urlscan.io logo urlscan.io
SecurityTrails logo

centralidp.preprod.cofinity-x.com Open in urlscan Pro
13.80.138.167  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/
Effective URL: https://centralidp.preprod.cofinity-x.com/auth/realms/CX-Central/protocol/openid-connect/auth?client_id=app679&redirect_uri=https%3A%2F%2F...
Submission: On August 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 20 HTTP transactions. The main IP is 13.80.138.167, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is centralidp.preprod.cofinity-x.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on October 17th 2023. Valid for: a year.
This is the only time centralidp.preprod.cofinity-x.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 3.67.231.35 16509 (AMAZON-02)
14 13.80.138.167 8075 (MICROSOFT...)
20 3
Domain Requested by
14 centralidp.preprod.cofinity-x.com ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com
centralidp.preprod.cofinity-x.com
5 ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com
20 2

This site contains no links.

Subject Issuer Validity Valid
ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com
R10		 2024-08-14 -
2024-11-12		 3 months crt.sh
*.preprod.cofinity-x.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-10-16		 a year crt.sh

This page contains 2 frames:

Primary Page: https://centralidp.preprod.cofinity-x.com/auth/realms/CX-Central/protocol/openid-connect/auth?client_id=app679&redirect_uri=https%3A%2F%2Fui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com%2F&state=f97feb37-c633-4797-bf8b-573e8b874b9e&response_mode=fragment&response_type=code&scope=openid&nonce=f81a095a-d24a-4956-b7a3-f104f31d8174&code_challenge=rbFWlhUOjo3cA_CI_KQgLmb1CAplnd1J5IM62HESzGU&code_challenge_method=S256
Frame ID: 8A43964828AFD278C0365AB887A573BC
Requests: 20 HTTP requests in this frame

Frame: https://centralidp.preprod.cofinity-x.com/auth/realms/CX-Central/protocol/openid-connect/3p-cookies/step1.html
Frame ID: F08504B0C9E132A880C9B92C64E00A98
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmeldung bei Cofinity-X Central

Page URL History Show full URLs

  1. https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/ Page URL
  2. https://centralidp.preprod.cofinity-x.com/auth/realms/CX-Central/protocol/openid-connect/auth?client_id=app679&redirec... Page URL

Page Statistics

20
Requests

95 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1084 kB
Transfer

1204 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/ Page URL
  2. https://centralidp.preprod.cofinity-x.com/auth/realms/CX-Central/protocol/openid-connect/auth?client_id=app679&redirect_uri=https%3A%2F%2Fui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com%2F&state=f97feb37-c633-4797-bf8b-573e8b874b9e&response_mode=fragment&response_type=code&scope=openid&nonce=f81a095a-d24a-4956-b7a3-f104f31d8174&code_challenge=rbFWlhUOjo3cA_CI_KQgLmb1CAplnd1J5IM62HESzGU&code_challenge_method=S256 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.67.231.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-231-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0e390e10a686f9c9100bf19ef13c5a4d5cc9955ad07d114c30be65ff2d0b9c87
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
1134
content-type
text/html
date
Wed, 14 Aug 2024 16:24:15 GMT
etag
"66b32ee3-46e"
last-modified
Wed, 07 Aug 2024 08:22:59 GMT
strict-transport-security
max-age=15724800; includeSubDomains
config.js
ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/configuration/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/configuration/config.js
Requested by
Host: ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com
URL: https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.67.231.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-231-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
fd303b724515647c04e149518601d07b7b9ddc3326ad1b8f1e6a17875fdaf69c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 16:24:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 14 Aug 2024 16:12:50 GMT
accept-ranges
bytes
etag
"66bcd782-599"
content-length
1433
content-type
application/javascript
index.js
ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/ 		521 KB
522 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/index.js
Requested by
Host: ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com
URL: https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.67.231.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-231-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6ab52e64ccc71c7ad16898fb7fcf18ad6cee3e8f4843e4b962616838559854f6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/
Origin
https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 16:24:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 07 Aug 2024 08:22:59 GMT
accept-ranges
bytes
etag
"66b32ee3-82227"
content-length
533031
content-type
application/javascript
index.css
ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/ 		261 KB
262 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/index.css
Requested by
Host: ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com
URL: https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.67.231.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-231-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d48244eadf8b925d2620527d463291c7ca9940885d333cc796f77b57d56ab9d9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/
Origin
https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 16:24:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 07 Aug 2024 08:22:59 GMT
accept-ranges
bytes
etag
"66b32ee3-41418"
content-length
267288
content-type
text/css
step1.html
centralidp.preprod.cofinity-x.com/auth/realms/CX-Central/protocol/openid-connect/3p-cookies/ Frame F085 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://centralidp.preprod.cofinity-x.com/auth/realms/CX-Central/protocol/openid-connect/3p-cookies/step1.html
Requested by
Host: ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com
URL: https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.80.138.167 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, must-revalidate, no-transform, no-store
Connection
keep-alive
Content-Length
2318
Content-Security-Policy
frame-src 'self'; object-src 'none';
Content-Type
text/html;charset=utf-8
Date
Wed, 14 Aug 2024 16:24:15 GMT
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
Primary Request auth
centralidp.preprod.cofinity-x.com/auth/realms/CX-Central/protocol/openid-connect/ 		58 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://centralidp.preprod.cofinity-x.com/auth/realms/CX-Central/protocol/openid-connect/auth?client_id=app679&redirect_uri=https%3A%2F%2Fui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com%2F&state=f97feb37-c633-4797-bf8b-573e8b874b9e&response_mode=fragment&response_type=code&scope=openid&nonce=f81a095a-d24a-4956-b7a3-f104f31d8174&code_challenge=rbFWlhUOjo3cA_CI_KQgLmb1CAplnd1J5IM62HESzGU&code_challenge_method=S256
Requested by
Host: ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com
URL: https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.80.138.167 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
59cc7ffe18a3597bcc647ef20a94d14a261df31c17830dbfe2218c784977dc97
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Language
de
Content-Length
59063
Content-Security-Policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Content-Type
text/html;charset=utf-8
Date
Wed, 14 Aug 2024 16:24:16 GMT
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
favicon.ico
ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.67.231.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-231-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 16:24:16 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 07 Aug 2024 08:22:59 GMT
accept-ranges
bytes
etag
"66b32ee3-3c2e"
content-length
15406
content-type
image/x-icon
Main.css
centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/css/Main.css
Requested by
Host: centralidp.preprod.cofinity-x.com
URL: https://centralidp.preprod.cofinity-x.com/auth/realms/CX-Central/protocol/openid-connect/auth?client_id=app679&redirect_uri=https%3A%2F%2Fui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com%2F&state=f97feb37-c633-4797-bf8b-573e8b874b9e&response_mode=fragment&response_type=code&scope=openid&nonce=f81a095a-d24a-4956-b7a3-f104f31d8174&code_challenge=rbFWlhUOjo3cA_CI_KQgLmb1CAplnd1J5IM62HESzGU&code_challenge_method=S256
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.80.138.167 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
16eb9cec6683d03e7b5ed0d9b5e65becbb842f955b2fb11cf063140640ff92ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 14 Aug 2024 16:24:16 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
2179
X-XSS-Protection
1; mode=block
Main.js
centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/js/Main.js
Requested by
Host: centralidp.preprod.cofinity-x.com
URL: https://centralidp.preprod.cofinity-x.com/auth/realms/CX-Central/protocol/openid-connect/auth?client_id=app679&redirect_uri=https%3A%2F%2Fui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com%2F&state=f97feb37-c633-4797-bf8b-573e8b874b9e&response_mode=fragment&response_type=code&scope=openid&nonce=f81a095a-d24a-4956-b7a3-f104f31d8174&code_challenge=rbFWlhUOjo3cA_CI_KQgLmb1CAplnd1J5IM62HESzGU&code_challenge_method=S256
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.80.138.167 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9e2c62b644ef4e281d538c43da93729b07d46f8ae9dee21fad03daf261c98e6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 14 Aug 2024 16:24:16 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
3560
X-XSS-Protection
1; mode=block
stylesheet.css
centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/fonts/calibri-font/ 		0
0
stylesheet.css
centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/fonts/karbon/ 		2 KB
586 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/fonts/karbon/stylesheet.css
Requested by
Host: centralidp.preprod.cofinity-x.com
URL: https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/css/Main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.80.138.167 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
80a39867e1fa3928dc7d61599bdd10cade922e642df842b63eebdeee41277184
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 14 Aug 2024 16:24:16 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
245
X-XSS-Protection
1; mode=block
left-image.svg
centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/images/ 		53 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/images/left-image.svg
Requested by
Host: centralidp.preprod.cofinity-x.com
URL: https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/css/Main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.80.138.167 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cb6e263dd0f3ea9529f48aa672dab2ebede048f315aee35e75671ef3254d0e08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 14 Aug 2024 16:24:16 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
3130
X-XSS-Protection
1; mode=block
right-image.svg
centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/images/ 		54 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/images/right-image.svg
Requested by
Host: centralidp.preprod.cofinity-x.com
URL: https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/css/Main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.80.138.167 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b14cd2b3baf411582e1ef31123622f65219b017a5dcfec5bc5a98356908de6cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 14 Aug 2024 16:24:16 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
3223
X-XSS-Protection
1; mode=block
authChecker.js
centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/js/authChecker.js
Requested by
Host: ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com
URL: https://ui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.80.138.167 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
be91b2216acb6673f2afbeedbcf39aef1535899b9963134c3048303db7ea5557
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://centralidp.preprod.cofinity-x.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 14 Aug 2024 16:24:16 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
713
X-XSS-Protection
1; mode=block
union-right.svg
centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/images/union-right.svg
Requested by
Host: centralidp.preprod.cofinity-x.com
URL: https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/css/Main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.80.138.167 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b66d6cac780620516416a0b199ec081d0a0c2ab4b3a3bfbf84d2740cac7e9a8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 14 Aug 2024 16:24:16 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
851
X-XSS-Protection
1; mode=block
Cofinity-X_Logo_Color.svg
centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/images/Cofinity-X_Logo_Color.svg
Requested by
Host: centralidp.preprod.cofinity-x.com
URL: https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/css/Main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.80.138.167 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6e777009833d83ccfc98706bdc9f7232d22773dff27186227562f247aa562451
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 14 Aug 2024 16:24:16 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
1612
X-XSS-Protection
1; mode=block
truncated
/ 		397 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d39dc1a6a7e76e38492e049852fb65e0ce760e43c76536639197b5ae5726767

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
karbon-regular.woff2
centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/fonts/karbon/ 		68 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/fonts/karbon/karbon-regular.woff2
Requested by
Host: centralidp.preprod.cofinity-x.com
URL: https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/fonts/karbon/stylesheet.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.80.138.167 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
31373cef0cedfa22956326ab1776cb641248636b8c4b6a90359d25ddf842bb1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://centralidp.preprod.cofinity-x.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 14 Aug 2024 16:24:16 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Type
application/octet-stream
Cache-Control
max-age=2592000
Connection
keep-alive
X-XSS-Protection
1; mode=block
karbon-semibold.woff2
centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/fonts/karbon/ 		73 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/fonts/karbon/karbon-semibold.woff2
Requested by
Host: centralidp.preprod.cofinity-x.com
URL: https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/fonts/karbon/stylesheet.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.80.138.167 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
86c517d96ccf9e1945f918842a696b54b4065a55e0e6bb2742fcc8c6e964ffde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://centralidp.preprod.cofinity-x.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 14 Aug 2024 16:24:16 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Type
application/octet-stream
Cache-Control
max-age=2592000
Connection
keep-alive
X-XSS-Protection
1; mode=block
Key_Graphic.svg
centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/images/Key_Graphic.svg
Requested by
Host: centralidp.preprod.cofinity-x.com
URL: https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/css/Main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.80.138.167 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a447af30d22e8e34c8280c628650fc8e7c6112825335cffb8f05611e923d061a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 14 Aug 2024 16:24:16 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
907
X-XSS-Protection
1; mode=block
karbon-medium.woff2
centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/fonts/karbon/ 		73 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/fonts/karbon/karbon-medium.woff2
Requested by
Host: centralidp.preprod.cofinity-x.com
URL: https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/fonts/karbon/stylesheet.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.80.138.167 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6f8345494601533d34f5b76eba10059086eb318437559f82270ccc7441d4820e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://centralidp.preprod.cofinity-x.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 14 Aug 2024 16:24:16 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Type
application/octet-stream
Cache-Control
max-age=2592000
Connection
keep-alive
X-XSS-Protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
centralidp.preprod.cofinity-x.com
URL
https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/fonts/calibri-font/stylesheet.css

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| debounce

4 Cookies

Domain/Path Name / Value
centralidp.preprod.cofinity-x.com/auth/realms/CX-Central/protocol/openid-connect/3p-cookies Name: KEYCLOAK_3P_COOKIE_SAMESITE
Value: supported
centralidp.preprod.cofinity-x.com/auth/realms/CX-Central/ Name: AUTH_SESSION_ID
Value: b258d7bb-ab9f-4f0d-838a-6e7c8bd54d81.app-centralidp-keycloak-0-23322
centralidp.preprod.cofinity-x.com/auth/realms/CX-Central/ Name: AUTH_SESSION_ID_LEGACY
Value: b258d7bb-ab9f-4f0d-838a-6e7c8bd54d81.app-centralidp-keycloak-0-23322
centralidp.preprod.cofinity-x.com/auth/realms/CX-Central/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJhZTk1NjhmMS0xYmQzLTQ3OTktOGI1Mi01YjVkNjRmZjVlZjEifQ.eyJjaWQiOiJhcHA2NzkiLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL3VpLXdpdHRlYXV0b21vdGl2ZWdtYi1kNGIxMDRhYi5zaGFyZWQuZGloLnRlbGVrb20uY29tLyIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7InNjb3BlIjoib3BlbmlkIiwiaXNzIjoiaHR0cHM6Ly9jZW50cmFsaWRwLnByZXByb2QuY29maW5pdHkteC5jb20vYXV0aC9yZWFsbXMvQ1gtQ2VudHJhbCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwiY29kZV9jaGFsbGVuZ2VfbWV0aG9kIjoiUzI1NiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vdWktd2l0dGVhdXRvbW90aXZlZ21iLWQ0YjEwNGFiLnNoYXJlZC5kaWgudGVsZWtvbS5jb20vIiwic3RhdGUiOiJmOTdmZWIzNy1jNjMzLTQ3OTctYmY4Yi01NzNlOGI4NzRiOWUiLCJub25jZSI6ImY4MWEwOTVhLWQyNGEtNDk1Ni1iN2EzLWYxMDRmMzFkODE3NCIsImNvZGVfY2hhbGxlbmdlIjoicmJGV2xoVU9qbzNjQV9DSV9LUWdMbWIxQ0FwbG5kMUo1SU02MkhFU3pHVSIsInJlc3BvbnNlX21vZGUiOiJmcmFnbWVudCJ9fQ.IrDr-CCglarqTFnYI84ttT6VAK92b7qSd2VHs8CwjPQ

1 Console Messages

Source Level URL
Text
security error URL: https://centralidp.preprod.cofinity-x.com/auth/realms/CX-Central/protocol/openid-connect/auth?client_id=app679&redirect_uri=https%3A%2F%2Fui-witteautomotivegmb-d4b104ab.shared.dih.telekom.com%2F&state=f97feb37-c633-4797-bf8b-573e8b874b9e&response_mode=fragment&response_type=code&scope=openid&nonce=f81a095a-d24a-4956-b7a3-f104f31d8174&code_challenge=rbFWlhUOjo3cA_CI_KQgLmb1CAplnd1J5IM62HESzGU&code_challenge_method=S256
Message:
Refused to apply style from 'https://centralidp.preprod.cofinity-x.com/auth/resources/r8z0z/login/cofinityx-central-24-05/fonts/calibri-font/stylesheet.css' because its MIME type ('') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains