: 3 months.
This is the only time auth.sortlist.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 4 34.216.95.178 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.218.106.203 16509 (AMAZON-02)
3 143.204.215.119 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
9 6
Domain Requested by
4 auth.sortlist.com 2 redirects cdn.auth0.com
3 cdn.auth0.com auth.sortlist.com
cdn.auth0.com
2 fonts.gstatic.com auth.sortlist.com
2 client.sortlist-test.com 2 redirects
1 s3-eu-west-1.amazonaws.com auth.sortlist.com
1 fonts.googleapis.com auth.sortlist.com
9 6

This site contains no links.

Subject Issuer Validity Valid
auth.sortlist.com
Let's Encrypt Authority X3
2020-02-04 -
2020-05-04
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
*.s3-eu-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2
2019-11-09 -
2020-12-10
a year crt.sh
*.auth0.com
Amazon
2019-06-21 -
2020-07-21
a year crt.sh
*.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth.sortlist.com/login?state=g6Fo2SBqN05qdzgxWEh2aDdqZ0w4alVqWFFzMHFSU2hOemZDSKN0aWTZIHdNcExkLUFXZ1JFbkhSR1IyZmVySzJEOUt0RE9ITUNuo2NpZNkgRDJPbmJLUVhHYVlGTFdsWEhQVUk0SHlMSktWYUI4UE4&client=D2OnbKQXGaYFLWlXHPUI4HyLJKVaB8PN&protocol=oauth2&locale=en&audience=https%3A%2F%2Fcore.sortlist-test.com%2Fv3%2F&redirect_uri=https%3A%2F%2Fclient.sortlist-test.com%2Flogin&scope=openid%20email%20profile&response_type=code
Frame ID: BB02EE5D958A8DAA08F9D75A3EAF5507
Requests: 13 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://client.sortlist-test.com/ HTTP 302
    https://auth.sortlist.com/authorize?locale=en&prompt=none&audience=https%3A%2F%2Fcore.sortlist-test.co... HTTP 302
    https://client.sortlist-test.com/login?error=login_required&error_description=Login%20required&state=eyJhbGci... HTTP 302
    https://auth.sortlist.com/authorize?locale=en&audience=https%3A%2F%2Fcore.sortlist-test.com%2Fv3%2F&cl... HTTP 302
    https://auth.sortlist.com/login?state=g6Fo2SBqN05qdzgxWEh2aDdqZ0w4alVqWFFzMHFSU2hOemZDSKN0aWTZIHdNcExk... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

9
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

237 kB
Transfer

771 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://client.sortlist-test.com/ HTTP 302
    https://auth.sortlist.com/authorize?locale=en&prompt=none&audience=https%3A%2F%2Fcore.sortlist-test.com%2Fv3%2F&client_id=D2OnbKQXGaYFLWlXHPUI4HyLJKVaB8PN&redirect_uri=https%3A%2F%2Fclient.sortlist-test.com%2Flogin&scope=openid%20email%20profile&response_type=code&state=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InNvcnRsaXN0LWNsaWVudC1hcHAtc3RhZ2luZy0xNTMyNTg5MjkwIn0.eyJzdGF0ZSI6eyJyZWRpcmVjdFVybCI6Ii8ifSwibm9uY2UiOiJxak9YUGltUk9lWnVYY01oIiwibG9jYWxlIjoiZW4iLCJzc28iOnRydWUsImlhdCI6MTU4NTAxMTU3MywiYXVkIjoiaHR0cHM6Ly9jbGllbnQuc29ydGxpc3QtdGVzdC5jb20vbG9naW4ifQ.EYX8SsQ9TfV_TzfWYZzUuAroyNaP3trAyuMkFeJgXY4 HTTP 302
    https://client.sortlist-test.com/login?error=login_required&error_description=Login%20required&state=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InNvcnRsaXN0LWNsaWVudC1hcHAtc3RhZ2luZy0xNTMyNTg5MjkwIn0.eyJzdGF0ZSI6eyJyZWRpcmVjdFVybCI6Ii8ifSwibm9uY2UiOiJxak9YUGltUk9lWnVYY01oIiwibG9jYWxlIjoiZW4iLCJzc28iOnRydWUsImlhdCI6MTU4NTAxMTU3MywiYXVkIjoiaHR0cHM6Ly9jbGllbnQuc29ydGxpc3QtdGVzdC5jb20vbG9naW4ifQ.EYX8SsQ9TfV_TzfWYZzUuAroyNaP3trAyuMkFeJgXY4 HTTP 302
    https://auth.sortlist.com/authorize?locale=en&audience=https%3A%2F%2Fcore.sortlist-test.com%2Fv3%2F&client_id=D2OnbKQXGaYFLWlXHPUI4HyLJKVaB8PN&redirect_uri=https%3A%2F%2Fclient.sortlist-test.com%2Flogin&scope=openid%20email%20profile&response_type=code&state=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InNvcnRsaXN0LWNsaWVudC1hcHAtc3RhZ2luZy0xNTMyNTg5MjkwIn0.eyJzdGF0ZSI6eyJyZWRpcmVjdFVybCI6Ii8ifSwibm9uY2UiOiJML254YzZmQVNwUnlzN3VIIiwibG9jYWxlIjoiZW4iLCJzc28iOmZhbHNlLCJpYXQiOjE1ODUwMTE1NzMsImF1ZCI6Imh0dHBzOi8vY2xpZW50LnNvcnRsaXN0LXRlc3QuY29tL2xvZ2luIn0.yzmtWiWUOM6mIwvAONrs__wSy3RAFqFbYxI7_h8k1O4 HTTP 302
    https://auth.sortlist.com/login?state=g6Fo2SBqN05qdzgxWEh2aDdqZ0w4alVqWFFzMHFSU2hOemZDSKN0aWTZIHdNcExkLUFXZ1JFbkhSR1IyZmVySzJEOUt0RE9ITUNuo2NpZNkgRDJPbmJLUVhHYVlGTFdsWEhQVUk0SHlMSktWYUI4UE4&client=D2OnbKQXGaYFLWlXHPUI4HyLJKVaB8PN&protocol=oauth2&locale=en&audience=https%3A%2F%2Fcore.sortlist-test.com%2Fv3%2F&redirect_uri=https%3A%2F%2Fclient.sortlist-test.com%2Flogin&scope=openid%20email%20profile&response_type=code Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
auth.sortlist.com/
Redirect Chain
  • https://client.sortlist-test.com/
  • https://auth.sortlist.com/authorize?locale=en&prompt=none&audience=https%3A%2F%2Fcore.sortlist-test.com%2Fv3%2F&client_id=D2OnbKQXGaYFLWlXHPUI4HyLJKVaB8PN&redirect_uri=https%3A%2F%2Fclient.sortlist...
  • https://client.sortlist-test.com/login?error=login_required&error_description=Login%20required&state=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InNvcnRsaXN0LWNsaWVudC1hcHAtc3RhZ2luZy0xNTMyNTg5Mjkw...
  • https://auth.sortlist.com/authorize?locale=en&audience=https%3A%2F%2Fcore.sortlist-test.com%2Fv3%2F&client_id=D2OnbKQXGaYFLWlXHPUI4HyLJKVaB8PN&redirect_uri=https%3A%2F%2Fclient.sortlist-test.com%2F...
  • https://auth.sortlist.com/login?state=g6Fo2SBqN05qdzgxWEh2aDdqZ0w4alVqWFFzMHFSU2hOemZDSKN0aWTZIHdNcExkLUFXZ1JFbkhSR1IyZmVySzJEOUt0RE9ITUNuo2NpZNkgRDJPbmJLUVhHYVlGTFdsWEhQVUk0SHlMSktWYUI4UE4&client=...
23 KB
8 KB
Document
General
Full URL
https://auth.sortlist.com/login?state=g6Fo2SBqN05qdzgxWEh2aDdqZ0w4alVqWFFzMHFSU2hOemZDSKN0aWTZIHdNcExkLUFXZ1JFbkhSR1IyZmVySzJEOUt0RE9ITUNuo2NpZNkgRDJPbmJLUVhHYVlGTFdsWEhQVUk0SHlMSktWYUI4UE4&client=D2OnbKQXGaYFLWlXHPUI4HyLJKVaB8PN&protocol=oauth2&locale=en&audience=https%3A%2F%2Fcore.sortlist-test.com%2Fv3%2F&redirect_uri=https%3A%2F%2Fclient.sortlist-test.com%2Flogin&scope=openid%20email%20profile&response_type=code
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.216.95.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-95-178.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
68dd4d01c97c529d7ce578236848a8ec68d704ab133123da76f4c4a313a4d58e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
auth.sortlist.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
did=s%3Av0%3Ab99dd0f0-6d6a-11ea-a054-b32344f1d8c3.WMrzBA1oB0bWiZ2l1082qqVQCQMt5g9tHLri56Og4Ng; did_compat=s%3Av0%3Ab99dd0f0-6d6a-11ea-a054-b32344f1d8c3.WMrzBA1oB0bWiZ2l1082qqVQCQMt5g9tHLri56Og4Ng; auth0=s%3AHpO2VYY89hvES3T0Ry3REiP7YvRa1zvQ.SiCEYay0KX06MwdTwd5P00ved8hE0jXwFr4018BpBW4; auth0_compat=s%3AHpO2VYY89hvES3T0Ry3REiP7YvRa1zvQ.SiCEYay0KX06MwdTwd5P00ved8hE0jXwFr4018BpBW4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Server
nginx
Date
Tue, 24 Mar 2020 00:59:34 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ot-tracer-spanid
196ef3be5b96b142
ot-tracer-traceid
1f464ed451b4ebde
ot-tracer-sampled
true
ot-baggage-auth0-request-id
24711-1585011574.184-83.143.245.68-1344
X-Auth0-RequestId
3176c3ac92b4174bf7e9
X-RateLimit-Limit
1000
X-RateLimit-Remaining
999
X-RateLimit-Reset
1585011575
set-cookie
_csrf=BdNJjLPBmBWztpVdnUVjWemR; Max-Age=864000; Path=/usernamepassword/login; HttpOnly; Secure
X-Robots-Tag
noindex, nofollow noindex, nofollow, nosnippet, noarchive
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
ETag
W/"5c28-P+FIjOhvtt2q8CSHmnBHw5antNs"
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
Content-Encoding
gzip
Strict-Transport-Security
max-age=15768000

Redirect headers

Server
nginx
Date
Tue, 24 Mar 2020 00:59:34 GMT
Content-Type
text/html; charset=utf-8
Content-Length
888
Connection
keep-alive
ot-tracer-spanid
4c4850cd70f6a39a
ot-tracer-traceid
34835e344b866202
ot-tracer-sampled
true
ot-baggage-auth0-request-id
24711-1585011573.958-83.143.245.68-1340
X-Auth0-RequestId
824661c0516a52bbd631
X-RateLimit-Limit
1000
X-RateLimit-Remaining
999
X-RateLimit-Reset
1585011574
Location
/login?state=g6Fo2SBqN05qdzgxWEh2aDdqZ0w4alVqWFFzMHFSU2hOemZDSKN0aWTZIHdNcExkLUFXZ1JFbkhSR1IyZmVySzJEOUt0RE9ITUNuo2NpZNkgRDJPbmJLUVhHYVlGTFdsWEhQVUk0SHlMSktWYUI4UE4&client=D2OnbKQXGaYFLWlXHPUI4HyLJKVaB8PN&protocol=oauth2&locale=en&audience=https%3A%2F%2Fcore.sortlist-test.com%2Fv3%2F&redirect_uri=https%3A%2F%2Fclient.sortlist-test.com%2Flogin&scope=openid%20email%20profile&response_type=code
Vary
Accept
Set-Cookie
auth0=s%3AHpO2VYY89hvES3T0Ry3REiP7YvRa1zvQ.SiCEYay0KX06MwdTwd5P00ved8hE0jXwFr4018BpBW4; Path=/; Expires=Fri, 27 Mar 2020 00:59:33 GMT; HttpOnly; Secure; SameSite=None auth0_compat=s%3AHpO2VYY89hvES3T0Ry3REiP7YvRa1zvQ.SiCEYay0KX06MwdTwd5P00ved8hE0jXwFr4018BpBW4; Path=/; Expires=Fri, 27 Mar 2020 00:59:33 GMT; HttpOnly; Secure
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Strict-Transport-Security
max-age=15768000
css
fonts.googleapis.com/
1 KB
545 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: auth.sortlist.com
URL: https://auth.sortlist.com/login?state=g6Fo2SBqN05qdzgxWEh2aDdqZ0w4alVqWFFzMHFSU2hOemZDSKN0aWTZIHdNcExkLUFXZ1JFbkhSR1IyZmVySzJEOUt0RE9ITUNuo2NpZNkgRDJPbmJLUVhHYVlGTFdsWEhQVUk0SHlMSktWYUI4UE4&client=D2OnbKQXGaYFLWlXHPUI4HyLJKVaB8PN&protocol=oauth2&locale=en&audience=https%3A%2F%2Fcore.sortlist-test.com%2Fv3%2F&redirect_uri=https%3A%2F%2Fclient.sortlist-test.com%2Flogin&scope=openid%20email%20profile&response_type=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8235befaa90794559978bcf134955b78f0d560f7448cb0119a7079e74de9b322
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Mar 2020 00:59:34 GMT
server
ESF
date
Tue, 24 Mar 2020 00:59:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Mar 2020 00:59:34 GMT
logo-sl-square.svg
s3-eu-west-1.amazonaws.com/magicagencies/externals/
2 KB
2 KB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/magicagencies/externals/logo-sl-square.svg
Requested by
Host: auth.sortlist.com
URL: https://auth.sortlist.com/login?state=g6Fo2SBqN05qdzgxWEh2aDdqZ0w4alVqWFFzMHFSU2hOemZDSKN0aWTZIHdNcExkLUFXZ1JFbkhSR1IyZmVySzJEOUt0RE9ITUNuo2NpZNkgRDJPbmJLUVhHYVlGTFdsWEhQVUk0SHlMSktWYUI4UE4&client=D2OnbKQXGaYFLWlXHPUI4HyLJKVaB8PN&protocol=oauth2&locale=en&audience=https%3A%2F%2Fcore.sortlist-test.com%2Fv3%2F&redirect_uri=https%3A%2F%2Fclient.sortlist-test.com%2Flogin&scope=openid%20email%20profile&response_type=code
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.106.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
211547d764b576a7a96d7a31aa24c7631f47008dd4733f4a33475ba1701f21c8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 24 Mar 2020 00:59:35 GMT
Last-Modified
Wed, 29 Nov 2017 11:14:58 GMT
Server
AmazonS3
x-amz-request-id
6A7E828BB73DD4AE
ETag
"23b2a2e5f0275de16c2dd63a3fdb09e7"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1658
x-amz-id-2
q9Z6MLd1TTMIL6xLdz2kde5eEK6EZPb/iOyq1wJs1neIkqqh8t23WVV/PK39tT342QSW6bGcQmE=
lock.min.js
cdn.auth0.com/js/lock/10.18/
709 KB
196 KB
Script
General
Full URL
https://cdn.auth0.com/js/lock/10.18/lock.min.js
Requested by
Host: auth.sortlist.com
URL: https://auth.sortlist.com/login?state=g6Fo2SBqN05qdzgxWEh2aDdqZ0w4alVqWFFzMHFSU2hOemZDSKN0aWTZIHdNcExkLUFXZ1JFbkhSR1IyZmVySzJEOUt0RE9ITUNuo2NpZNkgRDJPbmJLUVhHYVlGTFdsWEhQVUk0SHlMSktWYUI4UE4&client=D2OnbKQXGaYFLWlXHPUI4HyLJKVaB8PN&protocol=oauth2&locale=en&audience=https%3A%2F%2Fcore.sortlist-test.com%2Fv3%2F&redirect_uri=https%3A%2F%2Fclient.sortlist-test.com%2Flogin&scope=openid%20email%20profile&response_type=code
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.215.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-119.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52d6a574808c2e3a9a42e23ee0cb18dd5d95ff9b516a71a6a5a5264e64a78d26

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
6O6EEOOzwa4qRqZuXP7tPm2rFTgMP8PX
content-encoding
gzip
last-modified
Fri, 23 Jun 2017 22:23:51 GMT
server
AmazonS3
age
7945
date
Mon, 23 Mar 2020 22:47:10 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=10800,public
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
eQeCxHHY9Zef1NAtG8TapCFegvkMalQ5mxWNjN2DS_l26AAsqGqR4w==
via
1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
MDadn8DQ_3oT6kvnUq_2r_esZW2xOQ-xsNqO47m55DA.woff2
fonts.gstatic.com/s/lato/v14/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/MDadn8DQ_3oT6kvnUq_2r_esZW2xOQ-xsNqO47m55DA.woff2
Requested by
Host: auth.sortlist.com
URL: https://auth.sortlist.com/login?state=g6Fo2SBqN05qdzgxWEh2aDdqZ0w4alVqWFFzMHFSU2hOemZDSKN0aWTZIHdNcExkLUFXZ1JFbkhSR1IyZmVySzJEOUt0RE9ITUNuo2NpZNkgRDJPbmJLUVhHYVlGTFdsWEhQVUk0SHlMSktWYUI4UE4&client=D2OnbKQXGaYFLWlXHPUI4HyLJKVaB8PN&protocol=oauth2&locale=en&audience=https%3A%2F%2Fcore.sortlist-test.com%2Fv3%2F&redirect_uri=https%3A%2F%2Fclient.sortlist-test.com%2Flogin&scope=openid%20email%20profile&response_type=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://auth.sortlist.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
font

Response headers

date
Thu, 05 Mar 2020 04:12:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:19 GMT
server
sffe
age
1630015
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13944
x-xss-protection
0
expires
Fri, 05 Mar 2021 04:12:39 GMT
badge.png
cdn.auth0.com/styleguide/components/1.0.8/media/logos/img/
2 KB
2 KB
Image
General
Full URL
https://cdn.auth0.com/styleguide/components/1.0.8/media/logos/img/badge.png
Requested by
Host: auth.sortlist.com
URL: https://auth.sortlist.com/login?state=g6Fo2SBqN05qdzgxWEh2aDdqZ0w4alVqWFFzMHFSU2hOemZDSKN0aWTZIHdNcExkLUFXZ1JFbkhSR1IyZmVySzJEOUt0RE9ITUNuo2NpZNkgRDJPbmJLUVhHYVlGTFdsWEhQVUk0SHlMSktWYUI4UE4&client=D2OnbKQXGaYFLWlXHPUI4HyLJKVaB8PN&protocol=oauth2&locale=en&audience=https%3A%2F%2Fcore.sortlist-test.com%2Fv3%2F&redirect_uri=https%3A%2F%2Fclient.sortlist-test.com%2Flogin&scope=openid%20email%20profile&response_type=code
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.215.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-119.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33fb88f606a3f32f2f218df25dcc69283d9a555a0f8e253f2092f3af53404c11

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-amz-version-id
CghttMoXpqZBzj9pIZwTb7OuGonBat5c
via
1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
age
81815
x-cache
Hit from cloudfront
status
200
date
Mon, 23 Mar 2020 02:16:00 GMT
x-amz-replication-status
COMPLETED
content-length
1591
last-modified
Thu, 04 May 2017 21:37:11 GMT
server
AmazonS3
etag
"e3842ac36d4fbd8d4e31a39999c0eba6"
content-type
image/png
cache-control
max-age=2628000,public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
1pw_WEvB7d4UeMs82YqNkDkKXOBJQ-hyFkyLZzcEmxSn15I2F7_jhg==
D2OnbKQXGaYFLWlXHPUI4HyLJKVaB8PN.js
cdn.auth0.com/client/
978 B
994 B
Script
General
Full URL
https://cdn.auth0.com/client/D2OnbKQXGaYFLWlXHPUI4HyLJKVaB8PN.js?t1585011574456
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/10.18/lock.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.215.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-119.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
ef15c5466e68699e6e742c2546346042b531a8e89c71305a1ae73714c4f86889
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 00:59:34 GMT
content-encoding
gzip
x-auth0-requestid
30b91dda7afa022cea93
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
strict-transport-security
max-age=15724800
server
nginx
ot-tracer-sampled
true
etag
W/"3d2-eSMwEe5FIcPb3HbNSSUYOC7H0GM"
ot-tracer-traceid
4b9cd0f61974adac
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
cache-control
public, max-age=60
ot-baggage-auth0-request-id
25ea79aafaa2eca81a1ab099
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-amz-cf-id
Jonum2JIkElH4g1Um12f4giNso0dcR6ZncNn7VnhYr3fsLx7rGcYvg==
ot-tracer-spanid
31d923f622925651
/
auth.sortlist.com/user/ssodata/
13 B
667 B
XHR
General
Full URL
https://auth.sortlist.com/user/ssodata/
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/10.18/lock.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.216.95.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-95-178.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4b463bb14e596f489375e5838968175b0d50e84e333d79fcc81e01ee6e006d96
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://auth.sortlist.com/login?state=g6Fo2SBqN05qdzgxWEh2aDdqZ0w4alVqWFFzMHFSU2hOemZDSKN0aWTZIHdNcExkLUFXZ1JFbkhSR1IyZmVySzJEOUt0RE9ITUNuo2NpZNkgRDJPbmJLUVhHYVlGTFdsWEhQVUk0SHlMSktWYUI4UE4&client=D2OnbKQXGaYFLWlXHPUI4HyLJKVaB8PN&protocol=oauth2&locale=en&audience=https%3A%2F%2Fcore.sortlist-test.com%2Fv3%2F&redirect_uri=https%3A%2F%2Fclient.sortlist-test.com%2Flogin&scope=openid%20email%20profile&response_type=code
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

Date
Tue, 24 Mar 2020 00:59:35 GMT
Server
nginx
ot-tracer-sampled
true
ETag
W/"d-GlAPaWXrEcmIgYBtGZfYYQ8hNAU"
ot-tracer-traceid
5a5f74d11cd8eeeb
Strict-Transport-Security
max-age=15768000
Connection
keep-alive
Content-Type
application/json; charset=utf-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
Access-Control-Allow-Credentials
true
ot-baggage-auth0-request-id
24711-1585011575.094-83.143.245.68-1223
Content-Length
13
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
X-Auth0-RequestId
f0bcd7f7a76a5fa8f34a
ot-tracer-spanid
1012b66e6bdb4a7f
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cfd309ec91b0036eb35802dedaffcd0976b187bd21a9a473d569ce0837913ad7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba65bf654556a367c0fe373354aa9023ca90726e002376dcb92410f2e9ab2c96

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c4acf0f28094a43f0dbf10c4850284aec88efb8ed50bf3fb4e86c13c18f59c6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf9b44b10a339d642ce06652810a464dec2e1f1c9e948a08142d1e65c3441cff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
MgNNr5y1C_tIEuLEmicLmwLUuEpTyoUstqEm5AMlJo4.woff2
fonts.gstatic.com/s/lato/v14/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/MgNNr5y1C_tIEuLEmicLmwLUuEpTyoUstqEm5AMlJo4.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://auth.sortlist.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
font

Response headers

date
Tue, 10 Mar 2020 22:47:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:24:00 GMT
server
sffe
age
1131130
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14076
x-xss-protection
0
expires
Wed, 10 Mar 2021 22:47:25 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Auth0 function| Auth0Lock object| allTranslations object| config object| query undefined| connection string| locale object| translations object| lock object| containerElement object| titleTextElement object| eventNames

4 Cookies

Domain/Path Name / Value
auth.sortlist.com/ Name: auth0_compat
Value: s%3AHpO2VYY89hvES3T0Ry3REiP7YvRa1zvQ.SiCEYay0KX06MwdTwd5P00ved8hE0jXwFr4018BpBW4
auth.sortlist.com/ Name: auth0
Value: s%3AHpO2VYY89hvES3T0Ry3REiP7YvRa1zvQ.SiCEYay0KX06MwdTwd5P00ved8hE0jXwFr4018BpBW4
auth.sortlist.com/ Name: did_compat
Value: s%3Av0%3Ab99dd0f0-6d6a-11ea-a054-b32344f1d8c3.WMrzBA1oB0bWiZ2l1082qqVQCQMt5g9tHLri56Og4Ng
auth.sortlist.com/ Name: did
Value: s%3Av0%3Ab99dd0f0-6d6a-11ea-a054-b32344f1d8c3.WMrzBA1oB0bWiZ2l1082qqVQCQMt5g9tHLri56Og4Ng

2 Console Messages

Source Level URL
Text
console-api warning URL: https://cdn.auth0.com/js/lock/10.18/lock.min.js(Line 9)
Message:
When provided, the `prefill` property of an element of `additionalSignUpFields` must be a non-empty string or a function.
console-api warning URL: https://cdn.auth0.com/js/lock/10.18/lock.min.js(Line 9)
Message:
When provided, the `prefill` property of an element of `additionalSignUpFields` must be a non-empty string or a function.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block