151-review-40-update-4o23xs.review-apps.haitcds.org Open in urlscan Pro
18.166.159.57  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 151-review-40-update-4o23xs.review-apps.haitcds.org/	644 B 592 B	767ms 257ms	Document text/html	18.166.159.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://151-review-40-update-4o23xs.review-apps.haitcds.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.166.159.57 , Hong Kong, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-166-159-57.ap-east-1.compute.amazonaws.com Software nginx/1.17.10 / Resource Hash 09b096f63a8d0cc5620f03f3d270af67f9d210c2f4dd7829b3b4ce98b44709f2 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * content-encoding gzip content-type text/html date Tue, 26 Jul 2022 03:54:14 GMT etag W/"62df621a-284" last-modified Tue, 26 Jul 2022 03:40:10 GMT server nginx/1.17.10 strict-transport-security max-age=15724800; includeSubDomains
GET H2	200	main.1b58f6de.js Show response 151-review-40-update-4o23xs.review-apps.haitcds.org/static/js/	160 KB 54 KB	260ms 259ms	Script application/javascript	18.166.159.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://151-review-40-update-4o23xs.review-apps.haitcds.org/static/js/main.1b58f6de.js Requested by Host: 151-review-40-update-4o23xs.review-apps.haitcds.org URL: https://151-review-40-update-4o23xs.review-apps.haitcds.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.166.159.57 , Hong Kong, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-166-159-57.ap-east-1.compute.amazonaws.com Software nginx/1.17.10 / Resource Hash 3e36e9383bfe2a5db6be0c4b95b2d7647564afbe7dcfdc04c6599bd7bdd0d258 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://151-review-40-update-4o23xs.review-apps.haitcds.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 03:54:14 GMT content-encoding gzip last-modified Tue, 26 Jul 2022 03:40:10 GMT server nginx/1.17.10 etag W/"62df621a-27ebd" vary Accept-Encoding content-type application/javascript access-control-allow-origin * strict-transport-security max-age=15724800; includeSubDomains
GET H2	200	main.e6c13ad2.css 151-review-40-update-4o23xs.review-apps.haitcds.org/static/css/	337 B 476 B	767ms 766ms	Stylesheet text/css	18.166.159.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://151-review-40-update-4o23xs.review-apps.haitcds.org/static/css/main.e6c13ad2.css Requested by Host: 151-review-40-update-4o23xs.review-apps.haitcds.org URL: https://151-review-40-update-4o23xs.review-apps.haitcds.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.166.159.57 , Hong Kong, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-166-159-57.ap-east-1.compute.amazonaws.com Software nginx/1.17.10 / Resource Hash 439b3301299d2f3614d9ede61bceaeb7d023f5975147e08f33d6e4ca82cfed56 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://151-review-40-update-4o23xs.review-apps.haitcds.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 03:54:14 GMT content-encoding gzip last-modified Tue, 26 Jul 2022 03:40:10 GMT server nginx/1.17.10 etag W/"62df621a-151" strict-transport-security max-age=15724800; includeSubDomains content-type text/css access-control-allow-origin *
GET H2	200	176.eabf22d3.chunk.js Show response 151-review-40-update-4o23xs.review-apps.haitcds.org/static/js/	679 KB 207 KB	261ms 260ms	Script application/javascript	18.166.159.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://151-review-40-update-4o23xs.review-apps.haitcds.org/static/js/176.eabf22d3.chunk.js Requested by Host: 151-review-40-update-4o23xs.review-apps.haitcds.org URL: https://151-review-40-update-4o23xs.review-apps.haitcds.org/static/js/main.1b58f6de.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.166.159.57 , Hong Kong, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-166-159-57.ap-east-1.compute.amazonaws.com Software nginx/1.17.10 / Resource Hash c98a0b7a24325e65242a46d23af7160f0a2b2b036993ef5deb12c30e8bb946fe Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://151-review-40-update-4o23xs.review-apps.haitcds.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 03:54:15 GMT content-encoding gzip last-modified Tue, 26 Jul 2022 03:40:10 GMT server nginx/1.17.10 etag W/"62df621a-a9c53" vary Accept-Encoding content-type application/javascript access-control-allow-origin * strict-transport-security max-age=15724800; includeSubDomains
GET H2	200	843.9dad0882.chunk.js Show response 151-review-40-update-4o23xs.review-apps.haitcds.org/static/js/	167 KB 42 KB	512ms 511ms	Script application/javascript	18.166.159.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://151-review-40-update-4o23xs.review-apps.haitcds.org/static/js/843.9dad0882.chunk.js Requested by Host: 151-review-40-update-4o23xs.review-apps.haitcds.org URL: https://151-review-40-update-4o23xs.review-apps.haitcds.org/static/js/main.1b58f6de.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.166.159.57 , Hong Kong, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-166-159-57.ap-east-1.compute.amazonaws.com Software nginx/1.17.10 / Resource Hash 0dee330cf43bf0cddb5268f0ef5151a2ca366fce2ff17830b16e6d4772ecea28 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://151-review-40-update-4o23xs.review-apps.haitcds.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 03:54:15 GMT content-encoding gzip last-modified Tue, 26 Jul 2022 03:40:10 GMT server nginx/1.17.10 etag W/"62df621a-29c2c" vary Accept-Encoding content-type application/javascript access-control-allow-origin * strict-transport-security max-age=15724800; includeSubDomains
GET H2	200	step1.html Show response keycloak.apps.haitcds.org/auth/realms/UAM/protocol/openid-connect/3p-cookies/ Frame BADF	955 B 1 KB	861ms 275ms	Document text/html	16.163.191.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://keycloak.apps.haitcds.org/auth/realms/UAM/protocol/openid-connect/3p-cookies/step1.html Requested by Host: 151-review-40-update-4o23xs.review-apps.haitcds.org URL: https://151-review-40-update-4o23xs.review-apps.haitcds.org/static/js/176.eabf22d3.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 16.163.191.115 , Hong Kong, ASN16509 (AMAZON-02, US), Reverse DNS ec2-16-163-191-115.ap-east-1.compute.amazonaws.com Software nginx/1.17.10 / Resource Hash 8e08d6c979c3b89f8735ddec57645eea1633c985de66818d1c9d7a2478bcbd32 Security Headers Name Value Content-Security-Policy frame-src 'self'; frame-ancestors 'self' http://localhost:3000 http://localhost:3030 *.review-apps.haitcds.org *.apps.haitcds.org; object-src 'none'; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://151-review-40-update-4o23xs.review-apps.haitcds.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, must-revalidate, no-transform, no-store content-encoding gzip content-security-policy frame-src 'self'; frame-ancestors 'self' http://localhost:3000 http://localhost:3030 *.review-apps.haitcds.org *.apps.haitcds.org; object-src 'none'; content-type text/html;charset=utf-8 date Tue, 26 Jul 2022 03:54:16 GMT p3p CP="This is not a P3P policy!" referrer-policy no-referrer server nginx/1.17.10 strict-transport-security max-age=15724800; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-robots-tag none x-xss-protection 1; mode=block
GET H2	200	step2.html Show response keycloak.apps.haitcds.org/auth/realms/UAM/protocol/openid-connect/3p-cookies/ Frame BADF	1 KB 1 KB	285ms 284ms	Document text/html	16.163.191.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://keycloak.apps.haitcds.org/auth/realms/UAM/protocol/openid-connect/3p-cookies/step2.html Requested by Host: keycloak.apps.haitcds.org URL: https://keycloak.apps.haitcds.org/auth/realms/UAM/protocol/openid-connect/3p-cookies/step1.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 16.163.191.115 , Hong Kong, ASN16509 (AMAZON-02, US), Reverse DNS ec2-16-163-191-115.ap-east-1.compute.amazonaws.com Software nginx/1.17.10 / Resource Hash 20ae6a4a7d0d0a5cf52120dea92dcfc64fe95a1aa230399bbbeef27d2e5fe074 Security Headers Name Value Content-Security-Policy frame-src 'self'; frame-ancestors 'self' http://localhost:3000 http://localhost:3030 *.review-apps.haitcds.org *.apps.haitcds.org; object-src 'none'; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, must-revalidate, no-transform, no-store content-encoding gzip content-security-policy frame-src 'self'; frame-ancestors 'self' http://localhost:3000 http://localhost:3030 *.review-apps.haitcds.org *.apps.haitcds.org; object-src 'none'; content-type text/html;charset=utf-8 date Tue, 26 Jul 2022 03:54:17 GMT p3p CP="This is not a P3P policy!" referrer-policy no-referrer server nginx/1.17.10 strict-transport-security max-age=15724800; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-robots-tag none x-xss-protection 1; mode=block
GET H2	200	login-status-iframe.html Show response keycloak.apps.haitcds.org/auth/realms/UAM/protocol/openid-connect/ Frame 1848	4 KB 2 KB	276ms 275ms	Document text/html	16.163.191.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://keycloak.apps.haitcds.org/auth/realms/UAM/protocol/openid-connect/login-status-iframe.html Requested by Host: 151-review-40-update-4o23xs.review-apps.haitcds.org URL: https://151-review-40-update-4o23xs.review-apps.haitcds.org/static/js/176.eabf22d3.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 16.163.191.115 , Hong Kong, ASN16509 (AMAZON-02, US), Reverse DNS ec2-16-163-191-115.ap-east-1.compute.amazonaws.com Software nginx/1.17.10 / Resource Hash 266d2b010bdabdffb13c399965ef815be87b29204ce092d702f20f3b00c22f9b Security Headers Name Value Content-Security-Policy frame-src 'self'; frame-ancestors 'self' http://localhost:3000 http://localhost:3030 *.review-apps.haitcds.org *.apps.haitcds.org; object-src 'none'; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://151-review-40-update-4o23xs.review-apps.haitcds.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, must-revalidate, no-transform, no-store content-encoding gzip content-security-policy frame-src 'self'; frame-ancestors 'self' http://localhost:3000 http://localhost:3030 *.review-apps.haitcds.org *.apps.haitcds.org; object-src 'none'; content-type text/html;charset=utf-8 date Tue, 26 Jul 2022 03:54:17 GMT p3p CP="This is not a P3P policy!" referrer-policy no-referrer server nginx/1.17.10 strict-transport-security max-age=15724800; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-robots-tag none x-xss-protection 1; mode=block
GET H2	204	init Show response keycloak.apps.haitcds.org/auth/realms/UAM/protocol/openid-connect/login-status-iframe.html/ Frame 1848	0 163 B	277ms 276ms	XHR text/plain	16.163.191.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://keycloak.apps.haitcds.org/auth/realms/UAM/protocol/openid-connect/login-status-iframe.html/init?client_id=uam-app&origin=https%3A%2F%2F151-review-40-update-4o23xs.review-apps.haitcds.org Requested by Host: keycloak.apps.haitcds.org URL: https://keycloak.apps.haitcds.org/auth/realms/UAM/protocol/openid-connect/login-status-iframe.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 16.163.191.115 , Hong Kong, ASN16509 (AMAZON-02, US), Reverse DNS ec2-16-163-191-115.ap-east-1.compute.amazonaws.com Software nginx/1.17.10 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains referrer-policy no-referrer server nginx/1.17.10 date Tue, 26 Jul 2022 03:54:17 GMT x-xss-protection 1; mode=block x-content-type-options nosniff

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| webpackChunkuam_app number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| _

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

151-review-40-update-4o23xs.review-apps.haitcds.org
keycloak.apps.haitcds.org
16.163.191.115
18.166.159.57
09b096f63a8d0cc5620f03f3d270af67f9d210c2f4dd7829b3b4ce98b44709f2
0dee330cf43bf0cddb5268f0ef5151a2ca366fce2ff17830b16e6d4772ecea28
20ae6a4a7d0d0a5cf52120dea92dcfc64fe95a1aa230399bbbeef27d2e5fe074
266d2b010bdabdffb13c399965ef815be87b29204ce092d702f20f3b00c22f9b
3e36e9383bfe2a5db6be0c4b95b2d7647564afbe7dcfdc04c6599bd7bdd0d258
439b3301299d2f3614d9ede61bceaeb7d023f5975147e08f33d6e4ca82cfed56
8e08d6c979c3b89f8735ddec57645eea1633c985de66818d1c9d7a2478bcbd32
c98a0b7a24325e65242a46d23af7160f0a2b2b036993ef5deb12c30e8bb946fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855