Submitted URL: https://service-portal.ap1.stg.scalar.zf.com/
Effective URL: https://auth0.ap1.stg.scalar.zf.com/login?state=hKFo2SBBcDdoWFROQVo1ZmJza2YtMVBnX3d4ODZwaHJ6VmU1LaFupWxvZ2luo3RpZNkgVHM0Sjh6TTVjQ21C...
Submission: On May 17 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 22 HTTP transactions. The main IP is 2606:4700::6812:c03b, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth0.ap1.stg.scalar.zf.com.
TLS certificate: Issued by R3 on April 28th 2023. Valid for: 3 months.
This is the only time auth0.ap1.stg.scalar.zf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13.225.78.46 16509 (AMAZON-02)
12 2a04:4e42::485 54113 (FASTLY)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:214... 16509 (AMAZON-02)
5 18.66.97.15 16509 (AMAZON-02)
22 5
Apex Domain
Subdomains
Transfer
12 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 344
138 KB
9 zf.com
service-portal.ap1.stg.scalar.zf.com
auth0.ap1.stg.scalar.zf.com
app-react-login.ap1.stg.scalar.zf.com
3 MB
2 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 6886
43 KB
22 3
Domain Requested by
12 cdn.jsdelivr.net service-portal.ap1.stg.scalar.zf.com
cdn.jsdelivr.net
app-react-login.ap1.stg.scalar.zf.com
5 app-react-login.ap1.stg.scalar.zf.com auth0.ap1.stg.scalar.zf.com
app-react-login.ap1.stg.scalar.zf.com
2 cdn.auth0.com auth0.ap1.stg.scalar.zf.com
2 auth0.ap1.stg.scalar.zf.com 1 redirects service-portal.ap1.stg.scalar.zf.com
2 service-portal.ap1.stg.scalar.zf.com service-portal.ap1.stg.scalar.zf.com
22 5

This site contains no links.

Subject Issuer Validity Valid
service-portal.ap1.stg.scalar.zf.com
Amazon RSA 2048 M01
2023-05-17 -
2024-06-14
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
auth0.ap1.stg.scalar.zf.com
R3
2023-04-28 -
2023-07-27
3 months crt.sh
*.auth0.com
Amazon RSA 2048 M01
2023-02-24 -
2024-03-24
a year crt.sh
app-react-login.ap1.stg.scalar.zf.com
Amazon RSA 2048 M01
2022-10-13 -
2023-11-11
a year crt.sh

This page contains 2 frames:

Primary Page: https://auth0.ap1.stg.scalar.zf.com/login?state=hKFo2SBBcDdoWFROQVo1ZmJza2YtMVBnX3d4ODZwaHJ6VmU1LaFupWxvZ2luo3RpZNkgVHM0Sjh6TTVjQ21CZXBPRWJ2V29iZ3pJbkxGcmJfeWWjY2lk2SAxQ1RuRWp2b1lSQ3ZUYXJyemhXMFJPTzB4V01zVG84SQ&client=1CTnEjvoYRCvTarrzhW0ROO0xWMsTo8I&protocol=oauth2&audience=UM&scope=openid%20profile%20email%20offline_access&impersonationSessionId=null&redirect_uri=https%3A%2F%2Fservice-portal.ap1.stg.scalar.zf.com%2Fcallback&response_type=code&response_mode=query&nonce=bjl4UkhWVkhaVWN1VnVSLXFTSk5qSTE1WVgzUG8tcXdieU5xSlppRXpMQw%3D%3D&code_challenge=lxXSPGpeue0oJAUviLK1pXk37tliFHZyebcx4zDLbdU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
Frame ID: 248FABD49FD8DFF29894C6199CBF0CD1
Requests: 12 HTTP requests in this frame

Frame: https://app-react-login.ap1.stg.scalar.zf.com/
Frame ID: 7B726193A317102F4F9FA63DCE11B125
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Login

Page URL History Show full URLs

  1. https://service-portal.ap1.stg.scalar.zf.com/ Page URL
  2. https://auth0.ap1.stg.scalar.zf.com/authorize?audience=UM&scope=openid%20profile%20email%20offline_access&impers... HTTP 302
    https://auth0.ap1.stg.scalar.zf.com/login?state=hKFo2SBBcDdoWFROQVo1ZmJza2YtMVBnX3d4ODZwaHJ6VmU1LaFupWxvZ2luo3Rp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /auth0(?:-js)?/([\d.]+)/auth0(?:.min)?\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

22
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

5
IPs

1
Countries

2782 kB
Transfer

9940 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://service-portal.ap1.stg.scalar.zf.com/ Page URL
  2. https://auth0.ap1.stg.scalar.zf.com/authorize?audience=UM&scope=openid%20profile%20email%20offline_access&impersonationSessionId=null&client_id=1CTnEjvoYRCvTarrzhW0ROO0xWMsTo8I&redirect_uri=https%3A%2F%2Fservice-portal.ap1.stg.scalar.zf.com%2Fcallback&response_type=code&response_mode=query&state=QzNzRjh5a1diSnNvYkNwNU80M2xwamxkUHFMX0Z2TkEzMDJtNmhJS1Jsag%3D%3D&nonce=bjl4UkhWVkhaVWN1VnVSLXFTSk5qSTE1WVgzUG8tcXdieU5xSlppRXpMQw%3D%3D&code_challenge=lxXSPGpeue0oJAUviLK1pXk37tliFHZyebcx4zDLbdU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D HTTP 302
    https://auth0.ap1.stg.scalar.zf.com/login?state=hKFo2SBBcDdoWFROQVo1ZmJza2YtMVBnX3d4ODZwaHJ6VmU1LaFupWxvZ2luo3RpZNkgVHM0Sjh6TTVjQ21CZXBPRWJ2V29iZ3pJbkxGcmJfeWWjY2lk2SAxQ1RuRWp2b1lSQ3ZUYXJyemhXMFJPTzB4V01zVG84SQ&client=1CTnEjvoYRCvTarrzhW0ROO0xWMsTo8I&protocol=oauth2&audience=UM&scope=openid%20profile%20email%20offline_access&impersonationSessionId=null&redirect_uri=https%3A%2F%2Fservice-portal.ap1.stg.scalar.zf.com%2Fcallback&response_type=code&response_mode=query&nonce=bjl4UkhWVkhaVWN1VnVSLXFTSk5qSTE1WVgzUG8tcXdieU5xSlppRXpMQw%3D%3D&code_challenge=lxXSPGpeue0oJAUviLK1pXk37tliFHZyebcx4zDLbdU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
service-portal.ap1.stg.scalar.zf.com/
2 KB
1 KB
Document
General
Full URL
https://service-portal.ap1.stg.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6a88b1fe1457d267743aa5c49660da429ce926c2c78f19f9b2bb47ff0a99222

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
br
content-type
text/html
date
Wed, 17 May 2023 13:48:53 GMT
etag
W/"76d6514ab59ce23fa8d44984989e627b"
last-modified
Wed, 17 May 2023 12:39:40 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
x-amz-cf-id
R0ostg3--gI6bg_QrhV8TbbZEr_Eh0vtxtRBAw1zCanT42FLISt9Tg==
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Miss from cloudfront
runtime.min.js
cdn.jsdelivr.net/npm/regenerator-runtime@0.13.9/
7 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/regenerator-runtime@0.13.9/runtime.min.js
Requested by
Host: service-portal.ap1.stg.scalar.zf.com
URL: https://service-portal.ap1.stg.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b1ff87b9f2bd4d7a3a95b21b68cba8db293658f4eb4f0e9c7cd4f2add04d029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service-portal.ap1.stg.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 13:48:52 GMT
x-content-type-options
nosniff
content-encoding
br
age
3127915
x-jsd-version
0.13.9
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2766
x-served-by
cache-fra-eddf8230089-FRA, cache-gig2250031-GIG
x-jsd-version-type
version
etag
W/"1ae3-ibe1HprTKwRP7P1b6jzPCqQJUrE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
single-spa.min.js
cdn.jsdelivr.net/npm/single-spa@5.9.4/lib/system/
20 KB
7 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/single-spa@5.9.4/lib/system/single-spa.min.js
Requested by
Host: service-portal.ap1.stg.scalar.zf.com
URL: https://service-portal.ap1.stg.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fda24b7112d59c7417df5bd735ebc7c4bf22c68fc6403497f35dd5245ef04371
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://service-portal.ap1.stg.scalar.zf.com/
Origin
https://service-portal.ap1.stg.scalar.zf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 13:48:52 GMT
x-content-type-options
nosniff
content-encoding
br
age
655474
x-jsd-version
5.9.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6770
x-served-by
cache-fra-eddf8230073-FRA, cache-gig2250028-GIG
x-jsd-version-type
version
etag
W/"5059-2wiyzGMvQ5lqQS+Z7/KQHjyi1Ac"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
system.min.js
cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/
11 KB
5 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Requested by
Host: service-portal.ap1.stg.scalar.zf.com
URL: https://service-portal.ap1.stg.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
faf458dcada028341e6c98a52f71067328fb710a51d0f3acb69df9dbe93619af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service-portal.ap1.stg.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 13:48:52 GMT
x-content-type-options
nosniff
content-encoding
br
age
1918253
x-jsd-version
6.8.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4684
x-served-by
cache-fra-eddf8230042-FRA, cache-gig2250031-GIG
x-jsd-version-type
version
etag
W/"2d8f-vNLePrR3zcdZpnqBy/hzJsUTIac"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
react.production.min.js
cdn.jsdelivr.net/npm/@esm-bundle/react@17.0.2/system/
8 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@esm-bundle/react@17.0.2/system/react.production.min.js
Requested by
Host: service-portal.ap1.stg.scalar.zf.com
URL: https://service-portal.ap1.stg.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4b1eb1c992584e7a508ff7fdc0c9336d28094ba37297f5ebb13eb7ed6b0aec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service-portal.ap1.stg.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 13:48:52 GMT
x-content-type-options
nosniff
content-encoding
br
age
1324439
x-jsd-version
17.0.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3195
x-served-by
cache-fra-eddf8230132-FRA, cache-gig2250031-GIG
x-jsd-version-type
version
etag
W/"1ed7-19ED8fJUsYfb1XHfBtnJlmkPsho"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
react-dom.production.min.js
cdn.jsdelivr.net/npm/@esm-bundle/react-dom@17.0.2/system/
121 KB
41 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@esm-bundle/react-dom@17.0.2/system/react-dom.production.min.js
Requested by
Host: service-portal.ap1.stg.scalar.zf.com
URL: https://service-portal.ap1.stg.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3180c58f59c9554382e8ebeb3501c96180d080cd1e5606922cadcc4a817f29fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service-portal.ap1.stg.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 13:48:52 GMT
x-content-type-options
nosniff
content-encoding
br
age
1329343
x-jsd-version
17.0.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
41635
x-served-by
cache-fra-eddf8230056-FRA, cache-gig2250031-GIG
x-jsd-version-type
version
etag
W/"1e55e-A4RlH26ISPVcxyoQT2BYZfkqPAU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
rxjs.min.js
cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/
3 KB
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/rxjs.min.js
Requested by
Host: service-portal.ap1.stg.scalar.zf.com
URL: https://service-portal.ap1.stg.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d192aa00fbdb4e8c6cfe3fe8b2e6a8bc7a698c97a573ecd3a46fd61bb700e649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service-portal.ap1.stg.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 13:48:52 GMT
x-content-type-options
nosniff
content-encoding
br
age
1239028
x-jsd-version
7.5.6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1316
x-served-by
cache-fra-eddf8230021-FRA, cache-gig2250031-GIG
x-jsd-version-type
version
etag
W/"aba-MaEu2eoP0/qi2oATNbBoSWrEgFc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
odyssey-impersonation.js
service-portal.ap1.stg.scalar.zf.com/
3 MB
813 KB
Script
General
Full URL
https://service-portal.ap1.stg.scalar.zf.com/odyssey-impersonation.js
Requested by
Host: service-portal.ap1.stg.scalar.zf.com
URL: https://service-portal.ap1.stg.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
981faafc46dab6675068e990a5e5570b6ade1422cf08af5fa51e44affdad77f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service-portal.ap1.stg.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 13:48:53 GMT
x-amz-version-id
null
content-encoding
br
last-modified
Wed, 17 May 2023 12:39:40 GMT
server
AmazonS3
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"7045a0b641f688289e95fb9f17b329d4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
EsC6i7dKPMiDjX4UoeWda4l4rfTLl13q36H3pJjWgoVkPCuezg9VNQ==
rxjs-shared.min.js
cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/
56 KB
19 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/rxjs-shared.min.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
26ce59e48bcb1b23ffdfdf53651a48af724a47d33387995bffef77287c87dd4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://service-portal.ap1.stg.scalar.zf.com/
Origin
https://service-portal.ap1.stg.scalar.zf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 13:48:53 GMT
x-content-type-options
nosniff
content-encoding
br
age
2534046
x-jsd-version
7.5.6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
18851
x-served-by
cache-fra-eddf8230063-FRA, cache-gig2250028-GIG
x-jsd-version-type
version
etag
W/"e041-1jJI+n1cXvopoxxWhSiMkIIF+/k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
Primary Request login
auth0.ap1.stg.scalar.zf.com/
Redirect Chain
  • https://auth0.ap1.stg.scalar.zf.com/authorize?audience=UM&scope=openid%20profile%20email%20offline_access&impersonationSessionId=null&client_id=1CTnEjvoYRCvTarrzhW0ROO0xWMsTo8I&redirect_uri=https%3...
  • https://auth0.ap1.stg.scalar.zf.com/login?state=hKFo2SBBcDdoWFROQVo1ZmJza2YtMVBnX3d4ODZwaHJ6VmU1LaFupWxvZ2luo3RpZNkgVHM0Sjh6TTVjQ21CZXBPRWJ2V29iZ3pJbkxGcmJfeWWjY2lk2SAxQ1RuRWp2b1lSQ3ZUYXJyemhXMFJPT...
7 KB
8 KB
Document
General
Full URL
https://auth0.ap1.stg.scalar.zf.com/login?state=hKFo2SBBcDdoWFROQVo1ZmJza2YtMVBnX3d4ODZwaHJ6VmU1LaFupWxvZ2luo3RpZNkgVHM0Sjh6TTVjQ21CZXBPRWJ2V29iZ3pJbkxGcmJfeWWjY2lk2SAxQ1RuRWp2b1lSQ3ZUYXJyemhXMFJPTzB4V01zVG84SQ&client=1CTnEjvoYRCvTarrzhW0ROO0xWMsTo8I&protocol=oauth2&audience=UM&scope=openid%20profile%20email%20offline_access&impersonationSessionId=null&redirect_uri=https%3A%2F%2Fservice-portal.ap1.stg.scalar.zf.com%2Fcallback&response_type=code&response_mode=query&nonce=bjl4UkhWVkhaVWN1VnVSLXFTSk5qSTE1WVgzUG8tcXdieU5xSlppRXpMQw%3D%3D&code_challenge=lxXSPGpeue0oJAUviLK1pXk37tliFHZyebcx4zDLbdU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
Requested by
Host: service-portal.ap1.stg.scalar.zf.com
URL: https://service-portal.ap1.stg.scalar.zf.com/odyssey-impersonation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c03b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac4cb97b26041bb926c96dc238ac4b4a55b19149681bebbfdab7eaa651942621
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://service-portal.ap1.stg.scalar.zf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
7c8c521b497a37f8-FRA
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Wed, 17 May 2023 13:48:55 GMT
etag
W/"1c42-P/AFKwKetyItx85pXIZex9nOKAk"
ot-baggage-auth0-request-id
7c8c521b497a37f8
ot-tracer-sampled
true
ot-tracer-spanid
4f3809a90d0df094
ot-tracer-traceid
6c4cb79f0825bc75
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-00000000000000006c4cb79f0825bc75-4f3809a90d0df094-01
tracestate
auth0-request-id=7c8c521b497a37f8,auth0=true
vary
Accept-Encoding
x-auth0-requestid
03c0fa62833ee1e7adad
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1684331336
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
7c8c52186d8b37f8-FRA
content-length
1462
content-type
text/html; charset=utf-8
date
Wed, 17 May 2023 13:48:54 GMT
location
/login?state=hKFo2SBBcDdoWFROQVo1ZmJza2YtMVBnX3d4ODZwaHJ6VmU1LaFupWxvZ2luo3RpZNkgVHM0Sjh6TTVjQ21CZXBPRWJ2V29iZ3pJbkxGcmJfeWWjY2lk2SAxQ1RuRWp2b1lSQ3ZUYXJyemhXMFJPTzB4V01zVG84SQ&client=1CTnEjvoYRCvTarrzhW0ROO0xWMsTo8I&protocol=oauth2&audience=UM&scope=openid%20profile%20email%20offline_access&impersonationSessionId=null&redirect_uri=https%3A%2F%2Fservice-portal.ap1.stg.scalar.zf.com%2Fcallback&response_type=code&response_mode=query&nonce=bjl4UkhWVkhaVWN1VnVSLXFTSk5qSTE1WVgzUG8tcXdieU5xSlppRXpMQw%3D%3D&code_challenge=lxXSPGpeue0oJAUviLK1pXk37tliFHZyebcx4zDLbdU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
ot-baggage-auth0-request-id
7c8c52186d8b37f8
ot-tracer-sampled
true
ot-tracer-spanid
52f4acc949be4910
ot-tracer-traceid
5a985f636c815b96
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-00000000000000005a985f636c815b96-52f4acc949be4910-01
tracestate
auth0-request-id=7c8c52186d8b37f8,auth0=true
vary
Accept, Accept-Encoding
x-auth0-requestid
512364a3d750f377a096
x-content-type-options
nosniff
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1684331335
auth0.min.js
cdn.auth0.com/js/auth0/9.16.0/
156 KB
43 KB
Script
General
Full URL
https://cdn.auth0.com/js/auth0/9.16.0/auth0.min.js
Requested by
Host: auth0.ap1.stg.scalar.zf.com
URL: https://auth0.ap1.stg.scalar.zf.com/login?state=hKFo2SBBcDdoWFROQVo1ZmJza2YtMVBnX3d4ODZwaHJ6VmU1LaFupWxvZ2luo3RpZNkgVHM0Sjh6TTVjQ21CZXBPRWJ2V29iZ3pJbkxGcmJfeWWjY2lk2SAxQ1RuRWp2b1lSQ3ZUYXJyemhXMFJPTzB4V01zVG84SQ&client=1CTnEjvoYRCvTarrzhW0ROO0xWMsTo8I&protocol=oauth2&audience=UM&scope=openid%20profile%20email%20offline_access&impersonationSessionId=null&redirect_uri=https%3A%2F%2Fservice-portal.ap1.stg.scalar.zf.com%2Fcallback&response_type=code&response_mode=query&nonce=bjl4UkhWVkhaVWN1VnVSLXFTSk5qSTE1WVgzUG8tcXdieU5xSlppRXpMQw%3D%3D&code_challenge=lxXSPGpeue0oJAUviLK1pXk37tliFHZyebcx4zDLbdU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e56db6fc2b439569b5553a77f54c661b438d1fc486f9dd4c4047850d5593e6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
qfhNjJUa0y8gOFCVics9gyiaHX4J3oLN
content-encoding
gzip
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
date
Wed, 17 May 2023 06:58:48 GMT
last-modified
Tue, 27 Apr 2021 09:33:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
27264
etag
W/"7eba16d3612e926b8bfbfa470049b345"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2628000,public
x-amz-replication-status
COMPLETED
x-amz-cf-id
6v5ogRo0lWDC5qy7tBchF2pw2x2cXyDXRE6lkB4JPEozHumfASjL7Q==
object-assign.min.js
cdn.auth0.com/js/polyfills/1.0/
278 B
716 B
Script
General
Full URL
https://cdn.auth0.com/js/polyfills/1.0/object-assign.min.js
Requested by
Host: auth0.ap1.stg.scalar.zf.com
URL: https://auth0.ap1.stg.scalar.zf.com/login?state=hKFo2SBBcDdoWFROQVo1ZmJza2YtMVBnX3d4ODZwaHJ6VmU1LaFupWxvZ2luo3RpZNkgVHM0Sjh6TTVjQ21CZXBPRWJ2V29iZ3pJbkxGcmJfeWWjY2lk2SAxQ1RuRWp2b1lSQ3ZUYXJyemhXMFJPTzB4V01zVG84SQ&client=1CTnEjvoYRCvTarrzhW0ROO0xWMsTo8I&protocol=oauth2&audience=UM&scope=openid%20profile%20email%20offline_access&impersonationSessionId=null&redirect_uri=https%3A%2F%2Fservice-portal.ap1.stg.scalar.zf.com%2Fcallback&response_type=code&response_mode=query&nonce=bjl4UkhWVkhaVWN1VnVSLXFTSk5qSTE1WVgzUG8tcXdieU5xSlppRXpMQw%3D%3D&code_challenge=lxXSPGpeue0oJAUviLK1pXk37tliFHZyebcx4zDLbdU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e3281ce824bc83f86243254926e320d7a51fd34e310d76f38ddf5ca4430bcd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
QnBigF9q9VrtNR8TU_yhfoN9BlecmQ2x
date
Wed, 17 May 2023 13:46:42 GMT
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
133
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
278
last-modified
Thu, 08 Jun 2017 20:30:02 GMT
server
AmazonS3
etag
"4dfaafaab07b1c6c2314bfe79a1baa81"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10800,public
accept-ranges
bytes
x-amz-cf-id
odBmRKe0cPAxYk_OIzTBfgEtWt0HkYRCHCz_X3V8yRfLU5uRntP0rA==
/
app-react-login.ap1.stg.scalar.zf.com/ Frame 7B72
2 KB
1 KB
Document
General
Full URL
https://app-react-login.ap1.stg.scalar.zf.com/
Requested by
Host: auth0.ap1.stg.scalar.zf.com
URL: https://auth0.ap1.stg.scalar.zf.com/login?state=hKFo2SBBcDdoWFROQVo1ZmJza2YtMVBnX3d4ODZwaHJ6VmU1LaFupWxvZ2luo3RpZNkgVHM0Sjh6TTVjQ21CZXBPRWJ2V29iZ3pJbkxGcmJfeWWjY2lk2SAxQ1RuRWp2b1lSQ3ZUYXJyemhXMFJPTzB4V01zVG84SQ&client=1CTnEjvoYRCvTarrzhW0ROO0xWMsTo8I&protocol=oauth2&audience=UM&scope=openid%20profile%20email%20offline_access&impersonationSessionId=null&redirect_uri=https%3A%2F%2Fservice-portal.ap1.stg.scalar.zf.com%2Fcallback&response_type=code&response_mode=query&nonce=bjl4UkhWVkhaVWN1VnVSLXFTSk5qSTE1WVgzUG8tcXdieU5xSlppRXpMQw%3D%3D&code_challenge=lxXSPGpeue0oJAUviLK1pXk37tliFHZyebcx4zDLbdU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ffe70bd49e02e242c4efa0e666a58b6b53dac045e3fa1c16b416abe8204c4b1b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 17 May 2023 13:48:56 GMT
etag
W/"a35790400600e3134ffe911dba66ed41"
last-modified
Wed, 15 Feb 2023 09:58:37 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-id
c77ZV38vbUbkBpfPo5ppjnZcVGR-rluF0z2xjcwt10vt8QEw1w2KHA==
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Miss from cloudfront
runtime.min.js
cdn.jsdelivr.net/npm/regenerator-runtime@0.13.9/ Frame 7B72
7 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/regenerator-runtime@0.13.9/runtime.min.js
Requested by
Host: app-react-login.ap1.stg.scalar.zf.com
URL: https://app-react-login.ap1.stg.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b1ff87b9f2bd4d7a3a95b21b68cba8db293658f4eb4f0e9c7cd4f2add04d029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-react-login.ap1.stg.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 13:48:56 GMT
x-content-type-options
nosniff
content-encoding
br
age
3127918
x-jsd-version
0.13.9
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2766
x-served-by
cache-fra-eddf8230089-FRA, cache-gig2250031-GIG
x-jsd-version-type
version
etag
W/"1ae3-ibe1HprTKwRP7P1b6jzPCqQJUrE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
single-spa.min.js
cdn.jsdelivr.net/npm/single-spa@5.9.4/lib/system/ Frame 7B72
20 KB
7 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/single-spa@5.9.4/lib/system/single-spa.min.js
Requested by
Host: app-react-login.ap1.stg.scalar.zf.com
URL: https://app-react-login.ap1.stg.scalar.zf.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fda24b7112d59c7417df5bd735ebc7c4bf22c68fc6403497f35dd5245ef04371
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app-react-login.ap1.stg.scalar.zf.com/
Origin
https://app-react-login.ap1.stg.scalar.zf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 13:48:56 GMT
x-content-type-options
nosniff
content-encoding
br
age
655477
x-jsd-version
5.9.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6770
x-served-by
cache-fra-eddf8230073-FRA, cache-gig2250032-GIG
x-jsd-version-type
version
etag
W/"5059-2wiyzGMvQ5lqQS+Z7/KQHjyi1Ac"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
system.min.js
cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/ Frame 7B72
11 KB
5 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Requested by
Host: app-react-login.ap1.stg.scalar.zf.com
URL: https://app-react-login.ap1.stg.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
faf458dcada028341e6c98a52f71067328fb710a51d0f3acb69df9dbe93619af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-react-login.ap1.stg.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 13:48:56 GMT
x-content-type-options
nosniff
content-encoding
br
age
1918256
x-jsd-version
6.8.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4684
x-served-by
cache-fra-eddf8230042-FRA, cache-gig2250031-GIG
x-jsd-version-type
version
etag
W/"2d8f-vNLePrR3zcdZpnqBy/hzJsUTIac"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
react.production.min.js
cdn.jsdelivr.net/npm/@esm-bundle/react@17.0.2/system/ Frame 7B72
8 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@esm-bundle/react@17.0.2/system/react.production.min.js
Requested by
Host: app-react-login.ap1.stg.scalar.zf.com
URL: https://app-react-login.ap1.stg.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4b1eb1c992584e7a508ff7fdc0c9336d28094ba37297f5ebb13eb7ed6b0aec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-react-login.ap1.stg.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 13:48:56 GMT
x-content-type-options
nosniff
content-encoding
br
age
1324442
x-jsd-version
17.0.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3195
x-served-by
cache-fra-eddf8230132-FRA, cache-gig2250031-GIG
x-jsd-version-type
version
etag
W/"1ed7-19ED8fJUsYfb1XHfBtnJlmkPsho"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
react-dom.production.min.js
cdn.jsdelivr.net/npm/@esm-bundle/react-dom@17.0.2/system/ Frame 7B72
121 KB
41 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@esm-bundle/react-dom@17.0.2/system/react-dom.production.min.js
Requested by
Host: app-react-login.ap1.stg.scalar.zf.com
URL: https://app-react-login.ap1.stg.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3180c58f59c9554382e8ebeb3501c96180d080cd1e5606922cadcc4a817f29fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-react-login.ap1.stg.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 13:48:56 GMT
x-content-type-options
nosniff
content-encoding
br
age
1329346
x-jsd-version
17.0.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
41635
x-served-by
cache-fra-eddf8230056-FRA, cache-gig2250031-GIG
x-jsd-version-type
version
etag
W/"1e55e-A4RlH26ISPVcxyoQT2BYZfkqPAU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
odyssey-login.js
app-react-login.ap1.stg.scalar.zf.com/ Frame 7B72
5 MB
996 KB
Script
General
Full URL
https://app-react-login.ap1.stg.scalar.zf.com/odyssey-login.js
Requested by
Host: app-react-login.ap1.stg.scalar.zf.com
URL: https://app-react-login.ap1.stg.scalar.zf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e4d1658d47514a2a611832ebc19fc397630e8b05f8385eee5ba4edc6db9f4c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-react-login.ap1.stg.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
date
Wed, 17 May 2023 13:48:57 GMT
last-modified
Wed, 15 Feb 2023 09:48:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
etag
W/"562a2a475d6042d511db54b61e0213d8"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-cf-id
BtIiUCByLi2uf_qs494C--f3hHAivRbd5IhGVT9taLWp6cG-jxXH-A==
.js
app-react-login.ap1.stg.scalar.zf.com/ Frame 7B72
2 KB
1 KB
Script
General
Full URL
https://app-react-login.ap1.stg.scalar.zf.com/.js
Requested by
Host: app-react-login.ap1.stg.scalar.zf.com
URL: https://app-react-login.ap1.stg.scalar.zf.com/odyssey-login.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ffe70bd49e02e242c4efa0e666a58b6b53dac045e3fa1c16b416abe8204c4b1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-react-login.ap1.stg.scalar.zf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 13:48:59 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Wed, 15 Feb 2023 09:58:37 GMT
server
AmazonS3
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/"a35790400600e3134ffe911dba66ed41"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html
x-amz-cf-id
mCxIf8xOJ1T3nTNI2cg0c0uMUKCLqsb9QiP7KI18F_yoPCzYyVROOA==
NotoSans-Bold.ttf
app-react-login.ap1.stg.scalar.zf.com/assets/fonts/ Frame 7B72
389 KB
390 KB
Font
General
Full URL
https://app-react-login.ap1.stg.scalar.zf.com/assets/fonts/NotoSans-Bold.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9a6bd489df560f7a925b43d5b48d4536fa24589332e53702b63fc0072898f86

Request headers

Referer
https://app-react-login.ap1.stg.scalar.zf.com/
Origin
https://app-react-login.ap1.stg.scalar.zf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 13:48:58 GMT
x-amz-version-id
null
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
398652
last-modified
Wed, 15 Feb 2023 09:48:26 GMT
server
AmazonS3
etag
"98f0cacc6bb63b64b98aac7cac082d27"
access-control-max-age
3600
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
https://app-react-login.ap1.stg.scalar.zf.com
access-control-expose-headers
ETag, Access-Control-Allow-Origin
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
SenYrWxi5aGObgUGUoW26C1papAC2YqJPKIrURuYWjQ-5cBKQDBPPw==
NotoSans-Regular.ttf
app-react-login.ap1.stg.scalar.zf.com/assets/fonts/ Frame 7B72
390 KB
391 KB
Font
General
Full URL
https://app-react-login.ap1.stg.scalar.zf.com/assets/fonts/NotoSans-Regular.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ddeaed07f6483f7831b23faa32cf85a04c3406eb4bb2925530894805a05d4fb

Request headers

Referer
https://app-react-login.ap1.stg.scalar.zf.com/
Origin
https://app-react-login.ap1.stg.scalar.zf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 13:48:58 GMT
x-amz-version-id
null
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
398968
last-modified
Wed, 15 Feb 2023 09:48:26 GMT
server
AmazonS3
etag
"5a87cce84010f7cea085ae218d44a64b"
access-control-max-age
3600
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
https://app-react-login.ap1.stg.scalar.zf.com
access-control-expose-headers
ETag, Access-Control-Allow-Origin
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
dFNfhcOub-x8frVfDB4efXpDDIJfDOe5lsuF5shdbSJml7A9YFOiIg==

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| auth0

5 Cookies

Domain/Path Name / Value
auth0.ap1.stg.scalar.zf.com/usernamepassword/login Name: _csrf
Value: 2blFsFk1UH7xblOckA1KxvpR
auth0.ap1.stg.scalar.zf.com/ Name: did
Value: s%3Av0%3A906468a0-f4b9-11ed-9e32-3b3c42b82195.LhwlcDQ78PZniwfrPN9JaB8LdM7OqyO3oUTFuRbfunA
auth0.ap1.stg.scalar.zf.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQPJFm5I4mKNyg5WdsTY4mwk_pfoWbWNGsOMFna56xvjvsl91EsY1ALytnukYRhWkyDi6c3MaZ9neRlb18GFxLIGmY29va2llg6dleHBpcmVz1_-tVI8AZGjPxq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.n%2Fx8yBDaJcM9QEJlIrAiJNbklhTfpYQMSTZgLX45AmY
auth0.ap1.stg.scalar.zf.com/ Name: did_compat
Value: s%3Av0%3A906468a0-f4b9-11ed-9e32-3b3c42b82195.LhwlcDQ78PZniwfrPN9JaB8LdM7OqyO3oUTFuRbfunA
auth0.ap1.stg.scalar.zf.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQPJFm5I4mKNyg5WdsTY4mwk_pfoWbWNGsOMFna56xvjvsl91EsY1ALytnukYRhWkyDi6c3MaZ9neRlb18GFxLIGmY29va2llg6dleHBpcmVz1_-tVI8AZGjPxq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.n%2Fx8yBDaJcM9QEJlIrAiJNbklhTfpYQMSTZgLX45AmY

1 Console Messages

Source Level URL
Text
network error
Message:
The script has an unsupported MIME type ('text/html').