urlscan.io logo urlscan.io
SecurityTrails logo

auth.optty.com Open in urlscan Pro
34.120.91.37  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://auth.optty.com/
Effective URL: https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ
Submission: On September 04 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 34.120.91.37, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is auth.optty.com.
TLS certificate: Issued by R11 on September 4th 2024. Valid for: 3 months.
This is the only time auth.optty.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 10 34.120.91.37 396982 (GOOGLE-CL...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 172.67.153.82 13335 (CLOUDFLAR...)
3 2a04:4e42:400... 54113 (FASTLY)
1 151.101.1.229 54113 (FASTLY)
18 5
10    34.120.91.37 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 37.91.120.34.bc.googleusercontent.com
auth.optty.com
5    2606:4700:3037::6815:48a7 (United States)

ASN13335 (CLOUDFLARENET, US)
retailer.optty.com
1    172.67.153.82 (United States)

ASN13335 (CLOUDFLARENET, US)
retailer.optty.com
3    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    151.101.1.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
16 optty.com
auth.optty.com
retailer.optty.com
608 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
86 KB
18 2
Domain Requested by
10 auth.optty.com 2 redirects retailer.optty.com
auth.optty.com
6 retailer.optty.com retailer.optty.com
4 cdn.jsdelivr.net auth.optty.com
cdn.jsdelivr.net
18 3

This site contains links to these domains. Also see Links.

Domain
www.optty.com
retailer.optty.com
retailer.qa.optty.com
Subject Issuer Validity Valid
optty.com
WE1		 2024-08-05 -
2024-11-03		 3 months crt.sh
auth.optty.com
R11		 2024-09-04 -
2024-12-03		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ
Frame ID: A4F72F95A9E5FDACDF99A1BB8C202111
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://auth.optty.com/ HTTP 302
    https://retailer.optty.com/?error=invalid_request Page URL
  2. https://auth.optty.com/auth?client_id=merchant-portal&redirect_uri=https%3A%2F%2Fretailer.optty.com... HTTP 302
    https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

18
Requests

100 %
HTTPS

40 %
IPv6

2
Domains

3
Subdomains

5
IPs

1
Countries

693 kB
Transfer

2403 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://auth.optty.com/ HTTP 302
    https://retailer.optty.com/?error=invalid_request Page URL
  2. https://auth.optty.com/auth?client_id=merchant-portal&redirect_uri=https%3A%2F%2Fretailer.optty.com%2Fsignin-oidc&response_type=code&scope=openid&state=960f2ada813d4b77879d16c239808c98&code_challenge=S6dlUKiSSFfrs-nzmzl_daXTFYA6CBhWfjvZY_RNslw&code_challenge_method=S256&response_mode=query HTTP 302
    https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://auth.optty.com/ HTTP 302
  • https://retailer.optty.com/?error=invalid_request

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
retailer.optty.com/
Redirect Chain
  • https://auth.optty.com/
  • https://retailer.optty.com/?error=invalid_request
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://retailer.optty.com/?error=invalid_request
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:48a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddf09598e8933764e1dedcde27d84dcd1b19f1c295f33c4609324f96e5a1ad5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
1329
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
DYNAMIC
cf-ray
8bdc9721adf271c1-FRA
content-encoding
br
content-type
text/html
date
Wed, 04 Sep 2024 08:25:41 GMT
expires
Wed, 04 Sep 2024 09:03:32 GMT
last-modified
Thu, 22 Aug 2024 18:28:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2B3FUBMS7T86BzWqoMkFGLCSFHvNcRtsiiSKGNV%2FmVxcR%2BLIeTD63M%2BPmZ%2FymhzyFZhOscRnpfq1w86uOMubc3xoK7Qk2dCKfS%2FP95HBoiqCNlHsCfu%2FhrCXedd8koGPHAFzZLwvMIb24WpzWcs6eFw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-goog-generation
1724351335636482
x-goog-hash
crc32c=Mio0jQ== md5=mnLKW41mAYut2wWWyiF43g==
x-goog-meta-goog-reserved-file-mtime
1724349796
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
13053
x-guploader-uploadid
AD-8ljsu4MrulUJ26M_0v-kP5dgRYezwjheesW7TXxGMfir1MclWWjsEcpYQh-3BeZ56OBAjTWo

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 08:25:41 GMT
location
https://retailer.optty.com?error=invalid_request
server
istio-envoy
vary
Origin
via
1.1 google
x-envoy-decorator-operation
authentication-service.apps.svc.cluster.local:80/*
x-envoy-upstream-service-time
1
10.83342f34.chunk.css
retailer.optty.com/static/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retailer.optty.com/static/css/10.83342f34.chunk.css
Requested by
Host: retailer.optty.com
URL: https://retailer.optty.com/?error=invalid_request
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:48a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c377e60493bc3a6cb480e2a5a51de9cae7671dbfd0e491461005e1174cf63cf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://retailer.optty.com/?error=invalid_request
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 08:25:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1724349796
content-encoding
br
x-guploader-uploadid
AD-8ljvxZZ0R-vdBGCYK5we8uIHU3ORUk3_36bnkD_zY51MamNY1wWuDIWpUxYAyTUx6GPhW48A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
last-modified
Thu, 22 Aug 2024 18:28:55 GMT
server
cloudflare
etag
W/"4954518d1a2d5f225161d49863cbd199"
x-frame-options
DENY
x-goog-generation
1724351335908460
content-type
text/css
vary
Accept-Encoding
x-goog-hash
crc32c=KHwfKw==, md5=SVRRjRotXyJRYdSYY8vRmQ==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y0PiGSibIPlQ1xp4WBsGYUTEcGC2c2xDmADTcpsNqkgB03k%2F%2Bpt2gTP%2BV7%2B8reZ%2FpzqBKOsQpIElHtOmJEqnjr%2BPw6E5hC8dyYKL%2BPJXjhDznSI4sIatO6SjPoSHlpNl7dMtFOjUaW6ulT%2B2%2FROXuOQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
7877
cf-ray
8bdc97221e6271c1-FRA
expires
Wed, 04 Sep 2024 09:25:41 GMT
main.23adf754.chunk.css
retailer.optty.com/static/css/ 		42 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retailer.optty.com/static/css/main.23adf754.chunk.css
Requested by
Host: retailer.optty.com
URL: https://retailer.optty.com/?error=invalid_request
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:48a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4029fdac022b1b6a4542b51b897731e93569a2bafdda29ffb99a66af767294d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://retailer.optty.com/?error=invalid_request
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 08:25:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1724349796
content-encoding
br
x-guploader-uploadid
AD-8ljtGd41MVcF_QQ8Uu2ZClGICvbfAq8OVCvQgFYrIWi3A2NryxXjljpJPierplGUif-ncYWQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
last-modified
Thu, 22 Aug 2024 18:28:59 GMT
server
cloudflare
etag
W/"44b492e594610e04c613706824626e85"
x-frame-options
DENY
x-goog-generation
1724351339379586
content-type
text/css
vary
Accept-Encoding
x-goog-hash
crc32c=WV43OQ==, md5=RLSS5ZRhDgTGE3BoJGJuhQ==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PF7gKovyqescwNpQENzV4Z9Q57pfNqGeZBSMiSXU7m8v95%2BmKciZP8NUHQeT%2B4DdPiOhwUWduo9HTKSgjTYOYeYEhlacGqfljs1X330vX6s3edXRLY1mwba8Pc1El5cuWoF5OwYv%2BoTfqd0QhMZNk8k%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43288
cf-ray
8bdc97222e6671c1-FRA
expires
Wed, 04 Sep 2024 09:25:41 GMT
10.26858816.chunk.js
retailer.optty.com/static/js/ 		2 MB
444 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailer.optty.com/static/js/10.26858816.chunk.js
Requested by
Host: retailer.optty.com
URL: https://retailer.optty.com/?error=invalid_request
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:48a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd1f8c3009b74a218f012e11a30e82d76abd08246c11df25e041845e95763b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://retailer.optty.com/?error=invalid_request
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 08:25:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1724349796
content-encoding
br
x-guploader-uploadid
AD-8ljtzwte38d4YPosjzG0ZPLoFL3hutu3kwgz_jSOLTinMnx5YSuFg6kTWR6yAWSUXQ5bpZdc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
last-modified
Thu, 22 Aug 2024 18:29:01 GMT
server
cloudflare
etag
W/"ebd92c3c55931d24f3006461c24391f3"
x-frame-options
DENY
x-goog-hash
crc32c=vAMMMw==, md5=69ksPFWTHSTzAGRhwkOR8w==
x-goog-generation
1724351341090495
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aepxwWgUZTEiSVoolwSwgDYpXdlR4Rpths53Mahfi1zODy9ygO3pHuYBMcm1BqNTdc1o89tpRDRsQYxggzxT2HkPALn8v9XVDEwkkty2LdHezT3KkzUJoKwkjvGN7%2Fsoz8rL03RPBh12GhEVYK7IRxI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
x-goog-stored-content-length
1668118
vary
Accept-Encoding
cf-ray
8bdc97222e6971c1-FRA
expires
Wed, 04 Sep 2024 09:25:41 GMT
main.9cbfa6d3.chunk.js
retailer.optty.com/static/js/ 		503 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailer.optty.com/static/js/main.9cbfa6d3.chunk.js
Requested by
Host: retailer.optty.com
URL: https://retailer.optty.com/?error=invalid_request
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:48a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9cb2eff77e2a523aeb20c0b0be3162576462f275bce04441993ed22479e55c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://retailer.optty.com/?error=invalid_request
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 08:25:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1724349796
content-encoding
br
x-guploader-uploadid
AD-8ljszeV1plAOe7tEaQxW1g9TIHiqEHSXpewyGfLZgCMzwO32JJz6kt1sf0mEtZo1IJPk_cxF5jKqlfA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
last-modified
Thu, 22 Aug 2024 18:29:06 GMT
server
cloudflare
etag
W/"979d3f18da6be275a2a562dc5dda89c1"
x-frame-options
DENY
x-goog-generation
1724351346605121
content-type
application/javascript
vary
Accept-Encoding
x-goog-hash
crc32c=vQWsBg==, md5=l50/GNpr4nWipWLcXdqJwQ==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HMOO7utj1RgJlkPZmcx3AcOifrxvESwN0AQ0Lpe4vGRAPs3BpjN3QFgbB7d%2FjKjN%2B10xoyDRAMBopBvhRlr8lMXPIKU48bcLxhgybrWp1skwJujul0ULKPMjYf%2FHiA1fMlbe0QUcu5wvTRtb5DV8zE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
514694
cf-ray
8bdc97222e6a71c1-FRA
expires
Wed, 04 Sep 2024 09:25:41 GMT
openid-configuration
auth.optty.com/.well-known/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.optty.com/.well-known/openid-configuration
Requested by
Host: retailer.optty.com
URL: https://retailer.optty.com/static/js/10.26858816.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.91.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.91.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 08:25:41 GMT
x-envoy-decorator-operation
authentication-service.apps.svc.cluster.local:80/*
via
1.1 google
server
istio-envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://retailer.optty.com
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1258
favicon.ico
retailer.optty.com/ 		15 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://retailer.optty.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.153.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://retailer.optty.com/?error=invalid_request
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 08:25:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1724349593
content-encoding
br
x-guploader-uploadid
AD-8ljv8LZWYBWr3p8BTy33zbsOkw3jvywjYiD39t91eOKxoQPcyjE8kyARG2gMgF86p43iJEzo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
last-modified
Thu, 22 Aug 2024 18:28:55 GMT
server
cloudflare
etag
W/"d7fb7a8a1681775b87c7954439cd053a"
x-frame-options
DENY
x-goog-generation
1724351335026438
content-type
image/vnd.microsoft.icon
vary
Accept-Encoding
x-goog-hash
crc32c=nhR3lQ==, md5=1/t6ihaBd1uHx5VEOc0FOg==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0RX%2FkTKwk29nf1E41VokGX1H0vWT7NO7RBRxmDuttqUibOhxT3r2IY4CmQJsCU5keRe%2BJAMc4W2LY76eaJr8qRKDHB7KUrV1YGrM79ydI3U%2FpxTD8kpCc2tMN3U7P5Qw71Yi4UQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
15406
cf-ray
8bdc97246cad37f6-FRA
expires
Wed, 04 Sep 2024 09:25:41 GMT
Primary Request dG1Luc2R4tmAmkZUnPgCZ
auth.optty.com/interaction/
Redirect Chain
  • https://auth.optty.com/auth?client_id=merchant-portal&redirect_uri=https%3A%2F%2Fretailer.optty.com%2Fsignin-oidc&response_type=code&scope=openid&state=960f2ada813d4b77879d16c239808c98&code_challen...
  • https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ
Requested by
Host: retailer.optty.com
URL: https://retailer.optty.com/static/js/10.26858816.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.91.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.91.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
6e08370409d65cbbb69e2164c068dc1e178539da4480033257464d4880bfa509
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://cdn.jsdelivr.net
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store
content-length
4652
content-security-policy
default-src 'self' https://cdn.jsdelivr.net
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 08:25:41 GMT
pragma
no-cache
server
istio-envoy
vary
Origin
via
1.1 google
x-envoy-decorator-operation
authentication-service.apps.svc.cluster.local:80/*
x-envoy-upstream-service-time
5
x-frame-options
DENY

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store
content-length
99
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 08:25:41 GMT
location
/interaction/dG1Luc2R4tmAmkZUnPgCZ
pragma
no-cache
server
istio-envoy
vary
Origin
via
1.1 google
x-envoy-decorator-operation
authentication-service.apps.svc.cluster.local:80/*
x-envoy-upstream-service-time
5
login_prod.css
auth.optty.com/ 		18 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.optty.com/login_prod.css
Requested by
Host: auth.optty.com
URL: https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.91.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.91.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
19db89036d3c50d1dadca78f1c13e16c56696b55a1825a4e8e7852219482d0c5

Request headers

Referer
https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 08:25:42 GMT
x-envoy-decorator-operation
authentication-service.apps.svc.cluster.local:80/*
via
1.1 google
last-modified
Thu, 22 Aug 2024 18:12:59 GMT
server
istio-envoy
content-type
text/css; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18146
toastify.min.css
cdn.jsdelivr.net/npm/toastify-js/src/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/toastify-js/src/toastify.min.css
Requested by
Host: auth.optty.com
URL: https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
78551535760476bb888522b5653a06e9bb7b17063374574a90404466ba4cee58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.optty.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Sep 2024 08:25:42 GMT
x-content-type-options
nosniff
content-encoding
br
age
7658
x-jsd-version
1.12.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
717
x-served-by
cache-fra-etou8220126-FRA, cache-mxp6926-MXP
x-jsd-version-type
version
etag
W/"5f3-Gduk9jjIOe//5URKHgjXkQF9pPA"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
font-awesome.min.css
cdn.jsdelivr.net/npm/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/font-awesome/css/font-awesome.min.css
Requested by
Host: auth.optty.com
URL: https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.optty.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Sep 2024 08:25:42 GMT
x-content-type-options
nosniff
content-encoding
br
age
19541
x-jsd-version
4.7.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7114
x-served-by
cache-fra-eddf8230048-FRA, cache-mxp6926-MXP
x-jsd-version-type
version
etag
W/"7918-USx9eQM+MCipvmG1QM8aaHDIlvg"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
optty-tm-sub.svg
auth.optty.com/images/svg/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.optty.com/images/svg/optty-tm-sub.svg
Requested by
Host: auth.optty.com
URL: https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.91.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.91.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
c74b1ffcb67ebe1f9503c0f78162ed3199523a3c4588a3f1a2d7b89c5bd25673

Request headers

Referer
https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 08:25:42 GMT
x-envoy-decorator-operation
authentication-service.apps.svc.cluster.local:80/*
via
1.1 google
last-modified
Thu, 22 Aug 2024 18:12:59 GMT
server
istio-envoy
content-type
image/svg+xml
cache-control
max-age=0
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6830
prod-icon.svg
auth.optty.com/images/svg/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.optty.com/images/svg/prod-icon.svg
Requested by
Host: auth.optty.com
URL: https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.91.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.91.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
f44149c21a30bf888f0820242b6e51e49ce25a04b7b98235d46cbb334950129d

Request headers

Referer
https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 08:25:42 GMT
x-envoy-decorator-operation
authentication-service.apps.svc.cluster.local:80/*
via
1.1 google
last-modified
Thu, 22 Aug 2024 18:12:59 GMT
server
istio-envoy
content-type
image/svg+xml
cache-control
max-age=0
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2326
toastify-js
cdn.jsdelivr.net/npm/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/toastify-js
Requested by
Host: auth.optty.com
URL: https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
582becbb62bba81285347855cf7027db831b23e6419c89c427d05e4c3cea0741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.optty.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Sep 2024 08:25:42 GMT
x-content-type-options
nosniff
content-encoding
br
age
37112
x-jsd-version
1.12.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2158
x-served-by
cache-fra-etou8220096-FRA, cache-mxp6926-MXP
x-jsd-version-type
version
etag
W/"1a78-gnILcfEIGOTS9BOxr62w14J/AJM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
toastify.js
auth.optty.com/ 		763 B
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.optty.com/toastify.js
Requested by
Host: auth.optty.com
URL: https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.91.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.91.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
c3f9eca9230051620024d5220c17a38e4cfe2febb0875d5dc85e3ad307b9cad4

Request headers

Referer
https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 08:25:42 GMT
x-envoy-decorator-operation
authentication-service.apps.svc.cluster.local:80/*
via
1.1 google
last-modified
Thu, 22 Aug 2024 18:12:59 GMT
server
istio-envoy
content-type
application/javascript; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
763
optty-bg.png
auth.optty.com/images/png/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.optty.com/images/png/optty-bg.png
Requested by
Host: auth.optty.com
URL: https://auth.optty.com/login_prod.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.91.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.91.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
b021e0350ac246332e5670762ce92f0cc0e46a52403fb7da4167d0e2082421b7

Request headers

Referer
https://auth.optty.com/login_prod.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 08:25:42 GMT
x-envoy-decorator-operation
authentication-service.apps.svc.cluster.local:80/*
via
1.1 google
last-modified
Thu, 22 Aug 2024 18:12:59 GMT
server
istio-envoy
content-type
image/png
cache-control
max-age=0
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47872
fontawesome-webfont.woff2
cdn.jsdelivr.net/npm/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/font-awesome/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/font-awesome/css/font-awesome.min.css
Origin
https://auth.optty.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Sep 2024 08:25:42 GMT
x-content-type-options
nosniff
age
23319
x-jsd-version
4.7.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
77160
x-served-by
cache-fra-etou8220047-FRA
x-jsd-version-type
version
etag
W/"12d68-1vSMun0Hb7by/Wupk6dbncHsvww"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
favicon.ico
auth.optty.com/ 		112 B
129 B 		Other
General
Check archive.org
Download Go to
Full URL
https://auth.optty.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.91.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.91.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
f4dca1bde2b311411452dd022f12ed9315bea420f020caab089dd673b3f1be00

Request headers

Referer
https://auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 08:25:42 GMT
x-envoy-decorator-operation
authentication-service.apps.svc.cluster.local:80/*
via
1.1 google
server
istio-envoy
vary
Origin
content-type
application/json; charset=utf-8
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Toastify

4 Cookies

Domain/Path Name / Value
auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ Name: _interaction
Value: dG1Luc2R4tmAmkZUnPgCZ
auth.optty.com/interaction/dG1Luc2R4tmAmkZUnPgCZ Name: _interaction.sig
Value: Var63czMavSTDxWHFyncTCuI2Cw
auth.optty.com/auth/dG1Luc2R4tmAmkZUnPgCZ Name: _interaction_resume
Value: dG1Luc2R4tmAmkZUnPgCZ
auth.optty.com/auth/dG1Luc2R4tmAmkZUnPgCZ Name: _interaction_resume.sig
Value: pgx9UHK1ydUlcOwIowTrlBWVQoU

1 Console Messages

Source Level URL
Text
network error URL: https://auth.optty.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY