urlscan.io logo urlscan.io
SecurityTrails logo

federation-q.auth.schwarz Open in urlscan Pro
185.124.192.204  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wbs-wrr-web.qa.sit.svc.odj.cloud/
Effective URL: https://federation-q.auth.schwarz/nidp/oauth/nam/authz?client_id=cd895ae6-e2b5-4658-b633-325ec8f88b7e&redirect_uri=https%3A%2F%2Fw...
Submission: On November 20 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 185.124.192.204, located in Heilbronn, Germany and belongs to SCHWARZ-IT-LEGACY INTAC Services GmbH, DE. The main domain is federation-q.auth.schwarz.
TLS certificate: Issued by SwissSign RSA TLS EV ICA 2022 - 1 on October 2nd 2024. Valid for: a year.
This is the only time federation-q.auth.schwarz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 192.214.160.211 44076 (SCHWARZ-I...)
3 185.124.192.204 211768 (SCHWARZ-I...)
7 2
Apex Domain
Subdomains		 Transfer
4 odj.cloud
wbs-wrr-web.qa.sit.svc.odj.cloud
149 KB
3 auth.schwarz
federation-q.auth.schwarz
6 KB
7 2
Domain Requested by
4 wbs-wrr-web.qa.sit.svc.odj.cloud wbs-wrr-web.qa.sit.svc.odj.cloud
3 federation-q.auth.schwarz wbs-wrr-web.qa.sit.svc.odj.cloud
7 2

This site contains no links.

Subject Issuer Validity Valid
wbs-wrr-web.qa.sit.svc.odj.cloud
R11		 2024-11-20 -
2025-02-18		 3 months crt.sh
federation-q.auth.schwarz
SwissSign RSA TLS EV ICA 2022 - 1		 2024-10-02 -
2025-10-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://federation-q.auth.schwarz/nidp/oauth/nam/authz?client_id=cd895ae6-e2b5-4658-b633-325ec8f88b7e&redirect_uri=https%3A%2F%2Fwbs-wrr-web.qa.sit.svc.odj.cloud&response_type=code&scope=wawi-wrr+openid&state=da8395ca511f4251b25213960a64b7ff&code_challenge=ff55CBfDZZy_vZNKjy9RyyHdrABGM94lI1uyh13v7bQ&code_challenge_method=S256
Frame ID: 714C6B319EA1524E0868DC830BAF8309
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://wbs-wrr-web.qa.sit.svc.odj.cloud/ Page URL
  2. https://federation-q.auth.schwarz/nidp/oauth/nam/authz?client_id=cd895ae6-e2b5-4658-b633-325ec8f88b7e&redirect... Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

155 kB
Transfer

396 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wbs-wrr-web.qa.sit.svc.odj.cloud/ Page URL
  2. https://federation-q.auth.schwarz/nidp/oauth/nam/authz?client_id=cd895ae6-e2b5-4658-b633-325ec8f88b7e&redirect_uri=https%3A%2F%2Fwbs-wrr-web.qa.sit.svc.odj.cloud&response_type=code&scope=wawi-wrr+openid&state=da8395ca511f4251b25213960a64b7ff&code_challenge=ff55CBfDZZy_vZNKjy9RyyHdrABGM94lI1uyh13v7bQ&code_challenge_method=S256 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
wbs-wrr-web.qa.sit.svc.odj.cloud/ 		852 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wbs-wrr-web.qa.sit.svc.odj.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.214.160.211 -, , ASN44076 (SCHWARZ-IT INTAC Services GmbH, DE),
Reverse DNS
Software
/
Resource Hash
7c93a107f5b338af64c174691f2024a1e74f2dfa314fde94889f5b1d6fe92c28
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
852
content-type
text/html
date
Wed, 20 Nov 2024 19:23:29 GMT
etag
"673de4b1-354"
last-modified
Wed, 20 Nov 2024 13:31:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
index-WLkh663F.js
wbs-wrr-web.qa.sit.svc.odj.cloud/assets/ 		370 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wbs-wrr-web.qa.sit.svc.odj.cloud/assets/index-WLkh663F.js
Requested by
Host: wbs-wrr-web.qa.sit.svc.odj.cloud
URL: https://wbs-wrr-web.qa.sit.svc.odj.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.214.160.211 -, , ASN44076 (SCHWARZ-IT INTAC Services GmbH, DE),
Reverse DNS
Software
/
Resource Hash
5152a4e6f6d9ea45b081981f8e83940691f0b9644013b78f36d5097d88448df1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://wbs-wrr-web.qa.sit.svc.odj.cloud
Referer
https://wbs-wrr-web.qa.sit.svc.odj.cloud/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=31536000, public
content-encoding
gzip
etag
W/"673dcf22-5c928"
expires
Thu, 20 Nov 2025 19:23:29 GMT
date
Wed, 20 Nov 2024 19:23:29 GMT
content-type
application/javascript
last-modified
Wed, 20 Nov 2024 11:59:30 GMT
index-BPiX-Xun.css
wbs-wrr-web.qa.sit.svc.odj.cloud/assets/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wbs-wrr-web.qa.sit.svc.odj.cloud/assets/index-BPiX-Xun.css
Requested by
Host: wbs-wrr-web.qa.sit.svc.odj.cloud
URL: https://wbs-wrr-web.qa.sit.svc.odj.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.214.160.211 -, , ASN44076 (SCHWARZ-IT INTAC Services GmbH, DE),
Reverse DNS
Software
/
Resource Hash
dbc51a2fe29cf45c2dec84b8c6a012b1a42f25dd4bb30a84dd27db5a4683391e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://wbs-wrr-web.qa.sit.svc.odj.cloud
Referer
https://wbs-wrr-web.qa.sit.svc.odj.cloud/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=31536000, public
content-encoding
gzip
etag
W/"673dcf21-5220"
expires
Thu, 20 Nov 2025 19:23:29 GMT
date
Wed, 20 Nov 2024 19:23:29 GMT
content-type
text/css
last-modified
Wed, 20 Nov 2024 11:59:29 GMT
openid-configuration
federation-q.auth.schwarz/nidp/oauth/nam/.well-known/ 		2 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://federation-q.auth.schwarz/nidp/oauth/nam/.well-known/openid-configuration
Requested by
Host: wbs-wrr-web.qa.sit.svc.odj.cloud
URL: https://wbs-wrr-web.qa.sit.svc.odj.cloud/assets/index-WLkh663F.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.124.192.204 Heilbronn, Germany, ASN211768 (SCHWARZ-IT-LEGACY INTAC Services GmbH, DE),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://itdoc.schwarz https://de.sp.kaufland https://de.sp-qs.kaufland https://de.sp-at.kaufland https://de.sp-et.kaufland https://federation-q.auth.schwarz https://hcm12preview.sapsf.eu/ https://mamt.schwarz https://www.securepayment.intercard.de https://sp-backupapps-ui.test.sit.az.odj.cloud/ https://sp-backupapps-ui.dev.sit.az.odj.cloud/ https://a86ytdots.accounts.ondemand.com/ https://oqafckbqw8ruhemdzw8k1uf.authentication.eu11.hana.ondemand.com https://performancemanager5.successfactors.eu https://oqafckbqw8ruhemdzw8k1uf.eu11.analytics.cloud.sap/
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/jwk-set+json, application/json
Referer
https://wbs-wrr-web.qa.sit.svc.odj.cloud/

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
frame-ancestors https://itdoc.schwarz https://de.sp.kaufland https://de.sp-qs.kaufland https://de.sp-at.kaufland https://de.sp-et.kaufland https://federation-q.auth.schwarz https://hcm12preview.sapsf.eu/ https://mamt.schwarz https://www.securepayment.intercard.de https://sp-backupapps-ui.test.sit.az.odj.cloud/ https://sp-backupapps-ui.dev.sit.az.odj.cloud/ https://a86ytdots.accounts.ondemand.com/ https://oqafckbqw8ruhemdzw8k1uf.authentication.eu11.hana.ondemand.com https://performancemanager5.successfactors.eu https://oqafckbqw8ruhemdzw8k1uf.eu11.analytics.cloud.sap/
Connection
keep-alive
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
https://wbs-wrr-web.qa.sit.svc.odj.cloud
Content-Length
2200
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
Date
Wed, 20 Nov 2024 19:23:29 GMT
Content-Type
application/json
X-FRAME-OPTIONS
SAMEORIGIN
wawi.svg
wbs-wrr-web.qa.sit.svc.odj.cloud/new_icons/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wbs-wrr-web.qa.sit.svc.odj.cloud/new_icons/wawi.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.214.160.211 -, , ASN44076 (SCHWARZ-IT INTAC Services GmbH, DE),
Reverse DNS
Software
/
Resource Hash
ad1f94d76d903514cefc2e14c860177f0cbbffcdd44a92bc98d2f29c2cd62d9b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wbs-wrr-web.qa.sit.svc.odj.cloud/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Wed, 20 Nov 2024 19:23:29 GMT
etag
W/"673dcf21-957"
content-type
image/svg+xml
last-modified
Wed, 20 Nov 2024 11:59:29 GMT
Primary Request authz
federation-q.auth.schwarz/nidp/oauth/nam/ 		128 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://federation-q.auth.schwarz/nidp/oauth/nam/authz?client_id=cd895ae6-e2b5-4658-b633-325ec8f88b7e&redirect_uri=https%3A%2F%2Fwbs-wrr-web.qa.sit.svc.odj.cloud&response_type=code&scope=wawi-wrr+openid&state=da8395ca511f4251b25213960a64b7ff&code_challenge=ff55CBfDZZy_vZNKjy9RyyHdrABGM94lI1uyh13v7bQ&code_challenge_method=S256
Requested by
Host: wbs-wrr-web.qa.sit.svc.odj.cloud
URL: https://wbs-wrr-web.qa.sit.svc.odj.cloud/assets/index-WLkh663F.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.124.192.204 Heilbronn, Germany, ASN211768 (SCHWARZ-IT-LEGACY INTAC Services GmbH, DE),
Reverse DNS
Software
/
Resource Hash
ba6d97b8b173fe5aa12bbedee6f93a28375bfb36d5516acb4c81960512119cfd
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://itdoc.schwarz https://de.sp.kaufland https://de.sp-qs.kaufland https://de.sp-at.kaufland https://de.sp-et.kaufland https://federation-q.auth.schwarz https://hcm12preview.sapsf.eu/ https://mamt.schwarz https://www.securepayment.intercard.de https://sp-backupapps-ui.test.sit.az.odj.cloud/ https://sp-backupapps-ui.dev.sit.az.odj.cloud/ https://a86ytdots.accounts.ondemand.com/ https://oqafckbqw8ruhemdzw8k1uf.authentication.eu11.hana.ondemand.com https://performancemanager5.successfactors.eu https://oqafckbqw8ruhemdzw8k1uf.eu11.analytics.cloud.sap/
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wbs-wrr-web.qa.sit.svc.odj.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS
Connection
close
Content-Length
128
Content-Security-Policy
frame-ancestors https://itdoc.schwarz https://de.sp.kaufland https://de.sp-qs.kaufland https://de.sp-at.kaufland https://de.sp-et.kaufland https://federation-q.auth.schwarz https://hcm12preview.sapsf.eu/ https://mamt.schwarz https://www.securepayment.intercard.de https://sp-backupapps-ui.test.sit.az.odj.cloud/ https://sp-backupapps-ui.dev.sit.az.odj.cloud/ https://a86ytdots.accounts.ondemand.com/ https://oqafckbqw8ruhemdzw8k1uf.authentication.eu11.hana.ondemand.com https://performancemanager5.successfactors.eu https://oqafckbqw8ruhemdzw8k1uf.eu11.analytics.cloud.sap/
Content-Type
application/json
Date
Wed, 20 Nov 2024 19:23:30 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
SAMEORIGIN
X-XSS-Protection
1; mode=block
favicon.ico
federation-q.auth.schwarz/ 		120 B
408 B 		Other
General
Check archive.org
Download Go to
Full URL
https://federation-q.auth.schwarz/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.124.192.204 Heilbronn, Germany, ASN211768 (SCHWARZ-IT-LEGACY INTAC Services GmbH, DE),
Reverse DNS
Software
/
Resource Hash
67037b80c615b13fefdbd77e334aa36111cfa60d80fb4e387358fd589b686eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://federation-q.auth.schwarz/nidp/oauth/nam/authz?client_id=cd895ae6-e2b5-4658-b633-325ec8f88b7e&redirect_uri=https%3A%2F%2Fwbs-wrr-web.qa.sit.svc.odj.cloud&response_type=code&scope=wawi-wrr+openid&state=da8395ca511f4251b25213960a64b7ff&code_challenge=ff55CBfDZZy_vZNKjy9RyyHdrABGM94lI1uyh13v7bQ&code_challenge_method=S256

Response headers

Strict-Transport-Security
max-age=31536000
Connection
keep-alive
X-Content-Type-Options
nosniff
Content-Length
120
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
Date
Wed, 20 Nov 2024 19:23:30 GMT
Content-Type
text/html
X-Frame-Options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
federation-q.auth.schwarz/nidp Name: JSESSIONID
Value: 4240D9B48586DF5D244331CEF57AFE62
federation-q.auth.schwarz/nidp Name: TS011f11c2
Value: 0180177b4e3df5ba89e02f84892309d6271d90e7bf581a24b8a103486227078c3051fbe10c54dc6f94c3b4cf53f4fb1015ce53048d
federation-q.auth.schwarz/ Name: lbcookie
Value: !Q7OUqlRqYdNj8+ME97BiDg3cux7ey50uLiFPG81ByJjraEgA7k8BNhLt5qIaasovxNYPwQMWRbH14B0=
federation-q.auth.schwarz/ Name: TS01af31b7
Value: 0180177b4e3df5ba89e02f84892309d6271d90e7bf581a24b8a103486227078c3051fbe10c54dc6f94c3b4cf53f4fb1015ce53048d

2 Console Messages

Source Level URL
Text
network error URL: https://federation-q.auth.schwarz/nidp/oauth/nam/authz?client_id=cd895ae6-e2b5-4658-b633-325ec8f88b7e&redirect_uri=https%3A%2F%2Fwbs-wrr-web.qa.sit.svc.odj.cloud&response_type=code&scope=wawi-wrr+openid&state=da8395ca511f4251b25213960a64b7ff&code_challenge=ff55CBfDZZy_vZNKjy9RyyHdrABGM94lI1uyh13v7bQ&code_challenge_method=S256
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://federation-q.auth.schwarz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains