urlscan.io logo urlscan.io
SecurityTrails logo

auth.lab.ovation.io Open in urlscan Pro
2606:4700::6810:b9f8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app-services.ovation.io/
Effective URL: https://auth.lab.ovation.io/login?state=hKFo2SBqdVZNaFN1MmhmTU8zU01ZTXM1b3JXS2tlSlFzSG9EV6FupWxvZ2luo3RpZNkgLUc3eDdCMS1qQlk4...
Submission: On August 26 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 2606:4700::6810:b9f8, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth.lab.ovation.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 4th 2020. Valid for: a year.
This is the only time auth.lab.ovation.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 35.190.78.82 15169 (GOOGLE)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 13.225.74.234 16509 (AMAZON-02)
2 52.216.16.187 16509 (AMAZON-02)
6 4
Apex Domain
Subdomains		 Transfer
5 ovation.io
app-services.ovation.io
auth.lab.ovation.io
8 KB
2 amazonaws.com
s3.amazonaws.com
549 KB
2 auth0.com
cdn.auth0.com
207 KB
6 3
Domain Requested by
3 auth.lab.ovation.io 1 redirects cdn.auth0.com
2 s3.amazonaws.com auth.lab.ovation.io
2 cdn.auth0.com auth.lab.ovation.io
cdn.auth0.com
2 app-services.ovation.io 2 redirects
6 4

This site contains no links.

Subject Issuer Validity Valid
auth.lab.ovation.io
Cloudflare Inc ECC CA-3		 2020-12-04 -
2021-12-03		 a year crt.sh
*.auth0.com
Amazon		 2021-04-25 -
2022-05-24		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://auth.lab.ovation.io/login?state=hKFo2SBqdVZNaFN1MmhmTU8zU01ZTXM1b3JXS2tlSlFzSG9EV6FupWxvZ2luo3RpZNkgLUc3eDdCMS1qQlk4c2IyY0c5alR5U2p6bk05WUlZOHijY2lk2SBScHNmN2VtdjJXMnF1WGFPNmo5U29hTWdlSnNtSGVQMA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D
Frame ID: 72A2E7D7571AA51CAFDAC95C8C9D4196
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ovation :: Sign In

Page URL History Show full URLs

  1. https://app-services.ovation.io/ HTTP 302
    https://app-services.ovation.io/auth/auth0?origin=/&returnTo=https://app-services.ovation.io/auth/redirect&c... HTTP 302
    https://auth.lab.ovation.io/authorize?response_type=code&client_id=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&redi... HTTP 302
    https://auth.lab.ovation.io/login?state=hKFo2SBqdVZNaFN1MmhmTU8zU01ZTXM1b3JXS2tlSlFzSG9EV6FupWxvZ2luo3Rp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

6
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

760 kB
Transfer

1306 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app-services.ovation.io/ HTTP 302
    https://app-services.ovation.io/auth/auth0?origin=/&returnTo=https://app-services.ovation.io/auth/redirect&client_id=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0 HTTP 302
    https://auth.lab.ovation.io/authorize?response_type=code&client_id=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid+nickname+email+user_metadata+read%3Aglobal+write%3Aglobal&state=579f34f33581742133e19b52d3dcc92fbd50ffc09c83f518&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D HTTP 302
    https://auth.lab.ovation.io/login?state=hKFo2SBqdVZNaFN1MmhmTU8zU01ZTXM1b3JXS2tlSlFzSG9EV6FupWxvZ2luo3RpZNkgLUc3eDdCMS1qQlk4c2IyY0c5alR5U2p6bk05WUlZOHijY2lk2SBScHNmN2VtdjJXMnF1WGFPNmo5U29hTWdlSnNtSGVQMA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
auth.lab.ovation.io/
Redirect Chain
  • https://app-services.ovation.io/
  • https://app-services.ovation.io/auth/auth0?origin=/&returnTo=https://app-services.ovation.io/auth/redirect&client_id=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0
  • https://auth.lab.ovation.io/authorize?response_type=code&client_id=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26ret...
  • https://auth.lab.ovation.io/login?state=hKFo2SBqdVZNaFN1MmhmTU8zU01ZTXM1b3JXS2tlSlFzSG9EV6FupWxvZ2luo3RpZNkgLUc3eDdCMS1qQlk4c2IyY0c5alR5U2p6bk05WUlZOHijY2lk2SBScHNmN2VtdjJXMnF1WGFPNmo5U29hTWdlSnNtS...
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.lab.ovation.io/login?state=hKFo2SBqdVZNaFN1MmhmTU8zU01ZTXM1b3JXS2tlSlFzSG9EV6FupWxvZ2luo3RpZNkgLUc3eDdCMS1qQlk4c2IyY0c5alR5U2p6bk05WUlZOHijY2lk2SBScHNmN2VtdjJXMnF1WGFPNmo5U29hTWdlSnNtSGVQMA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:b9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47daea680674b1b31efd7c6e4763ded4a58824dfbe9b75ecb59909e9768f2dc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
auth.lab.ovation.io
:scheme
https
:path
/login?state=hKFo2SBqdVZNaFN1MmhmTU8zU01ZTXM1b3JXS2tlSlFzSG9EV6FupWxvZ2luo3RpZNkgLUc3eDdCMS1qQlk4c2IyY0c5alR5U2p6bk05WUlZOHijY2lk2SBScHNmN2VtdjJXMnF1WGFPNmo5U29hTWdlSnNtSGVQMA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
did=s%3Av0%3A4d62b840-066d-11ec-9754-c70295d79e8c.DoRzuVipM099j%2B7ZULCWSKGUS0WUVsW0bTCWSXNofq4; auth0=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQMIrVJsv75az1_2ZjHGkCzOaDSNpQHkyjBOUPPzEjRgHOrsCAiJErEqjOXKOBHqq5nHrFY9z5HF9-__oHXYi5XGmY29va2llg6dleHBpcmVz1_8jhj0AYSuEcq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.7WMEp5yyG7n3ixur6KWl%2BS01Qrks0u2A6Udgo2JsVpI; did_compat=s%3Av0%3A4d62b840-066d-11ec-9754-c70295d79e8c.DoRzuVipM099j%2B7ZULCWSKGUS0WUVsW0bTCWSXNofq4; auth0_compat=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQMIrVJsv75az1_2ZjHGkCzOaDSNpQHkyjBOUPPzEjRgHOrsCAiJErEqjOXKOBHqq5nHrFY9z5HF9-__oHXYi5XGmY29va2llg6dleHBpcmVz1_8jhj0AYSuEcq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.7WMEp5yyG7n3ixur6KWl%2BS01Qrks0u2A6Udgo2JsVpI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 12:58:26 GMT
content-type
text/html; charset=utf-8
cf-ray
684d3b4a1b5b0eb3-FRA
cache-control
no-store, max-age=0, no-transform
content-encoding
gzip
etag
W/"2dfe-5QvYXnKzx+NhbFrYehKXH9bHiZs"
set-cookie
_csrf=f7WBnmv-7ERc4zimbLpmOByS; Max-Age=864000; Path=/usernamepassword/login; HttpOnly; Secure
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
684d3b4a1b5b0eb3
ot-tracer-sampled
true
ot-tracer-spanid
7591fbbd40eb275b
ot-tracer-traceid
3084601a672ab923
pragma
no-cache
referrer-policy
same-origin
x-auth0-requestid
d4584be23ab464b0cb1b
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1629982707
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
server
cloudflare
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Thu, 26 Aug 2021 12:58:26 GMT
content-type
text/html; charset=utf-8
content-length
1324
location
/login?state=hKFo2SBqdVZNaFN1MmhmTU8zU01ZTXM1b3JXS2tlSlFzSG9EV6FupWxvZ2luo3RpZNkgLUc3eDdCMS1qQlk4c2IyY0c5alR5U2p6bk05WUlZOHijY2lk2SBScHNmN2VtdjJXMnF1WGFPNmo5U29hTWdlSnNtSGVQMA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D
cf-ray
684d3b481a2d1e47-FRA
cache-control
no-store, max-age=0, no-transform
set-cookie
did=s%3Av0%3A4d62b840-066d-11ec-9754-c70295d79e8c.DoRzuVipM099j%2B7ZULCWSKGUS0WUVsW0bTCWSXNofq4; Max-Age=31557600; Path=/; Expires=Fri, 26 Aug 2022 18:58:26 GMT; HttpOnly; Secure; SameSite=None auth0=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQMIrVJsv75az1_2ZjHGkCzOaDSNpQHkyjBOUPPzEjRgHOrsCAiJErEqjOXKOBHqq5nHrFY9z5HF9-__oHXYi5XGmY29va2llg6dleHBpcmVz1_8jhj0AYSuEcq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.7WMEp5yyG7n3ixur6KWl%2BS01Qrks0u2A6Udgo2JsVpI; Path=/; Expires=Sun, 29 Aug 2021 12:58:26 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A4d62b840-066d-11ec-9754-c70295d79e8c.DoRzuVipM099j%2B7ZULCWSKGUS0WUVsW0bTCWSXNofq4; Max-Age=31557600; Path=/; Expires=Fri, 26 Aug 2022 18:58:26 GMT; HttpOnly; Secure auth0_compat=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQMIrVJsv75az1_2ZjHGkCzOaDSNpQHkyjBOUPPzEjRgHOrsCAiJErEqjOXKOBHqq5nHrFY9z5HF9-__oHXYi5XGmY29va2llg6dleHBpcmVz1_8jhj0AYSuEcq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.7WMEp5yyG7n3ixur6KWl%2BS01Qrks0u2A6Udgo2JsVpI; Path=/; Expires=Sun, 29 Aug 2021 12:58:26 GMT; HttpOnly; Secure
strict-transport-security
max-age=31536000
vary
Accept, Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
684d3b481a2d1e47
ot-tracer-sampled
true
ot-tracer-spanid
199e9a48513b1d58
ot-tracer-traceid
267871271bd50292
pragma
no-cache
x-auth0-requestid
ed7aceafa004bb6d8d89
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1629982707
server
cloudflare
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
lock.min.js
cdn.auth0.com/js/lock/11.2/ 		745 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/lock/11.2/lock.min.js
Requested by
Host: auth.lab.ovation.io
URL: https://auth.lab.ovation.io/login?state=hKFo2SBqdVZNaFN1MmhmTU8zU01ZTXM1b3JXS2tlSlFzSG9EV6FupWxvZ2luo3RpZNkgLUc3eDdCMS1qQlk4c2IyY0c5alR5U2p6bk05WUlZOHijY2lk2SBScHNmN2VtdjJXMnF1WGFPNmo5U29hTWdlSnNtSGVQMA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.234 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-234.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e90d56d0e7387a6f780389dc6d578757d14e631504f8b3a34bf543c0301ee75

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
IK_qiwEvBg9L4uRozv74Rq4.8ngjXgd6
content-encoding
gzip
last-modified
Thu, 08 Feb 2018 18:11:57 GMT
server
AmazonS3
age
1856
etag
W/"26b5c6aba0d586d78f4d49b19b02bba7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
cache-control
max-age=10800,public
date
Thu, 26 Aug 2021 12:27:31 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
TjyN1VZqUU9Sk40qWJ-fQQpkliapYTahhm_X_2p9ZC8NCFlCV_KmPg==
ovation-full-logo.png
s3.amazonaws.com/app.ovation.io/images/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/app.ovation.io/images/ovation-full-logo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.16.187 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
17d9c5a8c8ac3756d026376e4303e630166c105aa962468ec96dc86b2104fbe2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 26 Aug 2021 12:58:28 GMT
Last-Modified
Mon, 29 Apr 2019 17:22:32 GMT
Server
AmazonS3
x-amz-request-id
23TX1RMHNHQGVBD0
ETag
"f20a80b44506de1dfd6f124999779710"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
116425
x-amz-id-2
YgQN7R/uQqquT34ygkqoP7CK1YXypUasVkyvGQkw5+N5ukasVws0DNnK8AjWIyPtgSqFyZiLCc4=
grey-ovation-graphic.jpg
s3.amazonaws.com/app.ovation.io/images/ 		434 KB
435 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/app.ovation.io/images/grey-ovation-graphic.jpg
Requested by
Host: auth.lab.ovation.io
URL: https://auth.lab.ovation.io/login?state=hKFo2SBqdVZNaFN1MmhmTU8zU01ZTXM1b3JXS2tlSlFzSG9EV6FupWxvZ2luo3RpZNkgLUc3eDdCMS1qQlk4c2IyY0c5alR5U2p6bk05WUlZOHijY2lk2SBScHNmN2VtdjJXMnF1WGFPNmo5U29hTWdlSnNtSGVQMA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.16.187 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
76fde7224f4f48b6d52890ba3d8ec17f53e127d6df129c3e6bfe595b81d7f467

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 26 Aug 2021 12:58:28 GMT
Last-Modified
Mon, 29 Apr 2019 17:26:21 GMT
Server
AmazonS3
x-amz-request-id
23TWNP4DY9KR6SND
ETag
"e7e09ac5e4335a5a4497fc588d6b0fda"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
444618
x-amz-id-2
jGc6s/UHKW3+6BIO49T4OKw0wsdfckdFHb4sURyeaxS8SFGenCad+0anNslEfYlJzH6temFJ3/s=
Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0.js
cdn.auth0.com/client/ 		493 B
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/client/Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0.js?t1629982706771
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.2/lock.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.234 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-234.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
237b063807599fec6fba8f2698d95155e27f2f80b9508e22ca8e891cfebe2f79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 12:58:23 GMT
content-encoding
gzip
vary
Accept-Encoding
x-auth0-requestid
60c6e6060fcb9ca317f6
age
3
x-cache
Hit from cloudfront
ot-baggage-auth0-request-id
1fceed9e2a1651e228c9148d
server
nginx
ot-tracer-sampled
true
etag
W/"1ed-FDW7yXIpWL/Ruh0UlOqEgdNZ4JY"
ot-tracer-traceid
47aff62b0f069c8d
strict-transport-security
max-age=31536000
content-type
application/x-javascript; charset=utf-8
via
1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
cache-control
public, max-age=60, stale-while-revalidate=60, stale-if-error=86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
yTeHwvyQpeTNQnMtxJ8kDHP_seDnlWOlMd1DzFIdVEfaSCAA0BXSYQ==
ot-tracer-spanid
2dfbaaca2021a405
ssodata
auth.lab.ovation.io/user/ 		0
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.lab.ovation.io/user/ssodata
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.2/lock.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:b9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:path
/user/ssodata
pragma
no-cache
cookie
did=s%3Av0%3A4d62b840-066d-11ec-9754-c70295d79e8c.DoRzuVipM099j%2B7ZULCWSKGUS0WUVsW0bTCWSXNofq4; auth0=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQMIrVJsv75az1_2ZjHGkCzOaDSNpQHkyjBOUPPzEjRgHOrsCAiJErEqjOXKOBHqq5nHrFY9z5HF9-__oHXYi5XGmY29va2llg6dleHBpcmVz1_8jhj0AYSuEcq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.7WMEp5yyG7n3ixur6KWl%2BS01Qrks0u2A6Udgo2JsVpI; did_compat=s%3Av0%3A4d62b840-066d-11ec-9754-c70295d79e8c.DoRzuVipM099j%2B7ZULCWSKGUS0WUVsW0bTCWSXNofq4; auth0_compat=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQMIrVJsv75az1_2ZjHGkCzOaDSNpQHkyjBOUPPzEjRgHOrsCAiJErEqjOXKOBHqq5nHrFY9z5HF9-__oHXYi5XGmY29va2llg6dleHBpcmVz1_8jhj0AYSuEcq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.7WMEp5yyG7n3ixur6KWl%2BS01Qrks0u2A6Udgo2JsVpI
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
auth.lab.ovation.io
referer
https://auth.lab.ovation.io/login?state=hKFo2SBqdVZNaFN1MmhmTU8zU01ZTXM1b3JXS2tlSlFzSG9EV6FupWxvZ2luo3RpZNkgLUc3eDdCMS1qQlk4c2IyY0c5alR5U2p6bk05WUlZOHijY2lk2SBScHNmN2VtdjJXMnF1WGFPNmo5U29hTWdlSnNtSGVQMA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://auth.lab.ovation.io/login?state=hKFo2SBqdVZNaFN1MmhmTU8zU01ZTXM1b3JXS2tlSlFzSG9EV6FupWxvZ2luo3RpZNkgLUc3eDdCMS1qQlk4c2IyY0c5alR5U2p6bk05WUlZOHijY2lk2SBScHNmN2VtdjJXMnF1WGFPNmo5U29hTWdlSnNtSGVQMA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 12:58:27 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-auth0-requestid
206196fcfe26220c63b2
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
server
cloudflare
ot-tracer-sampled
true
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
ot-tracer-traceid
7c04d6d60f02b89d
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
ot-baggage-auth0-request-id
684d3b4d992e0eb3
cf-ray
684d3b4d992e0eb3-FRA
ot-tracer-spanid
3bf3396f28c33238
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba65bf654556a367c0fe373354aa9023ca90726e002376dcb92410f2e9ab2c96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| Ovation string| logo function| init object| Auth0 function| Auth0Lock function| Auth0LockPasswordless function| setupLock

4 Cookies

Domain/Path Name / Value
auth.lab.ovation.io/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQMIrVJsv75az1_2ZjHGkCzOaDSNpQHkyjBOUPPzEjRgHOrsCAiJErEqjOXKOBHqq5nHrFY9z5HF9-__oHXYi5XGmY29va2llg6dleHBpcmVz1_8jhj0AYSuEcq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.7WMEp5yyG7n3ixur6KWl%2BS01Qrks0u2A6Udgo2JsVpI
auth.lab.ovation.io/ Name: did_compat
Value: s%3Av0%3A4d62b840-066d-11ec-9754-c70295d79e8c.DoRzuVipM099j%2B7ZULCWSKGUS0WUVsW0bTCWSXNofq4
auth.lab.ovation.io/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQMIrVJsv75az1_2ZjHGkCzOaDSNpQHkyjBOUPPzEjRgHOrsCAiJErEqjOXKOBHqq5nHrFY9z5HF9-__oHXYi5XGmY29va2llg6dleHBpcmVz1_8jhj0AYSuEcq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.7WMEp5yyG7n3ixur6KWl%2BS01Qrks0u2A6Udgo2JsVpI
auth.lab.ovation.io/ Name: did
Value: s%3Av0%3A4d62b840-066d-11ec-9754-c70295d79e8c.DoRzuVipM099j%2B7ZULCWSKGUS0WUVsW0bTCWSXNofq4

3 Console Messages

Source Level URL
Text
console-api log URL: https://auth.lab.ovation.io/login?state=hKFo2SBqdVZNaFN1MmhmTU8zU01ZTXM1b3JXS2tlSlFzSG9EV6FupWxvZ2luo3RpZNkgLUc3eDdCMS1qQlk4c2IyY0c5alR5U2p6bk05WUlZOHijY2lk2SBScHNmN2VtdjJXMnF1WGFPNmo5U29hTWdlSnNtSGVQMA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D(Line 159)
Message:
https://portal.labtests.io/
console-api log URL: https://auth.lab.ovation.io/login?state=hKFo2SBqdVZNaFN1MmhmTU8zU01ZTXM1b3JXS2tlSlFzSG9EV6FupWxvZ2luo3RpZNkgLUc3eDdCMS1qQlk4c2IyY0c5alR5U2p6bk05WUlZOHijY2lk2SBScHNmN2VtdjJXMnF1WGFPNmo5U29hTWdlSnNtSGVQMA&client=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&protocol=oauth2&response_type=code&redirect_uri=https%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fauth0%2Fcallback%3Forigin%3D%2F%26returnTo%3Dhttps%3A%2F%2Fapp-services.ovation.io%2Fauth%2Fredirect%26client_id%3DRpsf7emv2W2quXaO6j9SoaMgeJsmHeP0&scope=openid%20nickname%20email%20user_metadata%20read%3Aglobal%20write%3Aglobal&auth0Client=eyJuYW1lIjoib21uaWF1dGgtYXV0aDAiLCJ2ZXJzaW9uIjoiMi4wLjAifQ%3D%3D(Line 160)
Message:
https://app-services.ovation.io/auth/auth0/callback?origin=/&returnTo=https://app-services.ovation.io/auth/redirect&client_id=Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0
console-api warning URL: https://cdn.auth0.com/js/lock/11.2/lock.min.js(Line 9)
Message:
There was an error fetching the SSO data. This could simply mean that there was a problem with the network. But, if a "Origin" error has been logged before this warning, please add "https://auth.lab.ovation.io" to the "Allowed Web Origins" list in the Auth0 dashboard: https://manage.auth0.com/#/clients/Rpsf7emv2W2quXaO6j9SoaMgeJsmHeP0/settings

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block