urlscan.io logo urlscan.io
SecurityTrails logo

federation-q.auth.schwarz Open in urlscan Pro
185.124.192.204  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gondor-prognose.qa.sit.svc.odj.cloud/
Effective URL: https://federation-q.auth.schwarz/nidp/oauth/nam/authz?client_id=8de93b14-daf8-4af9-9b10-2684bea373fb&redirect_uri=https%3A%2F%2Fg...
Submission: On July 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 185.124.192.204, located in Heilbronn, Germany and belongs to SCHWARZ-IT-LEGACY, DE. The main domain is federation-q.auth.schwarz.
TLS certificate: Issued by SwissSign RSA TLS EV ICA 2022 - 1 on October 24th 2023. Valid for: a year.
This is the only time federation-q.auth.schwarz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 192.214.162.45 44076 (SCHWARZ-IT)
3 185.124.192.204 211768 (SCHWARZ-I...)
7 2
Domain Requested by
4 gondor-prognose.qa.sit.svc.odj.cloud gondor-prognose.qa.sit.svc.odj.cloud
3 federation-q.auth.schwarz gondor-prognose.qa.sit.svc.odj.cloud
7 2

This site contains no links.

Subject Issuer Validity Valid
gondor-prognose.qa.sit.svc.odj.cloud
R10		 2024-07-23 -
2024-10-21		 3 months crt.sh
federation-q.auth.schwarz
SwissSign RSA TLS EV ICA 2022 - 1		 2023-10-24 -
2024-10-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://federation-q.auth.schwarz/nidp/oauth/nam/authz?client_id=8de93b14-daf8-4af9-9b10-2684bea373fb&redirect_uri=https%3A%2F%2Fgondor-prognose.qa.sit.svc.odj.cloud&response_type=code&scope=openid+siam&state=abbfc4260a324eadaccfeb72b9690622&code_challenge=OBI11o9R1gclagwqGaEssIEbdq04xQ85_XgckakxxvY&code_challenge_method=S256
Frame ID: 174B507EC42783D7D446F186E8792B66
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://gondor-prognose.qa.sit.svc.odj.cloud/ Page URL
  2. https://federation-q.auth.schwarz/nidp/oauth/nam/authz?client_id=8de93b14-daf8-4af9-9b10-2684bea373fb&redirect... Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

127 kB
Transfer

324 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gondor-prognose.qa.sit.svc.odj.cloud/ Page URL
  2. https://federation-q.auth.schwarz/nidp/oauth/nam/authz?client_id=8de93b14-daf8-4af9-9b10-2684bea373fb&redirect_uri=https%3A%2F%2Fgondor-prognose.qa.sit.svc.odj.cloud&response_type=code&scope=openid+siam&state=abbfc4260a324eadaccfeb72b9690622&code_challenge=OBI11o9R1gclagwqGaEssIEbdq04xQ85_XgckakxxvY&code_challenge_method=S256 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
gondor-prognose.qa.sit.svc.odj.cloud/ 		911 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gondor-prognose.qa.sit.svc.odj.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.214.162.45 -, , ASN44076 (SCHWARZ-IT, DE),
Reverse DNS
Software
/
Resource Hash
b4ff2e9b911890644e15aa750f5d30c47c4e667b1115a0067adc52d7ba36f806
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
911
content-type
text/html
date
Wed, 24 Jul 2024 02:29:31 GMT
etag
"669fd5de-38f"
last-modified
Tue, 23 Jul 2024 16:10:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
index-Buw0mXyW.js
gondor-prognose.qa.sit.svc.odj.cloud/assets/ 		304 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gondor-prognose.qa.sit.svc.odj.cloud/assets/index-Buw0mXyW.js
Requested by
Host: gondor-prognose.qa.sit.svc.odj.cloud
URL: https://gondor-prognose.qa.sit.svc.odj.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.214.162.45 -, , ASN44076 (SCHWARZ-IT, DE),
Reverse DNS
Software
/
Resource Hash
d407dac4fc7c4c08ce8f1942e757dd89874ab94fc332ec940c5aba8432ea9fd6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://gondor-prognose.qa.sit.svc.odj.cloud/
Origin
https://gondor-prognose.qa.sit.svc.odj.cloud
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 02:29:31 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 23 Jul 2024 15:41:06 GMT
etag
W/"669fcf12-4c149"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 24 Jul 2025 02:29:31 GMT
index-sASQgpeN.css
gondor-prognose.qa.sit.svc.odj.cloud/assets/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gondor-prognose.qa.sit.svc.odj.cloud/assets/index-sASQgpeN.css
Requested by
Host: gondor-prognose.qa.sit.svc.odj.cloud
URL: https://gondor-prognose.qa.sit.svc.odj.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.214.162.45 -, , ASN44076 (SCHWARZ-IT, DE),
Reverse DNS
Software
/
Resource Hash
9a84e179c6d3073a4f6f2e9be227fb8141e0c0c7bc85929587ba4a63c9a7db04
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://gondor-prognose.qa.sit.svc.odj.cloud/
Origin
https://gondor-prognose.qa.sit.svc.odj.cloud
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 02:29:31 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 23 Jul 2024 15:41:02 GMT
etag
W/"669fcf0e-3cd9"
content-type
text/css
cache-control
max-age=31536000, public
expires
Thu, 24 Jul 2025 02:29:31 GMT
openid-configuration
federation-q.auth.schwarz/nidp/oauth/nam/.well-known/ 		2 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://federation-q.auth.schwarz/nidp/oauth/nam/.well-known/openid-configuration
Requested by
Host: gondor-prognose.qa.sit.svc.odj.cloud
URL: https://gondor-prognose.qa.sit.svc.odj.cloud/assets/index-Buw0mXyW.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.124.192.204 Heilbronn, Germany, ASN211768 (SCHWARZ-IT-LEGACY, DE),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://itdoc.schwarz https://de.sp.kaufland https://de.sp-qs.kaufland https://de.sp-at.kaufland https://de.sp-et.kaufland https://federation-q.auth.schwarz https://hcm12preview.sapsf.eu/ https://mamt.schwarz https://www.securepayment.intercard.de https://sp-backupapps-ui.test.sit.az.odj.cloud/ https://sp-backupapps-ui.dev.sit.az.odj.cloud/ https://a86ytdots.accounts.ondemand.com/ https://oqafckbqw8ruhemdzw8k1uf.authentication.eu11.hana.ondemand.com https://performancemanager5.successfactors.eu https://oqafckbqw8ruhemdzw8k1uf.eu11.analytics.cloud.sap/
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/jwk-set+json, application/json
Referer
https://gondor-prognose.qa.sit.svc.odj.cloud/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors https://itdoc.schwarz https://de.sp.kaufland https://de.sp-qs.kaufland https://de.sp-at.kaufland https://de.sp-et.kaufland https://federation-q.auth.schwarz https://hcm12preview.sapsf.eu/ https://mamt.schwarz https://www.securepayment.intercard.de https://sp-backupapps-ui.test.sit.az.odj.cloud/ https://sp-backupapps-ui.dev.sit.az.odj.cloud/ https://a86ytdots.accounts.ondemand.com/ https://oqafckbqw8ruhemdzw8k1uf.authentication.eu11.hana.ondemand.com https://performancemanager5.successfactors.eu https://oqafckbqw8ruhemdzw8k1uf.eu11.analytics.cloud.sap/
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Wed, 24 Jul 2024 02:29:32 GMT
X-FRAME-OPTIONS
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://gondor-prognose.qa.sit.svc.odj.cloud
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
Content-Length
2179
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=60
favicon.svg
gondor-prognose.qa.sit.svc.odj.cloud/ 		2 KB
1001 B 		Other
General
Check archive.org
Download Go to
Full URL
https://gondor-prognose.qa.sit.svc.odj.cloud/favicon.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.214.162.45 -, , ASN44076 (SCHWARZ-IT, DE),
Reverse DNS
Software
/
Resource Hash
a62271b1379b057dfe5e036b0c001f6c225f61f862f6b7b31f039e04392c13ff
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://gondor-prognose.qa.sit.svc.odj.cloud/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 02:29:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Tue, 23 Jul 2024 15:41:05 GMT
etag
W/"669fcf11-67e"
content-type
image/svg+xml
Primary Request authz
federation-q.auth.schwarz/nidp/oauth/nam/ 		94 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://federation-q.auth.schwarz/nidp/oauth/nam/authz?client_id=8de93b14-daf8-4af9-9b10-2684bea373fb&redirect_uri=https%3A%2F%2Fgondor-prognose.qa.sit.svc.odj.cloud&response_type=code&scope=openid+siam&state=abbfc4260a324eadaccfeb72b9690622&code_challenge=OBI11o9R1gclagwqGaEssIEbdq04xQ85_XgckakxxvY&code_challenge_method=S256
Requested by
Host: gondor-prognose.qa.sit.svc.odj.cloud
URL: https://gondor-prognose.qa.sit.svc.odj.cloud/assets/index-Buw0mXyW.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.124.192.204 Heilbronn, Germany, ASN211768 (SCHWARZ-IT-LEGACY, DE),
Reverse DNS
Software
/
Resource Hash
63add732cf7f9b71cc74d1e8143ac2df99a13c26f22bf607c030d1cb818e72b7
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://itdoc.schwarz https://de.sp.kaufland https://de.sp-qs.kaufland https://de.sp-at.kaufland https://de.sp-et.kaufland https://federation-q.auth.schwarz https://hcm12preview.sapsf.eu/ https://mamt.schwarz https://www.securepayment.intercard.de https://sp-backupapps-ui.test.sit.az.odj.cloud/ https://sp-backupapps-ui.dev.sit.az.odj.cloud/ https://a86ytdots.accounts.ondemand.com/ https://oqafckbqw8ruhemdzw8k1uf.authentication.eu11.hana.ondemand.com https://performancemanager5.successfactors.eu https://oqafckbqw8ruhemdzw8k1uf.eu11.analytics.cloud.sap/
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gondor-prognose.qa.sit.svc.odj.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS
Connection
close
Content-Length
94
Content-Security-Policy
frame-ancestors https://itdoc.schwarz https://de.sp.kaufland https://de.sp-qs.kaufland https://de.sp-at.kaufland https://de.sp-et.kaufland https://federation-q.auth.schwarz https://hcm12preview.sapsf.eu/ https://mamt.schwarz https://www.securepayment.intercard.de https://sp-backupapps-ui.test.sit.az.odj.cloud/ https://sp-backupapps-ui.dev.sit.az.odj.cloud/ https://a86ytdots.accounts.ondemand.com/ https://oqafckbqw8ruhemdzw8k1uf.authentication.eu11.hana.ondemand.com https://performancemanager5.successfactors.eu https://oqafckbqw8ruhemdzw8k1uf.eu11.analytics.cloud.sap/
Content-Type
text/plain
Date
Wed, 24 Jul 2024 02:29:32 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
SAMEORIGIN
X-XSS-Protection
1; mode=block
favicon.ico
federation-q.auth.schwarz/ 		120 B
408 B 		Other
General
Check archive.org
Download Go to
Full URL
https://federation-q.auth.schwarz/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.124.192.204 Heilbronn, Germany, ASN211768 (SCHWARZ-IT-LEGACY, DE),
Reverse DNS
Software
/
Resource Hash
67037b80c615b13fefdbd77e334aa36111cfa60d80fb4e387358fd589b686eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://federation-q.auth.schwarz/nidp/oauth/nam/authz?client_id=8de93b14-daf8-4af9-9b10-2684bea373fb&redirect_uri=https%3A%2F%2Fgondor-prognose.qa.sit.svc.odj.cloud&response_type=code&scope=openid+siam&state=abbfc4260a324eadaccfeb72b9690622&code_challenge=OBI11o9R1gclagwqGaEssIEbdq04xQ85_XgckakxxvY&code_challenge_method=S256
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Wed, 24 Jul 2024 02:29:32 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
120
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
federation-q.auth.schwarz/nidp Name: JSESSIONID
Value: 074A17327202612879294EAAE5A8878B
federation-q.auth.schwarz/nidp Name: TS011f11c2
Value: 0180177b4eb845ec37221d8d870730830e37f099cc671d263148aa2849e45b7d7e11073aa19db1639cc6091b94137977adf5df945d
federation-q.auth.schwarz/ Name: lbcookie
Value: !ygfwBri1dKwoFjEsSrurXNNItKnIowLnxyhyGesfOE5eNSDsvP7fPdZTQKoEOjtJXX3tVI1uJD1tjbA=
federation-q.auth.schwarz/ Name: TS01af31b7
Value: 0180177b4eb845ec37221d8d870730830e37f099cc671d263148aa2849e45b7d7e11073aa19db1639cc6091b94137977adf5df945d

2 Console Messages

Source Level URL
Text
network error URL: https://federation-q.auth.schwarz/nidp/oauth/nam/authz?client_id=8de93b14-daf8-4af9-9b10-2684bea373fb&redirect_uri=https%3A%2F%2Fgondor-prognose.qa.sit.svc.odj.cloud&response_type=code&scope=openid+siam&state=abbfc4260a324eadaccfeb72b9690622&code_challenge=OBI11o9R1gclagwqGaEssIEbdq04xQ85_XgckakxxvY&code_challenge_method=S256
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://federation-q.auth.schwarz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains