Submitted URL: https://auth.sustema.io/
Effective URL: https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889
Submission: On October 21 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 32 HTTP transactions. The main IP is 34.107.193.192, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is auth.sustema.io.
TLS certificate: Issued by WR3 on October 21st 2024. Valid for: 3 months.
This is the only time auth.sustema.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2600:1901:0:f... 396982 (GOOGLE-CL...)
2 34 34.107.193.192 396982 (GOOGLE-CL...)
32 1
Apex Domain
Subdomains
Transfer
36 sustema.io
auth.sustema.io
1 MB
32 1
Domain Requested by
36 auth.sustema.io 4 redirects auth.sustema.io
32 1

This site contains links to these domains. Also see Links.

Domain
docs.zitadel.com
Subject Issuer Validity Valid
auth.sustema.io
WR3
2024-10-21 -
2025-01-19
3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889
Frame ID: FF82A96EE2093BCC12A70CB3126A1C87
Requests: 32 HTTP requests in this frame

Screenshot

Page Title

Welcome Back!

Page URL History Show full URLs

  1. https://auth.sustema.io/ HTTP 302
    https://auth.sustema.io/ui/login HTTP 301
    https://auth.sustema.io/ui/login/ HTTP 302
    https://auth.sustema.io/ui/console/ Page URL
  2. https://auth.sustema.io/oauth/v2/authorize?response_type=code&client_id=188959679592857857%40zitadel... HTTP 302
    https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889 Page URL

Page Statistics

32
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1161 kB
Transfer

8424 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://auth.sustema.io/ HTTP 302
    https://auth.sustema.io/ui/login HTTP 301
    https://auth.sustema.io/ui/login/ HTTP 302
    https://auth.sustema.io/ui/console/ Page URL
  2. https://auth.sustema.io/oauth/v2/authorize?response_type=code&client_id=188959679592857857%40zitadel&state=MmZTSFd5d2RvdHcuUU5Oc2FqRG5Wby1neVU2Y35SaHBHdUdwRXJhYW8uWlR3%3B6b4b8232-2bbf-46c4-8ac8-45de74c4da25&redirect_uri=https%3A%2F%2Fauth.sustema.io%2Fui%2Fconsole%2Fauth%2Fcallback&scope=openid%20profile%20email&code_challenge=Y9uje0V8sv1tYd-O4PTVypI103dHZHfTNx01ayMqQ2s&code_challenge_method=S256&nonce=MmZTSFd5d2RvdHcuUU5Oc2FqRG5Wby1neVU2Y35SaHBHdUdwRXJhYW8uWlR3 HTTP 302
    https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://auth.sustema.io/ HTTP 302
  • https://auth.sustema.io/ui/login HTTP 301
  • https://auth.sustema.io/ui/login/ HTTP 302
  • https://auth.sustema.io/ui/console/

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
auth.sustema.io/ui/console/
Redirect Chain
  • https://auth.sustema.io/
  • https://auth.sustema.io/ui/login
  • https://auth.sustema.io/ui/login/
  • https://auth.sustema.io/ui/console/
2 KB
578 B
Document
General
Full URL
https://auth.sustema.io/ui/console/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
d59a13b75ccf99b09e7e4d1c4fbdd077c3fb547b0c67e00c072603c538614604
Security Headers
Name Value
Content-Security-Policy object-src 'none';media-src 'none';frame-src 'none';frame-ancestors 'none';connect-src 'self' devservicepartnercloud-tiypjk.zitadel.cloud;default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' devservicepartnercloud-tiypjk.zitadel.cloud blob:;font-src 'self';manifest-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
none
age
149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=0, s-maxage=300
content-encoding
br
content-length
546
content-security-policy
object-src 'none';media-src 'none';frame-src 'none';frame-ancestors 'none';connect-src 'self' devservicepartnercloud-tiypjk.zitadel.cloud;default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' devservicepartnercloud-tiypjk.zitadel.cloud blob:;font-src 'self';manifest-src 'self'
content-type
text/html; charset=utf-8
date
Mon, 21 Oct 2024 06:18:32 GMT
expires
Mon, 21 Oct 2024 05:18:32 GMT
feature-policy
payment 'none'
permissions-policy
payment=()
referrer-policy
same-origin
server
Google Frontend
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-518c2b7534448b04eec08616435865c0-d027a8dd4c46446b-00
vary
Accept-Encoding
via
1.1 google
x-cache-hit
hit
x-cloud-trace-context
518c2b7534448b04eec08616435865c0/14999142752401638507
x-content-type-options
nosniff
x-frame-options
DENY
x-robots-tag
none
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-length
35
content-security-policy
style-src 'self' 'nonce-Lxu1x1LU6L1euQrE+sg1uXnBYDS5B3IjwVkKixEI5Yo=';img-src 'self';frame-src 'none';default-src 'none';object-src 'self';frame-ancestors 'none';font-src 'self';manifest-src 'self';connect-src 'self';script-src 'self' 'nonce-Lxu1x1LU6L1euQrE+sg1uXnBYDS5B3IjwVkKixEI5Yo=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';media-src 'none'
content-type
text/html; charset=utf-8
date
Mon, 21 Oct 2024 06:21:01 GMT
expires
Mon, 21 Oct 2024 05:21:01 GMT
feature-policy
payment 'none'
location
/ui/console/
permissions-policy
payment=()
pragma
no-cache
referrer-policy
same-origin
server
Google Frontend
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-724382bae0dacf79ad464c6db35ff8ae-ef80551e7a5da73f-00
vary
Cookie
via
1.1 google
x-cache-hit
miss
x-cloud-trace-context
724382bae0dacf79ad464c6db35ff8ae/17257887361474078527
x-content-type-options
nosniff
x-frame-options
DENY
x-robots-tag
none
x-xss-protection
1; mode=block
line-awesome.min.css
auth.sustema.io/ui/console/assets/icons/line-awesome/css/
105 KB
16 KB
Stylesheet
General
Full URL
https://auth.sustema.io/ui/console/assets/icons/line-awesome/css/line-awesome.min.css
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/console/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
4716ecc4c3d6816c0cce4e62bd854fa32c81f9ced9eccd36d009723879e27fea
Security Headers
Name Value
Content-Security-Policy default-src 'none';object-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' demo1-sp8ugv.zitadel.cloud blob:;frame-ancestors 'none';script-src 'self' 'unsafe-eval';media-src 'none';frame-src 'none';font-src 'self';manifest-src 'self';connect-src 'self' demo1-sp8ugv.zitadel.cloud
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.sustema.io/ui/console/

Response headers

x-robots-tag
none
content-encoding
br
age
155447
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-2e91eb6e3b717d50a8bf1cc629798f93-9a8eda850dd51fd4-00
expires
Sat, 19 Oct 2024 23:10:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 19 Oct 2024 11:10:14 GMT
x-cloud-trace-context
2e91eb6e3b717d50a8bf1cc629798f93/11137079193531391956
feature-policy
payment 'none'
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'none';object-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' demo1-sp8ugv.zitadel.cloud blob:;frame-ancestors 'none';script-src 'self' 'unsafe-eval';media-src 'none';frame-src 'none';font-src 'self';manifest-src 'self';connect-src 'self' demo1-sp8ugv.zitadel.cloud
cache-control
public, max-age=43200, s-maxage=604800
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
16616
x-xss-protection
1; mode=block
server
Google Frontend
styles.4e3a9c1effa68601.css
auth.sustema.io/ui/console/
654 KB
78 KB
Stylesheet
General
Full URL
https://auth.sustema.io/ui/console/styles.4e3a9c1effa68601.css
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/console/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
a62b65c336e5148ef7abf62fe23a5e318a6a023c4e3f099e1f78e484302e7daa
Security Headers
Name Value
Content-Security-Policy img-src 'self' demo1-sp8ugv.zitadel.cloud blob:;media-src 'none';frame-src 'none';frame-ancestors 'none';object-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';font-src 'self';manifest-src 'self';connect-src 'self' demo1-sp8ugv.zitadel.cloud;default-src 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.sustema.io/ui/console/

Response headers

x-robots-tag
none
content-encoding
br
age
155447
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-caff57f612c94cae772bc2cfd58a4f51-e2448eaa36a4ed39-00
expires
Sat, 19 Oct 2024 23:10:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 19 Oct 2024 11:10:14 GMT
x-cloud-trace-context
caff57f612c94cae772bc2cfd58a4f51/16304313412700400953
feature-policy
payment 'none'
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
img-src 'self' demo1-sp8ugv.zitadel.cloud blob:;media-src 'none';frame-src 'none';frame-ancestors 'none';object-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';font-src 'self';manifest-src 'self';connect-src 'self' demo1-sp8ugv.zitadel.cloud;default-src 'none'
cache-control
public, max-age=43200, s-maxage=604800
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
80236
x-xss-protection
1; mode=block
server
Google Frontend
runtime.6fd7b54419f40c7e.js
auth.sustema.io/ui/console/
5 KB
3 KB
Script
General
Full URL
https://auth.sustema.io/ui/console/runtime.6fd7b54419f40c7e.js
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/console/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2ebc0b1bc7b14b09945360f931ca59d2c91ca864fad2deda1cbd7aed1a6ab1f7
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline';frame-src 'none';frame-ancestors 'none';manifest-src 'self';connect-src 'self' auth.luzfaltex.com;default-src 'none';script-src 'self' 'unsafe-eval';object-src 'none';img-src 'self' auth.luzfaltex.com blob:;media-src 'none';font-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.sustema.io
Referer
https://auth.sustema.io/ui/console/

Response headers

x-robots-tag
none
content-encoding
br
age
152059
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-6db8c439989d8cbd15867d0c680449e4-aed4d80e70c9b0c4-00
expires
Sun, 20 Oct 2024 00:06:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 19 Oct 2024 12:06:42 GMT
x-cloud-trace-context
6db8c439989d8cbd15867d0c680449e4/12597931614195527876
feature-policy
payment 'none'
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
style-src 'self' 'unsafe-inline';frame-src 'none';frame-ancestors 'none';manifest-src 'self';connect-src 'self' auth.luzfaltex.com;default-src 'none';script-src 'self' 'unsafe-eval';object-src 'none';img-src 'self' auth.luzfaltex.com blob:;media-src 'none';font-src 'self'
cache-control
public, max-age=43200, s-maxage=604800
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
2665
x-xss-protection
1; mode=block
server
Google Frontend
polyfills.7567489a3a0071ab.js
auth.sustema.io/ui/console/
33 KB
12 KB
Script
General
Full URL
https://auth.sustema.io/ui/console/polyfills.7567489a3a0071ab.js
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/console/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
4fb1256e5e0f018a6fa3674fe0968541af116c21849b8965f1af6fa7c91dc180
Security Headers
Name Value
Content-Security-Policy object-src 'none';frame-src 'none';manifest-src 'self';font-src 'self';connect-src 'self' demo1-sp8ugv.zitadel.cloud;default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' demo1-sp8ugv.zitadel.cloud blob:;media-src 'none';frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.sustema.io
Referer
https://auth.sustema.io/ui/console/

Response headers

x-robots-tag
none
content-encoding
br
age
155447
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-d12eea80fb419cc407c4b1c4dd289b85-ae18d31e2304cb14-00
expires
Sat, 19 Oct 2024 23:10:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 19 Oct 2024 11:10:14 GMT
x-cloud-trace-context
d12eea80fb419cc407c4b1c4dd289b85/12545008888430512916
feature-policy
payment 'none'
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
object-src 'none';frame-src 'none';manifest-src 'self';font-src 'self';connect-src 'self' demo1-sp8ugv.zitadel.cloud;default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' demo1-sp8ugv.zitadel.cloud blob:;media-src 'none';frame-ancestors 'none'
cache-control
public, max-age=43200, s-maxage=604800
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
12104
x-xss-protection
1; mode=block
server
Google Frontend
scripts.cfdbc03626b7e4d0.js
auth.sustema.io/ui/console/
15 KB
5 KB
Script
General
Full URL
https://auth.sustema.io/ui/console/scripts.cfdbc03626b7e4d0.js
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/console/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
bd46a28175be4b7e8361422659b5d3b9c0505939fa8072323759151c5f23cb99
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';font-src 'self';manifest-src 'self';connect-src 'self' demo1-sp8ugv.zitadel.cloud;script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' demo1-sp8ugv.zitadel.cloud blob:;media-src 'none';default-src 'none';object-src 'none';frame-src 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.sustema.io/ui/console/

Response headers

x-robots-tag
none
content-encoding
br
age
155448
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-fd6cab7b7be5dd81b59f5db42452bbfb-3f3c234a47788e94-00
expires
Sat, 19 Oct 2024 23:10:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 19 Oct 2024 11:10:14 GMT
x-cloud-trace-context
fd6cab7b7be5dd81b59f5db42452bbfb/4556555724925734548
feature-policy
payment 'none'
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';font-src 'self';manifest-src 'self';connect-src 'self' demo1-sp8ugv.zitadel.cloud;script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' demo1-sp8ugv.zitadel.cloud blob:;media-src 'none';default-src 'none';object-src 'none';frame-src 'none'
cache-control
public, max-age=43200, s-maxage=604800
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
5324
x-xss-protection
1; mode=block
server
Google Frontend
main.6e7d112622aec4d2.js
auth.sustema.io/ui/console/
7 MB
807 KB
Script
General
Full URL
https://auth.sustema.io/ui/console/main.6e7d112622aec4d2.js
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/console/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
f975fbbf4402ef4a5e3fdfd8d28eb3d5b84f8d677ef3918bf2509ae35df28c45
Security Headers
Name Value
Content-Security-Policy connect-src 'self' development-mfmbz4.zitadel.cloud;default-src 'none';media-src 'none';frame-ancestors 'none';font-src 'self';frame-src 'none';manifest-src 'self';script-src 'self' 'unsafe-eval';object-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' development-mfmbz4.zitadel.cloud blob:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.sustema.io
Referer
https://auth.sustema.io/ui/console/

Response headers

x-robots-tag
none
content-encoding
br
age
334187
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-88fe1dabb617045ab935e904d0b945d6-e9769249b11c0542-00
expires
Thu, 17 Oct 2024 21:31:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 09:31:14 GMT
x-cloud-trace-context
88fe1dabb617045ab935e904d0b945d6/16822794303290737986
feature-policy
payment 'none'
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
connect-src 'self' development-mfmbz4.zitadel.cloud;default-src 'none';media-src 'none';frame-ancestors 'none';font-src 'self';frame-src 'none';manifest-src 'self';script-src 'self' 'unsafe-eval';object-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' development-mfmbz4.zitadel.cloud blob:
cache-control
public, max-age=43200, s-maxage=604800
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
825756
x-xss-protection
1; mode=block
server
Google Frontend
Lato-Regular.4291f48c2ea51320.ttf
auth.sustema.io/ui/console/
73 KB
35 KB
Font
General
Full URL
https://auth.sustema.io/ui/console/Lato-Regular.4291f48c2ea51320.ttf
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/console/styles.4e3a9c1effa68601.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e82542aed8293f49fc83c4aaea566b1f6b4fc7a9ab5da11e6fb9bc0973b5324b
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';object-src 'none';frame-ancestors 'none';connect-src 'self' gastrobox-6cfcwv.zitadel.cloud;default-src 'none';img-src 'self' gastrobox-6cfcwv.zitadel.cloud blob:;media-src 'none';frame-src 'none';font-src 'self';manifest-src 'self';style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.sustema.io
Referer
https://auth.sustema.io/ui/console/styles.4e3a9c1effa68601.css

Response headers

x-robots-tag
none
content-encoding
br
age
234571
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-a0b8678e376fc801f84789271f00d93c-545ed2e1b5573cd3-00
expires
Sat, 19 Oct 2024 01:11:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 13:11:31 GMT
x-cloud-trace-context
a0b8678e376fc801f84789271f00d93c/6079528413848616147
feature-policy
payment 'none'
vary
Accept-Encoding
content-type
font/ttf
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
script-src 'self' 'unsafe-eval';object-src 'none';frame-ancestors 'none';connect-src 'self' gastrobox-6cfcwv.zitadel.cloud;default-src 'none';img-src 'self' gastrobox-6cfcwv.zitadel.cloud blob:;media-src 'none';frame-src 'none';font-src 'self';manifest-src 'self';style-src 'self' 'unsafe-inline'
cache-control
public, max-age=43200, s-maxage=604800
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
35840
x-xss-protection
1; mode=block
server
Google Frontend
502.e9f15b77cef84a79.js
auth.sustema.io/ui/console/
91 KB
26 KB
Script
General
Full URL
https://auth.sustema.io/ui/console/502.e9f15b77cef84a79.js
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/console/runtime.6fd7b54419f40c7e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy media-src 'none';frame-src 'none';frame-ancestors 'none';font-src 'self';manifest-src 'self';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' gastrobox-6cfcwv.zitadel.cloud blob:;connect-src 'self' gastrobox-6cfcwv.zitadel.cloud;default-src 'none';object-src 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.sustema.io
Referer
https://auth.sustema.io/ui/console/

Response headers

x-robots-tag
none
content-encoding
br
age
234569
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-ebb0cc1eeae318a71232dc705cf3ff99-b7aaea31fbbbdd27-00
expires
Sat, 19 Oct 2024 01:11:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 13:11:33 GMT
x-cloud-trace-context
ebb0cc1eeae318a71232dc705cf3ff99/13234647955379313959
feature-policy
payment 'none'
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
media-src 'none';frame-src 'none';frame-ancestors 'none';font-src 'self';manifest-src 'self';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' gastrobox-6cfcwv.zitadel.cloud blob:;connect-src 'self' gastrobox-6cfcwv.zitadel.cloud;default-src 'none';object-src 'none'
cache-control
public, max-age=43200, s-maxage=604800
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
26726
x-xss-protection
1; mode=block
server
Google Frontend
environment.json
auth.sustema.io/ui/console/assets/
226 B
266 B
XHR
General
Full URL
https://auth.sustema.io/ui/console/assets/environment.json
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/console/polyfills.7567489a3a0071ab.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';style-src 'self' 'unsafe-inline';media-src 'none';frame-ancestors 'none';manifest-src 'self';connect-src 'self' auth.sustema.io;default-src 'none';script-src 'self' 'unsafe-eval';img-src 'self' auth.sustema.io blob:;frame-src 'none';font-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://auth.sustema.io/ui/console/

Response headers

x-robots-tag
none
x-content-type-options
nosniff
x-cache-hit
miss
traceparent
00-166a5187fc2c4ea4799b900dda46e056-6ab681653b07ac0d-00
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 06:21:03 GMT
x-cloud-trace-context
166a5187fc2c4ea4799b900dda46e056/7689475685563739149
content-type
text/plain; charset=utf-8
feature-policy
payment 'none'
vary
Cookie
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
object-src 'none';style-src 'self' 'unsafe-inline';media-src 'none';frame-ancestors 'none';manifest-src 'self';connect-src 'self' auth.sustema.io;default-src 'none';script-src 'self' 'unsafe-eval';img-src 'self' auth.sustema.io blob:;frame-src 'none';font-src 'self'
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
content-length
226
x-xss-protection
1; mode=block
server
Google Frontend
4423.e347c468b75b3a26.js
auth.sustema.io/ui/console/
47 KB
13 KB
Script
General
Full URL
https://auth.sustema.io/ui/console/4423.e347c468b75b3a26.js
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/console/runtime.6fd7b54419f40c7e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline';img-src 'self' gastrobox-6cfcwv.zitadel.cloud blob:;media-src 'none';frame-src 'none';frame-ancestors 'none';font-src 'self';script-src 'self' 'unsafe-eval';object-src 'none';manifest-src 'self';default-src 'none';connect-src 'self' gastrobox-6cfcwv.zitadel.cloud
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.sustema.io
Referer
https://auth.sustema.io/ui/console/

Response headers

x-robots-tag
none
content-encoding
br
age
234570
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-db5bcc03ae38faffe5a46973c64fea05-192e56a5e9d17cb6-00
expires
Sat, 19 Oct 2024 01:11:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 13:11:33 GMT
x-cloud-trace-context
db5bcc03ae38faffe5a46973c64fea05/1814482970469301430
feature-policy
payment 'none'
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
style-src 'self' 'unsafe-inline';img-src 'self' gastrobox-6cfcwv.zitadel.cloud blob:;media-src 'none';frame-src 'none';frame-ancestors 'none';font-src 'self';script-src 'self' 'unsafe-eval';object-src 'none';manifest-src 'self';default-src 'none';connect-src 'self' gastrobox-6cfcwv.zitadel.cloud
cache-control
public, max-age=43200, s-maxage=604800
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
13137
x-xss-protection
1; mode=block
server
Google Frontend
common.cfd9816f88bcda2c.js
auth.sustema.io/ui/console/
13 KB
4 KB
Script
General
Full URL
https://auth.sustema.io/ui/console/common.cfd9816f88bcda2c.js
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/console/runtime.6fd7b54419f40c7e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';object-src 'none';style-src 'self' 'unsafe-inline';media-src 'none';frame-src 'none';font-src 'self';connect-src 'self' development-1hwpbj.zitadel.cloud;default-src 'none';img-src 'self' development-1hwpbj.zitadel.cloud blob:;frame-ancestors 'none';manifest-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.sustema.io
Referer
https://auth.sustema.io/ui/console/

Response headers

x-robots-tag
none
content-encoding
br
age
239069
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-fe19393319f6b3880b5b24c9d9d145c8-ac7bd7d1c06bb7f0-00
expires
Fri, 18 Oct 2024 23:56:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 11:56:34 GMT
x-cloud-trace-context
fe19393319f6b3880b5b24c9d9d145c8/12428764892535437296
feature-policy
payment 'none'
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
script-src 'self' 'unsafe-eval';object-src 'none';style-src 'self' 'unsafe-inline';media-src 'none';frame-src 'none';font-src 'self';connect-src 'self' development-1hwpbj.zitadel.cloud;default-src 'none';img-src 'self' development-1hwpbj.zitadel.cloud blob:;frame-ancestors 'none';manifest-src 'self'
cache-control
public, max-age=43200, s-maxage=604800
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
3544
x-xss-protection
1; mode=block
server
Google Frontend
7555.be8125059e178364.js
auth.sustema.io/ui/console/
32 KB
7 KB
Script
General
Full URL
https://auth.sustema.io/ui/console/7555.be8125059e178364.js
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/console/runtime.6fd7b54419f40c7e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy img-src 'self' gastrobox-6cfcwv.zitadel.cloud blob:;frame-src 'none';frame-ancestors 'none';manifest-src 'self';media-src 'none';font-src 'self';connect-src 'self' gastrobox-6cfcwv.zitadel.cloud;default-src 'none';script-src 'self' 'unsafe-eval';object-src 'none';style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.sustema.io
Referer
https://auth.sustema.io/ui/console/

Response headers

x-robots-tag
none
content-encoding
br
age
234569
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-a9f8c61abf5dca9cedce8bd63c41b548-d6f644642d894ca4-00
expires
Sat, 19 Oct 2024 01:11:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 13:11:34 GMT
x-cloud-trace-context
a9f8c61abf5dca9cedce8bd63c41b548/15489643165438790820
feature-policy
payment 'none'
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
img-src 'self' gastrobox-6cfcwv.zitadel.cloud blob:;frame-src 'none';frame-ancestors 'none';manifest-src 'self';media-src 'none';font-src 'self';connect-src 'self' gastrobox-6cfcwv.zitadel.cloud;default-src 'none';script-src 'self' 'unsafe-eval';object-src 'none';style-src 'self' 'unsafe-inline'
cache-control
public, max-age=43200, s-maxage=604800
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
7354
x-xss-protection
1; mode=block
server
Google Frontend
favicon.ico
auth.sustema.io/ui/console/
37 KB
5 KB
Other
General
Full URL
https://auth.sustema.io/ui/console/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';img-src 'self' devservicepartnercloud-tiypjk.zitadel.cloud blob:;media-src 'none';frame-src 'none';manifest-src 'self';connect-src 'self' devservicepartnercloud-tiypjk.zitadel.cloud;default-src 'none';script-src 'self' 'unsafe-eval';font-src 'self';style-src 'self' 'unsafe-inline';frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.sustema.io/ui/console/

Response headers

x-robots-tag
none
content-encoding
br
age
150
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-992702e60079748e6921e7b62146fa8e-47ff152cba06bb9d-00
expires
Mon, 21 Oct 2024 18:18:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 06:18:33 GMT
x-cloud-trace-context
992702e60079748e6921e7b62146fa8e/5187888577597848477
feature-policy
payment 'none'
vary
Accept-Encoding
content-type
image/x-icon
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
object-src 'none';img-src 'self' devservicepartnercloud-tiypjk.zitadel.cloud blob:;media-src 'none';frame-src 'none';manifest-src 'self';connect-src 'self' devservicepartnercloud-tiypjk.zitadel.cloud;default-src 'none';script-src 'self' 'unsafe-eval';font-src 'self';style-src 'self' 'unsafe-inline';frame-ancestors 'none'
cache-control
public, max-age=43200, s-maxage=604800
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
5186
x-xss-protection
1; mode=block
server
Google Frontend
openid-configuration
auth.sustema.io/.well-known/
2 KB
647 B
XHR
General
Full URL
https://auth.sustema.io/.well-known/openid-configuration
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/console/polyfills.7567489a3a0071ab.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://auth.sustema.io/ui/console/

Response headers

x-robots-tag
none
content-encoding
br
x-cache-hit
miss
expires
Mon, 21 Oct 2024 05:21:03 GMT
traceparent
00-c8a53135b1782bb0970b13a4149b17eb-67a4210326170709-00
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 06:21:03 GMT
content-type
application/json
vary
Origin,Cookie, Accept-Encoding
x-cloud-trace-context
c8a53135b1782bb0970b13a4149b17eb/7468130379494786825
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
no-store
pragma
no-cache
via
1.1 google
accept-ranges
none
server
Google Frontend
keys
auth.sustema.io/oauth/v2/
12 B
44 B
XHR
General
Full URL
https://auth.sustema.io/oauth/v2/keys
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/console/polyfills.7567489a3a0071ab.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://auth.sustema.io/ui/console/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-robots-tag
none
cache-control
no-store
pragma
no-cache
via
1.1 google
x-cache-hit
miss
expires
Mon, 21 Oct 2024 05:21:03 GMT
traceparent
00-618063c6d1cbd59e5185d4c40cffc300-3aae0839afda1b3b-00
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
date
Mon, 21 Oct 2024 06:21:03 GMT
content-type
application/json
vary
Origin,Cookie
server
Google Frontend
x-cloud-trace-context
618063c6d1cbd59e5185d4c40cffc300/4228326144003939131
Primary Request login
auth.sustema.io/ui/login/
Redirect Chain
  • https://auth.sustema.io/oauth/v2/authorize?response_type=code&client_id=188959679592857857%40zitadel&state=MmZTSFd5d2RvdHcuUU5Oc2FqRG5Wby1neVU2Y35SaHBHdUdwRXJhYW8uWlR3%3B6b4b8232-2bbf-46c4-8ac8-45d...
  • https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889
4 KB
1 KB
Document
General
Full URL
https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/console/main.6e7d112622aec4d2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
785b5e7dbc9ae4a37b62c974bd496701eb11ac06791e53ad59dfbd16fa8cf782
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'nonce-N5sfd/PLE6//uBXU4/neRDPGiQMmQoENoIzFBPdNhto=';media-src 'none';frame-src 'none';connect-src 'self';default-src 'none';script-src 'self' 'nonce-N5sfd/PLE6//uBXU4/neRDPGiQMmQoENoIzFBPdNhto=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';object-src 'self';img-src 'self';frame-ancestors 'none';font-src 'self';manifest-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.sustema.io/ui/console/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-security-policy
style-src 'self' 'nonce-N5sfd/PLE6//uBXU4/neRDPGiQMmQoENoIzFBPdNhto=';media-src 'none';frame-src 'none';connect-src 'self';default-src 'none';script-src 'self' 'nonce-N5sfd/PLE6//uBXU4/neRDPGiQMmQoENoIzFBPdNhto=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';object-src 'self';img-src 'self';frame-ancestors 'none';font-src 'self';manifest-src 'self'
content-type
text/html; charset=utf-8
date
Mon, 21 Oct 2024 06:21:03 GMT
feature-policy
payment 'none'
permissions-policy
payment=()
referrer-policy
same-origin
server
Google Frontend
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-88054970fabc64f8cb4a0e758a18bde1-fff5460fef382b4f-00
vary
Cookie Accept-Encoding
via
1.1 google
x-cache-hit
miss
x-cloud-trace-context
88054970fabc64f8cb4a0e758a18bde1/18443724883217623887
x-content-type-options
nosniff
x-frame-options
DENY
x-robots-tag
none
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-length
71
content-type
text/html; charset=utf-8
date
Mon, 21 Oct 2024 06:21:03 GMT
expires
Mon, 21 Oct 2024 05:21:03 GMT
location
/ui/login/login?authRequestID=290238561561618889
pragma
no-cache
server
Google Frontend
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0fe3d1f0eb6a04c0e1befe29934d5b30-49906f1fc135b1aa-00
vary
Origin,Cookie
via
1.1 google
x-cache-hit
miss
x-cloud-trace-context
0fe3d1f0eb6a04c0e1befe29934d5b30/5300858943591264682
x-robots-tag
none
zitadel.css
auth.sustema.io/ui/login/resources/themes/zitadel/css/
77 KB
7 KB
Stylesheet
General
Full URL
https://auth.sustema.io/ui/login/resources/themes/zitadel/css/zitadel.css
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e78d9f8db4452ddf9e2a43781ae038d115704f011025c1b8285e11a3382871a5
Security Headers
Name Value
Content-Security-Policy default-src 'none';frame-ancestors 'none';manifest-src 'self';connect-src 'self';script-src 'self' 'nonce-OSa2iwJSB43CwetQ1oMbzfMY6vyKV9HW9EXO88K3dgg=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';object-src 'self';style-src 'self' 'nonce-OSa2iwJSB43CwetQ1oMbzfMY6vyKV9HW9EXO88K3dgg=';img-src 'self';media-src 'none';frame-src 'none';font-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889

Response headers

x-robots-tag
none
content-encoding
br
age
167985
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-ebca11b38796b500d7328f826a39ac66-380742edc93b62d1-00
expires
Sat, 19 Oct 2024 19:41:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 19 Oct 2024 07:41:18 GMT
x-cloud-trace-context
ebca11b38796b500d7328f826a39ac66/4037269180011733713
feature-policy
payment 'none'
vary
Accept-Encoding
last-modified
Thu, 17 Oct 2024 12:59:39 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'none';frame-ancestors 'none';manifest-src 'self';connect-src 'self';script-src 'self' 'nonce-OSa2iwJSB43CwetQ1oMbzfMY6vyKV9HW9EXO88K3dgg=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';object-src 'self';style-src 'self' 'nonce-OSa2iwJSB43CwetQ1oMbzfMY6vyKV9HW9EXO88K3dgg=';img-src 'self';media-src 'none';frame-src 'none';font-src 'self'
cache-control
public, max-age=43200, s-maxage=604800
content-type
text/css; charset=utf-8
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
6943
x-xss-protection
1; mode=block
server
Google Frontend
dynamic
auth.sustema.io/ui/login/resources/
4 KB
620 B
Stylesheet
General
Full URL
https://auth.sustema.io/ui/login/resources/dynamic?orgId=188959679324356865&default-policy=true&filename=policy/label/css/variables.css?v=2022-12-22T08:26:03Z
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b9ea22298363dc3118d898c5267d7e8f855d77a6124f3ecaf242d83b4100970a
Security Headers
Name Value
Content-Security-Policy object-src 'self';img-src 'self';media-src 'none';frame-src 'none';frame-ancestors 'none';connect-src 'self';default-src 'none';script-src 'self' 'nonce-iCDtcOWQBzicNpue/2K67yY2lws2zgrvx2+KuhbeTqo=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';style-src 'self' 'nonce-iCDtcOWQBzicNpue/2K67yY2lws2zgrvx2+KuhbeTqo=';font-src 'self';manifest-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889

Response headers

x-robots-tag
none
content-encoding
br
etag
W/"6b8bb1eea99d9c489ab33e8ff44cdf30"
x-content-type-options
nosniff
x-cache-hit
miss
traceparent
00-a8804f12c9ee0fb4bd94b0e4d64d191a-c7eb3a19582f02ac-00
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 06:21:03 GMT
content-type
text/css
feature-policy
payment 'none'
vary
Cookie, Accept-Encoding
last-modified
Tue, 22 Nov 2022 13:45:50 UTC
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
object-src 'self';img-src 'self';media-src 'none';frame-src 'none';frame-ancestors 'none';connect-src 'self';default-src 'none';script-src 'self' 'nonce-iCDtcOWQBzicNpue/2K67yY2lws2zgrvx2+KuhbeTqo=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';style-src 'self' 'nonce-iCDtcOWQBzicNpue/2K67yY2lws2zgrvx2+KuhbeTqo=';font-src 'self';manifest-src 'self'
x-cloud-trace-context
a8804f12c9ee0fb4bd94b0e4d64d191a/14405671713602732716
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
x-xss-protection
1; mode=block
server
Google Frontend
lgn-icon-font.css
auth.sustema.io/ui/login/resources/fonts/lgn-icons/css/
1 KB
506 B
Stylesheet
General
Full URL
https://auth.sustema.io/ui/login/resources/fonts/lgn-icons/css/lgn-icon-font.css
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
f3ec9fdc14a9ea32a8ab3f0d83a24e45cc231f5d4a1cf82a780c83f12cb7d034
Security Headers
Name Value
Content-Security-Policy font-src 'self';default-src 'none';img-src 'self';media-src 'none';frame-ancestors 'none';manifest-src 'self';connect-src 'self';script-src 'self' 'nonce-f8DSCIV2QW7e6eqcSb13Mh+7HjW/mLVkgJv5m8dLNzc=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';object-src 'self';style-src 'self' 'nonce-f8DSCIV2QW7e6eqcSb13Mh+7HjW/mLVkgJv5m8dLNzc=';frame-src 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889

Response headers

x-robots-tag
none
content-encoding
br
age
237510
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-f37824d059e1124ce164991bfb2e3167-c8ed81199afd420a-00
expires
Sat, 19 Oct 2024 00:22:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 12:22:33 GMT
x-cloud-trace-context
f37824d059e1124ce164991bfb2e3167/14478370324040466954
feature-policy
payment 'none'
vary
Accept-Encoding
last-modified
Thu, 17 Oct 2024 12:58:16 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
font-src 'self';default-src 'none';img-src 'self';media-src 'none';frame-ancestors 'none';manifest-src 'self';connect-src 'self';script-src 'self' 'nonce-f8DSCIV2QW7e6eqcSb13Mh+7HjW/mLVkgJv5m8dLNzc=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';object-src 'self';style-src 'self' 'nonce-f8DSCIV2QW7e6eqcSb13Mh+7HjW/mLVkgJv5m8dLNzc=';frame-src 'none'
cache-control
public, max-age=43200, s-maxage=604800
content-type
text/css; charset=utf-8
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
459
x-xss-protection
1; mode=block
server
Google Frontend
theme.js
auth.sustema.io/ui/login/resources/scripts/
2 KB
636 B
Script
General
Full URL
https://auth.sustema.io/ui/login/resources/scripts/theme.js
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
c030b2e3a9af4b8f6b408b70027c6526fb53cd486f10cb4c5695454f63656765
Security Headers
Name Value
Content-Security-Policy media-src 'none';manifest-src 'self';script-src 'self' 'nonce-RrG5AKPObHG8HOpUjGUSFhJcwX8G08JRpLpE8T+b+n8=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';img-src 'self';style-src 'self' 'nonce-RrG5AKPObHG8HOpUjGUSFhJcwX8G08JRpLpE8T+b+n8=';frame-src 'none';frame-ancestors 'none';font-src 'self';connect-src 'self';default-src 'none';object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889

Response headers

x-robots-tag
none
content-encoding
br
age
418496
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-9841021c5fb0c6d4da46027507c41910-2eba9fe280eb1c3c-00
expires
Wed, 16 Oct 2024 22:06:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 10:06:07 GMT
x-cloud-trace-context
9841021c5fb0c6d4da46027507c41910/3367179466587184188
feature-policy
payment 'none'
vary
Accept-Encoding
last-modified
Fri, 04 Oct 2024 09:36:45 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
media-src 'none';manifest-src 'self';script-src 'self' 'nonce-RrG5AKPObHG8HOpUjGUSFhJcwX8G08JRpLpE8T+b+n8=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';img-src 'self';style-src 'self' 'nonce-RrG5AKPObHG8HOpUjGUSFhJcwX8G08JRpLpE8T+b+n8=';frame-src 'none';frame-ancestors 'none';font-src 'self';connect-src 'self';default-src 'none';object-src 'self'
cache-control
public, max-age=43200, s-maxage=604800
content-type
text/javascript; charset=utf-8
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
589
x-xss-protection
1; mode=block
server
Google Frontend
dynamic
auth.sustema.io/ui/login/resources/
19 KB
19 KB
Image
General
Full URL
https://auth.sustema.io/ui/login/resources/dynamic?orgId=188959679324356865&default-policy=true&filename=policy/label/logo-dark-193276012589482241
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2ccf383512076d461371cd4b11b6450cec399af1854b0ad9fe46824cf205fa14
Security Headers
Name Value
Content-Security-Policy default-src 'none';style-src 'self' 'nonce-6oNUpYi5mAXmIA0+ghUvdBbNAWTZjefyAWSJK6LiZYc=';frame-ancestors 'none';manifest-src 'self';connect-src 'self';script-src 'self' 'nonce-6oNUpYi5mAXmIA0+ghUvdBbNAWTZjefyAWSJK6LiZYc=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';object-src 'self';img-src 'self';media-src 'none';frame-src 'none';font-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889

Response headers

x-robots-tag
none
etag
"bb06729fafa60e60b85c553b6c18c6c2"
x-content-type-options
nosniff
x-cache-hit
miss
traceparent
00-040f385f22a29252cd6be3d91c36a4f9-00636bb78a16c133-00
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 06:21:03 GMT
content-type
image/png
feature-policy
payment 'none'
vary
Cookie
last-modified
Thu, 22 Dec 2022 08:24:40 UTC
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'none';style-src 'self' 'nonce-6oNUpYi5mAXmIA0+ghUvdBbNAWTZjefyAWSJK6LiZYc=';frame-ancestors 'none';manifest-src 'self';connect-src 'self';script-src 'self' 'nonce-6oNUpYi5mAXmIA0+ghUvdBbNAWTZjefyAWSJK6LiZYc=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';object-src 'self';img-src 'self';media-src 'none';frame-src 'none';font-src 'self'
x-cloud-trace-context
040f385f22a29252cd6be3d91c36a4f9/27984458734289203
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
content-length
19765
x-xss-protection
1; mode=block
server
Google Frontend
dynamic
auth.sustema.io/ui/login/resources/
26 KB
26 KB
Image
General
Full URL
https://auth.sustema.io/ui/login/resources/dynamic?orgId=188959679324356865&default-policy=true&filename=policy/label/logo-193275675283554561
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e724930f83dcbfeb177f3a15ea2daf623bad2538c0e20d5b2796750f112064a9
Security Headers
Name Value
Content-Security-Policy media-src 'none';frame-src 'none';frame-ancestors 'none';manifest-src 'self';style-src 'self' 'nonce-lgVpJlaQXp1I0jtLZa2tm/QfoXweop4qn2MY46wLUWc=';img-src 'self';object-src 'self';font-src 'self';connect-src 'self';default-src 'none';script-src 'self' 'nonce-lgVpJlaQXp1I0jtLZa2tm/QfoXweop4qn2MY46wLUWc=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE='
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889

Response headers

x-robots-tag
none
etag
"8931043a3f3fab14bc48d54c2830ca22"
x-content-type-options
nosniff
x-cache-hit
miss
traceparent
00-2206071c9441de8e3c3afff9972e1238-ebba9d09fd997a08-00
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 06:21:03 GMT
content-type
image/png
feature-policy
payment 'none'
vary
Cookie
last-modified
Thu, 22 Dec 2022 08:21:19 UTC
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
media-src 'none';frame-src 'none';frame-ancestors 'none';manifest-src 'self';style-src 'self' 'nonce-lgVpJlaQXp1I0jtLZa2tm/QfoXweop4qn2MY46wLUWc=';img-src 'self';object-src 'self';font-src 'self';connect-src 'self';default-src 'none';script-src 'self' 'nonce-lgVpJlaQXp1I0jtLZa2tm/QfoXweop4qn2MY46wLUWc=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE='
x-cloud-trace-context
2206071c9441de8e3c3afff9972e1238/16986061610816207368
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
content-length
26407
x-xss-protection
1; mode=block
server
Google Frontend
form_submit.js
auth.sustema.io/ui/login/resources/scripts/
2 KB
818 B
Script
General
Full URL
https://auth.sustema.io/ui/login/resources/scripts/form_submit.js
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
65f6de75f81d1ffbca0d464222b34aaf3128d0928dab181931b6ecf25d5f104a
Security Headers
Name Value
Content-Security-Policy font-src 'self';connect-src 'self';default-src 'none';script-src 'self' 'nonce-TgbPOPbsM24RzV1w5e9TmZD/DQlWDammTMb6WJKF9A4=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';style-src 'self' 'nonce-TgbPOPbsM24RzV1w5e9TmZD/DQlWDammTMb6WJKF9A4=';frame-ancestors 'none';manifest-src 'self';object-src 'self';img-src 'self';media-src 'none';frame-src 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889

Response headers

x-robots-tag
none
content-encoding
br
age
407285
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-7525bac4738db3e908582e4872a7bf61-d99f62302f45746f-00
expires
Thu, 17 Oct 2024 01:12:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:12:58 GMT
x-cloud-trace-context
7525bac4738db3e908582e4872a7bf61/15681360386618389615
feature-policy
payment 'none'
vary
Accept-Encoding
last-modified
Fri, 04 Oct 2024 09:36:45 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
font-src 'self';connect-src 'self';default-src 'none';script-src 'self' 'nonce-TgbPOPbsM24RzV1w5e9TmZD/DQlWDammTMb6WJKF9A4=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';style-src 'self' 'nonce-TgbPOPbsM24RzV1w5e9TmZD/DQlWDammTMb6WJKF9A4=';frame-ancestors 'none';manifest-src 'self';object-src 'self';img-src 'self';media-src 'none';frame-src 'none'
cache-control
public, max-age=43200, s-maxage=604800
content-type
text/javascript; charset=utf-8
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
771
x-xss-protection
1; mode=block
server
Google Frontend
default_form_validation.js
auth.sustema.io/ui/login/resources/scripts/
89 B
134 B
Script
General
Full URL
https://auth.sustema.io/ui/login/resources/scripts/default_form_validation.js
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b5371af0ee74f931302075c39095bcbc5e30d16f2f400f58e5e61ba30f6dbc42
Security Headers
Name Value
Content-Security-Policy frame-src 'none';manifest-src 'self';script-src 'self' 'nonce-ZOpP9EdlfOqIsh98xkSLYdgPGdOmd1w8x2u/5BJnvpc=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';style-src 'self' 'nonce-ZOpP9EdlfOqIsh98xkSLYdgPGdOmd1w8x2u/5BJnvpc=';img-src 'self';media-src 'none';connect-src 'self';default-src 'none';object-src 'self';frame-ancestors 'none';font-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889

Response headers

x-robots-tag
none
age
229951
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-a8295c819f1f7ccec6c999441faa54f0-9647513c825a1487-00
expires
Sat, 19 Oct 2024 02:28:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 14:28:32 GMT
x-cloud-trace-context
a8295c819f1f7ccec6c999441faa54f0/10828713149362476167
feature-policy
payment 'none'
last-modified
Thu, 17 Oct 2024 12:58:16 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-src 'none';manifest-src 'self';script-src 'self' 'nonce-ZOpP9EdlfOqIsh98xkSLYdgPGdOmd1w8x2u/5BJnvpc=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';style-src 'self' 'nonce-ZOpP9EdlfOqIsh98xkSLYdgPGdOmd1w8x2u/5BJnvpc=';img-src 'self';media-src 'none';connect-src 'self';default-src 'none';object-src 'self';frame-ancestors 'none';font-src 'self'
cache-control
public, max-age=43200, s-maxage=604800
content-type
text/javascript; charset=utf-8
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
bytes
content-length
89
x-xss-protection
1; mode=block
server
Google Frontend
input_suffix_offset.js
auth.sustema.io/ui/login/resources/scripts/
485 B
528 B
Script
General
Full URL
https://auth.sustema.io/ui/login/resources/scripts/input_suffix_offset.js
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2ddac2cf5c03e55cc929f7e1f8bdc1b0a7bd6b22d43865ecf723d6ac360ae794
Security Headers
Name Value
Content-Security-Policy img-src 'self';frame-src 'none';frame-ancestors 'none';font-src 'self';connect-src 'self';script-src 'self' 'nonce-SZuktHcrX/sxtscr42diRvQCp8Tma+/dVu4jW/DIfBM=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';style-src 'self' 'nonce-SZuktHcrX/sxtscr42diRvQCp8Tma+/dVu4jW/DIfBM=';media-src 'none';manifest-src 'self';default-src 'none';object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889

Response headers

x-robots-tag
none
age
376590
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-c0277eb65596a180c228cbb84eb401f0-e891be28abb5237a-00
expires
Thu, 17 Oct 2024 09:44:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 21:44:33 GMT
x-cloud-trace-context
c0277eb65596a180c228cbb84eb401f0/16758384770311070586
feature-policy
payment 'none'
last-modified
Fri, 04 Oct 2024 09:36:45 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
img-src 'self';frame-src 'none';frame-ancestors 'none';font-src 'self';connect-src 'self';script-src 'self' 'nonce-SZuktHcrX/sxtscr42diRvQCp8Tma+/dVu4jW/DIfBM=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';style-src 'self' 'nonce-SZuktHcrX/sxtscr42diRvQCp8Tma+/dVu4jW/DIfBM=';media-src 'none';manifest-src 'self';default-src 'none';object-src 'self'
cache-control
public, max-age=43200, s-maxage=604800
content-type
text/javascript; charset=utf-8
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
bytes
content-length
485
x-xss-protection
1; mode=block
server
Google Frontend
go_back.js
auth.sustema.io/ui/login/resources/scripts/
316 B
359 B
Script
General
Full URL
https://auth.sustema.io/ui/login/resources/scripts/go_back.js
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
8fa86beb0a21213a01cc37c642cb49a392bec676238babc65e5e55d63cbe9632
Security Headers
Name Value
Content-Security-Policy manifest-src 'self';connect-src 'self';default-src 'none';object-src 'self';frame-src 'none';media-src 'none';frame-ancestors 'none';font-src 'self';script-src 'self' 'nonce-x4LgeQbl3Fhtd87h7OAv/Qjz0HvyIz35X5WYX9Z/NKU=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';style-src 'self' 'nonce-x4LgeQbl3Fhtd87h7OAv/Qjz0HvyIz35X5WYX9Z/NKU=';img-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889

Response headers

x-robots-tag
none
age
418791
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-5b8e63f3f2c26bd3286c0a582aea6c1c-50a6a6ece0dc7822-00
expires
Wed, 16 Oct 2024 22:01:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 10:01:12 GMT
x-cloud-trace-context
5b8e63f3f2c26bd3286c0a582aea6c1c/5811515905483241506
feature-policy
payment 'none'
last-modified
Fri, 04 Oct 2024 09:36:45 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
manifest-src 'self';connect-src 'self';default-src 'none';object-src 'self';frame-src 'none';media-src 'none';frame-ancestors 'none';font-src 'self';script-src 'self' 'nonce-x4LgeQbl3Fhtd87h7OAv/Qjz0HvyIz35X5WYX9Z/NKU=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';style-src 'self' 'nonce-x4LgeQbl3Fhtd87h7OAv/Qjz0HvyIz35X5WYX9Z/NKU=';img-src 'self'
cache-control
public, max-age=43200, s-maxage=604800
content-type
text/javascript; charset=utf-8
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
bytes
content-length
316
x-xss-protection
1; mode=block
server
Google Frontend
avatar.js
auth.sustema.io/ui/login/resources/scripts/
4 KB
1 KB
Script
General
Full URL
https://auth.sustema.io/ui/login/resources/scripts/avatar.js
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
a6225a65f22e538ebdb7fc6d49999336f396b554f275e69af0fe0e6a88972207
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'nonce-tVCxNRc6Z73qmZkNS2t475ZV+gt3pHe9ohwHOqrPe4I=';img-src 'self';font-src 'self';script-src 'self' 'nonce-tVCxNRc6Z73qmZkNS2t475ZV+gt3pHe9ohwHOqrPe4I=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';object-src 'self';media-src 'none';frame-src 'none';frame-ancestors 'none';manifest-src 'self';connect-src 'self';default-src 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889

Response headers

x-robots-tag
none
content-encoding
br
age
407288
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-56c75162f0e44c94ad5806beb6a132bf-00f6f43272599cc7-00
expires
Thu, 17 Oct 2024 01:12:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 13:12:55 GMT
x-cloud-trace-context
56c75162f0e44c94ad5806beb6a132bf/69511341774838983
feature-policy
payment 'none'
vary
Accept-Encoding
last-modified
Fri, 04 Oct 2024 09:36:45 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
style-src 'self' 'nonce-tVCxNRc6Z73qmZkNS2t475ZV+gt3pHe9ohwHOqrPe4I=';img-src 'self';font-src 'self';script-src 'self' 'nonce-tVCxNRc6Z73qmZkNS2t475ZV+gt3pHe9ohwHOqrPe4I=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';object-src 'self';media-src 'none';frame-src 'none';frame-ancestors 'none';manifest-src 'self';connect-src 'self';default-src 'none'
cache-control
public, max-age=43200, s-maxage=604800
content-type
text/javascript; charset=utf-8
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
1203
x-xss-protection
1; mode=block
server
Google Frontend
touched.js
auth.sustema.io/ui/login/resources/scripts/
353 B
404 B
Script
General
Full URL
https://auth.sustema.io/ui/login/resources/scripts/touched.js
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
a16f5d3ff27b87f0a0595334a0b49ffe70204bb009bd17f363bdd5f6bddf8957
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'nonce-MiMzSZrFj0aaHrD8iv5sKWAg+8jWaMigp8V72rnhAe0=';img-src 'self';media-src 'none';font-src 'self';manifest-src 'self';script-src 'self' 'nonce-MiMzSZrFj0aaHrD8iv5sKWAg+8jWaMigp8V72rnhAe0=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';object-src 'self';frame-src 'none';frame-ancestors 'none';connect-src 'self';default-src 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889

Response headers

x-robots-tag
none
age
416687
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-4b844b63e8f78ba74d966ca7b7831ed3-2c6c57c158c979e9-00
expires
Wed, 16 Oct 2024 22:36:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 10:36:16 GMT
x-cloud-trace-context
4b844b63e8f78ba74d966ca7b7831ed3/3201029923083483625
feature-policy
payment 'none'
last-modified
Fri, 04 Oct 2024 09:36:45 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
style-src 'self' 'nonce-MiMzSZrFj0aaHrD8iv5sKWAg+8jWaMigp8V72rnhAe0=';img-src 'self';media-src 'none';font-src 'self';manifest-src 'self';script-src 'self' 'nonce-MiMzSZrFj0aaHrD8iv5sKWAg+8jWaMigp8V72rnhAe0=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';object-src 'self';frame-src 'none';frame-ancestors 'none';connect-src 'self';default-src 'none'
cache-control
public, max-age=43200, s-maxage=604800
content-type
text/javascript; charset=utf-8
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
bytes
content-length
353
x-xss-protection
1; mode=block
server
Google Frontend
Lato-Regular.ttf
auth.sustema.io/ui/login/resources/fonts/lato/
73 KB
35 KB
Font
General
Full URL
https://auth.sustema.io/ui/login/resources/fonts/lato/Lato-Regular.ttf
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/login/resources/themes/zitadel/css/zitadel.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
ea8979c22cf1d830e3ff939aadd49cc4d78c851e3cb59d2aa95ea10ee752d5d1
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'none';connect-src 'self';default-src 'none';script-src 'self' 'nonce-ycllmt0PHVbKp0T15xOtBUeHqRCmN+IAGQg9jImVqpI=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';style-src 'self' 'nonce-ycllmt0PHVbKp0T15xOtBUeHqRCmN+IAGQg9jImVqpI=';img-src 'self';media-src 'none';frame-src 'none';font-src 'self';manifest-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.sustema.io
Referer
https://auth.sustema.io/ui/login/resources/themes/zitadel/css/zitadel.css

Response headers

x-robots-tag
none
content-encoding
br
age
417146
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-bb6aa2b764780c1a0fa8294d0295179f-ca1becc3cf448748-00
expires
Wed, 16 Oct 2024 22:28:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 10:28:37 GMT
x-cloud-trace-context
bb6aa2b764780c1a0fa8294d0295179f/14563494145772783432
feature-policy
payment 'none'
vary
Accept-Encoding
last-modified
Fri, 04 Oct 2024 09:36:45 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
object-src 'self';frame-ancestors 'none';connect-src 'self';default-src 'none';script-src 'self' 'nonce-ycllmt0PHVbKp0T15xOtBUeHqRCmN+IAGQg9jImVqpI=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';style-src 'self' 'nonce-ycllmt0PHVbKp0T15xOtBUeHqRCmN+IAGQg9jImVqpI=';img-src 'self';media-src 'none';frame-src 'none';font-src 'self';manifest-src 'self'
cache-control
public, max-age=43200, s-maxage=604800
content-type
font/ttf
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
35825
x-xss-protection
1; mode=block
server
Google Frontend
lgn-icons.ttf
auth.sustema.io/ui/login/resources/fonts/lgn-icons/fonts/
2 KB
1 KB
Font
General
Full URL
https://auth.sustema.io/ui/login/resources/fonts/lgn-icons/fonts/lgn-icons.ttf?p68sys
Requested by
Host: auth.sustema.io
URL: https://auth.sustema.io/ui/login/resources/fonts/lgn-icons/css/lgn-icon-font.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
bc1f192936879a2100e1f78f13b29f3b96cb934fb0a4a7c05041c9396f360a0a
Security Headers
Name Value
Content-Security-Policy img-src 'self';media-src 'none';frame-src 'none';font-src 'self';manifest-src 'self';default-src 'none';script-src 'self' 'nonce-IJxaX7R9wHx834fTxBYuTuPePOhEJJbsFsCOWKjRcEs=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';style-src 'self' 'nonce-IJxaX7R9wHx834fTxBYuTuPePOhEJJbsFsCOWKjRcEs=';connect-src 'self';object-src 'self';frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.sustema.io
Referer
https://auth.sustema.io/ui/login/resources/fonts/lgn-icons/css/lgn-icon-font.css

Response headers

x-robots-tag
none
content-encoding
br
age
414258
x-content-type-options
nosniff
x-cache-hit
hit
traceparent
00-6e8626c2cd8409715945ad57024d1456-24194c9caa0c332e-00
expires
Wed, 16 Oct 2024 23:16:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 11:16:45 GMT
x-cloud-trace-context
6e8626c2cd8409715945ad57024d1456/2601194495534707502
feature-policy
payment 'none'
vary
Accept-Encoding
last-modified
Fri, 04 Oct 2024 09:36:45 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
img-src 'self';media-src 'none';frame-src 'none';font-src 'self';manifest-src 'self';default-src 'none';script-src 'self' 'nonce-IJxaX7R9wHx834fTxBYuTuPePOhEJJbsFsCOWKjRcEs=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';style-src 'self' 'nonce-IJxaX7R9wHx834fTxBYuTuPePOhEJJbsFsCOWKjRcEs=';connect-src 'self';object-src 'self';frame-ancestors 'none'
cache-control
public, max-age=43200, s-maxage=604800
content-type
font/ttf
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
accept-ranges
none
content-length
1270
x-xss-protection
1; mode=block
server
Google Frontend
dynamic
auth.sustema.io/ui/login/resources/
54 KB
54 KB
Other
General
Full URL
https://auth.sustema.io/ui/login/resources/dynamic?orgId=188959679324356865&default-policy=true&filename=policy/label/icon-193275888152871169
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
f30c79d6e2bbd9bb3f1afb7ff0b63b08953db654fe4f42c6a280555bd37e4423
Security Headers
Name Value
Content-Security-Policy object-src 'self';style-src 'self' 'nonce-g2KpdEJbG/xiciLA4/kZHVGTLyLGIuwtZiHnj4y6Zyk=';img-src 'self';connect-src 'self';frame-ancestors 'none';font-src 'self';manifest-src 'self';default-src 'none';script-src 'self' 'nonce-g2KpdEJbG/xiciLA4/kZHVGTLyLGIuwtZiHnj4y6Zyk=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';media-src 'none';frame-src 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.sustema.io/ui/login/login?authRequestID=290238561561618889

Response headers

x-robots-tag
none
etag
"00a1cfa895dc543fbdb30221ab60f4c3"
x-content-type-options
nosniff
x-cache-hit
miss
traceparent
00-e8ae5dc175087c6ddb34266f5e1643e3-44149d298c8e1e0c-00
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 06:21:03 GMT
content-type
image/png
feature-policy
payment 'none'
vary
Cookie
last-modified
Thu, 22 Dec 2022 08:23:26 UTC
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
object-src 'self';style-src 'self' 'nonce-g2KpdEJbG/xiciLA4/kZHVGTLyLGIuwtZiHnj4y6Zyk=';img-src 'self';connect-src 'self';frame-ancestors 'none';font-src 'self';manifest-src 'self';default-src 'none';script-src 'self' 'nonce-g2KpdEJbG/xiciLA4/kZHVGTLyLGIuwtZiHnj4y6Zyk=' 'sha256-AjPdJSbZmeWHnEc5ykvJFay8FTWeTeRbs9dutfZ0HqE=';media-src 'none';frame-src 'none'
x-cloud-trace-context
e8ae5dc175087c6ddb34266f5e1643e3/4905718695890656780
referrer-policy
same-origin
via
1.1 google
permissions-policy
payment=()
content-length
54907
x-xss-protection
1; mode=block
server
Google Frontend

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| isAutoMode function| hasDarkModeOverwriteCookie function| hasLightModeOverwriteCookie function| writeModeCookie function| getCookie function| setCookie function| detectDelete function| autofill function| disableSubmit function| addRequiredEventListener function| disableDoubleSubmit function| toggleButton function| allRequiredDone function| calculateOffset function| goBack function| wereInUserSelection function| hashCode function| getColor

3 Cookies

Domain/Path Name / Value
auth.sustema.io/ Name: __Host-zitadel.login.csrf
Value: MTcyOTQ5MTY2MXxJbEZMVTBWVldsbHBUamN6YVdkWFJtVmpSemhzVEVKWFpUSnFabUpwYVdjMU1uZzVRWGxaYjJVM1ZtYzlJZ289fN4K5rsH5criLcLz1YqQEybpuhGpwg_kBMkyNOfglVFO
auth.sustema.io/ Name: __Host-zitadel.useragent
Value: MTcyOTQ5MTY2M3xmOGw2M0dkTVFKNHBZTGhmNlk2UWdfQU9idHlqUUJ0X2JsR2Vrb3B3OUpDTnNWMTNmQzd4SWJvWFpyVU1icVZRa3NodXlLd2RSY3FoWVJwOGwzN2xrZmM3b04tNkx3PT18QxWqJAJqeysVcZyqipTdgrMKJcuPGjfwLW9dk6yM4_c=
auth.sustema.io/ Name: mode
Value: auto-light

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: payment. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: payment. Values defined in Permissions-Policy header will be used.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none';media-src 'none';frame-src 'none';frame-ancestors 'none';connect-src 'self' devservicepartnercloud-tiypjk.zitadel.cloud;default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' devservicepartnercloud-tiypjk.zitadel.cloud blob:;font-src 'self';manifest-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.sustema.io
2600:1901:0:fa85::
34.107.193.192
2ccf383512076d461371cd4b11b6450cec399af1854b0ad9fe46824cf205fa14
2ddac2cf5c03e55cc929f7e1f8bdc1b0a7bd6b22d43865ecf723d6ac360ae794
2ebc0b1bc7b14b09945360f931ca59d2c91ca864fad2deda1cbd7aed1a6ab1f7
4716ecc4c3d6816c0cce4e62bd854fa32c81f9ced9eccd36d009723879e27fea
4fb1256e5e0f018a6fa3674fe0968541af116c21849b8965f1af6fa7c91dc180
65f6de75f81d1ffbca0d464222b34aaf3128d0928dab181931b6ecf25d5f104a
785b5e7dbc9ae4a37b62c974bd496701eb11ac06791e53ad59dfbd16fa8cf782
8fa86beb0a21213a01cc37c642cb49a392bec676238babc65e5e55d63cbe9632
a16f5d3ff27b87f0a0595334a0b49ffe70204bb009bd17f363bdd5f6bddf8957
a6225a65f22e538ebdb7fc6d49999336f396b554f275e69af0fe0e6a88972207
a62b65c336e5148ef7abf62fe23a5e318a6a023c4e3f099e1f78e484302e7daa
b5371af0ee74f931302075c39095bcbc5e30d16f2f400f58e5e61ba30f6dbc42
b9ea22298363dc3118d898c5267d7e8f855d77a6124f3ecaf242d83b4100970a
bc1f192936879a2100e1f78f13b29f3b96cb934fb0a4a7c05041c9396f360a0a
bd46a28175be4b7e8361422659b5d3b9c0505939fa8072323759151c5f23cb99
c030b2e3a9af4b8f6b408b70027c6526fb53cd486f10cb4c5695454f63656765
d59a13b75ccf99b09e7e4d1c4fbdd077c3fb547b0c67e00c072603c538614604
e724930f83dcbfeb177f3a15ea2daf623bad2538c0e20d5b2796750f112064a9
e78d9f8db4452ddf9e2a43781ae038d115704f011025c1b8285e11a3382871a5
e82542aed8293f49fc83c4aaea566b1f6b4fc7a9ab5da11e6fb9bc0973b5324b
ea8979c22cf1d830e3ff939aadd49cc4d78c851e3cb59d2aa95ea10ee752d5d1
f30c79d6e2bbd9bb3f1afb7ff0b63b08953db654fe4f42c6a280555bd37e4423
f3ec9fdc14a9ea32a8ab3f0d83a24e45cc231f5d4a1cf82a780c83f12cb7d034
f975fbbf4402ef4a5e3fdfd8d28eb3d5b84f8d677ef3918bf2509ae35df28c45