urlscan.io logo urlscan.io
SecurityTrails logo

auth.lab.ovation.io Open in urlscan Pro
2606:4700::6810:b8f8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app-services.ovation.io/
Effective URL: https://auth.lab.ovation.io/login?state=g6Fo2SA0SzVPeG9IMnFwOVY0a0J5aVdyZDVjbkc3dXBkRFhIU6N0aWTZIFhFdjBYZzJ6eUtsYjc5Mnd2cVY0...
Submission: On February 16 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 2606:4700::6810:b8f8, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth.lab.ovation.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 4th 2020. Valid for: a year.
This is the only time auth.lab.ovation.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 35.190.78.82 15169 (GOOGLE)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 65.9.98.50 16509 (AMAZON-02)
2 52.216.165.61 16509 (AMAZON-02)
6 4
Apex Domain
Subdomains		 Transfer
5 ovation.io
app-services.ovation.io
auth.lab.ovation.io
7 KB
2 amazonaws.com
s3.amazonaws.com
549 KB
2 auth0.com
cdn.auth0.com
207 KB
6 3
Domain Requested by
3 auth.lab.ovation.io 1 redirects cdn.auth0.com
2 s3.amazonaws.com auth.lab.ovation.io
2 cdn.auth0.com auth.lab.ovation.io
cdn.auth0.com
2 app-services.ovation.io 2 redirects
6 4

This site contains no links.

Subject Issuer Validity Valid
auth.lab.ovation.io
Cloudflare Inc ECC CA-3		 2020-12-04 -
2021-12-03		 a year crt.sh
*.auth0.com
Amazon		 2020-05-23 -
2021-06-23		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-08-04 -
2021-08-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://auth.lab.ovation.io/login?state=g6Fo2SA0SzVPeG9IMnFwOVY0a0J5aVdyZDVjbkc3dXBkRFhIU6N0aWTZIFhFdjBYZzJ6eUtsYjc5Mnd2cVY0WEc2cGdXeDhSeGFjo2NpZNkgUnBzZjdlbXYyVzJxdVhhTzZqOVNvYU1nZUpzbUhlUDA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D
Frame ID: 58212F4886AC4F00B97C7B8EB3BDE284
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://app-services.ovation.io/ HTTP 302
    https://app-services.ovation.io/auth/auth0?origin=/&returnTo=https://app-services.ovation.io/auth/redirect&c... HTTP 302
    https://auth.lab.ovation.io/authorize?response_type=code&client_id=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&redi... HTTP 302
    https://auth.lab.ovation.io/login?state=g6Fo2SA0SzVPeG9IMnFwOVY0a0J5aVdyZDVjbkc3dXBkRFhIU6N0aWTZIFhFdjBY... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

6
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

760 kB
Transfer

1306 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app-services.ovation.io/ HTTP 302
    https://app-services.ovation.io/auth/auth0?origin=/&returnTo=https://app-services.ovation.io/auth/redirect&client_id=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0 HTTP 302
    https://auth.lab.ovation.io/authorize?response_type=code&client_id=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid+nickname+email+user_metadata+read%3Aglobal+write%3Aglobal&state=bff743850acbc9759c0247841c20003f26b796b6a6f843d7&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D HTTP 302
    https://auth.lab.ovation.io/login?state=g6Fo2SA0SzVPeG9IMnFwOVY0a0J5aVdyZDVjbkc3dXBkRFhIU6N0aWTZIFhFdjBYZzJ6eUtsYjc5Mnd2cVY0WEc2cGdXeDhSeGFjo2NpZNkgUnBzZjdlbXYyVzJxdVhhTzZqOVNvYU1nZUpzbUhlUDA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
auth.lab.ovation.io/
Redirect Chain
  • https://app-services.ovation.io/
  • https://app-services.ovation.io/auth/auth0?origin=/&returnTo=https://app-services.ovation.io/auth/redirect&client_id=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0
  • https://auth.lab.ovation.io/authorize?response_type=code&client_id=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26ret...
  • https://auth.lab.ovation.io/login?state=g6Fo2SA0SzVPeG9IMnFwOVY0a0J5aVdyZDVjbkc3dXBkRFhIU6N0aWTZIFhFdjBYZzJ6eUtsYjc5Mnd2cVY0WEc2cGdXeDhSeGFjo2NpZNkgUnBzZjdlbXYyVzJxdVhhTzZqOVNvYU1nZUpzbUhlUDA&clien...
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.lab.ovation.io/login?state=g6Fo2SA0SzVPeG9IMnFwOVY0a0J5aVdyZDVjbkc3dXBkRFhIU6N0aWTZIFhFdjBYZzJ6eUtsYjc5Mnd2cVY0WEc2cGdXeDhSeGFjo2NpZNkgUnBzZjdlbXYyVzJxdVhhTzZqOVNvYU1nZUpzbUhlUDA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:b8f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff43c7bfa176201bd7368c9cf686686ec8334c7efe935b975a4a193ed42b7333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
auth.lab.ovation.io
:scheme
https
:path
/login?state=g6Fo2SA0SzVPeG9IMnFwOVY0a0J5aVdyZDVjbkc3dXBkRFhIU6N0aWTZIFhFdjBYZzJ6eUtsYjc5Mnd2cVY0WEc2cGdXeDhSeGFjo2NpZNkgUnBzZjdlbXYyVzJxdVhhTzZqOVNvYU1nZUpzbUhlUDA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d27d48bea7ca8f3d2551288b628e0167b1613509302; did=s%3Av0%3A2ba41460-709a-11eb-975f-9b9f86583dfd.4riHm%2BdnWn4NVNboKOO2%2B9NX4WaLi3XYW9H6ONc7aro; auth0=s%3A5z8ij-5Yhq1tOxtUyIDSeWm-NJF0yWeT.9jPu5GU%2B%2FJ0U8oplGJSvuRcJFYAe1HZSLmaHf6RJn7w; did_compat=s%3Av0%3A2ba41460-709a-11eb-975f-9b9f86583dfd.4riHm%2BdnWn4NVNboKOO2%2B9NX4WaLi3XYW9H6ONc7aro; auth0_compat=s%3A5z8ij-5Yhq1tOxtUyIDSeWm-NJF0yWeT.9jPu5GU%2B%2FJ0U8oplGJSvuRcJFYAe1HZSLmaHf6RJn7w
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 21:01:42 GMT
content-type
text/html; charset=utf-8
cf-ray
622a34953c034e4a-FRA
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
content-encoding
gzip
etag
W/"2dde-7dChklPkpuDbtPBDDTDqmqrNZqc"
set-cookie
_csrf=9sjOUL05KlFQw5A9afiCM_Ar; Max-Age=864000; Path=/usernamepassword/login; HttpOnly; Secure
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
084e3f314300004e4a5aa83000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
622a34953c034e4a
ot-tracer-sampled
true
ot-tracer-spanid
007059a17f58c948
ot-tracer-traceid
147c950b24577950
referrer-policy
same-origin
x-auth0-requestid
f2c91f098945dd3ef5f5
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1613509303
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
server
cloudflare
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Tue, 16 Feb 2021 21:01:42 GMT
content-type
text/html; charset=utf-8
content-length
1302
set-cookie
__cfduid=d27d48bea7ca8f3d2551288b628e0167b1613509302; expires=Thu, 18-Mar-21 21:01:42 GMT; path=/; domain=.auth.lab.ovation.io; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3A2ba41460-709a-11eb-975f-9b9f86583dfd.4riHm%2BdnWn4NVNboKOO2%2B9NX4WaLi3XYW9H6ONc7aro; Max-Age=31557600; Path=/; Expires=Thu, 17 Feb 2022 03:01:42 GMT; HttpOnly; Secure; SameSite=None auth0=s%3A5z8ij-5Yhq1tOxtUyIDSeWm-NJF0yWeT.9jPu5GU%2B%2FJ0U8oplGJSvuRcJFYAe1HZSLmaHf6RJn7w; Path=/; Expires=Fri, 19 Feb 2021 21:01:42 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A2ba41460-709a-11eb-975f-9b9f86583dfd.4riHm%2BdnWn4NVNboKOO2%2B9NX4WaLi3XYW9H6ONc7aro; Max-Age=31557600; Path=/; Expires=Thu, 17 Feb 2022 03:01:42 GMT; HttpOnly; Secure auth0_compat=s%3A5z8ij-5Yhq1tOxtUyIDSeWm-NJF0yWeT.9jPu5GU%2B%2FJ0U8oplGJSvuRcJFYAe1HZSLmaHf6RJn7w; Path=/; Expires=Fri, 19 Feb 2021 21:01:42 GMT; HttpOnly; Secure
location
/login?state=g6Fo2SA0SzVPeG9IMnFwOVY0a0J5aVdyZDVjbkc3dXBkRFhIU6N0aWTZIFhFdjBYZzJ6eUtsYjc5Mnd2cVY0WEc2cGdXeDhSeGFjo2NpZNkgUnBzZjdlbXYyVzJxdVhhTzZqOVNvYU1nZUpzbUhlUDA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D
cf-ray
622a34935eac4e4a-FRA
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
strict-transport-security
max-age=31536000
vary
Accept, Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
084e3f301c00004e4a7730a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
622a34935eac4e4a
ot-tracer-sampled
true
ot-tracer-spanid
510717c2536f23cb
ot-tracer-traceid
575bd494192d5a92
x-auth0-requestid
e15894c7a69e723f8ac4
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1613509303
server
cloudflare
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
lock.min.js
cdn.auth0.com/js/lock/11.2/ 		745 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/lock/11.2/lock.min.js
Requested by
Host: auth.lab.ovation.io
URL: https://auth.lab.ovation.io/login?state=g6Fo2SA0SzVPeG9IMnFwOVY0a0J5aVdyZDVjbkc3dXBkRFhIU6N0aWTZIFhFdjBYZzJ6eUtsYjc5Mnd2cVY0WEc2cGdXeDhSeGFjo2NpZNkgUnBzZjdlbXYyVzJxdVhhTzZqOVNvYU1nZUpzbUhlUDA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e90d56d0e7387a6f780389dc6d578757d14e631504f8b3a34bf543c0301ee75

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
IK_qiwEvBg9L4uRozv74Rq4.8ngjXgd6
content-encoding
gzip
last-modified
Thu, 08 Feb 2018 18:11:57 GMT
server
AmazonS3
age
3419
etag
W/"26b5c6aba0d586d78f4d49b19b02bba7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
cache-control
max-age=10800,public
date
Tue, 16 Feb 2021 20:09:41 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
KaPyznRrDtIbSw0XprfakN2BTUmwYf7xx6ncNkSGcgxvQ1vZOiqxBQ==
ovation-full-logo.png
s3.amazonaws.com/app.ovation.io/images/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/app.ovation.io/images/ovation-full-logo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.165.61 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
17d9c5a8c8ac3756d026376e4303e630166c105aa962468ec96dc86b2104fbe2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 21:01:45 GMT
Last-Modified
Mon, 29 Apr 2019 17:22:32 GMT
Server
AmazonS3
x-amz-request-id
05C020B203A3745A
ETag
"f20a80b44506de1dfd6f124999779710"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
116425
x-amz-id-2
KRK5CF4VUVXLjUlaUFa4v6URtrRmptPpXnBQu/GHwRrutgtzmcXUU2UXYnXnI+qoNiqf0x/EKzs=
grey-ovation-graphic.jpg
s3.amazonaws.com/app.ovation.io/images/ 		434 KB
435 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/app.ovation.io/images/grey-ovation-graphic.jpg
Requested by
Host: auth.lab.ovation.io
URL: https://auth.lab.ovation.io/login?state=g6Fo2SA0SzVPeG9IMnFwOVY0a0J5aVdyZDVjbkc3dXBkRFhIU6N0aWTZIFhFdjBYZzJ6eUtsYjc5Mnd2cVY0WEc2cGdXeDhSeGFjo2NpZNkgUnBzZjdlbXYyVzJxdVhhTzZqOVNvYU1nZUpzbUhlUDA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.165.61 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
76fde7224f4f48b6d52890ba3d8ec17f53e127d6df129c3e6bfe595b81d7f467

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 21:01:45 GMT
Last-Modified
Mon, 29 Apr 2019 17:26:21 GMT
Server
AmazonS3
x-amz-request-id
C1780E6D78C737C0
ETag
"e7e09ac5e4335a5a4497fc588d6b0fda"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
444618
x-amz-id-2
DsSXdZ/kCyq3hx/KOeFxepUMQ+k3d86tMAnjda7fDKF3zFJf3WkP0URl+zzF4d8+Ber9Z+1rvKs=
Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0.js
cdn.auth0.com/client/ 		493 B
828 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/client/Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0.js?t1613509303849
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.2/lock.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
237b063807599fec6fba8f2698d95155e27f2f80b9508e22ca8e891cfebe2f79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 21:01:44 GMT
content-encoding
gzip
vary
Accept-Encoding
x-auth0-requestid
c2e60ce020ad7d51a297
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
server
nginx
ot-tracer-sampled
true
etag
W/"1ed-FDW7yXIpWL/Ruh0UlOqEgdNZ4JY"
ot-tracer-traceid
0b251bc63d49c9b1
strict-transport-security
max-age=31536000
content-type
application/x-javascript; charset=utf-8
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
cache-control
public, max-age=60
ot-baggage-auth0-request-id
64c569f5233ae1710a77e249
x-amz-cf-id
jJA48iWE7AthkxTFyh1B8uEhp8q1w9m2_bsM5kyp3Qjag3hIQCMrnQ==
ot-tracer-spanid
0646dc600a2dea64
ssodata
auth.lab.ovation.io/user/ 		13 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.lab.ovation.io/user/ssodata
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.2/lock.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:b8f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b463bb14e596f489375e5838968175b0d50e84e333d79fcc81e01ee6e006d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.lab.ovation.io/login?state=g6Fo2SA0SzVPeG9IMnFwOVY0a0J5aVdyZDVjbkc3dXBkRFhIU6N0aWTZIFhFdjBYZzJ6eUtsYjc5Mnd2cVY0WEc2cGdXeDhSeGFjo2NpZNkgUnBzZjdlbXYyVzJxdVhhTzZqOVNvYU1nZUpzbUhlUDA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 21:01:45 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-auth0-requestid
7945985e1edfe2218c5c
strict-transport-security
max-age=31536000
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13
cf-request-id
084e3f38ad00004e4a352a8000000001
server
cloudflare
ot-tracer-sampled
true
etag
W/"d-GlAPaWXrEcmIgYBtGZfYYQ8hNAU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
ot-tracer-traceid
06c2855e65308521
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
access-control-allow-credentials
true
ot-baggage-auth0-request-id
622a34a11c864e4a
cf-ray
622a34a11c864e4a-FRA
ot-tracer-spanid
283dad68711d5b87
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba65bf654556a367c0fe373354aa9023ca90726e002376dcb92410f2e9ab2c96

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Ovation string| logo function| init object| Auth0 function| Auth0Lock function| Auth0LockPasswordless function| setupLock

5 Cookies

Domain/Path Name / Value
auth.lab.ovation.io/ Name: auth0_compat
Value: s%3A5z8ij-5Yhq1tOxtUyIDSeWm-NJF0yWeT.9jPu5GU%2B%2FJ0U8oplGJSvuRcJFYAe1HZSLmaHf6RJn7w
auth.lab.ovation.io/ Name: auth0
Value: s%3A5z8ij-5Yhq1tOxtUyIDSeWm-NJF0yWeT.9jPu5GU%2B%2FJ0U8oplGJSvuRcJFYAe1HZSLmaHf6RJn7w
auth.lab.ovation.io/ Name: did
Value: s%3Av0%3A2ba41460-709a-11eb-975f-9b9f86583dfd.4riHm%2BdnWn4NVNboKOO2%2B9NX4WaLi3XYW9H6ONc7aro
auth.lab.ovation.io/ Name: did_compat
Value: s%3Av0%3A2ba41460-709a-11eb-975f-9b9f86583dfd.4riHm%2BdnWn4NVNboKOO2%2B9NX4WaLi3XYW9H6ONc7aro
.auth.lab.ovation.io/ Name: __cfduid
Value: d27d48bea7ca8f3d2551288b628e0167b1613509302

2 Console Messages

Source Level URL
Text
console-api log URL: https://auth.lab.ovation.io/login?state=g6Fo2SA0SzVPeG9IMnFwOVY0a0J5aVdyZDVjbkc3dXBkRFhIU6N0aWTZIFhFdjBYZzJ6eUtsYjc5Mnd2cVY0WEc2cGdXeDhSeGFjo2NpZNkgUnBzZjdlbXYyVzJxdVhhTzZqOVNvYU1nZUpzbUhlUDA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D(Line 159)
Message:
https://portal.labtests.io/
console-api log URL: https://auth.lab.ovation.io/login?state=g6Fo2SA0SzVPeG9IMnFwOVY0a0J5aVdyZDVjbkc3dXBkRFhIU6N0aWTZIFhFdjBYZzJ6eUtsYjc5Mnd2cVY0WEc2cGdXeDhSeGFjo2NpZNkgUnBzZjdlbXYyVzJxdVhhTzZqOVNvYU1nZUpzbUhlUDA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D(Line 160)
Message:
https://app-services.ovation.io/auth/auth0/callback?origin=/&returnTo=https://app-services.ovation.io/auth/redirect&client_id=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block