auth0.eu1.dev.scalar.zf.com Open in urlscan Pro
2606:4700::6813:9813 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app-react-customer-portal.eu1.dev.scalar.zf.com/
Effective URL:
https://auth0.eu1.dev.scalar.zf.com/login?state=hKFo2SBtZFYtV3BuOG5qM1MyOFdGdEJDTFlHeHY5d0JBV3lGTKFupWxvZ2luo3RpZNkgTjZvRG4tanh0eFlQ...
Submission: On June 03 via automatic, source certstream-suspicious (June 3rd 2024, 11:12:58 pm UTC) — Scanned from DE

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 3 domains to perform 31 HTTP transactions. The main IP is 2606:4700::6813:9813, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth0.eu1.dev.scalar.zf.com.
TLS certificate: Issued by E1 on April 18th 2024. Valid for: 3 months.

This is the only time auth0.eu1.dev.scalar.zf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	3.161.119.15 3.161.119.15	16509 (AMAZON-02) (AMAZON-02)
16	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1 2	2606:4700::68... 2606:4700::6813:9813	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:235... 2600:9000:2359:8000:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
4	3.161.119.87 3.161.119.87	16509 (AMAZON-02) (AMAZON-02)
1	104.19.152.19 104.19.152.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.208.222.177 52.208.222.177	16509 (AMAZON-02) (AMAZON-02)
31	8

2 3.161.119.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-119-15.vie50.r.cloudfront.net

app-react-customer-portal.eu1.dev.scalar.zf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9813 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

auth0.eu1.dev.scalar.zf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2359:8000:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.161.119.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-119-87.vie50.r.cloudfront.net

app-react-login.eu1.dev.scalar.zf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.152.19 (None, )

ASN13335 (CLOUDFLARENET, US)

auth0.eu1.dev.scalar.zf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.208.222.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-222-177.eu-west-1.compute.amazonaws.com

unleash-dev.euwe1.shared-dev.cvcs.zf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 426	83 KB
13	zf.com 1 redirects app-react-customer-portal.eu1.dev.scalar.zf.com auth0.eu1.dev.scalar.zf.com app-react-login.eu1.dev.scalar.zf.com unleash-dev.euwe1.shared-dev.cvcs.zf.com	2 MB
2	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 9956	43 KB
31	3

	Domain	Requested by
16	cdn.jsdelivr.net	app-react-customer-portal.eu1.dev.scalar.zf.com cdn.jsdelivr.net app-react-login.eu1.dev.scalar.zf.com
4	unleash-dev.euwe1.shared-dev.cvcs.zf.com	app-react-login.eu1.dev.scalar.zf.com
4	app-react-login.eu1.dev.scalar.zf.com	auth0.eu1.dev.scalar.zf.com cdn.jsdelivr.net
3	auth0.eu1.dev.scalar.zf.com	1 redirects app-react-customer-portal.eu1.dev.scalar.zf.com
2	cdn.auth0.com	auth0.eu1.dev.scalar.zf.com
2	app-react-customer-portal.eu1.dev.scalar.zf.com	cdn.jsdelivr.net
31	6

This site contains no links.

Subject Issuer	Validity	Valid
app-react-customer-portal.eu1.dev.scalar.zf.com Amazon RSA 2048 M02	`2024-06-03` - `2025-07-02`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
auth0.eu1.dev.scalar.zf.com E1	`2024-04-18` - `2024-07-17`	3 months	crt.sh
*.auth0.com Amazon RSA 2048 M03	`2024-01-25` - `2025-02-22`	a year	crt.sh
app-react-login.eu1.dev.scalar.zf.com Amazon RSA 2048 M03	`2024-02-29` - `2025-03-30`	a year	crt.sh
euwe1.shared-dev.cvcs.zf.com Amazon RSA 2048 M03	`2024-05-15` - `2025-06-14`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://auth0.eu1.dev.scalar.zf.com/login?state=hKFo2SBtZFYtV3BuOG5qM1MyOFdGdEJDTFlHeHY5d0JBV3lGTKFupWxvZ2luo3RpZNkgTjZvRG4tanh0eFlQRGRGQ2l5SVlQRHI0SmFLLWdPS3WjY2lk2SAwVENDdGMyeHoyNDdmelVHU29ySnlJeFkydG5XYXlHVg&client=0TCCtc2xz247fzUGSorJyIxY2tnWayGV&protocol=oauth2&audience=UM&scope=openid%20profile%20email%20offline_access&redirect_uri=https%3A%2F%2Fapp-react-customer-portal.eu1.dev.scalar.zf.com%2Fcallback&response_type=code&response_mode=query&nonce=aE9Ed2x1dEpOSkp3blkuYk41dW5YU3VIRVJQSmtSZ2lmeEJ1ZktZc3FaTA%3D%3D&code_challenge=2pVZjXTvIAm0f3JLNHf_I4vc30xW0i8lOlVu_IDrlys&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
Frame ID: 436754840EAA02BDEE1D57F5F0A605B0
Requests: 15 HTTP requests in this frame

Frame: https://app-react-login.eu1.dev.scalar.zf.com/
Frame ID: 73C15ECB40F510A48FC1D9F2332D97E1
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

https://app-react-customer-portal.eu1.dev.scalar.zf.com/ Page URL
https://auth0.eu1.dev.scalar.zf.com/authorize?audience=UM&scope=openid%20profile%20email%20offline_access&client... HTTP 302
https://auth0.eu1.dev.scalar.zf.com/login?state=hKFo2SBtZFYtV3BuOG5qM1MyOFdGdEJDTFlHeHY5d0JBV3lGTKFupWxvZ2luo3Rp... Page URL

Detected technologies

Auth0 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/auth0(?:-js)?/([\d.]+)/auth0(?:.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

31
Requests

97 %
HTTPS

43 %
IPv6

3
Domains

6
Subdomains

8
IPs

3
Countries

2291 kB
Transfer

6418 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://app-react-customer-portal.eu1.dev.scalar.zf.com/ Page URL
https://auth0.eu1.dev.scalar.zf.com/authorize?audience=UM&scope=openid%20profile%20email%20offline_access&client_id=0TCCtc2xz247fzUGSorJyIxY2tnWayGV&redirect_uri=https%3A%2F%2Fapp-react-customer-portal.eu1.dev.scalar.zf.com%2Fcallback&response_type=code&response_mode=query&state=c183emF0U2tOVWNiVmoyZVNLZDNTbEp0eUlGYWptRWhDYW4tQUpkdHlIXw%3D%3D&nonce=aE9Ed2x1dEpOSkp3blkuYk41dW5YU3VIRVJQSmtSZ2lmeEJ1ZktZc3FaTA%3D%3D&code_challenge=2pVZjXTvIAm0f3JLNHf_I4vc30xW0i8lOlVu_IDrlys&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D HTTP 302
https://auth0.eu1.dev.scalar.zf.com/login?state=hKFo2SBtZFYtV3BuOG5qM1MyOFdGdEJDTFlHeHY5d0JBV3lGTKFupWxvZ2luo3RpZNkgTjZvRG4tanh0eFlQRGRGQ2l5SVlQRHI0SmFLLWdPS3WjY2lk2SAwVENDdGMyeHoyNDdmelVHU29ySnlJeFkydG5XYXlHVg&client=0TCCtc2xz247fzUGSorJyIxY2tnWayGV&protocol=oauth2&audience=UM&scope=openid%20profile%20email%20offline_access&redirect_uri=https%3A%2F%2Fapp-react-customer-portal.eu1.dev.scalar.zf.com%2Fcallback&response_type=code&response_mode=query&nonce=aE9Ed2x1dEpOSkp3blkuYk41dW5YU3VIRVJQSmtSZ2lmeEJ1ZktZc3FaTA%3D%3D&code_challenge=2pVZjXTvIAm0f3JLNHf_I4vc30xW0i8lOlVu_IDrlys&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
app-react-customer-portal.eu1.dev.scalar.zf.com/ 6 KB
2 KB 252ms
51ms Document
text/html 3.161.119.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app-react-customer-portal.eu1.dev.scalar.zf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.119.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-119-15.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

328d494af725fac1931755c271119e82e6e59362a2d733786c06503707bd07aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .scalar.zf.com .walkme.com .auth0.com; frame-src https: blob: .zf.com; default-src 'self' .jsdelivr.net .cdn.walkme.com .zf.com; img-src 'self' data: blob: https: .walkmeusercontent.com; script-src 'self' https: blob: 'wasm-unsafe-eval' 'unsafe-eval' .jsdelivr.net 'unsafe-inline' .zf.com .walkme.com .mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 20957
cache-control: no-cache
content-encoding: gzip
content-security-policy: frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: blob: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
content-type: text/html
date: Mon, 03 Jun 2024 17:23:37 GMT
etag: W/"479378adec615bf0a23a00218952ff3d"
last-modified: Mon, 03 Jun 2024 11:07:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 50755d2085d3b2c5c8cb4d6cb8bd7d3e.cloudfront.net (CloudFront)
x-amz-cf-id: oCBMrd4antJ1hMFUY75v2JGIKhsPQjO9UD6ASWIPljldPhH7cwRl9g==
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runtime.min.js Show response
cdn.jsdelivr.net/npm/regenerator-runtime@0.13.9/ 7 KB
3 KB 24ms
8ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/regenerator-runtime@0.13.9/runtime.min.js

Requested by

Host: app-react-customer-portal.eu1.dev.scalar.zf.com
URL: https://app-react-customer-portal.eu1.dev.scalar.zf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

77d19549a305065ee52b2d568eba337536662830e5dd139a3968e2d0bc52c744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-customer-portal.eu1.dev.scalar.zf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jun 2024 23:12:53 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2314650
x-jsd-version: 0.13.9
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2754
x-served-by: cache-fra-eddf8230044-FRA
x-jsd-version-type: version
etag: W/"1ae4-Na/OzxhfKa/jJwFIAaPghVpVc6A"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 react.production.min.js Show response
cdn.jsdelivr.net/npm/react@18.2.0/umd/ 10 KB
5 KB 22ms
6ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react@18.2.0/umd/react.production.min.js

Requested by

Host: app-react-customer-portal.eu1.dev.scalar.zf.com
URL: https://app-react-customer-portal.eu1.dev.scalar.zf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-customer-portal.eu1.dev.scalar.zf.com/
Origin: https://app-react-customer-portal.eu1.dev.scalar.zf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jun 2024 23:12:53 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2231303
x-jsd-version: 18.2.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4465
x-served-by: cache-fra-eddf8230145-FRA
x-jsd-version-type: version
etag: W/"29f1-mAiaM9DPL6Sz4bqbfuubi6Csgqc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 react-dom.production.min.js Show response
cdn.jsdelivr.net/npm/react-dom@18.2.0/umd/ 129 KB
44 KB 22ms
7ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react-dom@18.2.0/umd/react-dom.production.min.js

Requested by

Host: app-react-customer-portal.eu1.dev.scalar.zf.com
URL: https://app-react-customer-portal.eu1.dev.scalar.zf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-customer-portal.eu1.dev.scalar.zf.com/
Origin: https://app-react-customer-portal.eu1.dev.scalar.zf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jun 2024 23:12:53 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2231303
x-jsd-version: 18.2.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 44592
x-served-by: cache-fra-eddf8230145-FRA
x-jsd-version-type: version
etag: W/"2032a-UG2RAMqgcABaiQvUlt5kxDfW0Ag"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 single-spa.min.js Show response
cdn.jsdelivr.net/npm/single-spa@5.9.4/lib/system/ 20 KB
7 KB 28ms
13ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/single-spa@5.9.4/lib/system/single-spa.min.js

Requested by

Host: app-react-customer-portal.eu1.dev.scalar.zf.com
URL: https://app-react-customer-portal.eu1.dev.scalar.zf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fda24b7112d59c7417df5bd735ebc7c4bf22c68fc6403497f35dd5245ef04371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-customer-portal.eu1.dev.scalar.zf.com/
Origin: https://app-react-customer-portal.eu1.dev.scalar.zf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jun 2024 23:12:53 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2228343
x-jsd-version: 5.9.4
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6770
x-served-by: cache-fra-eddf8230145-FRA
x-jsd-version-type: version
etag: W/"5059-2wiyzGMvQ5lqQS+Z7/KQHjyi1Ac"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 system.min.js Show response
cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/ 11 KB
5 KB 23ms
7ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js

Requested by

Host: app-react-customer-portal.eu1.dev.scalar.zf.com
URL: https://app-react-customer-portal.eu1.dev.scalar.zf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

faf458dcada028341e6c98a52f71067328fb710a51d0f3acb69df9dbe93619af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-customer-portal.eu1.dev.scalar.zf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jun 2024 23:12:53 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1641896
x-jsd-version: 6.8.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4684
x-served-by: cache-fra-eddf8230044-FRA
x-jsd-version-type: version
etag: W/"2d8f-vNLePrR3zcdZpnqBy/hzJsUTIac"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rxjs.min.js Show response
cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/ 3 KB
1 KB 25ms
9ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/rxjs.min.js

Requested by

Host: app-react-customer-portal.eu1.dev.scalar.zf.com
URL: https://app-react-customer-portal.eu1.dev.scalar.zf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d192aa00fbdb4e8c6cfe3fe8b2e6a8bc7a698c97a573ecd3a46fd61bb700e649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-customer-portal.eu1.dev.scalar.zf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jun 2024 23:12:53 GMT
x-content-type-options: nosniff
content-encoding: br
age: 494298
x-jsd-version: 7.5.6
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1316
x-served-by: cache-fra-eddf8230044-FRA
x-jsd-version-type: version
etag: W/"aba-MaEu2eoP0/qi2oATNbBoSWrEgFc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dynamic-import-maps.min.js Show response
cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/extras/ 354 B
339 B 24ms
9ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/extras/dynamic-import-maps.min.js

Requested by

Host: app-react-customer-portal.eu1.dev.scalar.zf.com
URL: https://app-react-customer-portal.eu1.dev.scalar.zf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6b8ec92b367409b8582f1032174e2acd5d22015d7d02a3518a73de6c21567845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-customer-portal.eu1.dev.scalar.zf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jun 2024 23:12:53 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1784624
x-jsd-version: 6.8.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 259
x-served-by: cache-fra-eddf8230044-FRA
x-jsd-version-type: version
etag: W/"162-7IttC8OHmH3HMUpyWgXWu4SoUgg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rxjs-shared.min.js Show response
cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/ 56 KB
19 KB 7ms
6ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/rxjs-shared.min.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

26ce59e48bcb1b23ffdfdf53651a48af724a47d33387995bffef77287c87dd4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-customer-portal.eu1.dev.scalar.zf.com/
Origin: https://app-react-customer-portal.eu1.dev.scalar.zf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jun 2024 23:12:53 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2384159
x-jsd-version: 7.5.6
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18851
x-served-by: cache-fra-eddf8230145-FRA
x-jsd-version-type: version
etag: W/"e041-1jJI+n1cXvopoxxWhSiMkIIF+/k"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 odyssey-customer-portal.js Show response
app-react-customer-portal.eu1.dev.scalar.zf.com/ 3 MB
827 KB 61ms
60ms Script
application/javascript 3.161.119.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app-react-customer-portal.eu1.dev.scalar.zf.com/odyssey-customer-portal.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.119.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-119-15.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8d5411098d0e2fadbbb5bedd894bdefb592b645cfb3913abbc0c28f7855f047a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .scalar.zf.com .walkme.com .auth0.com; frame-src https: blob: .zf.com; default-src 'self' .jsdelivr.net .cdn.walkme.com .zf.com; img-src 'self' data: blob: https: .walkmeusercontent.com; script-src 'self' https: blob: 'wasm-unsafe-eval' 'unsafe-eval' .jsdelivr.net 'unsafe-inline' .zf.com .walkme.com .mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-customer-portal.eu1.dev.scalar.zf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:12:29 GMT
x-amz-version-id: null
content-encoding: gzip
content-security-policy: frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: blob: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
via: 1.1 50755d2085d3b2c5c8cb4d6cb8bd7d3e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: VIE50-P2
age: 10825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Jun 2024 11:07:10 GMT
server: AmazonS3
etag: W/"03fe8ae3dbc05e1c2b4a928d4f91a2be"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: WQH4jK68me1qb2eluyyASFjEp1l-umOARDLWqoRIXnVqoQ-BobLESA==

GET favicon.ico
app-react-customer-portal.eu1.dev.scalar.zf.com/ 0
0

GET
H2

200

Primary Request login Show response
auth0.eu1.dev.scalar.zf.com/
Redirect Chain

https://auth0.eu1.dev.scalar.zf.com/authorize?audience=UM&scope=openid%20profile%20email%20offline_access&client_id=0TCCtc2xz247fzUGSorJyIxY2tnWayGV&redirect_uri=https%3A%2F%2Fapp-react-customer-po...
https://auth0.eu1.dev.scalar.zf.com/login?state=hKFo2SBtZFYtV3BuOG5qM1MyOFdGdEJDTFlHeHY5d0JBV3lGTKFupWxvZ2luo3RpZNkgTjZvRG4tanh0eFlQRGRGQ2l5SVlQRHI0SmFLLWdPS3WjY2lk2SAwVENDdGMyeHoyNDdmelVHU29ySnlJe...

7 KB
7 KB

83ms
82ms

Document
text/html

2606:4700::6813:9813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth0.eu1.dev.scalar.zf.com/login?state=hKFo2SBtZFYtV3BuOG5qM1MyOFdGdEJDTFlHeHY5d0JBV3lGTKFupWxvZ2luo3RpZNkgTjZvRG4tanh0eFlQRGRGQ2l5SVlQRHI0SmFLLWdPS3WjY2lk2SAwVENDdGMyeHoyNDdmelVHU29ySnlJeFkydG5XYXlHVg&client=0TCCtc2xz247fzUGSorJyIxY2tnWayGV&protocol=oauth2&audience=UM&scope=openid%20profile%20email%20offline_access&redirect_uri=https%3A%2F%2Fapp-react-customer-portal.eu1.dev.scalar.zf.com%2Fcallback&response_type=code&response_mode=query&nonce=aE9Ed2x1dEpOSkp3blkuYk41dW5YU3VIRVJQSmtSZ2lmeEJ1ZktZc3FaTA%3D%3D&code_challenge=2pVZjXTvIAm0f3JLNHf_I4vc30xW0i8lOlVu_IDrlys&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D

Requested by

Host: app-react-customer-portal.eu1.dev.scalar.zf.com
URL: https://app-react-customer-portal.eu1.dev.scalar.zf.com/odyssey-customer-portal.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65eb442ccaf73888b1d53ac58d4fb102dee28590bcd3f698cb23a32767093bf8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://app-react-customer-portal.eu1.dev.scalar.zf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 88e35edfaa361cbf-FRA
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Mon, 03 Jun 2024 23:12:53 GMT
etag: W/"1b26-AnVzi2NOfCgkJfSAWCV8yGGkLT4"
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-auth0-requestid: ad96112dbdfd2248c17e
x-content-type-options: nosniff
x-frame-options: deny
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1717456374
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 88e35edef9711cbf-FRA
content-length: 1420
content-type: text/html; charset=utf-8
date: Mon, 03 Jun 2024 23:12:53 GMT
location: /login?state=hKFo2SBtZFYtV3BuOG5qM1MyOFdGdEJDTFlHeHY5d0JBV3lGTKFupWxvZ2luo3RpZNkgTjZvRG4tanh0eFlQRGRGQ2l5SVlQRHI0SmFLLWdPS3WjY2lk2SAwVENDdGMyeHoyNDdmelVHU29ySnlJeFkydG5XYXlHVg&client=0TCCtc2xz247fzUGSorJyIxY2tnWayGV&protocol=oauth2&audience=UM&scope=openid%20profile%20email%20offline_access&redirect_uri=https%3A%2F%2Fapp-react-customer-portal.eu1.dev.scalar.zf.com%2Fcallback&response_type=code&response_mode=query&nonce=aE9Ed2x1dEpOSkp3blkuYk41dW5YU3VIRVJQSmtSZ2lmeEJ1ZktZc3FaTA%3D%3D&code_challenge=2pVZjXTvIAm0f3JLNHf_I4vc30xW0i8lOlVu_IDrlys&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-auth0-requestid: 29babc9220a4b1b24294
x-content-type-options: nosniff
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1717456374

GET
H2 200 auth0.min.js Show response
cdn.auth0.com/js/auth0/9.16.0/ 156 KB
42 KB 55ms
10ms Script
application/javascript 2600:9000:2359:8000:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/js/auth0/9.16.0/auth0.min.js

Requested by

Host: auth0.eu1.dev.scalar.zf.com
URL: https://auth0.eu1.dev.scalar.zf.com/login?state=hKFo2SBtZFYtV3BuOG5qM1MyOFdGdEJDTFlHeHY5d0JBV3lGTKFupWxvZ2luo3RpZNkgTjZvRG4tanh0eFlQRGRGQ2l5SVlQRHI0SmFLLWdPS3WjY2lk2SAwVENDdGMyeHoyNDdmelVHU29ySnlJeFkydG5XYXlHVg&client=0TCCtc2xz247fzUGSorJyIxY2tnWayGV&protocol=oauth2&audience=UM&scope=openid%20profile%20email%20offline_access&redirect_uri=https%3A%2F%2Fapp-react-customer-portal.eu1.dev.scalar.zf.com%2Fcallback&response_type=code&response_mode=query&nonce=aE9Ed2x1dEpOSkp3blkuYk41dW5YU3VIRVJQSmtSZ2lmeEJ1ZktZc3FaTA%3D%3D&code_challenge=2pVZjXTvIAm0f3JLNHf_I4vc30xW0i8lOlVu_IDrlys&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:8000:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4e56db6fc2b439569b5553a77f54c661b438d1fc486f9dd4c4047850d5593e6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: qfhNjJUa0y8gOFCVics9gyiaHX4J3oLN
content-encoding: gzip
via: 1.1 7ccd3c44ed70cdb4cd40f0ff29b1254c.cloudfront.net (CloudFront)
date: Mon, 03 Jun 2024 08:52:02 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 51652
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 27 Apr 2021 09:33:51 GMT
server: AmazonS3
etag: W/"7eba16d3612e926b8bfbfa470049b345"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2628000,public
x-robots-tag: noindex
x-amz-cf-id: C9RpuR4J6Ton37TVSJroRs7WUq3tlMNhJUE1kID5DA1KA1HiLkhSXA==

GET
H2 200 object-assign.min.js Show response
cdn.auth0.com/js/polyfills/1.0/ 278 B
801 B 52ms
7ms Script
application/javascript 2600:9000:2359:8000:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/js/polyfills/1.0/object-assign.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:8000:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2e3281ce824bc83f86243254926e320d7a51fd34e310d76f38ddf5ca4430bcd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: QnBigF9q9VrtNR8TU_yhfoN9BlecmQ2x
date: Mon, 03 Jun 2024 22:54:34 GMT
via: 1.1 7ccd3c44ed70cdb4cd40f0ff29b1254c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 1100
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 278
last-modified: Thu, 08 Jun 2017 20:30:02 GMT
server: AmazonS3
etag: "4dfaafaab07b1c6c2314bfe79a1baa81"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800,public
accept-ranges: bytes
x-robots-tag: noindex
x-amz-cf-id: K9GS-AYkWKLVW_0YJtEV7Y5n4b6HzxwPiWaw3XtcHDrtc20eijuHdA==

GET
H2 200 / Show response
app-react-login.eu1.dev.scalar.zf.com/ Frame 73C1 7 KB
2 KB 198ms
33ms Document
text/html 3.161.119.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app-react-login.eu1.dev.scalar.zf.com/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.119.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-119-87.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7365e71d68cd1c50742c9d388c5469fd8e7444a637160fff510f9f7a85494101

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .scalar.zf.com .walkme.com .auth0.com; frame-src https: blob: .zf.com; default-src 'self' .jsdelivr.net .cdn.walkme.com .zf.com; img-src 'self' data: blob: https: .walkmeusercontent.com; script-src 'self' https: blob: 'wasm-unsafe-eval' 'unsafe-eval' .jsdelivr.net 'unsafe-inline' .zf.com .walkme.com .mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 46602
cache-control: no-cache
content-encoding: br
content-security-policy: frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: blob: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
content-type: text/html
date: Mon, 03 Jun 2024 10:16:13 GMT
etag: W/"721c46d327030a6063852845cf822cbe"
last-modified: Mon, 03 Jun 2024 10:11:21 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 a68f672083a9ba296839aa3223adfa76.cloudfront.net (CloudFront)
x-amz-cf-id: D3SL7yk_5geLu0AjB4ZpgKylOhGSHjBKbxL5e2t7OHe4DVIFUd_UGw==
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runtime.min.js Show response
cdn.jsdelivr.net/npm/regenerator-runtime@0.13.9/ Frame 73C1 7 KB
0 0ms
0ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/regenerator-runtime@0.13.9/runtime.min.js

Requested by

Host: app-react-login.eu1.dev.scalar.zf.com
URL: https://app-react-login.eu1.dev.scalar.zf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

77d19549a305065ee52b2d568eba337536662830e5dd139a3968e2d0bc52c744

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-login.eu1.dev.scalar.zf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 23:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2314650
x-jsd-version: 0.13.9
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2754
x-served-by: cache-fra-eddf8230044-FRA
x-jsd-version-type: version
etag: W/"1ae4-Na/OzxhfKa/jJwFIAaPghVpVc6A"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 react.production.min.js Show response
cdn.jsdelivr.net/npm/react@18.2.0/umd/ Frame 73C1 10 KB
0 1ms
1ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react@18.2.0/umd/react.production.min.js

Requested by

Host: app-react-login.eu1.dev.scalar.zf.com
URL: https://app-react-login.eu1.dev.scalar.zf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-login.eu1.dev.scalar.zf.com/
Origin: https://app-react-login.eu1.dev.scalar.zf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 23:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2231303
x-jsd-version: 18.2.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4465
x-served-by: cache-fra-eddf8230145-FRA
x-jsd-version-type: version
etag: W/"29f1-mAiaM9DPL6Sz4bqbfuubi6Csgqc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 react-dom.production.min.js Show response
cdn.jsdelivr.net/npm/react-dom@18.2.0/umd/ Frame 73C1 129 KB
0 1ms
1ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react-dom@18.2.0/umd/react-dom.production.min.js

Requested by

Host: app-react-login.eu1.dev.scalar.zf.com
URL: https://app-react-login.eu1.dev.scalar.zf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-login.eu1.dev.scalar.zf.com/
Origin: https://app-react-login.eu1.dev.scalar.zf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 23:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2231303
x-jsd-version: 18.2.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 44592
x-served-by: cache-fra-eddf8230145-FRA
x-jsd-version-type: version
etag: W/"2032a-UG2RAMqgcABaiQvUlt5kxDfW0Ag"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 single-spa.min.js Show response
cdn.jsdelivr.net/npm/single-spa@5.9.4/lib/system/ Frame 73C1 20 KB
0 3ms
3ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/single-spa@5.9.4/lib/system/single-spa.min.js

Requested by

Host: app-react-login.eu1.dev.scalar.zf.com
URL: https://app-react-login.eu1.dev.scalar.zf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fda24b7112d59c7417df5bd735ebc7c4bf22c68fc6403497f35dd5245ef04371

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-login.eu1.dev.scalar.zf.com/
Origin: https://app-react-login.eu1.dev.scalar.zf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 23:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2228343
x-jsd-version: 5.9.4
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6770
x-served-by: cache-fra-eddf8230145-FRA
x-jsd-version-type: version
etag: W/"5059-2wiyzGMvQ5lqQS+Z7/KQHjyi1Ac"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 system.min.js Show response
cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/ Frame 73C1 11 KB
0 3ms
3ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js

Requested by

Host: app-react-login.eu1.dev.scalar.zf.com
URL: https://app-react-login.eu1.dev.scalar.zf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

faf458dcada028341e6c98a52f71067328fb710a51d0f3acb69df9dbe93619af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-login.eu1.dev.scalar.zf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 23:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1641896
x-jsd-version: 6.8.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4684
x-served-by: cache-fra-eddf8230044-FRA
x-jsd-version-type: version
etag: W/"2d8f-vNLePrR3zcdZpnqBy/hzJsUTIac"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rxjs.min.js Show response
cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/ Frame 73C1 3 KB
0 4ms
4ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/rxjs.min.js

Requested by

Host: app-react-login.eu1.dev.scalar.zf.com
URL: https://app-react-login.eu1.dev.scalar.zf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d192aa00fbdb4e8c6cfe3fe8b2e6a8bc7a698c97a573ecd3a46fd61bb700e649

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-login.eu1.dev.scalar.zf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 23:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 494298
x-jsd-version: 7.5.6
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1316
x-served-by: cache-fra-eddf8230044-FRA
x-jsd-version-type: version
etag: W/"aba-MaEu2eoP0/qi2oATNbBoSWrEgFc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dynamic-import-maps.min.js Show response
cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/extras/ Frame 73C1 354 B
0 5ms
5ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/extras/dynamic-import-maps.min.js

Requested by

Host: app-react-login.eu1.dev.scalar.zf.com
URL: https://app-react-login.eu1.dev.scalar.zf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6b8ec92b367409b8582f1032174e2acd5d22015d7d02a3518a73de6c21567845

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-login.eu1.dev.scalar.zf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 23:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1784624
x-jsd-version: 6.8.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 259
x-served-by: cache-fra-eddf8230044-FRA
x-jsd-version-type: version
etag: W/"162-7IttC8OHmH3HMUpyWgXWu4SoUgg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rxjs-shared.min.js Show response
cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/ Frame 73C1 56 KB
0 0ms
0ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@esm-bundle/rxjs@7.5.6/system/es2015/rxjs-shared.min.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

26ce59e48bcb1b23ffdfdf53651a48af724a47d33387995bffef77287c87dd4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-login.eu1.dev.scalar.zf.com/
Origin: https://app-react-login.eu1.dev.scalar.zf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 23:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2384159
x-jsd-version: 7.5.6
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18851
x-served-by: cache-fra-eddf8230145-FRA
x-jsd-version-type: version
etag: W/"e041-1jJI+n1cXvopoxxWhSiMkIIF+/k"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 odyssey-login.js Show response
app-react-login.eu1.dev.scalar.zf.com/ Frame 73C1 2 MB
542 KB 53ms
52ms Script
application/javascript 3.161.119.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app-react-login.eu1.dev.scalar.zf.com/odyssey-login.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.119.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-119-87.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

94badd8145dc15f3393ae3ef848b1c1d9654d2c55f8a216de80073706e465e15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .scalar.zf.com .walkme.com .auth0.com; frame-src https: blob: .zf.com; default-src 'self' .jsdelivr.net .cdn.walkme.com .zf.com; img-src 'self' data: blob: https: .walkmeusercontent.com; script-src 'self' https: blob: 'wasm-unsafe-eval' 'unsafe-eval' .jsdelivr.net 'unsafe-inline' .zf.com .walkme.com .mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-login.eu1.dev.scalar.zf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 10:16:16 GMT
x-amz-version-id: null
content-encoding: br
content-security-policy: frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: blob: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
via: 1.1 a68f672083a9ba296839aa3223adfa76.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: VIE50-P2
age: 46599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Jun 2024 10:11:21 GMT
server: AmazonS3
etag: W/"fa014f96f5992463244bef7cc3c8dd7b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: DOQEkIIckw9RosodeT-dpGj-OlMuhVKBjs8WXIeMVQayDNEpO5qS3w==

GET
H3 404 favicon.ico
auth0.eu1.dev.scalar.zf.com/ 9 B
506 B 72ms
71ms Other
text/plain 104.19.152.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth0.eu1.dev.scalar.zf.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://auth0.eu1.dev.scalar.zf.com/login?state=hKFo2SBtZFYtV3BuOG5qM1MyOFdGdEJDTFlHeHY5d0JBV3lGTKFupWxvZ2luo3RpZNkgTjZvRG4tanh0eFlQRGRGQ2l5SVlQRHI0SmFLLWdPS3WjY2lk2SAwVENDdGMyeHoyNDdmelVHU29ySnlJeFkydG5XYXlHVg&client=0TCCtc2xz247fzUGSorJyIxY2tnWayGV&protocol=oauth2&audience=UM&scope=openid%20profile%20email%20offline_access&redirect_uri=https%3A%2F%2Fapp-react-customer-portal.eu1.dev.scalar.zf.com%2Fcallback&response_type=code&response_mode=query&nonce=aE9Ed2x1dEpOSkp3blkuYk41dW5YU3VIRVJQSmtSZ2lmeEJ1ZktZc3FaTA%3D%3D&code_challenge=2pVZjXTvIAm0f3JLNHf_I4vc30xW0i8lOlVu_IDrlys&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 23:12:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-auth0-not-found: 1
cf-cache-status: EXPIRED
x-auth0-requestid: f69468957541a8c2af62
server: cloudflare
x-content-type-options: nosniff
etag: W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: public, max-age=300
cf-ray: 88e35ee41be15d82-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9

OPTIONS
H2 204 proxy
unleash-dev.euwe1.shared-dev.cvcs.zf.com/ Frame 0
0 148ms
29ms Preflight 52.208.222.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unleash-dev.euwe1.shared-dev.cvcs.zf.com/proxy?sessionId=1-hoedje-van-alu&appName=Login&environment=1-Dev&userId=happycorp&properties%5Borganization%5D=happycorp&properties%5Buser%5D=1-hoedje-van-alu&properties%5Bcountry%5D=Germany
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.222.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-222-177.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,if-none-match
Access-Control-Request-Method: GET
Origin: https://app-react-login.eu1.dev.scalar.zf.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type,if-none-match
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-expose-headers: ETag
access-control-max-age: 172800
date: Mon, 03 Jun 2024 23:12:54 GMT
vary: Access-Control-Request-Headers

GET
H2 200 proxy Show response
unleash-dev.euwe1.shared-dev.cvcs.zf.com/ Frame 73C1 5 KB
1009 B 31ms
30ms Fetch
application/json 52.208.222.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unleash-dev.euwe1.shared-dev.cvcs.zf.com/proxy?sessionId=1-hoedje-van-alu&appName=Login&environment=1-Dev&userId=happycorp&properties%5Borganization%5D=happycorp&properties%5Buser%5D=1-hoedje-van-alu&properties%5Bcountry%5D=Germany
Requested by: Host: app-react-login.eu1.dev.scalar.zf.com
URL: https://app-react-login.eu1.dev.scalar.zf.com/odyssey-login.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.222.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-222-177.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9de8c5f258de0658acea0de965948708ca6008ecbf96276c5c568ed6e58aea44

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: 2a0b4b56a5f424e5a202f8178677c32e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://app-react-login.eu1.dev.scalar.zf.com/
If-None-Match
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 23:12:54 GMT
content-encoding: gzip
etag: W/"155f-KkyqIf1ZMOAHRCcq0eiYpi4kK14"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: public, max-age=2

GET
H2 200 NotoSans-Bold.ttf
app-react-login.eu1.dev.scalar.zf.com/assets/fonts/ Frame 73C1 389 KB
391 KB 67ms
66ms Font
binary/octet-stream 3.161.119.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app-react-login.eu1.dev.scalar.zf.com/assets/fonts/NotoSans-Bold.ttf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.119.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-119-87.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f9a6bd489df560f7a925b43d5b48d4536fa24589332e53702b63fc0072898f86

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .scalar.zf.com .walkme.com .auth0.com; frame-src https: blob: .zf.com; default-src 'self' .jsdelivr.net .cdn.walkme.com .zf.com; img-src 'self' data: blob: https: .walkmeusercontent.com; script-src 'self' https: blob: 'wasm-unsafe-eval' 'unsafe-eval' .jsdelivr.net 'unsafe-inline' .zf.com .walkme.com .mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-login.eu1.dev.scalar.zf.com/
Origin: https://app-react-login.eu1.dev.scalar.zf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 10:34:56 GMT
x-amz-version-id: null
via: 1.1 a68f672083a9ba296839aa3223adfa76.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: blob: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: VIE50-P2
age: 45479
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 398652
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Jun 2024 10:11:21 GMT
server: AmazonS3
etag: "98f0cacc6bb63b64b98aac7cac082d27"
access-control-max-age: 3600
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://app-react-login.eu1.dev.scalar.zf.com
access-control-expose-headers: ETag, Access-Control-Allow-Origin
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: U7Y290hpAXP7CAI7ppn4Qm23RIr-8FTWHVLFuzQ17ICOq3nwu-FghQ==

GET
H2 200 NotoSans-Regular.ttf
app-react-login.eu1.dev.scalar.zf.com/assets/fonts/ Frame 73C1 390 KB
391 KB 63ms
63ms Font
binary/octet-stream 3.161.119.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app-react-login.eu1.dev.scalar.zf.com/assets/fonts/NotoSans-Regular.ttf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.119.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-119-87.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2ddeaed07f6483f7831b23faa32cf85a04c3406eb4bb2925530894805a05d4fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .scalar.zf.com .walkme.com .auth0.com; frame-src https: blob: .zf.com; default-src 'self' .jsdelivr.net .cdn.walkme.com .zf.com; img-src 'self' data: blob: https: .walkmeusercontent.com; script-src 'self' https: blob: 'wasm-unsafe-eval' 'unsafe-eval' .jsdelivr.net 'unsafe-inline' .zf.com .walkme.com .mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app-react-login.eu1.dev.scalar.zf.com/
Origin: https://app-react-login.eu1.dev.scalar.zf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 10:34:56 GMT
x-amz-version-id: null
via: 1.1 a68f672083a9ba296839aa3223adfa76.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors *.scalar.zf.com *.walkme.com *.auth0.com; frame-src https: blob: *.zf.com; default-src 'self' *.jsdelivr.net *.cdn.walkme.com *.zf.com; img-src 'self' data: blob: https: *.walkmeusercontent.com; script-src 'self' https: blob: 'wasm-unsafe-eval' 'unsafe-eval' *.jsdelivr.net 'unsafe-inline' *.zf.com *.walkme.com *.mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: VIE50-P2
age: 45479
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 398968
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Jun 2024 10:11:21 GMT
server: AmazonS3
etag: "5a87cce84010f7cea085ae218d44a64b"
access-control-max-age: 3600
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://app-react-login.eu1.dev.scalar.zf.com
access-control-expose-headers: ETag, Access-Control-Allow-Origin
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: CdGmZN2puqf7TW_oI5QmkV21Iaz6QsrUMHtarhQmYWIPTkf0Dc4RVQ==

POST
H2 200 metrics Show response
unleash-dev.euwe1.shared-dev.cvcs.zf.com/proxy/client/ Frame 73C1 2 B
179 B 30ms
30ms Fetch
text/plain 52.208.222.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unleash-dev.euwe1.shared-dev.cvcs.zf.com/proxy/client/metrics
Requested by: Host: app-react-login.eu1.dev.scalar.zf.com
URL: https://app-react-login.eu1.dev.scalar.zf.com/odyssey-login.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.222.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-222-177.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: 2a0b4b56a5f424e5a202f8178677c32e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://app-react-login.eu1.dev.scalar.zf.com/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 03 Jun 2024 23:12:56 GMT
access-control-expose-headers: ETag
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-length: 2
vary: Accept-Encoding
content-type: text/plain; charset=utf-8

OPTIONS
H2 204 metrics
unleash-dev.euwe1.shared-dev.cvcs.zf.com/proxy/client/ Frame 0
0 29ms
29ms Preflight 52.208.222.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unleash-dev.euwe1.shared-dev.cvcs.zf.com/proxy/client/metrics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.222.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-222-177.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://app-react-login.eu1.dev.scalar.zf.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-expose-headers: ETag
access-control-max-age: 172800
date: Mon, 03 Jun 2024 23:12:56 GMT
vary: Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app-react-customer-portal.eu1.dev.scalar.zf.com
URL: https://app-react-customer-portal.eu1.dev.scalar.zf.com/favicon.ico

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| auth0

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
auth0.eu1.dev.scalar.zf.com/usernamepassword/login	1970-01-20 21:18:40	Name: _csrf Value: bD0R397oe08QSIE5IjpT8bmO
auth0.eu1.dev.scalar.zf.com/	1970-01-21 05:50:13	Name: did Value: s%3Av0%3Ace3256b0-21fe-11ef-930a-f79ac5114952.MSsi2uvgVtslIUgbQ8Xb%2B1LuL%2BfjB76kgJNUa9TFuP0
auth0.eu1.dev.scalar.zf.com/	1970-01-20 21:08:35	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOGoxsegSaxkRKcq8MJglbLbGQpw7fWWEk4xyUvqJIWz9HQgGD-QrxwcGgfvJ4sy05edjiFZr57bDLVn0GRMKuymY29va2llg6dleHBpcmVz1_-jjh4AZmJCda5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.CdmqBSlEBPnXLkxqzDY420SGgbFk0wGiAFA6qxALx0M
auth0.eu1.dev.scalar.zf.com/	1970-01-21 05:50:13	Name: did_compat Value: s%3Av0%3Ace3256b0-21fe-11ef-930a-f79ac5114952.MSsi2uvgVtslIUgbQ8Xb%2B1LuL%2BfjB76kgJNUa9TFuP0
auth0.eu1.dev.scalar.zf.com/	1970-01-20 21:08:35	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOGoxsegSaxkRKcq8MJglbLbGQpw7fWWEk4xyUvqJIWz9HQgGD-QrxwcGgfvJ4sy05edjiFZr57bDLVn0GRMKuymY29va2llg6dleHBpcmVz1_-jjh4AZmJCda5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.CdmqBSlEBPnXLkxqzDY420SGgbFk0wGiAFA6qxALx0M
.auth0.eu1.dev.scalar.zf.com/	1970-01-20 21:04:18	Name: __cf_bm Value: McxtG0eae5lvgalEYcQxJZas_FNVO4mR3i9AgXhAfJc-1717456374-1.0.1.1-WeUhxd7.fEyIFoQkEMoZdgnlKp4fhBJ9SMyS.nXqkEGrn7p8HoujOxhf4RyRmnj5

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://auth0.eu1.dev.scalar.zf.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors .scalar.zf.com .walkme.com .auth0.com; frame-src https: blob: .zf.com; default-src 'self' .jsdelivr.net .cdn.walkme.com .zf.com; img-src 'self' data: blob: https: .walkmeusercontent.com; script-src 'self' https: blob: 'wasm-unsafe-eval' 'unsafe-eval' .jsdelivr.net 'unsafe-inline' .zf.com .walkme.com .mapbox.com; style-src 'self' 'unsafe-inline' *.walkme.com https:; object-src 'none'; font-src 'self' https: data:; connect-src wss: https: data:; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-react-customer-portal.eu1.dev.scalar.zf.com
app-react-login.eu1.dev.scalar.zf.com
auth0.eu1.dev.scalar.zf.com
cdn.auth0.com
cdn.jsdelivr.net
unleash-dev.euwe1.shared-dev.cvcs.zf.com
app-react-customer-portal.eu1.dev.scalar.zf.com
104.19.152.19
2600:9000:2359:8000:10:474e:104a:2961
2606:4700::6813:9813
2a04:4e42:600::485
3.161.119.15
3.161.119.87
52.208.222.177
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
26ce59e48bcb1b23ffdfdf53651a48af724a47d33387995bffef77287c87dd4c
2ddeaed07f6483f7831b23faa32cf85a04c3406eb4bb2925530894805a05d4fb
2e3281ce824bc83f86243254926e320d7a51fd34e310d76f38ddf5ca4430bcd8
328d494af725fac1931755c271119e82e6e59362a2d733786c06503707bd07aa
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
4e56db6fc2b439569b5553a77f54c661b438d1fc486f9dd4c4047850d5593e6e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
65eb442ccaf73888b1d53ac58d4fb102dee28590bcd3f698cb23a32767093bf8
6b8ec92b367409b8582f1032174e2acd5d22015d7d02a3518a73de6c21567845
7365e71d68cd1c50742c9d388c5469fd8e7444a637160fff510f9f7a85494101
77d19549a305065ee52b2d568eba337536662830e5dd139a3968e2d0bc52c744
8d5411098d0e2fadbbb5bedd894bdefb592b645cfb3913abbc0c28f7855f047a
94badd8145dc15f3393ae3ef848b1c1d9654d2c55f8a216de80073706e465e15
9de8c5f258de0658acea0de965948708ca6008ecbf96276c5c568ed6e58aea44
d192aa00fbdb4e8c6cfe3fe8b2e6a8bc7a698c97a573ecd3a46fd61bb700e649
f9a6bd489df560f7a925b43d5b48d4536fa24589332e53702b63fc0072898f86
faf458dcada028341e6c98a52f71067328fb710a51d0f3acb69df9dbe93619af
fda24b7112d59c7417df5bd735ebc7c4bf22c68fc6403497f35dd5245ef04371

auth0.eu1.dev.scalar.zf.com Open in urlscan Pro 2606:4700::6813:9813 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

97 %HTTPS

43 %IPv6

3 Domains

6 Subdomains

8 IPs

3 Countries

2291 kBTransfer

6418 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

auth0.eu1.dev.scalar.zf.com Open in urlscan Pro
2606:4700::6813:9813 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

97 %
HTTPS

43 %
IPv6

3
Domains

6
Subdomains

8
IPs

3
Countries

2291 kB
Transfer

6418 kB
Size

6
Cookies

31 HTTP transactions
0 data transactions