urlscan.io logo urlscan.io
SecurityTrails logo

login-uat.champ.aero Open in urlscan Pro
195.246.101.211  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ocp-uat.champ.aero/
Effective URL: https://login-uat.champ.aero/auth/v2/login
Submission: On September 20 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 195.246.101.211, located in Luxembourg and belongs to CHAMP-CARGOSYSTEMS-AS, LU. The main domain is login-uat.champ.aero.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on October 3rd 2023. Valid for: a year.
This is the only time login-uat.champ.aero was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 195.246.101.211 47137 (CHAMP-CAR...)
18 2
Apex Domain
Subdomains		 Transfer
19 champ.aero
ocp-uat.champ.aero
login-uat.champ.aero
874 KB
18 1
Domain Requested by
11 login-uat.champ.aero 1 redirects ocp-uat.champ.aero
login-uat.champ.aero
8 ocp-uat.champ.aero ocp-uat.champ.aero
18 2

This site contains no links.

Subject Issuer Validity Valid
*.champ.aero
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-11-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login-uat.champ.aero/auth/v2/login
Frame ID: 503494748DCF791213A5B8533CFD9ACC
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. http://ocp-uat.champ.aero/ HTTP 307
    https://ocp-uat.champ.aero/ Page URL
  2. https://login-uat.champ.aero/auth/v2/oauth/authorize?response_type=code&state=oeib2440FOAGiYpP85FqOWIUnWH... HTTP 302
    https://login-uat.champ.aero/auth/v2/login Page URL

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

873 kB
Transfer

3116 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ocp-uat.champ.aero/ HTTP 307
    https://ocp-uat.champ.aero/ Page URL
  2. https://login-uat.champ.aero/auth/v2/oauth/authorize?response_type=code&state=oeib2440FOAGiYpP85FqOWIUnWH0LaRShtXXeFgH&code_challenge=HZjuD8Bp86I9ofNYLoBNy9dSPdVTvyPkL9_eNhfBX4g&code_challenge_method=S256&client_id=59ca13dce44959efcae39285&redirect_uri=https://ocp-uat.champ.aero/ HTTP 302
    https://login-uat.champ.aero/auth/v2/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ocp-uat.champ.aero/ HTTP 307
  • https://ocp-uat.champ.aero/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ocp-uat.champ.aero/
Redirect Chain
  • http://ocp-uat.champ.aero/
  • https://ocp-uat.champ.aero/
18 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ocp-uat.champ.aero/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
nginx /
Resource Hash
edf28505368c29510c63c174c99471b30ab8f11eff08e9dcaed846dcc0575a97
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 20 Sep 2024 08:08:51 GMT
last-modified
Wed, 02 Aug 2023 08:36:31 GMT
server
nginx
strict-transport-security
max-age=16000000;
vary
Accept-Encoding

Redirect headers

Location
https://ocp-uat.champ.aero/
Non-Authoritative-Reason
HttpsUpgrades
waiting-logo.js
ocp-uat.champ.aero/static/assets/web-components/waiting-logo/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ocp-uat.champ.aero/static/assets/web-components/waiting-logo/waiting-logo.js
Requested by
Host: ocp-uat.champ.aero
URL: https://ocp-uat.champ.aero/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
nginx /
Resource Hash
07d01d3ec1abc50d568cf9e4b9d1fba95d1c85d86a7e3b111edf697bdad63d74
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Referer
https://ocp-uat.champ.aero/

Response headers

strict-transport-security
max-age=16000000;
content-encoding
gzip
etag
W/"6698d0a1-1d0c"
date
Fri, 20 Sep 2024 08:08:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 18 Jul 2024 08:21:53 GMT
server
nginx
vary
Accept-Encoding
web-setup.js
ocp-uat.champ.aero/2.4.9-a55fdf6c/setup/ 		1 KB
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ocp-uat.champ.aero/2.4.9-a55fdf6c/setup/web-setup.js
Requested by
Host: ocp-uat.champ.aero
URL: https://ocp-uat.champ.aero/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
nginx /
Resource Hash
bf2bea3639af7d53aa0320bb77bd3b4ca4c25fb5a2c82f17ae119928c6309321
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Referer
https://ocp-uat.champ.aero/

Response headers

strict-transport-security
max-age=16000000;
cache-control
public, max-age=604800, s-max-age=604800
content-encoding
gzip
etag
W/"64ca15f7-4be"
date
Fri, 20 Sep 2024 08:08:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 02 Aug 2023 08:38:15 GMT
server
nginx
vary
Accept-Encoding
lang-setup.js
ocp-uat.champ.aero/2.4.9-a55fdf6c/setup/ 		30 B
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ocp-uat.champ.aero/2.4.9-a55fdf6c/setup/lang-setup.js
Requested by
Host: ocp-uat.champ.aero
URL: https://ocp-uat.champ.aero/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
nginx /
Resource Hash
67dbd42fd34d3e995f36f67f28872f1ad794ec302333b5320b49ab3c60609b56
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Referer
https://ocp-uat.champ.aero/

Response headers

strict-transport-security
max-age=16000000;
cache-control
public, max-age=604800, s-max-age=604800
content-encoding
gzip
etag
W/"64ca158e-1e"
date
Fri, 20 Sep 2024 08:08:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 02 Aug 2023 08:36:30 GMT
server
nginx
vary
Accept-Encoding
runtime-es2015.68a7737cf3513af3ce1a.js
ocp-uat.champ.aero/2.4.9-a55fdf6c/ 		1 KB
1007 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ocp-uat.champ.aero/2.4.9-a55fdf6c/runtime-es2015.68a7737cf3513af3ce1a.js
Requested by
Host: ocp-uat.champ.aero
URL: https://ocp-uat.champ.aero/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
nginx /
Resource Hash
33122759c32820181e75b735ae25b30b36177221c70ea02223ecb7bd509899f8
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Origin
https://ocp-uat.champ.aero
Referer
https://ocp-uat.champ.aero/

Response headers

strict-transport-security
max-age=16000000;
cache-control
public, max-age=604800, s-max-age=604800
content-encoding
gzip
etag
W/"64ca1556-545"
date
Fri, 20 Sep 2024 08:08:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 02 Aug 2023 08:35:34 GMT
server
nginx
vary
Accept-Encoding
polyfills-es2015.fa84879a7a407143e8bd.js
ocp-uat.champ.aero/2.4.9-a55fdf6c/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ocp-uat.champ.aero/2.4.9-a55fdf6c/polyfills-es2015.fa84879a7a407143e8bd.js
Requested by
Host: ocp-uat.champ.aero
URL: https://ocp-uat.champ.aero/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
nginx /
Resource Hash
e6a2dbf28a55b9fd80d93cfe3f52a29fe5d90261f09ba7d61325fb4f18994fbd
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Origin
https://ocp-uat.champ.aero
Referer
https://ocp-uat.champ.aero/

Response headers

strict-transport-security
max-age=16000000;
cache-control
public, max-age=604800, s-max-age=604800
content-encoding
gzip
etag
W/"64ca1556-8f07"
date
Fri, 20 Sep 2024 08:08:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 02 Aug 2023 08:35:34 GMT
server
nginx
vary
Accept-Encoding
main-es2015.083acd43ba33c1f0ef30.js
ocp-uat.champ.aero/2.4.9-a55fdf6c/ 		2 MB
455 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ocp-uat.champ.aero/2.4.9-a55fdf6c/main-es2015.083acd43ba33c1f0ef30.js
Requested by
Host: ocp-uat.champ.aero
URL: https://ocp-uat.champ.aero/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
nginx /
Resource Hash
5ceda752889e08cf3634c20ca3f73ebec9467a27e3964e286f8aed0b4b41209c
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Origin
https://ocp-uat.champ.aero
Referer
https://ocp-uat.champ.aero/

Response headers

strict-transport-security
max-age=16000000;
cache-control
public, max-age=604800, s-max-age=604800
content-encoding
gzip
etag
W/"64ca158d-1cff04"
date
Fri, 20 Sep 2024 08:08:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 02 Aug 2023 08:36:29 GMT
server
nginx
vary
Accept-Encoding
styles.91ee8744adb234a85401.css
ocp-uat.champ.aero/2.4.9-a55fdf6c/ 		542 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ocp-uat.champ.aero/2.4.9-a55fdf6c/styles.91ee8744adb234a85401.css
Requested by
Host: ocp-uat.champ.aero
URL: https://ocp-uat.champ.aero/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
nginx /
Resource Hash
d50434be0e20a6a04bc57c4d40d8fb1b272901bd95a74d2d2623885707622f73
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Referer
https://ocp-uat.champ.aero/

Response headers

strict-transport-security
max-age=16000000;
cache-control
public, max-age=604800, s-max-age=604800
content-encoding
gzip
etag
W/"64ca1555-876e7"
date
Fri, 20 Sep 2024 08:08:51 GMT
content-type
text/css
last-modified
Wed, 02 Aug 2023 08:35:33 GMT
server
nginx
vary
Accept-Encoding
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7ec8f98a3f2d053857d990cd0b597db17dd566a3a93a017999c548b12116913

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
Primary Request login
login-uat.champ.aero/auth/v2/
Redirect Chain
  • https://login-uat.champ.aero/auth/v2/oauth/authorize?response_type=code&state=oeib2440FOAGiYpP85FqOWIUnWH0LaRShtXXeFgH&code_challenge=HZjuD8Bp86I9ofNYLoBNy9dSPdVTvyPkL9_eNhfBX4g&code_challenge_meth...
  • https://login-uat.champ.aero/auth/v2/login
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login-uat.champ.aero/auth/v2/login
Requested by
Host: ocp-uat.champ.aero
URL: https://ocp-uat.champ.aero/2.4.9-a55fdf6c/main-es2015.083acd43ba33c1f0ef30.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
/
Resource Hash
b69afce933edfbdd01e9645128015efffda3690e3585b709574ca8b5d11a9c94
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ocp-uat.champ.aero/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, x-requested-with, authorization
access-control-allow-methods
POST, GET, PUT, PATCH, OPTIONS, DELETE
access-control-allow-origin
*
access-control-expose-headers
Location
access-control-max-age
3600
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-language
de-DE
content-type
text/html;charset=UTF-8
date
Fri, 20 Sep 2024 08:08:52 GMT
etag
W/"0c61996357ef5bb55cbaf69ba4d647da4"
expires
0
pragma
no-cache
strict-transport-security
max-age=16000000;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
zipkin-trace-id
5f04c2f5279ef573

Redirect headers

access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, x-requested-with, authorization
access-control-allow-methods
POST, GET, PUT, PATCH, OPTIONS, DELETE
access-control-allow-origin
*
access-control-expose-headers
Location
access-control-max-age
3600
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Fri, 20 Sep 2024 08:08:52 GMT
expires
0
location
https://login-uat.champ.aero/auth/v2/login
pragma
no-cache
strict-transport-security
max-age=16000000;
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
theme-ocp.css
login-uat.champ.aero/auth/v2/resources/css/ 		170 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-uat.champ.aero/auth/v2/resources/css/theme-ocp.css
Requested by
Host: login-uat.champ.aero
URL: https://login-uat.champ.aero/auth/v2/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
/
Resource Hash
c5b0e2d1b6b3519099529ca01ef5e76d6958887e257ecf2e1cbee1bf7c050f3c
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Referer
https://login-uat.champ.aero/auth/v2/login

Response headers

access-control-max-age
3600
access-control-expose-headers
Location
content-encoding
gzip
etag
W/"0029dee028f768391c2b093439ee2c7df"
access-control-allow-methods
POST, GET, PUT, PATCH, OPTIONS, DELETE
x-content-type-options
nosniff
expires
0
date
Fri, 20 Sep 2024 08:08:52 GMT
content-type
text/css
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified
Mon, 16 Sep 2024 09:08:02 GMT
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, x-requested-with, authorization
x-frame-options
DENY
strict-transport-security
max-age=16000000;
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
zipkin-trace-id
5306c74bbf6ea413
access-control-allow-origin
*
x-xss-protection
1; mode=block
layout-ocp.css
login-uat.champ.aero/auth/v2/resources/css/ 		72 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-uat.champ.aero/auth/v2/resources/css/layout-ocp.css
Requested by
Host: login-uat.champ.aero
URL: https://login-uat.champ.aero/auth/v2/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
/
Resource Hash
8161a9566401cbabf5273a5e7f08384dcc2c5061e3b7925086792487489035bb
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Referer
https://login-uat.champ.aero/auth/v2/login

Response headers

access-control-max-age
3600
access-control-expose-headers
Location
content-encoding
gzip
etag
W/"0fea2ae611776289532a8f0a7e1460f31"
access-control-allow-methods
POST, GET, PUT, PATCH, OPTIONS, DELETE
x-content-type-options
nosniff
expires
0
date
Fri, 20 Sep 2024 08:08:52 GMT
content-type
text/css
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified
Mon, 16 Sep 2024 09:11:51 GMT
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, x-requested-with, authorization
x-frame-options
DENY
strict-transport-security
max-age=16000000;
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
zipkin-trace-id
4be88757405af639
access-control-allow-origin
*
x-xss-protection
1; mode=block
thirdparty.css
login-uat.champ.aero/auth/v2/resources/css/ 		108 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-uat.champ.aero/auth/v2/resources/css/thirdparty.css
Requested by
Host: login-uat.champ.aero
URL: https://login-uat.champ.aero/auth/v2/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
/
Resource Hash
f441c62cbde4bbc752b0de539fb3b310ca6b5462ecb5a94e9be162d5e83087e2
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Referer
https://login-uat.champ.aero/auth/v2/login

Response headers

access-control-max-age
3600
access-control-expose-headers
Location
content-encoding
gzip
etag
W/"0e01840c49ed4f1c3b6575bbb96f2d7a1"
access-control-allow-methods
POST, GET, PUT, PATCH, OPTIONS, DELETE
x-content-type-options
nosniff
expires
0
date
Fri, 20 Sep 2024 08:08:52 GMT
content-type
text/css
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified
Mon, 16 Sep 2024 09:15:18 GMT
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, x-requested-with, authorization
x-frame-options
DENY
strict-transport-security
max-age=16000000;
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
zipkin-trace-id
1e6c293d2ae9add0
access-control-allow-origin
*
x-xss-protection
1; mode=block
login.css
login-uat.champ.aero/auth/v2/resources/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-uat.champ.aero/auth/v2/resources/css/login.css
Requested by
Host: login-uat.champ.aero
URL: https://login-uat.champ.aero/auth/v2/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
/
Resource Hash
cace0070fa402c92757dfd4faf8f9eeaf43413a2c01a2031353616c26ef40ec2
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Referer
https://login-uat.champ.aero/auth/v2/login

Response headers

access-control-max-age
3600
access-control-expose-headers
Location
content-encoding
gzip
etag
W/"0cde94806b7e309893e9667fa59086684"
access-control-allow-methods
POST, GET, PUT, PATCH, OPTIONS, DELETE
x-content-type-options
nosniff
expires
0
date
Fri, 20 Sep 2024 08:08:52 GMT
content-type
text/css
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified
Mon, 16 Sep 2024 09:03:34 GMT
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, x-requested-with, authorization
x-frame-options
DENY
strict-transport-security
max-age=16000000;
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
zipkin-trace-id
03758b66064ee0e8
access-control-allow-origin
*
x-xss-protection
1; mode=block
application.js
login-uat.champ.aero/auth/v2/resources/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-uat.champ.aero/auth/v2/resources/js/application.js
Requested by
Host: login-uat.champ.aero
URL: https://login-uat.champ.aero/auth/v2/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
/
Resource Hash
16dfa24897f78edd41c2e1266e61b42aa63e8b87460c797ede4c1f69fc37b0e2
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Referer
https://login-uat.champ.aero/auth/v2/login

Response headers

access-control-max-age
3600
access-control-expose-headers
Location
content-encoding
gzip
etag
W/"0f66a0a688d76f7edde4f19f656ad5236"
access-control-allow-methods
POST, GET, PUT, PATCH, OPTIONS, DELETE
x-content-type-options
nosniff
expires
0
date
Fri, 20 Sep 2024 08:08:52 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified
Mon, 16 Sep 2024 09:08:02 GMT
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, x-requested-with, authorization
x-frame-options
DENY
strict-transport-security
max-age=16000000;
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
zipkin-trace-id
d7cf152f4c4f5fa7
access-control-allow-origin
*
x-xss-protection
1; mode=block
logo.svg
login-uat.champ.aero/auth/v2/resources/images/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login-uat.champ.aero/auth/v2/resources/images/logo.svg
Requested by
Host: login-uat.champ.aero
URL: https://login-uat.champ.aero/auth/v2/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
/
Resource Hash
037334d05d77b8b352652bba6f95bfc189e550be8efecc0e0aeae01e5dbd1863
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Referer
https://login-uat.champ.aero/auth/v2/login

Response headers

access-control-max-age
3600
access-control-expose-headers
Location
content-encoding
gzip
etag
W/"0218c739bd4b7ff9e00b6f158ee88a0e3"
access-control-allow-methods
POST, GET, PUT, PATCH, OPTIONS, DELETE
x-content-type-options
nosniff
expires
0
date
Fri, 20 Sep 2024 08:08:52 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified
Mon, 16 Sep 2024 09:11:51 GMT
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, x-requested-with, authorization
x-frame-options
DENY
strict-transport-security
max-age=16000000;
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
zipkin-trace-id
a43f6b58147abac3
access-control-allow-origin
*
x-xss-protection
1; mode=block
login.jpg
login-uat.champ.aero/auth/v2/resources/images/ 		235 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login-uat.champ.aero/auth/v2/resources/images/login.jpg
Requested by
Host: login-uat.champ.aero
URL: https://login-uat.champ.aero/auth/v2/resources/css/login.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
/
Resource Hash
30f9ca06066f90ead328aa736c84c6df6f9f61fa2ab8854c9e14ac55fa7c2f52
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Referer
https://login-uat.champ.aero/auth/v2/resources/css/login.css

Response headers

access-control-max-age
3600
access-control-expose-headers
Location
etag
"07319822a42bae42321532b9032858fed"
access-control-allow-methods
POST, GET, PUT, PATCH, OPTIONS, DELETE
x-content-type-options
nosniff
expires
0
date
Fri, 20 Sep 2024 08:08:52 GMT
content-type
image/jpeg
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified
Mon, 16 Sep 2024 09:15:18 GMT
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, x-requested-with, authorization
x-frame-options
DENY
strict-transport-security
max-age=16000000;
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
zipkin-trace-id
7164ded24549abce
accept-ranges
bytes
access-control-allow-origin
*
content-length
240420
x-xss-protection
1; mode=block
MaterialIcons-Regular.woff2
login-uat.champ.aero/auth/v2/resources/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login-uat.champ.aero/auth/v2/resources/fonts/MaterialIcons-Regular.woff2
Requested by
Host: login-uat.champ.aero
URL: https://login-uat.champ.aero/auth/v2/resources/css/layout-ocp.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
/
Resource Hash
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Origin
https://login-uat.champ.aero
Referer
https://login-uat.champ.aero/auth/v2/resources/css/layout-ocp.css

Response headers

access-control-max-age
3600
access-control-expose-headers
Location
etag
"0570eb83859dc23dd0eec423a49e147fe"
access-control-allow-methods
POST, GET, PUT, PATCH, OPTIONS, DELETE
x-content-type-options
nosniff
expires
0
date
Fri, 20 Sep 2024 08:08:52 GMT
content-type
application/font-woff2
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified
Mon, 16 Sep 2024 09:03:34 GMT
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, x-requested-with, authorization
x-frame-options
DENY
strict-transport-security
max-age=16000000;
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
zipkin-trace-id
dc00186e14f354c5
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-origin
https://login-uat.champ.aero
content-length
44300
x-xss-protection
1; mode=block
truncated
/ 		476 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ec283d9f4777587d547bfc5ecec08c3dfc5666238d90a48a235350294a406dc

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
favicon.ico
login-uat.champ.aero/auth/v2/resources/images/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://login-uat.champ.aero/auth/v2/resources/images/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.246.101.211 , Luxembourg, ASN47137 (CHAMP-CARGOSYSTEMS-AS, LU),
Reverse DNS
211-101-246-195-static.champ.aero
Software
/
Resource Hash
f1b12ca2235598a13063da2414dfe96631acd53dd26e528ebcaf10934c24d3d2
Security Headers
Name Value
Strict-Transport-Security max-age=16000000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36
Referer
https://login-uat.champ.aero/auth/v2/login

Response headers

access-control-max-age
3600
access-control-expose-headers
Location
content-encoding
gzip
etag
W/"010f6fb71c6c8d0e227c1aefa9264033a"
access-control-allow-methods
POST, GET, PUT, PATCH, OPTIONS, DELETE
x-content-type-options
nosniff
expires
0
date
Fri, 20 Sep 2024 08:08:52 GMT
content-type
image/x-icon
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified
Mon, 16 Sep 2024 09:08:02 GMT
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, x-requested-with, authorization
x-frame-options
DENY
strict-transport-security
max-age=16000000;
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
zipkin-trace-id
cf7ee2386bb408ba
access-control-allow-origin
*
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| onBlur function| addBlurEffect function| applyOnBlur function| fixPassword function| proceedPasswordFields function| onLinkClickAppendCustomer

1 Cookies

Domain/Path Name / Value
login-uat.champ.aero/auth/v2 Name: SESSION
Value: OGE4MjhlMTAtNTJlYS00ZmFlLWJmOGQtYzZmYmI4ZTZlY2Q1

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://login-uat.champ.aero/auth/v2/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16000000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login-uat.champ.aero
ocp-uat.champ.aero
195.246.101.211
037334d05d77b8b352652bba6f95bfc189e550be8efecc0e0aeae01e5dbd1863
07d01d3ec1abc50d568cf9e4b9d1fba95d1c85d86a7e3b111edf697bdad63d74
16dfa24897f78edd41c2e1266e61b42aa63e8b87460c797ede4c1f69fc37b0e2
30f9ca06066f90ead328aa736c84c6df6f9f61fa2ab8854c9e14ac55fa7c2f52
33122759c32820181e75b735ae25b30b36177221c70ea02223ecb7bd509899f8
3ec283d9f4777587d547bfc5ecec08c3dfc5666238d90a48a235350294a406dc
5ceda752889e08cf3634c20ca3f73ebec9467a27e3964e286f8aed0b4b41209c
67dbd42fd34d3e995f36f67f28872f1ad794ec302333b5320b49ab3c60609b56
8161a9566401cbabf5273a5e7f08384dcc2c5061e3b7925086792487489035bb
a7ec8f98a3f2d053857d990cd0b597db17dd566a3a93a017999c548b12116913
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
b69afce933edfbdd01e9645128015efffda3690e3585b709574ca8b5d11a9c94
bf2bea3639af7d53aa0320bb77bd3b4ca4c25fb5a2c82f17ae119928c6309321
c5b0e2d1b6b3519099529ca01ef5e76d6958887e257ecf2e1cbee1bf7c050f3c
cace0070fa402c92757dfd4faf8f9eeaf43413a2c01a2031353616c26ef40ec2
d50434be0e20a6a04bc57c4d40d8fb1b272901bd95a74d2d2623885707622f73
e6a2dbf28a55b9fd80d93cfe3f52a29fe5d90261f09ba7d61325fb4f18994fbd
edf28505368c29510c63c174c99471b30ab8f11eff08e9dcaed846dcc0575a97
f1b12ca2235598a13063da2414dfe96631acd53dd26e528ebcaf10934c24d3d2
f441c62cbde4bbc752b0de539fb3b310ca6b5462ecb5a94e9be162d5e83087e2