staging-inventory.surgicloud.com Open in urlscan Pro
3.210.130.234  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request sign_in Show response staging-inventory.surgicloud.com/users/	6 KB 3 KB	750ms 114ms	Document text/html	3.210.130.234 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://staging-inventory.surgicloud.com/users/sign_in Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.210.130.234 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-210-130-234.compute-1.amazonaws.com Software nginx/1.4.6 (Ubuntu) / Resource Hash f1fcba6cc484005a25034fe100b30ce2f55546fd59fef2ceb00b41cbd72ec656 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=0, private, must-revalidate content-encoding gzip content-type text/html; charset=utf-8 date Fri, 24 Feb 2023 13:29:33 GMT referrer-policy strict-origin-when-cross-origin server nginx/1.4.6 (Ubuntu) vary Origin x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN x-permitted-cross-domain-policies none x-request-id baa918d2-7c11-4b00-b244-592c5b36eb44 x-runtime 0.004955 x-xss-protection 1; mode=block
GET H2	200	application-2525236ed2a9cae9a8ec2790d830b796d1b501092b675e2773fad5f66f2ba81a.css staging-inventory.surgicloud.com/assets/	531 KB 532 KB	216ms 215ms	Stylesheet text/css	3.210.130.234 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://staging-inventory.surgicloud.com/assets/application-2525236ed2a9cae9a8ec2790d830b796d1b501092b675e2773fad5f66f2ba81a.css Requested by Host: staging-inventory.surgicloud.com URL: https://staging-inventory.surgicloud.com/users/sign_in Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.210.130.234 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-210-130-234.compute-1.amazonaws.com Software nginx/1.4.6 (Ubuntu) / Resource Hash a8d2ffab880ba8ff2d961fde9e152bfc67c6578311c507f256c909eac6acb682 Request headers accept-language de-DE,de;q=0.9 Referer https://staging-inventory.surgicloud.com/users/sign_in User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 13:29:33 GMT last-modified Tue, 20 Dec 2022 18:57:31 GMT server nginx/1.4.6 (Ubuntu) accept-ranges bytes etag "63a2059b-84d07" content-length 544007 content-type text/css
GET H2	200	loader-5d4bb00be408a62beb2a56b93157c653879221faca389631d8ec754da53d0b5e.gif staging-inventory.surgicloud.com/assets/	8 KB 8 KB	430ms 429ms	Image image/gif	3.210.130.234 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://staging-inventory.surgicloud.com/assets/loader-5d4bb00be408a62beb2a56b93157c653879221faca389631d8ec754da53d0b5e.gif Requested by Host: staging-inventory.surgicloud.com URL: https://staging-inventory.surgicloud.com/users/sign_in Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.210.130.234 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-210-130-234.compute-1.amazonaws.com Software nginx/1.4.6 (Ubuntu) / Resource Hash 5d4bb00be408a62beb2a56b93157c653879221faca389631d8ec754da53d0b5e Request headers accept-language de-DE,de;q=0.9 Referer https://staging-inventory.surgicloud.com/users/sign_in User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 13:29:33 GMT last-modified Tue, 31 May 2022 04:57:37 GMT server nginx/1.4.6 (Ubuntu) accept-ranges bytes etag "6295a041-1e1c" content-length 7708 content-type image/gif
GET H2	200	surgicloud-logo-black-745638dff5e4b4d387ca3fd597d9e1ddb420ff69448073a029716f3653eecf74.png staging-inventory.surgicloud.com/assets/	8 KB 8 KB	413ms 412ms	Image image/png	3.210.130.234 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://staging-inventory.surgicloud.com/assets/surgicloud-logo-black-745638dff5e4b4d387ca3fd597d9e1ddb420ff69448073a029716f3653eecf74.png Requested by Host: staging-inventory.surgicloud.com URL: https://staging-inventory.surgicloud.com/users/sign_in Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.210.130.234 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-210-130-234.compute-1.amazonaws.com Software nginx/1.4.6 (Ubuntu) / Resource Hash 745638dff5e4b4d387ca3fd597d9e1ddb420ff69448073a029716f3653eecf74 Request headers accept-language de-DE,de;q=0.9 Referer https://staging-inventory.surgicloud.com/users/sign_in User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 13:29:33 GMT last-modified Tue, 31 May 2022 04:57:51 GMT server nginx/1.4.6 (Ubuntu) accept-ranges bytes etag "6295a04f-1e0c" content-length 7692 content-type image/png
GET H2	200	application-7a1c72f30d9197464f72273872f3e782c709ed0a317c5175e16ce23a72cd2fbe.js Show response staging-inventory.surgicloud.com/assets/	1 MB 1 MB	413ms 412ms	Script application/x-javascript	3.210.130.234 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://staging-inventory.surgicloud.com/assets/application-7a1c72f30d9197464f72273872f3e782c709ed0a317c5175e16ce23a72cd2fbe.js Requested by Host: staging-inventory.surgicloud.com URL: https://staging-inventory.surgicloud.com/users/sign_in Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.210.130.234 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-210-130-234.compute-1.amazonaws.com Software nginx/1.4.6 (Ubuntu) / Resource Hash 7a1c72f30d9197464f72273872f3e782c709ed0a317c5175e16ce23a72cd2fbe Request headers accept-language de-DE,de;q=0.9 Referer https://staging-inventory.surgicloud.com/users/sign_in User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 13:29:33 GMT last-modified Tue, 21 Feb 2023 11:01:31 GMT server nginx/1.4.6 (Ubuntu) accept-ranges bytes etag "63f4a48b-100780" content-length 1050496 content-type application/x-javascript
GET H2	200	css fonts.googleapis.com/	3 KB 568 B	186ms 69ms	Stylesheet text/css	2a00:1450:400d:80d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Poppins:400,500,600 Requested by Host: staging-inventory.surgicloud.com URL: https://staging-inventory.surgicloud.com/assets/application-2525236ed2a9cae9a8ec2790d830b796d1b501092b675e2773fad5f66f2ba81a.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 86b3a17d31900eececf6613fbd05a878505eb69acf1d461274949a4a5f56fb77 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://staging-inventory.surgicloud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 24 Feb 2023 13:29:34 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 24 Feb 2023 12:54:01 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 24 Feb 2023 13:29:34 GMT
GET H2	200	css fonts.googleapis.com/	4 KB 911 B	186ms 69ms	Stylesheet text/css	2a00:1450:400d:80d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Ruda:400,700,900 Requested by Host: staging-inventory.surgicloud.com URL: https://staging-inventory.surgicloud.com/assets/application-2525236ed2a9cae9a8ec2790d830b796d1b501092b675e2773fad5f66f2ba81a.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 183fecb1c948346a6b755d170b8c169f99023ecb78c48153e5777d72a7727d3a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://staging-inventory.surgicloud.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 24 Feb 2023 13:29:34 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 24 Feb 2023 13:22:31 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 24 Feb 2023 13:29:34 GMT
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	176ms 61ms	Font font/woff2	2a00:1450:400d:80d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://staging-inventory.surgicloud.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:40:54 GMT x-content-type-options nosniff age 89320 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7748 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:21:30 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 Feb 2024 12:40:54 GMT
GET H2	200	pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	169ms 54ms	Font font/woff2	2a00:1450:400d:80d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://staging-inventory.surgicloud.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 16:42:33 GMT x-content-type-options nosniff age 74821 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8000 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:59:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 Feb 2024 16:42:33 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	164ms 48ms	Font font/woff2	2a00:1450:400d:80d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://staging-inventory.surgicloud.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 21:17:40 GMT x-content-type-options nosniff age 58314 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7884 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 Feb 2024 21:17:40 GMT

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| validateNumeric function| validateName function| validateHeight function| validateWidth function| validateDepth function| validatePrice function| validateWeight function| validateRentalCost function| validateBusinessPhone function| companyphonenonew function| isValidUSZip function| validate_zip_code function| myFunction function| manufacturerFormValidation function| quicktransferFormValidation function| check_quick_validation function| locationFormValidation function| productpopupFormValidation function| productFormValidation function| cloneproductFormValidation function| orderItemFormValidation function| orderMediaFormValidation function| markOrderReceiveFormValidation function| shipmentFormValidation function| fetchLotSerialNumbers function| getSerialNumberOfLots function| getSerialNumberOfcategory function| for_report_filter function| manageLocationReportDropDownValues function| fetchcontainers function| fetch_containers function| fetch_container_qty function| fetchdestinationcontainers function| fetch_sublocation function| fetch_sublocation_qty function| fetch_containers_qty function| fetch_categorywise_stock function| quicktransferinventoryFormValidation function| check_quick_inventory_validation function| own_kit_max_qty function| set_max_qty function| fetch_data_serial_wise function| ownKitFormValidation function| handleFile function| getExtension function| CSVToArray object| $jscomp function| getUrlParameter function| $ function| jQuery function| Popper object| Util function| Alert function| Button function| Carousel function| Collapse function| Dropdown function| Modal function| Tooltip function| Popover function| ScrollSpy function| Tab function| Toast object| Waves object| Morris function| eve function| Raphael function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| metisMenu number| height number| width number| depth_count number| price_count number| weighrt_count number| r_count number| b_no

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			staging-inventory.surgicloud.com/	1969-12-31 23:59:59	Name: _inventory_app_itw_session Value: r%2BQamDCIsOs1%2FpRQ0zLmI3hf5aetVDwAVEWevxtQk28jBm8%2Bfns%2FR6U74x1oYofF1xjgmVOFSIvU0YVjJRrnqsfuqta9X7bwYkLTK0Nfh9Gd69SWnxKncSpT%2FcR3%2BIm6r0CiBsQ1BiwmwxvuUoU%3D--ixm2wW%2FunwUxYl6e--SGDfz%2Fbz%2BuiS%2BiG1VkQtoA%3D%3D
			staging-inventory.surgicloud.com/	1970-01-20 09:54:05	Name: __session:0.2348712148727785: Value: https:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
staging-inventory.surgicloud.com
2a00:1450:400d:80d::2003
2a00:1450:400d:80d::200a
3.210.130.234
183fecb1c948346a6b755d170b8c169f99023ecb78c48153e5777d72a7727d3a
5d4bb00be408a62beb2a56b93157c653879221faca389631d8ec754da53d0b5e
745638dff5e4b4d387ca3fd597d9e1ddb420ff69448073a029716f3653eecf74
7a1c72f30d9197464f72273872f3e782c709ed0a317c5175e16ce23a72cd2fbe
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
86b3a17d31900eececf6613fbd05a878505eb69acf1d461274949a4a5f56fb77
a8d2ffab880ba8ff2d961fde9e152bfc67c6578311c507f256c909eac6acb682
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
f1fcba6cc484005a25034fe100b30ce2f55546fd59fef2ceb00b41cbd72ec656
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149