urlscan.io logo urlscan.io
SecurityTrails logo

app-react-login.eu1.dev.scalar.zf.com Open in urlscan Pro
13.33.187.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mf-react-sums-service.eu1.scalar.zf.com/
Effective URL: https://app-react-login.eu1.dev.scalar.zf.com/error?client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&connection=&lang=de-DE%2Cde%3Bq%3D0.9&error=inv...
Submission: On March 21 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 2 domains to perform 28 HTTP transactions. The main IP is 13.33.187.56, located in United States and belongs to AMAZON-02, US. The main domain is app-react-login.eu1.dev.scalar.zf.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on February 29th 2024. Valid for: a year.
This is the only time app-react-login.eu1.dev.scalar.zf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 18.173.205.107 16509 (AMAZON-02)
16 2a04:4e42:200... 54113 (FASTLY)
2 3.248.86.39 16509 (AMAZON-02)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
4 13.33.187.56 16509 (AMAZON-02)
2 54.171.128.89 16509 (AMAZON-02)
28 6
2    18.173.205.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-107.fra56.r.cloudfront.net
mf-react-sums-service.eu1.scalar.zf.com
16    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    3.248.86.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-86-39.eu-west-1.compute.amazonaws.com
unleash.transics-cicd.aws.zf.com
1    2606:4700::6813:9813 (United States)

ASN13335 (CLOUDFLARENET, US)
auth0.eu1.dev.scalar.zf.com
4    13.33.187.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-56.fra60.r.cloudfront.net
app-react-login.eu1.dev.scalar.zf.com
2    54.171.128.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-128-89.eu-west-1.compute.amazonaws.com
unleash-dev.euwe1.shared-dev.cvcs.zf.com
Domain Requested by
16 cdn.jsdelivr.net mf-react-sums-service.eu1.scalar.zf.com
cdn.jsdelivr.net
app-react-login.eu1.dev.scalar.zf.com
4 app-react-login.eu1.dev.scalar.zf.com mf-react-sums-service.eu1.scalar.zf.com
cdn.jsdelivr.net
2 unleash-dev.euwe1.shared-dev.cvcs.zf.com app-react-login.eu1.dev.scalar.zf.com
2 unleash.transics-cicd.aws.zf.com mf-react-sums-service.eu1.scalar.zf.com
2 mf-react-sums-service.eu1.scalar.zf.com cdn.jsdelivr.net
1 auth0.eu1.dev.scalar.zf.com 1 redirects
28 6

This site contains no links.

Subject Issuer Validity Valid
mf-react-sums-service.eu1.scalar.zf.com
Amazon RSA 2048 M02		 2024-03-21 -
2025-04-19		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
transics-cicd.aws.zf.com
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-16		 a year crt.sh
app-react-login.eu1.dev.scalar.zf.com
Amazon RSA 2048 M03		 2024-02-29 -
2025-03-30		 a year crt.sh
euwe1.shared-dev.cvcs.zf.com
Amazon RSA 2048 M01		 2023-06-15 -
2024-07-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://app-react-login.eu1.dev.scalar.zf.com/error?client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&connection=&lang=de-DE%2Cde%3Bq%3D0.9&error=invalid_request&error_description=The%20client%20with%20id%3A%20%227Wfq36JnmQjkig6Qzp5i7JuXs2slaheD%22%20(dev-odyssey-zf)%20was%20not%20found&tracking=6e877ce0e0129658a3b3
Frame ID: 7592914B9C266EF8BA623414E2B2CB0B
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - ZF Platform

Page URL History Show full URLs

  1. https://mf-react-sums-service.eu1.scalar.zf.com/ Page URL
  2. https://auth0.eu1.dev.scalar.zf.com/authorize?audience=SUMS&scope=openid%20profile%20email%20offline_access&impe... HTTP 302
    https://app-react-login.eu1.dev.scalar.zf.com/error?client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&connection=&lang=de-DE%2Cde... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

28
Requests

93 %
HTTPS

33 %
IPv6

2
Domains

6
Subdomains

6
IPs

2
Countries

2221 kB
Transfer

6323 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mf-react-sums-service.eu1.scalar.zf.com/ Page URL
  2. https://auth0.eu1.dev.scalar.zf.com/authorize?audience=SUMS&scope=openid%20profile%20email%20offline_access&impersonationSessionId=null&client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&redirect_uri=https%3A%2F%2Fmf-react-sums-service.eu1.scalar.zf.com%2Fcallback&response_type=code&response_mode=query&state=Q0ZKR0x2QVliVmtVN1Bhck5YUEhHVGxLWGV6S0F0TFE4NUdfX1lJS3AzZA%3D%3D&nonce=flZPOU1KUThwS3dWTEJSSkJMMnZUREpvdWpzTndVflE0V1BDc290Nm1Pcg%3D%3D&code_challenge=lBPOnWoOjEa6ZHiEQ7Ie1qX5PrtdlSe1NEiNkBTUOiU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D HTTP 302
    https://app-react-login.eu1.dev.scalar.zf.com/error?client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&connection=&lang=de-DE%2Cde%3Bq%3D0.9&error=invalid_request&error_description=The%20client%20with%20id%3A%20%227Wfq36JnmQjkig6Qzp5i7JuXs2slaheD%22%20(dev-odyssey-zf)%20was%20not%20found&tracking=6e877ce0e0129658a3b3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
mf-react-sums-service.eu1.scalar.zf.com/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mf-react-sums-service.eu1.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-107.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c589f66b3be9c55df1165d8eab172dc57c9a2473aee25d13b8acdf00462d896a
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39239
cache-control
no-cache
content-encoding
gzip
content-security-policy
frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
content-type
text/html
date
Thu, 21 Mar 2024 11:44:10 GMT
etag
W/"3ac0d7b99679d9907dc288714f6827e6"
last-modified
Thu, 21 Mar 2024 10:06:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 20ce720be9c31a6a95223700ba5f8724.cloudfront.net (CloudFront)
x-amz-cf-id
3fbaBiWgD6LGmyZzl_zwWzpyVHWrSh8OxzojyXfPRGwopw30yjlCHg==
x-amz-cf-pop
FRA56-P12
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runtime.min.js
cdn.jsdelivr.net/npm/regenerator-runtime@0.13.9/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/regenerator-runtime@0.13.9/runtime.min.js
Requested by
Host: mf-react-sums-service.eu1.scalar.zf.com
URL: https://mf-react-sums-service.eu1.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b1ff87b9f2bd4d7a3a95b21b68cba8db293658f4eb4f0e9c7cd4f2add04d029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mf-react-sums-service.eu1.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:38:10 GMT
x-content-type-options
nosniff
content-encoding
br
age
1289823
x-jsd-version
0.13.9
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2766
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6941-MXP
x-jsd-version-type
version
etag
W/"1ae3-ibe1HprTKwRP7P1b6jzPCqQJUrE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
react.production.min.js
cdn.jsdelivr.net/npm/react@18.2.0/umd/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/react@18.2.0/umd/react.production.min.js
Requested by
Host: mf-react-sums-service.eu1.scalar.zf.com
URL: https://mf-react-sums-service.eu1.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mf-react-sums-service.eu1.scalar.zf.com/
Origin
https://mf-react-sums-service.eu1.scalar.zf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:38:10 GMT
x-content-type-options
nosniff
content-encoding
br
age
6999549
x-jsd-version
18.2.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4465
x-served-by
cache-fra-eddf8230087-FRA, cache-mxp6926-MXP
x-jsd-version-type
version
etag
W/"29f1-mAiaM9DPL6Sz4bqbfuubi6Csgqc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
react-dom.production.min.js
cdn.jsdelivr.net/npm/react-dom@18.2.0/umd/ 		129 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/react-dom@18.2.0/umd/react-dom.production.min.js
Requested by
Host: mf-react-sums-service.eu1.scalar.zf.com
URL: https://mf-react-sums-service.eu1.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mf-react-sums-service.eu1.scalar.zf.com/
Origin
https://mf-react-sums-service.eu1.scalar.zf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:38:10 GMT
x-content-type-options
nosniff
content-encoding
br
age
2329594
x-jsd-version
18.2.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
44592
x-served-by
cache-fra-eddf8230095-FRA, cache-mxp6926-MXP
x-jsd-version-type
version
etag
W/"2032a-UG2RAMqgcABaiQvUlt5kxDfW0Ag"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
single-spa.min.js
cdn.jsdelivr.net/npm/single-spa@5.9.4/lib/system/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/single-spa@5.9.4/lib/system/single-spa.min.js
Requested by
Host: mf-react-sums-service.eu1.scalar.zf.com
URL: https://mf-react-sums-service.eu1.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fda24b7112d59c7417df5bd735ebc7c4bf22c68fc6403497f35dd5245ef04371
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mf-react-sums-service.eu1.scalar.zf.com/
Origin
https://mf-react-sums-service.eu1.scalar.zf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:38:10 GMT
x-content-type-options
nosniff
content-encoding
br
age
1466131
x-jsd-version
5.9.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6770
x-served-by
cache-fra-eddf8230073-FRA, cache-mxp6926-MXP
x-jsd-version-type
version
etag
W/"5059-2wiyzGMvQ5lqQS+Z7/KQHjyi1Ac"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
system.min.js
cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Requested by
Host: mf-react-sums-service.eu1.scalar.zf.com
URL: https://mf-react-sums-service.eu1.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
faf458dcada028341e6c98a52f71067328fb710a51d0f3acb69df9dbe93619af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mf-react-sums-service.eu1.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:38:10 GMT
x-content-type-options
nosniff
content-encoding
br
age
2499466
x-jsd-version
6.8.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4684
x-served-by
cache-fra-eddf8230042-FRA, cache-mxp6941-MXP
x-jsd-version-type
version
etag
W/"2d8f-vNLePrR3zcdZpnqBy/hzJsUTIac"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
rxjs.min.js
cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/rxjs.min.js
Requested by
Host: mf-react-sums-service.eu1.scalar.zf.com
URL: https://mf-react-sums-service.eu1.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d192aa00fbdb4e8c6cfe3fe8b2e6a8bc7a698c97a573ecd3a46fd61bb700e649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mf-react-sums-service.eu1.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:38:10 GMT
x-content-type-options
nosniff
content-encoding
br
age
2058079
x-jsd-version
7.5.6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1316
x-served-by
cache-fra-etou8220128-FRA, cache-mxp6941-MXP
x-jsd-version-type
version
etag
W/"aba-MaEu2eoP0/qi2oATNbBoSWrEgFc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
dynamic-import-maps.min.js
cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/extras/ 		354 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/extras/dynamic-import-maps.min.js
Requested by
Host: mf-react-sums-service.eu1.scalar.zf.com
URL: https://mf-react-sums-service.eu1.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b8ec92b367409b8582f1032174e2acd5d22015d7d02a3518a73de6c21567845
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mf-react-sums-service.eu1.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:38:10 GMT
x-content-type-options
nosniff
content-encoding
br
age
1116419
x-jsd-version
6.8.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
259
x-served-by
cache-fra-etou8220077-FRA, cache-mxp6941-MXP
x-jsd-version-type
version
etag
W/"162-7IttC8OHmH3HMUpyWgXWu4SoUgg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
rxjs-shared.min.js
cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/rxjs-shared.min.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
26ce59e48bcb1b23ffdfdf53651a48af724a47d33387995bffef77287c87dd4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mf-react-sums-service.eu1.scalar.zf.com/
Origin
https://mf-react-sums-service.eu1.scalar.zf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:38:10 GMT
x-content-type-options
nosniff
content-encoding
br
age
1459822
x-jsd-version
7.5.6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
18851
x-served-by
cache-fra-etou8220093-FRA, cache-mxp6926-MXP
x-jsd-version-type
version
etag
W/"e041-1jJI+n1cXvopoxxWhSiMkIIF+/k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
odyssey-sums-fe.js
mf-react-sums-service.eu1.scalar.zf.com/ 		3 MB
732 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mf-react-sums-service.eu1.scalar.zf.com/odyssey-sums-fe.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-107.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd1a4e85274e3cd6c522f20c0132240e80b660d4e911cc4d40d640f3e6bf4316
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mf-react-sums-service.eu1.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 22:38:11 GMT
x-amz-version-id
null
content-encoding
br
content-security-policy
frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
via
1.1 20ce720be9c31a6a95223700ba5f8724.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P12
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Mar 2024 10:06:37 GMT
server
AmazonS3
etag
W/"b367d676d28a858882ba1ac6d5469fc8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
wqRaAp8nQgn99hcCM0ivqaeyTB1I_w3DE3SWHYLXaV96xQAQr7a7_Q==
proxy
unleash.transics-cicd.aws.zf.com/ 		1 KB
486 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unleash.transics-cicd.aws.zf.com/proxy?sessionId=785551604&appName=sums-fe&environment=3-Prd
Requested by
Host: mf-react-sums-service.eu1.scalar.zf.com
URL: https://mf-react-sums-service.eu1.scalar.zf.com/odyssey-sums-fe.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.86.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-86-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
application/json
Referer
https://mf-react-sums-service.eu1.scalar.zf.com/
If-None-Match
accept-language
de-DE,de;q=0.9
Authorization
94747bc725aeaca8a57f3eb342654e1e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Mar 2024 22:38:11 GMT
content-encoding
gzip
etag
W/"598-VsSZlstDvyXlIUFUIshNBPLW38M"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
public, max-age=2
proxy
unleash.transics-cicd.aws.zf.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://unleash.transics-cicd.aws.zf.com/proxy?sessionId=785551604&appName=sums-fe&environment=3-Prd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.86.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-86-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,if-none-match
Access-Control-Request-Method
GET
Origin
https://mf-react-sums-service.eu1.scalar.zf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,if-none-match
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-expose-headers
ETag
access-control-max-age
172800
date
Thu, 21 Mar 2024 22:38:11 GMT
vary
Access-Control-Request-Headers
Primary Request error
app-react-login.eu1.dev.scalar.zf.com/
Redirect Chain
  • https://auth0.eu1.dev.scalar.zf.com/authorize?audience=SUMS&scope=openid%20profile%20email%20offline_access&impersonationSessionId=null&client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&redirect_uri=https...
  • https://app-react-login.eu1.dev.scalar.zf.com/error?client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&connection=&lang=de-DE%2Cde%3Bq%3D0.9&error=invalid_request&error_description=The%20client%20with%20id...
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app-react-login.eu1.dev.scalar.zf.com/error?client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&connection=&lang=de-DE%2Cde%3Bq%3D0.9&error=invalid_request&error_description=The%20client%20with%20id%3A%20%227Wfq36JnmQjkig6Qzp5i7JuXs2slaheD%22%20(dev-odyssey-zf)%20was%20not%20found&tracking=6e877ce0e0129658a3b3
Requested by
Host: mf-react-sums-service.eu1.scalar.zf.com
URL: https://mf-react-sums-service.eu1.scalar.zf.com/odyssey-sums-fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-56.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0108489d98c27de8acdc3cb0a40fb4e6cc08864034068c7ddea00b3261051b2d
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mf-react-sums-service.eu1.scalar.zf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63981
cache-control
no-cache
content-encoding
br
content-security-policy
frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
content-type
text/html
date
Thu, 21 Mar 2024 04:51:51 GMT
etag
W/"547aee0321e15e1dc3704b5787eff61c"
last-modified
Mon, 18 Mar 2024 01:57:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
x-amz-cf-id
NIiuDtOvBSpl1uxlUvpGZj712u8kKm1yYhx7C1uXUcwg-J8tcCijKg==
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
86816e484c909963-FRA
content-length
704
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 22:38:11 GMT
location
https://app-react-login.eu1.dev.scalar.zf.com/error?client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&connection=&lang=de-DE%2Cde%3Bq%3D0.9&error=invalid_request&error_description=The%20client%20with%20id%3A%20%227Wfq36JnmQjkig6Qzp5i7JuXs2slaheD%22%20(dev-odyssey-zf)%20was%20not%20found&tracking=6e877ce0e0129658a3b3
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-requestid
6e877ce0e0129658a3b3
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-ratelimit-reset
1711060692
runtime.min.js
cdn.jsdelivr.net/npm/regenerator-runtime@0.13.9/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/regenerator-runtime@0.13.9/runtime.min.js
Requested by
Host: app-react-login.eu1.dev.scalar.zf.com
URL: https://app-react-login.eu1.dev.scalar.zf.com/error?client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&connection=&lang=de-DE%2Cde%3Bq%3D0.9&error=invalid_request&error_description=The%20client%20with%20id%3A%20%227Wfq36JnmQjkig6Qzp5i7JuXs2slaheD%22%20(dev-odyssey-zf)%20was%20not%20found&tracking=6e877ce0e0129658a3b3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b1ff87b9f2bd4d7a3a95b21b68cba8db293658f4eb4f0e9c7cd4f2add04d029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-react-login.eu1.dev.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:38:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
1289825
x-jsd-version
0.13.9
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2766
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6941-MXP
x-jsd-version-type
version
etag
W/"1ae3-ibe1HprTKwRP7P1b6jzPCqQJUrE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
react.production.min.js
cdn.jsdelivr.net/npm/react@18.2.0/umd/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/react@18.2.0/umd/react.production.min.js
Requested by
Host: app-react-login.eu1.dev.scalar.zf.com
URL: https://app-react-login.eu1.dev.scalar.zf.com/error?client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&connection=&lang=de-DE%2Cde%3Bq%3D0.9&error=invalid_request&error_description=The%20client%20with%20id%3A%20%227Wfq36JnmQjkig6Qzp5i7JuXs2slaheD%22%20(dev-odyssey-zf)%20was%20not%20found&tracking=6e877ce0e0129658a3b3
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app-react-login.eu1.dev.scalar.zf.com/
Origin
https://app-react-login.eu1.dev.scalar.zf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:38:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
6999551
x-jsd-version
18.2.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4465
x-served-by
cache-fra-eddf8230087-FRA, cache-mxp6980-MXP
x-jsd-version-type
version
etag
W/"29f1-mAiaM9DPL6Sz4bqbfuubi6Csgqc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
react-dom.production.min.js
cdn.jsdelivr.net/npm/react-dom@18.2.0/umd/ 		129 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/react-dom@18.2.0/umd/react-dom.production.min.js
Requested by
Host: app-react-login.eu1.dev.scalar.zf.com
URL: https://app-react-login.eu1.dev.scalar.zf.com/error?client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&connection=&lang=de-DE%2Cde%3Bq%3D0.9&error=invalid_request&error_description=The%20client%20with%20id%3A%20%227Wfq36JnmQjkig6Qzp5i7JuXs2slaheD%22%20(dev-odyssey-zf)%20was%20not%20found&tracking=6e877ce0e0129658a3b3
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app-react-login.eu1.dev.scalar.zf.com/
Origin
https://app-react-login.eu1.dev.scalar.zf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:38:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
2329596
x-jsd-version
18.2.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
44592
x-served-by
cache-fra-eddf8230095-FRA, cache-mxp6980-MXP
x-jsd-version-type
version
etag
W/"2032a-UG2RAMqgcABaiQvUlt5kxDfW0Ag"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
single-spa.min.js
cdn.jsdelivr.net/npm/single-spa@5.9.4/lib/system/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/single-spa@5.9.4/lib/system/single-spa.min.js
Requested by
Host: app-react-login.eu1.dev.scalar.zf.com
URL: https://app-react-login.eu1.dev.scalar.zf.com/error?client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&connection=&lang=de-DE%2Cde%3Bq%3D0.9&error=invalid_request&error_description=The%20client%20with%20id%3A%20%227Wfq36JnmQjkig6Qzp5i7JuXs2slaheD%22%20(dev-odyssey-zf)%20was%20not%20found&tracking=6e877ce0e0129658a3b3
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fda24b7112d59c7417df5bd735ebc7c4bf22c68fc6403497f35dd5245ef04371
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app-react-login.eu1.dev.scalar.zf.com/
Origin
https://app-react-login.eu1.dev.scalar.zf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:38:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
1466133
x-jsd-version
5.9.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6770
x-served-by
cache-fra-eddf8230073-FRA, cache-mxp6980-MXP
x-jsd-version-type
version
etag
W/"5059-2wiyzGMvQ5lqQS+Z7/KQHjyi1Ac"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
system.min.js
cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Requested by
Host: app-react-login.eu1.dev.scalar.zf.com
URL: https://app-react-login.eu1.dev.scalar.zf.com/error?client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&connection=&lang=de-DE%2Cde%3Bq%3D0.9&error=invalid_request&error_description=The%20client%20with%20id%3A%20%227Wfq36JnmQjkig6Qzp5i7JuXs2slaheD%22%20(dev-odyssey-zf)%20was%20not%20found&tracking=6e877ce0e0129658a3b3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
faf458dcada028341e6c98a52f71067328fb710a51d0f3acb69df9dbe93619af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-react-login.eu1.dev.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:38:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
2499468
x-jsd-version
6.8.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4684
x-served-by
cache-fra-eddf8230042-FRA, cache-mxp6941-MXP
x-jsd-version-type
version
etag
W/"2d8f-vNLePrR3zcdZpnqBy/hzJsUTIac"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
rxjs.min.js
cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/rxjs.min.js
Requested by
Host: app-react-login.eu1.dev.scalar.zf.com
URL: https://app-react-login.eu1.dev.scalar.zf.com/error?client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&connection=&lang=de-DE%2Cde%3Bq%3D0.9&error=invalid_request&error_description=The%20client%20with%20id%3A%20%227Wfq36JnmQjkig6Qzp5i7JuXs2slaheD%22%20(dev-odyssey-zf)%20was%20not%20found&tracking=6e877ce0e0129658a3b3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d192aa00fbdb4e8c6cfe3fe8b2e6a8bc7a698c97a573ecd3a46fd61bb700e649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-react-login.eu1.dev.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:38:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
2058081
x-jsd-version
7.5.6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1316
x-served-by
cache-fra-etou8220128-FRA, cache-mxp6941-MXP
x-jsd-version-type
version
etag
W/"aba-MaEu2eoP0/qi2oATNbBoSWrEgFc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
dynamic-import-maps.min.js
cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/extras/ 		354 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/extras/dynamic-import-maps.min.js
Requested by
Host: app-react-login.eu1.dev.scalar.zf.com
URL: https://app-react-login.eu1.dev.scalar.zf.com/error?client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&connection=&lang=de-DE%2Cde%3Bq%3D0.9&error=invalid_request&error_description=The%20client%20with%20id%3A%20%227Wfq36JnmQjkig6Qzp5i7JuXs2slaheD%22%20(dev-odyssey-zf)%20was%20not%20found&tracking=6e877ce0e0129658a3b3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b8ec92b367409b8582f1032174e2acd5d22015d7d02a3518a73de6c21567845
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-react-login.eu1.dev.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:38:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
1116421
x-jsd-version
6.8.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
259
x-served-by
cache-fra-etou8220077-FRA, cache-mxp6941-MXP
x-jsd-version-type
version
etag
W/"162-7IttC8OHmH3HMUpyWgXWu4SoUgg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
rxjs-shared.min.js
cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/rxjs-shared.min.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
26ce59e48bcb1b23ffdfdf53651a48af724a47d33387995bffef77287c87dd4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app-react-login.eu1.dev.scalar.zf.com/
Origin
https://app-react-login.eu1.dev.scalar.zf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:38:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
1459824
x-jsd-version
7.5.6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
18851
x-served-by
cache-fra-etou8220093-FRA, cache-mxp6980-MXP
x-jsd-version-type
version
etag
W/"e041-1jJI+n1cXvopoxxWhSiMkIIF+/k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
odyssey-login.js
app-react-login.eu1.dev.scalar.zf.com/ 		2 MB
533 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-react-login.eu1.dev.scalar.zf.com/odyssey-login.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-56.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
900f1ca09b4b8cd64c17b42c8412682941c7c8c4b24dfd7a03d500d8c952fb60
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-react-login.eu1.dev.scalar.zf.com/error?client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&connection=&lang=de-DE%2Cde%3Bq%3D0.9&error=invalid_request&error_description=The%20client%20with%20id%3A%20%227Wfq36JnmQjkig6Qzp5i7JuXs2slaheD%22%20(dev-odyssey-zf)%20was%20not%20found&tracking=6e877ce0e0129658a3b3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
br
via
1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
date
Thu, 21 Mar 2024 04:50:23 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
x-amz-cf-pop
FRA60-P9
age
65313
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 18 Mar 2024 01:57:36 GMT
server
AmazonS3
etag
W/"baab4c5dcd1f1d6896f52a3ea98afb60"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
H4hlFVVayMeVueKgVy9vbbhMx-I6QKqFFHp98zQPRzmwTSaZC9Imhw==
proxy
unleash-dev.euwe1.shared-dev.cvcs.zf.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://unleash-dev.euwe1.shared-dev.cvcs.zf.com/proxy?sessionId=1-hoedje-van-alu&appName=Login&environment=1-Dev&userId=happycorp&properties%5Borganization%5D=happycorp&properties%5Buser%5D=1-hoedje-van-alu&properties%5Bcountry%5D=Germany
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.128.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-128-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,if-none-match
Access-Control-Request-Method
GET
Origin
https://app-react-login.eu1.dev.scalar.zf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,if-none-match
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-expose-headers
ETag
access-control-max-age
172800
date
Thu, 21 Mar 2024 22:38:12 GMT
vary
Access-Control-Request-Headers
proxy
unleash-dev.euwe1.shared-dev.cvcs.zf.com/ 		5 KB
912 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unleash-dev.euwe1.shared-dev.cvcs.zf.com/proxy?sessionId=1-hoedje-van-alu&appName=Login&environment=1-Dev&userId=happycorp&properties%5Borganization%5D=happycorp&properties%5Buser%5D=1-hoedje-van-alu&properties%5Bcountry%5D=Germany
Requested by
Host: app-react-login.eu1.dev.scalar.zf.com
URL: https://app-react-login.eu1.dev.scalar.zf.com/odyssey-login.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.128.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-128-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e5ee75db962bff1d2cf76f98dfd0f2a7b12e297acfaecad4866c106a12dcb8b0

Request headers

Accept
application/json
Referer
https://app-react-login.eu1.dev.scalar.zf.com/
If-None-Match
accept-language
de-DE,de;q=0.9
Authorization
2a0b4b56a5f424e5a202f8178677c32e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Mar 2024 22:38:12 GMT
content-encoding
gzip
etag
W/"1355-V7gX2Fvk7XSeQBQg7dJo6k64mfc"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
public, max-age=2
NotoSans-Bold.ttf
app-react-login.eu1.dev.scalar.zf.com/assets/fonts/ 		389 KB
391 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app-react-login.eu1.dev.scalar.zf.com/assets/fonts/NotoSans-Bold.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-56.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9a6bd489df560f7a925b43d5b48d4536fa24589332e53702b63fc0072898f86
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app-react-login.eu1.dev.scalar.zf.com/error?client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&connection=&lang=de-DE%2Cde%3Bq%3D0.9&error=invalid_request&error_description=The%20client%20with%20id%3A%20%227Wfq36JnmQjkig6Qzp5i7JuXs2slaheD%22%20(dev-odyssey-zf)%20was%20not%20found&tracking=6e877ce0e0129658a3b3
Origin
https://app-react-login.eu1.dev.scalar.zf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 21 Mar 2024 07:57:38 GMT
via
1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P9
age
52835
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
398652
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 18 Mar 2024 01:57:36 GMT
server
AmazonS3
etag
"98f0cacc6bb63b64b98aac7cac082d27"
access-control-max-age
3600
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
https://app-react-login.eu1.dev.scalar.zf.com
access-control-expose-headers
ETag, Access-Control-Allow-Origin
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials
true
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
u5-nIP0kjPHRN4Ja7SHljFAd_EKr8J8jNY64TdOBSQBjOsTphEgsmQ==
NotoSans-Regular.ttf
app-react-login.eu1.dev.scalar.zf.com/assets/fonts/ 		390 KB
391 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app-react-login.eu1.dev.scalar.zf.com/assets/fonts/NotoSans-Regular.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-56.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ddeaed07f6483f7831b23faa32cf85a04c3406eb4bb2925530894805a05d4fb
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app-react-login.eu1.dev.scalar.zf.com/error?client_id=7Wfq36JnmQjkig6Qzp5i7JuXs2slaheD&connection=&lang=de-DE%2Cde%3Bq%3D0.9&error=invalid_request&error_description=The%20client%20with%20id%3A%20%227Wfq36JnmQjkig6Qzp5i7JuXs2slaheD%22%20(dev-odyssey-zf)%20was%20not%20found&tracking=6e877ce0e0129658a3b3
Origin
https://app-react-login.eu1.dev.scalar.zf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 21 Mar 2024 05:51:14 GMT
via
1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P9
age
60419
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
398968
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 18 Mar 2024 01:57:36 GMT
server
AmazonS3
etag
"5a87cce84010f7cea085ae218d44a64b"
access-control-max-age
3600
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
https://app-react-login.eu1.dev.scalar.zf.com
access-control-expose-headers
ETag, Access-Control-Allow-Origin
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials
true
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
TV0ctYsDD1qBMqqGkxslckZaGC5RybyRf4lsmqIfJuOEtmmmfZVxQw==
metrics
unleash-dev.euwe1.shared-dev.cvcs.zf.com/proxy/client/ 		0
0
metrics
unleash-dev.euwe1.shared-dev.cvcs.zf.com/proxy/client/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
unleash-dev.euwe1.shared-dev.cvcs.zf.com
URL
https://unleash-dev.euwe1.shared-dev.cvcs.zf.com/proxy/client/metrics
Domain
unleash-dev.euwe1.shared-dev.cvcs.zf.com
URL
https://unleash-dev.euwe1.shared-dev.cvcs.zf.com/proxy/client/metrics

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| runtime object| regeneratorRuntime object| System object| React object| ReactDOM function| singleSpaNavigate object| DD_RUM number| 2f1acc6c3a606b082e5eef5e54414ffb number| cssClassNameGenerator object| scalar-auth-store object| websocketManager object| rcl-mf-deps function| DOMPurify boolean| auth0PatchApplied boolean| hasScrollbarStyles object| unleashClient boolean| unleashContextApp boolean| isNotifierRegistered boolean| walkmeClientLoaded object| userObject boolean| datadogClientLoaded

3 Cookies

Domain/Path Name / Value
auth0.eu1.dev.scalar.zf.com/ Name: did
Value: s%3Av0%3Ab27a0180-e7d3-11ee-9b01-fd57a8d6e6f7.KohIslfqgjO9NMKZe6KFkaM0pTGF9mM6GWvVG6rzqPw
auth0.eu1.dev.scalar.zf.com/ Name: did_compat
Value: s%3Av0%3Ab27a0180-e7d3-11ee-9b01-fd57a8d6e6f7.KohIslfqgjO9NMKZe6KFkaM0pTGF9mM6GWvVG6rzqPw
.auth0.eu1.dev.scalar.zf.com/ Name: __cf_bm
Value: YpcTenQRt2xJPmDyVsSYsi0OOJMdlIFbsAGxJgN9T8w-1711060691-1.0.1.1-CVRrzAg_vbEQU8MOHvptkuyDYM2wlVUF1iZ9b9drTg0.eGWboKu1DmDOgNqEmeRB

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block