urlscan.io logo urlscan.io
SecurityTrails logo

staging-auth.estrack.com Open in urlscan Pro
2606:4700::6811:ffb6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://staging-procurement.estrack.com/
Effective URL: https://staging-auth.estrack.com/login?state=hKFo2SBVVEtZcE0yMGFPb0lBLXJuQ2hQSm9RWVdKQmp0N0pPaqFupWxvZ2luo3RpZNkgNXRYM2xOVmRLMW5M...
Submission: On July 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 12 HTTP transactions. The main IP is 2606:4700::6811:ffb6, located in United States and belongs to CLOUDFLARENET, US. The main domain is staging-auth.estrack.com.
TLS certificate: Issued by E6 on June 16th 2024. Valid for: 3 months.
This is the only time staging-auth.estrack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 76.76.21.9 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.189.49 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.245.46.20 16509 (AMAZON-02)
2 52.73.21.157 14618 (AMAZON-AES)
12 8
3    76.76.21.9 (Walnut, United States)

ASN16509 (AMAZON-02, US)
staging-procurement.estrack.com
2    2606:4700::6811:ffb6 (United States)

ASN13335 (CLOUDFLARENET, US)
staging-auth.estrack.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.224.189.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-49.fra2.r.cloudfront.net
widget.intercom.io
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    18.245.46.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-20.fra56.r.cloudfront.net
js.intercomcdn.com
2    52.73.21.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-21-157.compute-1.amazonaws.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
5 estrack.com
staging-procurement.estrack.com
staging-auth.estrack.com
956 KB
3 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 5248
api-iam.intercom.io — Cisco Umbrella Rank: 5405
8 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 8400
283 KB
1 gstatic.com
fonts.gstatic.com
46 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 108
1 KB
12 5
Domain Requested by
3 staging-procurement.estrack.com staging-procurement.estrack.com
2 api-iam.intercom.io js.intercomcdn.com
2 js.intercomcdn.com widget.intercom.io
2 staging-auth.estrack.com 1 redirects staging-procurement.estrack.com
1 fonts.gstatic.com fonts.googleapis.com
1 widget.intercom.io staging-auth.estrack.com
1 fonts.googleapis.com staging-auth.estrack.com
12 7

This site contains no links.

Subject Issuer Validity Valid
staging-procurement.estrack.com
R11		 2024-07-10 -
2024-10-08		 3 months crt.sh
staging-auth.estrack.com
E6		 2024-06-16 -
2024-09-14		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh

This page contains 2 frames:

Primary Page: https://staging-auth.estrack.com/login?state=hKFo2SBVVEtZcE0yMGFPb0lBLXJuQ2hQSm9RWVdKQmp0N0pPaqFupWxvZ2luo3RpZNkgNXRYM2xOVmRLMW5MZFRrQmlJN0JmLVRNQjlUcHg3OVWjY2lk2SBub2IycDk1QVMzN0owbnhUbzZQN3czendLN0JlZmlheg&client=nob2p95AS37J0nxTo6P7w3zwK7Befiaz&protocol=oauth2&scope=openid%20profile%20email&audience=https%3A%2F%2Fstaging-api.equipmentshare.com&redirect_uri=https%3A%2F%2Fstaging-procurement.estrack.com&response_type=code&response_mode=query&nonce=WWZkZ0hQVGhhVi1GVE80MH5HcGN3ZV9lQnB0emxHVkQzcnQ1eE9DTS5KNQ%3D%3D&code_challenge=1ETnri-jjtgSOR6kf2QkUPde8sIY8Fur0e3rnPFnLj8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjQifQ%3D%3D
Frame ID: 0FB93AFC1C8A81096D357F43D9FA89D5
Requests: 8 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.f7784b9d.js
Frame ID: 0113223B001DCF85113BD5AFEBAECB20
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in | T3

Page URL History Show full URLs

  1. https://staging-procurement.estrack.com/ Page URL
  2. https://staging-auth.estrack.com/authorize?client_id=nob2p95AS37J0nxTo6P7w3zwK7Befiaz&scope=openid+profile+em... HTTP 302
    https://staging-auth.estrack.com/login?state=hKFo2SBVVEtZcE0yMGFPb0lBLXJuQ2hQSm9RWVdKQmp0N0pPaqFupWxvZ2luo3Rp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

12
Requests

92 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

8
IPs

2
Countries

1292 kB
Transfer

2243 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://staging-procurement.estrack.com/ Page URL
  2. https://staging-auth.estrack.com/authorize?client_id=nob2p95AS37J0nxTo6P7w3zwK7Befiaz&scope=openid+profile+email&audience=https%3A%2F%2Fstaging-api.equipmentshare.com&redirect_uri=https%3A%2F%2Fstaging-procurement.estrack.com&response_type=code&response_mode=query&state=NGdkLUNGWUlwYU93Y3NKQnNYcH5wVEhieDh5cVNHemt%2BQUNLY2FBWUpIQQ%3D%3D&nonce=WWZkZ0hQVGhhVi1GVE80MH5HcGN3ZV9lQnB0emxHVkQzcnQ1eE9DTS5KNQ%3D%3D&code_challenge=1ETnri-jjtgSOR6kf2QkUPde8sIY8Fur0e3rnPFnLj8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjQifQ%3D%3D HTTP 302
    https://staging-auth.estrack.com/login?state=hKFo2SBVVEtZcE0yMGFPb0lBLXJuQ2hQSm9RWVdKQmp0N0pPaqFupWxvZ2luo3RpZNkgNXRYM2xOVmRLMW5MZFRrQmlJN0JmLVRNQjlUcHg3OVWjY2lk2SBub2IycDk1QVMzN0owbnhUbzZQN3czendLN0JlZmlheg&client=nob2p95AS37J0nxTo6P7w3zwK7Befiaz&protocol=oauth2&scope=openid%20profile%20email&audience=https%3A%2F%2Fstaging-api.equipmentshare.com&redirect_uri=https%3A%2F%2Fstaging-procurement.estrack.com&response_type=code&response_mode=query&nonce=WWZkZ0hQVGhhVi1GVE80MH5HcGN3ZV9lQnB0emxHVkQzcnQ1eE9DTS5KNQ%3D%3D&code_challenge=1ETnri-jjtgSOR6kf2QkUPde8sIY8Fur0e3rnPFnLj8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjQifQ%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
staging-procurement.estrack.com/ 		577 B
806 B 		Document
General
Check archive.org
Download Go to
Full URL
https://staging-procurement.estrack.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.9 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
52533811d6a033587e89685c737e13393e83cfaac642eba8f154a1c702b325a1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
611
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-length
577
content-type
text/html; charset=utf-8
date
Wed, 10 Jul 2024 12:45:41 GMT
etag
"f2a52bcc28b39e394526e728aaa992ab"
server
Vercel
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
x-vercel-id
fra1::sf9bs-1720615541923-233263a791ed
index-CNsV-FF7.js
staging-procurement.estrack.com/assets/ 		433 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging-procurement.estrack.com/assets/index-CNsV-FF7.js
Requested by
Host: staging-procurement.estrack.com
URL: https://staging-procurement.estrack.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.9 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f8f5126271f61472ce65a9e42d2921b96f44276cf2a67e1026df03cb442a264f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://staging-procurement.estrack.com/
Origin
https://staging-procurement.estrack.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:45:42 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::f229d-1720615542011-3691cdee4618
age
0
etag
W/"816c1210f5e146ac601d815ac3fb0d83"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="index-CNsV-FF7.js"
favicon.png
staging-procurement.estrack.com/ 		499 B
632 B 		Other
General
Check archive.org
Download Go to
Full URL
https://staging-procurement.estrack.com/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.9 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://staging-procurement.estrack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:45:42 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::xdnm9-1720615542547-23d46d9cf498
age
0
etag
"c98b4e23c1d242aefe744d6706502894"
x-vercel-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="favicon.png"
accept-ranges
bytes
content-length
499
Primary Request login
staging-auth.estrack.com/
Redirect Chain
  • https://staging-auth.estrack.com/authorize?client_id=nob2p95AS37J0nxTo6P7w3zwK7Befiaz&scope=openid+profile+email&audience=https%3A%2F%2Fstaging-api.equipmentshare.com&redirect_uri=https%3A%2F%2Fsta...
  • https://staging-auth.estrack.com/login?state=hKFo2SBVVEtZcE0yMGFPb0lBLXJuQ2hQSm9RWVdKQmp0N0pPaqFupWxvZ2luo3RpZNkgNXRYM2xOVmRLMW5MZFRrQmlJN0JmLVRNQjlUcHg3OVWjY2lk2SBub2IycDk1QVMzN0owbnhUbzZQN3czendL...
804 KB
805 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://staging-auth.estrack.com/login?state=hKFo2SBVVEtZcE0yMGFPb0lBLXJuQ2hQSm9RWVdKQmp0N0pPaqFupWxvZ2luo3RpZNkgNXRYM2xOVmRLMW5MZFRrQmlJN0JmLVRNQjlUcHg3OVWjY2lk2SBub2IycDk1QVMzN0owbnhUbzZQN3czendLN0JlZmlheg&client=nob2p95AS37J0nxTo6P7w3zwK7Befiaz&protocol=oauth2&scope=openid%20profile%20email&audience=https%3A%2F%2Fstaging-api.equipmentshare.com&redirect_uri=https%3A%2F%2Fstaging-procurement.estrack.com&response_type=code&response_mode=query&nonce=WWZkZ0hQVGhhVi1GVE80MH5HcGN3ZV9lQnB0emxHVkQzcnQ1eE9DTS5KNQ%3D%3D&code_challenge=1ETnri-jjtgSOR6kf2QkUPde8sIY8Fur0e3rnPFnLj8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjQifQ%3D%3D
Requested by
Host: staging-procurement.estrack.com
URL: https://staging-procurement.estrack.com/assets/index-CNsV-FF7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ffb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d5e7d38f98a52233fe4c804edc291d9e59763f2ee15b4766077fd30e3ea9e46
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://staging-procurement.estrack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8a10a70a7a02911e-FRA
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Wed, 10 Jul 2024 12:45:43 GMT
etag
W/"c8ec3-OEfYhT5NzMlnPFOch0G1u41qD/0"
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-requestid
c9ddcc807e5a5d2ab712
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1720615544
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8a10a705ec30911e-FRA
content-length
1420
content-type
text/html; charset=utf-8
date
Wed, 10 Jul 2024 12:45:43 GMT
location
/login?state=hKFo2SBVVEtZcE0yMGFPb0lBLXJuQ2hQSm9RWVdKQmp0N0pPaqFupWxvZ2luo3RpZNkgNXRYM2xOVmRLMW5MZFRrQmlJN0JmLVRNQjlUcHg3OVWjY2lk2SBub2IycDk1QVMzN0owbnhUbzZQN3czendLN0JlZmlheg&client=nob2p95AS37J0nxTo6P7w3zwK7Befiaz&protocol=oauth2&scope=openid%20profile%20email&audience=https%3A%2F%2Fstaging-api.equipmentshare.com&redirect_uri=https%3A%2F%2Fstaging-procurement.estrack.com&response_type=code&response_mode=query&nonce=WWZkZ0hQVGhhVi1GVE80MH5HcGN3ZV9lQnB0emxHVkQzcnQ1eE9DTS5KNQ%3D%3D&code_challenge=1ETnri-jjtgSOR6kf2QkUPde8sIY8Fur0e3rnPFnLj8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjQifQ%3D%3D
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-requestid
4bbe56171caab8bc2b48
x-content-type-options
nosniff
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1720615544
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap
Requested by
Host: staging-auth.estrack.com
URL: https://staging-auth.estrack.com/login?state=hKFo2SBVVEtZcE0yMGFPb0lBLXJuQ2hQSm9RWVdKQmp0N0pPaqFupWxvZ2luo3RpZNkgNXRYM2xOVmRLMW5MZFRrQmlJN0JmLVRNQjlUcHg3OVWjY2lk2SBub2IycDk1QVMzN0owbnhUbzZQN3czendLN0JlZmlheg&client=nob2p95AS37J0nxTo6P7w3zwK7Befiaz&protocol=oauth2&scope=openid%20profile%20email&audience=https%3A%2F%2Fstaging-api.equipmentshare.com&redirect_uri=https%3A%2F%2Fstaging-procurement.estrack.com&response_type=code&response_mode=query&nonce=WWZkZ0hQVGhhVi1GVE80MH5HcGN3ZV9lQnB0emxHVkQzcnQ1eE9DTS5KNQ%3D%3D&code_challenge=1ETnri-jjtgSOR6kf2QkUPde8sIY8Fur0e3rnPFnLj8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjQifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ae6e4decd4fb974b41b2f37fa7b19c7a1c9b80127dd45be4bc24702c7145a4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jul 2024 12:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jul 2024 11:40:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jul 2024 12:45:43 GMT
cc3wvy5y
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/cc3wvy5y
Requested by
Host: staging-auth.estrack.com
URL: https://staging-auth.estrack.com/login?state=hKFo2SBVVEtZcE0yMGFPb0lBLXJuQ2hQSm9RWVdKQmp0N0pPaqFupWxvZ2luo3RpZNkgNXRYM2xOVmRLMW5MZFRrQmlJN0JmLVRNQjlUcHg3OVWjY2lk2SBub2IycDk1QVMzN0owbnhUbzZQN3czendLN0JlZmlheg&client=nob2p95AS37J0nxTo6P7w3zwK7Befiaz&protocol=oauth2&scope=openid%20profile%20email&audience=https%3A%2F%2Fstaging-api.equipmentshare.com&redirect_uri=https%3A%2F%2Fstaging-procurement.estrack.com&response_type=code&response_mode=query&nonce=WWZkZ0hQVGhhVi1GVE80MH5HcGN3ZV9lQnB0emxHVkQzcnQ1eE9DTS5KNQ%3D%3D&code_challenge=1ETnri-jjtgSOR6kf2QkUPde8sIY8Fur0e3rnPFnLj8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjQifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-49.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76e7b2d33ce8ad3ebb4f76c8670460c184f97bba1cabb82941d78382c943a596

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
fuoiAX.T4qXY_qaOJ_f4t_x3PXjwQIDL
content-encoding
gzip
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
date
Wed, 10 Jul 2024 12:39:17 GMT
x-amz-cf-pop
FRA2-C1
age
503
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2670
last-modified
Wed, 10 Jul 2024 11:13:52 GMT
server
AmazonS3
etag
"3e09b02457a9f0cdce970591baf83328"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
Xw2aXLdIP0I3MMSUoXHNFOyYZvYlN2HX4Iuv0k3hfkPSVblO25fo6A==
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://staging-auth.estrack.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:36:02 GMT
x-content-type-options
nosniff
age
97782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:36:02 GMT
3eab41cf-a6d1-4387-9c8b-a3a868e48f3a
https://staging-auth.estrack.com/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://staging-auth.estrack.com/3eab41cf-a6d1-4387-9c8b-a3a868e48f3a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
601061b5869c32cdb00ac1ed2227ed2223a85cf3f8378089bd9d1a0986726cdf

Request headers

Referer
https://staging-auth.estrack.com/login?state=hKFo2SBVVEtZcE0yMGFPb0lBLXJuQ2hQSm9RWVdKQmp0N0pPaqFupWxvZ2luo3RpZNkgNXRYM2xOVmRLMW5MZFRrQmlJN0JmLVRNQjlUcHg3OVWjY2lk2SBub2IycDk1QVMzN0owbnhUbzZQN3czendLN0JlZmlheg&client=nob2p95AS37J0nxTo6P7w3zwK7Befiaz&protocol=oauth2&scope=openid%20profile%20email&audience=https%3A%2F%2Fstaging-api.equipmentshare.com&redirect_uri=https%3A%2F%2Fstaging-procurement.estrack.com&response_type=code&response_mode=query&nonce=WWZkZ0hQVGhhVi1GVE80MH5HcGN3ZV9lQnB0emxHVkQzcnQ1eE9DTS5KNQ%3D%3D&code_challenge=1ETnri-jjtgSOR6kf2QkUPde8sIY8Fur0e3rnPFnLj8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjQifQ%3D%3D
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
25813
Content-Type
frame-modern.f7784b9d.js
js.intercomcdn.com/ Frame 0113 		458 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.f7784b9d.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/cc3wvy5y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d397f3b09d89a65f1c945935a6560bafcf3250e02610cba2a30383c22dfe7c1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 11:13:55 GMT
content-encoding
gzip
via
1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront)
x-amz-version-id
UHtJnHgVmBXG2wmwu1_q7p2b5jnfPpE0
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
5510
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
141017
last-modified
Wed, 10 Jul 2024 11:11:16 GMT
server
AmazonS3
etag
"474c98470e640755365500b524a52675"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
dxY3KgRF_l2TLJ17-4_gvn1Tw7fh7zDEA5cgMjEDthAzyVEodISd2g==
vendor-modern.bc52aebd.js
js.intercomcdn.com/ Frame 0113 		455 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.bc52aebd.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/cc3wvy5y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eea9f67534400ce075ffffb3d0f45c43300e6c6e244d5b566dca5fedb480e087
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Mw1h9i8Md7P3qjd15fFHiY3cqmFJcVuL
content-encoding
gzip
via
1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront)
date
Wed, 10 Jul 2024 11:17:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
5275
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
147287
last-modified
Thu, 04 Jul 2024 09:15:11 GMT
server
AmazonS3
etag
"045ab66ea0acdc79774f2aae33a45b67"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
LChjJvRMIWxsT0sFDDNe4S8lOKpuITME3myTAUDfBGxm04cUxQ8aUg==
ping
api-iam.intercom.io/messenger/web/ Frame 0113 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f7784b9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.73.21.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-21-157.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2619c357e85ae6d35dae16e2d81c391e560ce4846d2350179a3ebf406b31ad2e
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 10 Jul 2024 12:45:45 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-011440775d96793f5
status
200 OK
x-xss-protection
1; mode=block
x-request-id
00050543saap2tqjreig
x-runtime
0.338981
server
nginx
etag
W/"2619c357e85ae6d35dae16e2d81c391e"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://staging-auth.estrack.com
x-intercom-version
c9827e0e1cd57b0436f994ca91bcf933ae78da4a
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
ping
api-iam.intercom.io/messenger/web/ Frame 0113 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f7784b9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.73.21.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-21-157.compute-1.amazonaws.com
Software
nginx /
Resource Hash
742b066360c82bfa5d65e3256fab66a1ea23b8700e7b3d73acd2073beefde405
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 10 Jul 2024 12:45:45 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-011440775d96793f5
status
200 OK
x-xss-protection
1; mode=block
x-request-id
00052k32hgg2jgnq2kp0
x-runtime
0.294486
server
nginx
etag
W/"742b066360c82bfa5d65e3256fab66a1"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://staging-auth.estrack.com
x-intercom-version
c9827e0e1cd57b0436f994ca91bcf933ae78da4a
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| intercomSettings function| Intercom object| DD_RUM function| __intercomAssignLocation function| __intercomReloadLocation

9 Cookies

Domain/Path Name / Value
staging-auth.estrack.com/usernamepassword/login Name: _csrf
Value: QiHlAnKd9vRc_E01FgixD0C4
staging-auth.estrack.com/ Name: did
Value: s%3Av0%3Aaf1c0d77-ae3a-4087-8b2e-b0f795532e8c.Rq%2Brx5mY9CzVGFegBSJ5x33ZzvM%2FH%2BbFrhbKhBgUAdA
staging-auth.estrack.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQDF9ZG33wQYfiknTxhX6HWCK3wg8fSkbuW594V5kM_JgGj_-ilppvuOwiY9R9XMeYzIaYnECRowvNv-Z3GV_0l2mY29va2llg6dleHBpcmVz1_9LVxwAZpJ2965vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.Iiysc%2Bv5NI0MeoTeviTCf1sLqTVFCnkYBLZMSHQRp1o
staging-auth.estrack.com/ Name: did_compat
Value: s%3Av0%3Aaf1c0d77-ae3a-4087-8b2e-b0f795532e8c.Rq%2Brx5mY9CzVGFegBSJ5x33ZzvM%2FH%2BbFrhbKhBgUAdA
staging-auth.estrack.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQDF9ZG33wQYfiknTxhX6HWCK3wg8fSkbuW594V5kM_JgGj_-ilppvuOwiY9R9XMeYzIaYnECRowvNv-Z3GV_0l2mY29va2llg6dleHBpcmVz1_9LVxwAZpJ2965vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.Iiysc%2Bv5NI0MeoTeviTCf1sLqTVFCnkYBLZMSHQRp1o
.estrack.com/ Name: intercom-id-cc3wvy5y
Value: 28ef00db-48d0-4017-940d-d778e0ee2f34
.estrack.com/ Name: intercom-session-cc3wvy5y
Value:
.estrack.com/ Name: intercom-device-id-cc3wvy5y
Value: 99b45fd7-e9ec-45ee-8f08-4ae1a2033f7a
staging-auth.estrack.com/ Name: _dd_s
Value: rum=1&id=0d57613d-89d1-4bf6-9f33-272d76172600&created=1720615544144&expire=1720616444144

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000