urlscan.io logo urlscan.io
SecurityTrails logo

110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de Open in urlscan Pro
89.58.7.229  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
Effective URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/auth
Submission: On September 22 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 22 HTTP transactions. The main IP is 89.58.7.229, located in Germany and belongs to NETCUP-AS netcup GmbH, DE. The main domain is 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de.
TLS certificate: Issued by R3 on September 22nd 2022. Valid for: 3 months.
This is the only time 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 89.58.7.229 197540 (NETCUP-AS...)
7 2a03:4000:21:... 197540 (NETCUP-AS...)
22 3
Domain Requested by
14 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
7 backend.staging.giro-e.de 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
22 2

This site contains no links.

Subject Issuer Validity Valid
le-110.backend-ui.gitlab.k8s.next-site.de
R3		 2022-09-22 -
2022-12-21		 3 months crt.sh
backend.staging.giro-e.de
R3		 2022-08-13 -
2022-11-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/auth
Frame ID: B21657FBB80C2AE5DE864AC6A194EB40
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login | Giro-e

Page URL History Show full URLs

  1. https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/ Page URL
  2. https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/auth Page URL

Page Statistics

22
Requests

95 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

2319 kB
Transfer

2310 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/ Page URL
  2. https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/auth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.58.7.229 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
pea2.sectio-aurea.org
Software
/
Resource Hash
27f9db27345c8806cef9e97e7f7f1c8eddd11331df52523515f0ff514cdeb7da
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html
date
Thu, 22 Sep 2022 12:13:27 GMT
etag
W/"632c50f6-5c2"
last-modified
Thu, 22 Sep 2022 12:11:34 GMT
strict-transport-security
max-age=15724800; includeSubDomains
webapp.46abb9c7.mjs
110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/ 		887 KB
889 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/webapp.46abb9c7.mjs
Requested by
Host: 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.58.7.229 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
pea2.sectio-aurea.org
Software
/
Resource Hash
448b93b2ae870c7400e671eccd277fe701f5922eb4585d4c19122805d1d1ef26
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
Origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:13:27 GMT
last-modified
Thu, 22 Sep 2022 12:11:34 GMT
accept-ranges
bytes
etag
"632c50f6-ddbe2"
content-length
908258
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
jwtHelpers.2c8e1ee5.chunk.mjs
110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/ 		700 KB
702 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/jwtHelpers.2c8e1ee5.chunk.mjs
Requested by
Host: 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.58.7.229 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
pea2.sectio-aurea.org
Software
/
Resource Hash
5a71bf4ec36dd3b2dea8995ab9b8c2c0803232416e1597bcbcc3271be97d1d6a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/webapp.46abb9c7.mjs
Origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:13:27 GMT
last-modified
Thu, 22 Sep 2022 12:11:34 GMT
accept-ranges
bytes
etag
"632c50f6-aef9c"
content-length
716700
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
inject-css.73bbb0ed.chunk.mjs
110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/ 		753 B
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/inject-css.73bbb0ed.chunk.mjs
Requested by
Host: 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.58.7.229 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
pea2.sectio-aurea.org
Software
/
Resource Hash
1dadfc54a4e0cfb512bcb37f3f8726dab777f78376509dda4d80bc5bb5ee82ef
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/webapp.46abb9c7.mjs
Origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:13:27 GMT
last-modified
Thu, 22 Sep 2022 12:11:34 GMT
accept-ranges
bytes
etag
"632c50f6-2f1"
content-length
753
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
translation.yml
110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/static/locales/de/ 		44 B
231 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/static/locales/de/translation.yml
Requested by
Host: 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/webapp.46abb9c7.mjs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.58.7.229 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
pea2.sectio-aurea.org
Software
/
Resource Hash
9940171bd51db89e38a3eb8fe32d72d59f24f18f0b4773cb15c6a3807442a46f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:13:27 GMT
last-modified
Thu, 22 Sep 2022 12:11:34 GMT
accept-ranges
bytes
etag
"632c50f6-2c"
content-length
44
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/octet-stream
translation.yml
110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/static/locales/en/ 		42 B
229 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/static/locales/en/translation.yml
Requested by
Host: 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/webapp.46abb9c7.mjs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.58.7.229 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
pea2.sectio-aurea.org
Software
/
Resource Hash
52f87875370e30282a4389844e96a272a21f9ab52d6fde2a9b946354db5dbca1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:13:27 GMT
last-modified
Thu, 22 Sep 2022 12:11:34 GMT
accept-ranges
bytes
etag
"632c50f6-2a"
content-length
42
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/octet-stream
common.yml
110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/static/locales/en/ 		5 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/static/locales/en/common.yml
Requested by
Host: 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/webapp.46abb9c7.mjs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.58.7.229 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
pea2.sectio-aurea.org
Software
/
Resource Hash
16bf04cc7b21d2f9ec08447030053887a53c272656b62800bda91fcee1fb8e88
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:13:27 GMT
last-modified
Thu, 22 Sep 2022 12:11:34 GMT
accept-ranges
bytes
etag
"632c50f6-15bc"
content-length
5564
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/octet-stream
common.yml
110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/static/locales/de/ 		7 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/static/locales/de/common.yml
Requested by
Host: 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/webapp.46abb9c7.mjs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.58.7.229 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
pea2.sectio-aurea.org
Software
/
Resource Hash
7d8aa88daeda0049e324e08439c0f58a7f6611816412b722dc929f11ca75fac2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:13:27 GMT
last-modified
Thu, 22 Sep 2022 12:11:34 GMT
accept-ranges
bytes
etag
"632c50f6-1b4e"
content-length
6990
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/octet-stream
logout
backend.staging.giro-e.de/api/client/auth/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://backend.staging.giro-e.de/api/client/auth/logout
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:4000:21:69::1 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization
access-control-allow-methods
GET,OPTIONS,POST,PUT,PATCH,DELETE
access-control-allow-origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
access-control-max-age
600
allow
POST, OPTIONS
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 22 Sep 2022 12:13:28 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Origin
refresh
backend.staging.giro-e.de/api/client/auth/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://backend.staging.giro-e.de/api/client/auth/refresh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:4000:21:69::1 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization
access-control-allow-methods
GET,OPTIONS,POST,PUT,PATCH,DELETE
access-control-allow-origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
access-control-max-age
600
allow
POST, OPTIONS
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 22 Sep 2022 12:13:28 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Origin
logout
backend.staging.giro-e.de/api/client/auth/ 		86 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://backend.staging.giro-e.de/api/client/auth/logout
Requested by
Host: 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/jwtHelpers.2c8e1ee5.chunk.mjs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:4000:21:69::1 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 22 Sep 2022 12:13:28 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Origin
access-control-allow-methods
GET,OPTIONS,POST,PUT,PATCH,DELETE
content-type
application/json
access-control-allow-origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
access-control-max-age
600
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization
content-length
86
refresh
backend.staging.giro-e.de/api/client/auth/ 		86 B
398 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://backend.staging.giro-e.de/api/client/auth/refresh
Requested by
Host: 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/jwtHelpers.2c8e1ee5.chunk.mjs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:4000:21:69::1 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 22 Sep 2022 12:13:28 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Origin
access-control-allow-methods
GET,OPTIONS,POST,PUT,PATCH,DELETE
content-type
application/json
access-control-allow-origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
access-control-max-age
600
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization
content-length
86
Primary Request auth
110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/auth
Requested by
Host: 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/webapp.46abb9c7.mjs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.58.7.229 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
pea2.sectio-aurea.org
Software
/
Resource Hash
1feed7e33e6f12ee4fabc8361b6a0714ef3a5b6daa996f9aa5bee42ca8f1b25c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html
date
Thu, 22 Sep 2022 12:13:28 GMT
etag
W/"632c50f6-b86"
last-modified
Thu, 22 Sep 2022 12:11:34 GMT
strict-transport-security
max-age=15724800; includeSubDomains
logout
backend.staging.giro-e.de/api/client/auth/ 		0
0
logout
backend.staging.giro-e.de/api/client/auth/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://backend.staging.giro-e.de/api/client/auth/logout
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:4000:21:69::1 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization
access-control-allow-methods
GET,OPTIONS,POST,PUT,PATCH,DELETE
access-control-allow-origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
access-control-max-age
600
allow
POST, OPTIONS
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 22 Sep 2022 12:13:28 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Origin
auth.7aa9ce0d.mjs
110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/auth.7aa9ce0d.mjs
Requested by
Host: 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/auth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.58.7.229 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
pea2.sectio-aurea.org
Software
/
Resource Hash
426459a34e672ae7282f986cf824b28c5db388b0344c18043537d57b41e9a2c0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/auth
Origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:13:28 GMT
last-modified
Thu, 22 Sep 2022 12:11:34 GMT
accept-ranges
bytes
etag
"632c50f6-a82"
content-length
2690
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
jwtHelpers.2c8e1ee5.chunk.mjs
110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/ 		700 KB
702 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/jwtHelpers.2c8e1ee5.chunk.mjs
Requested by
Host: 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.58.7.229 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
pea2.sectio-aurea.org
Software
/
Resource Hash
5a71bf4ec36dd3b2dea8995ab9b8c2c0803232416e1597bcbcc3271be97d1d6a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/auth.7aa9ce0d.mjs
Origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:13:28 GMT
last-modified
Thu, 22 Sep 2022 12:11:34 GMT
accept-ranges
bytes
etag
"632c50f6-aef9c"
content-length
716700
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
auth.aa102197.chunk.mjs
110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/auth.aa102197.chunk.mjs
Requested by
Host: 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.58.7.229 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
pea2.sectio-aurea.org
Software
/
Resource Hash
4bec2c32667edbd6609eabe492feba58916c73c02ec80a1514c55b728d7b65b6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/auth.7aa9ce0d.mjs
Origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:13:28 GMT
last-modified
Thu, 22 Sep 2022 12:11:34 GMT
accept-ranges
bytes
etag
"632c50f6-837"
content-length
2103
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
showPasswordToggle.427208a9.chunk.mjs
110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/ 		387 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/showPasswordToggle.427208a9.chunk.mjs
Requested by
Host: 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.58.7.229 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
pea2.sectio-aurea.org
Software
/
Resource Hash
29cb97df87e737cf1438b890e531fa5aa6ecfd5da078dde33cf059d00b8353e6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/auth.7aa9ce0d.mjs
Origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:13:28 GMT
last-modified
Thu, 22 Sep 2022 12:11:34 GMT
accept-ranges
bytes
etag
"632c50f6-183"
content-length
387
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
inject-css.73bbb0ed.chunk.mjs
110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/ 		753 B
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/inject-css.73bbb0ed.chunk.mjs
Requested by
Host: 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.58.7.229 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
pea2.sectio-aurea.org
Software
/
Resource Hash
1dadfc54a4e0cfb512bcb37f3f8726dab777f78376509dda4d80bc5bb5ee82ef
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/auth.7aa9ce0d.mjs
Origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:13:28 GMT
last-modified
Thu, 22 Sep 2022 12:11:34 GMT
accept-ranges
bytes
etag
"632c50f6-2f1"
content-length
753
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
refresh
backend.staging.giro-e.de/api/client/auth/ 		86 B
397 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://backend.staging.giro-e.de/api/client/auth/refresh
Requested by
Host: 110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
URL: https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/js/jwtHelpers.2c8e1ee5.chunk.mjs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:4000:21:69::1 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9d3165aa1cce1a99591d7820092d3c3810279f89156c2634463edeea7782405a

Request headers

Referer
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 22 Sep 2022 12:13:28 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Origin
access-control-allow-methods
GET,OPTIONS,POST,PUT,PATCH,DELETE
content-type
application/json
access-control-allow-origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
access-control-max-age
600
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization
content-length
86
refresh
backend.staging.giro-e.de/api/client/auth/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://backend.staging.giro-e.de/api/client/auth/refresh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:4000:21:69::1 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization
access-control-allow-methods
GET,OPTIONS,POST,PUT,PATCH,DELETE
access-control-allow-origin
https://110-review-creditcard-ahs3xm.backend-ui.gitlab.k8s.next-site.de
access-control-max-age
600
allow
POST, OPTIONS
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 22 Sep 2022 12:13:28 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
backend.staging.giro-e.de
URL
https://backend.staging.giro-e.de/api/client/auth/logout

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: https://backend.staging.giro-e.de/api/client/auth/refresh
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://backend.staging.giro-e.de/api/client/auth/logout
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://backend.staging.giro-e.de/api/client/auth/refresh
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains