urlscan.io logo urlscan.io
SecurityTrails logo

apim.wso2.alpha.grandlyon.com Open in urlscan Pro
163.172.135.119  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apim.wso2.alpha.grandlyon.com/
Effective URL: https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/login.do?client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&commonAuthCallerPath=%2Fo...
Submission: On December 03 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 163.172.135.119, located in France and belongs to Online SAS, FR. The main domain is apim.wso2.alpha.grandlyon.com.
TLS certificate: Issued by R3 on December 3rd 2020. Valid for: 3 months.
This is the only time apim.wso2.alpha.grandlyon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 19 163.172.135.119 12876 (Online SAS)
1 2a00:1450:400... 15169 (GOOGLE)
17 2
Apex Domain
Subdomains		 Transfer
19 grandlyon.com
apim.wso2.alpha.grandlyon.com
463 KB
1 googleapis.com
fonts.googleapis.com
588 B
17 2
Domain Requested by
19 apim.wso2.alpha.grandlyon.com 3 redirects apim.wso2.alpha.grandlyon.com
1 fonts.googleapis.com apim.wso2.alpha.grandlyon.com
17 2

This site contains no links.

Subject Issuer Validity Valid
apim.wso2.alpha.grandlyon.com
R3		 2020-12-03 -
2021-03-03		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/login.do?client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim.wso2.alpha.grandlyon.com%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Aexternal_services_discover+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid&state=%2F&tenantDomain=carbon.super&sessionDataKey=e65f5383-473b-45fd-b631-5e4496c42c5f&relyingParty=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
Frame ID: 09C11189BB692972446217BA7C181706
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://apim.wso2.alpha.grandlyon.com/ HTTP 302
    https://apim.wso2.alpha.grandlyon.com/publisher/ Page URL
  2. https://apim.wso2.alpha.grandlyon.com/publisher/services/auth/login HTTP 302
    https://apim.wso2.alpha.grandlyon.com/oauth2/authorize?response_type=code&client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&s... HTTP 302
    https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/login.do?client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&commo... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

17
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

462 kB
Transfer

1858 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apim.wso2.alpha.grandlyon.com/ HTTP 302
    https://apim.wso2.alpha.grandlyon.com/publisher/ Page URL
  2. https://apim.wso2.alpha.grandlyon.com/publisher/services/auth/login HTTP 302
    https://apim.wso2.alpha.grandlyon.com/oauth2/authorize?response_type=code&client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&scope=apim:api_create%20apim:api_delete%20apim:api_import_export%20apim:api_product_import_export%20apim:api_publish%20apim:api_view%20apim:app_import_export%20apim:client_certificates_add%20apim:client_certificates_update%20apim:client_certificates_view%20apim:document_create%20apim:document_manage%20apim:ep_certificates_add%20apim:ep_certificates_update%20apim:ep_certificates_view%20apim:external_services_discover%20apim:mediation_policy_create%20apim:mediation_policy_manage%20apim:mediation_policy_view%20apim:pub_alert_manage%20apim:publisher_settings%20apim:shared_scope_manage%20apim:subscription_block%20apim:subscription_view%20apim:threat_protection_policy_create%20apim:threat_protection_policy_manage%20openid&state=/&redirect_uri=https://apim.wso2.alpha.grandlyon.com/publisher/services/auth/callback/login HTTP 302
    https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/login.do?client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim.wso2.alpha.grandlyon.com%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Aexternal_services_discover+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid&state=%2F&tenantDomain=carbon.super&sessionDataKey=e65f5383-473b-45fd-b631-5e4496c42c5f&relyingParty=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://apim.wso2.alpha.grandlyon.com/ HTTP 302
  • https://apim.wso2.alpha.grandlyon.com/publisher/

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
apim.wso2.alpha.grandlyon.com/publisher/
Redirect Chain
  • https://apim.wso2.alpha.grandlyon.com/
  • https://apim.wso2.alpha.grandlyon.com/publisher/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apim.wso2.alpha.grandlyon.com/publisher/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.172.135.119 , France, ASN12876 (Online SAS, FR),
Reverse DNS
119-135-172-163.instances.scw.cloud
Software
WSO2 Carbon Server /
Resource Hash
7504b052c1a111455757739fb5f9cb8d0dbd9cd9596ee2ff57c9bca235cea430
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
apim.wso2.alpha.grandlyon.com
:scheme
https
:path
/publisher/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
JSESSIONID=F89601661F1E2CF028924260C1726D9A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, private
content-type
text/html
date
Thu, 03 Dec 2020 14:01:12 GMT
server
WSO2 Carbon Server
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
content-length
2038

Redirect headers

date
Thu, 03 Dec 2020 14:01:12 GMT
location
https://apim.wso2.alpha.grandlyon.com:443/publisher/
server
WSO2 Carbon Server
set-cookie
JSESSIONID=F89601661F1E2CF028924260C1726D9A; Path=/; Secure; HttpOnly
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
0
main.css
apim.wso2.alpha.grandlyon.com/publisher/site/public/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apim.wso2.alpha.grandlyon.com/publisher/site/public/css/main.css
Requested by
Host: apim.wso2.alpha.grandlyon.com
URL: https://apim.wso2.alpha.grandlyon.com/publisher/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.172.135.119 , France, ASN12876 (Online SAS, FR),
Reverse DNS
119-135-172-163.instances.scw.cloud
Software
WSO2 Carbon Server /
Resource Hash
ddece4882f603de76cbb64060fc516213172cf7a9872a69c9fac358ae55e5e04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://apim.wso2.alpha.grandlyon.com/publisher/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 14:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 21 Aug 2020 13:25:02 GMT
server
WSO2 Carbon Server
etag
W/"10236-1598016302000"
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
vary
accept-encoding
content-length
1647
x-xss-protection
1; mode=block
draftjs.css
apim.wso2.alpha.grandlyon.com/publisher/site/public/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apim.wso2.alpha.grandlyon.com/publisher/site/public/css/draftjs.css
Requested by
Host: apim.wso2.alpha.grandlyon.com
URL: https://apim.wso2.alpha.grandlyon.com/publisher/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.172.135.119 , France, ASN12876 (Online SAS, FR),
Reverse DNS
119-135-172-163.instances.scw.cloud
Software
WSO2 Carbon Server /
Resource Hash
ff2f76620c65c35c04f154a7c34fb6b4c7bb054c788150a1edd6ec1f90b67147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://apim.wso2.alpha.grandlyon.com/publisher/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 14:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 21 Aug 2020 13:25:02 GMT
server
WSO2 Carbon Server
etag
W/"16567-1598016302000"
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
vary
accept-encoding
content-length
2592
x-xss-protection
1; mode=block
MaterialIcons.js
apim.wso2.alpha.grandlyon.com/publisher/site/public/fonts/iconfont/ 		45 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apim.wso2.alpha.grandlyon.com/publisher/site/public/fonts/iconfont/MaterialIcons.js
Requested by
Host: apim.wso2.alpha.grandlyon.com
URL: https://apim.wso2.alpha.grandlyon.com/publisher/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.172.135.119 , France, ASN12876 (Online SAS, FR),
Reverse DNS
119-135-172-163.instances.scw.cloud
Software
WSO2 Carbon Server /
Resource Hash
a4654f0f269afbe99bc5de5892db5cd0be46a8cb24ee70d5836508868c6212b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://apim.wso2.alpha.grandlyon.com/publisher/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 14:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 21 Aug 2020 13:25:02 GMT
server
WSO2 Carbon Server
etag
W/"45618-1598016302000"
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
vary
accept-encoding
x-xss-protection
1; mode=block
userThemes.js
apim.wso2.alpha.grandlyon.com/publisher/site/public/conf/ 		937 B
987 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apim.wso2.alpha.grandlyon.com/publisher/site/public/conf/userThemes.js
Requested by
Host: apim.wso2.alpha.grandlyon.com
URL: https://apim.wso2.alpha.grandlyon.com/publisher/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.172.135.119 , France, ASN12876 (Online SAS, FR),
Reverse DNS
119-135-172-163.instances.scw.cloud
Software
WSO2 Carbon Server /
Resource Hash
866dfaf76bec38f9354c279899e9ad5262fe5491602ec0389ad1f397c16f2fa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://apim.wso2.alpha.grandlyon.com/publisher/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 14:01:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Aug 2020 13:25:02 GMT
server
WSO2 Carbon Server
etag
W/"937-1598016302000"
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
content-length
937
x-xss-protection
1; mode=block
portalSettings.js
apim.wso2.alpha.grandlyon.com/publisher/site/public/conf/ 		768 B
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apim.wso2.alpha.grandlyon.com/publisher/site/public/conf/portalSettings.js
Requested by
Host: apim.wso2.alpha.grandlyon.com
URL: https://apim.wso2.alpha.grandlyon.com/publisher/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.172.135.119 , France, ASN12876 (Online SAS, FR),
Reverse DNS
119-135-172-163.instances.scw.cloud
Software
WSO2 Carbon Server /
Resource Hash
65185b5c87ddfaa5a14d18973682c9f3dc339442ad2ed3d2ea1883dcc0e7a448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://apim.wso2.alpha.grandlyon.com/publisher/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 14:01:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Aug 2020 13:25:02 GMT
server
WSO2 Carbon Server
etag
W/"768-1598016302000"
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
content-length
768
x-xss-protection
1; mode=block
settings.js
apim.wso2.alpha.grandlyon.com/publisher/services/settings/ 		416 B
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apim.wso2.alpha.grandlyon.com/publisher/services/settings/settings.js
Requested by
Host: apim.wso2.alpha.grandlyon.com
URL: https://apim.wso2.alpha.grandlyon.com/publisher/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.172.135.119 , France, ASN12876 (Online SAS, FR),
Reverse DNS
119-135-172-163.instances.scw.cloud
Software
WSO2 Carbon Server /
Resource Hash
c02df7af3ce399854edc2cf8d055ce19a254de03e54a90c18bfbfc10048babb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://apim.wso2.alpha.grandlyon.com/publisher/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 14:01:12 GMT
x-content-type-options
nosniff
server
WSO2 Carbon Server
x-frame-options
DENY
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, private
content-length
416
x-xss-protection
1; mode=block
index.163feb73a21dc3550a02.bundle.js
apim.wso2.alpha.grandlyon.com/publisher/site/public/dist/ 		431 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apim.wso2.alpha.grandlyon.com/publisher/site/public/dist/index.163feb73a21dc3550a02.bundle.js
Requested by
Host: apim.wso2.alpha.grandlyon.com
URL: https://apim.wso2.alpha.grandlyon.com/publisher/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.172.135.119 , France, ASN12876 (Online SAS, FR),
Reverse DNS
119-135-172-163.instances.scw.cloud
Software
WSO2 Carbon Server /
Resource Hash
0f12c665b7c9a1cb61c07886579e883ad7391c410ae06a33bd7c037da7f586c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://apim.wso2.alpha.grandlyon.com/publisher/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 14:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 21 Aug 2020 13:25:02 GMT
server
WSO2 Carbon Server
etag
W/"440999-1598016302000"
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
vary
accept-encoding
x-xss-protection
1; mode=block
swaggerWorkerInit.18fbf6bebb6bb1bb3020.bundle.js
apim.wso2.alpha.grandlyon.com/publisher/site/public/dist/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apim.wso2.alpha.grandlyon.com/publisher/site/public/dist/swaggerWorkerInit.18fbf6bebb6bb1bb3020.bundle.js
Requested by
Host: apim.wso2.alpha.grandlyon.com
URL: https://apim.wso2.alpha.grandlyon.com/publisher/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.172.135.119 , France, ASN12876 (Online SAS, FR),
Reverse DNS
119-135-172-163.instances.scw.cloud
Software
WSO2 Carbon Server /
Resource Hash
4ce9e8fb8b1e558b26b58b35334708f5f0d4a07b238b19580aabb4eb6c5f6895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://apim.wso2.alpha.grandlyon.com/publisher/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 14:01:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Aug 2020 13:25:02 GMT
server
WSO2 Carbon Server
etag
W/"1266-1598016302000"
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
content-length
1266
x-xss-protection
1; mode=block
material-icons.css
apim.wso2.alpha.grandlyon.com/publisher/site/public/fonts/iconfont/ 		970 B
1020 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apim.wso2.alpha.grandlyon.com/publisher/site/public/fonts/iconfont/material-icons.css
Requested by
Host: apim.wso2.alpha.grandlyon.com
URL: https://apim.wso2.alpha.grandlyon.com/publisher/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.172.135.119 , France, ASN12876 (Online SAS, FR),
Reverse DNS
119-135-172-163.instances.scw.cloud
Software
WSO2 Carbon Server /
Resource Hash
afb727c828f3957ada8e546f9bce9c9c733bc1d2f09a83eb47f2114302cd9f2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://apim.wso2.alpha.grandlyon.com/publisher/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 14:01:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Aug 2020 13:25:02 GMT
server
WSO2 Carbon Server
etag
W/"970-1598016302000"
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
content-length
970
x-xss-protection
1; mode=block
Primary Request login.do
apim.wso2.alpha.grandlyon.com/authenticationendpoint/
Redirect Chain
  • https://apim.wso2.alpha.grandlyon.com/publisher/services/auth/login
  • https://apim.wso2.alpha.grandlyon.com/oauth2/authorize?response_type=code&client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&scope=apim:api_create%20apim:api_delete%20apim:api_import_export%20apim:api_product_...
  • https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/login.do?client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_ur...
19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/login.do?client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim.wso2.alpha.grandlyon.com%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Aexternal_services_discover+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid&state=%2F&tenantDomain=carbon.super&sessionDataKey=e65f5383-473b-45fd-b631-5e4496c42c5f&relyingParty=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
Requested by
Host: apim.wso2.alpha.grandlyon.com
URL: https://apim.wso2.alpha.grandlyon.com/publisher/site/public/dist/index.163feb73a21dc3550a02.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.172.135.119 , France, ASN12876 (Online SAS, FR),
Reverse DNS
119-135-172-163.instances.scw.cloud
Software
WSO2 Carbon Server /
Resource Hash
5fef7843d5a49059ee533b35027d980503ac7e9565c268c3359149010644d090
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
apim.wso2.alpha.grandlyon.com
:scheme
https
:path
/authenticationendpoint/login.do?client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim.wso2.alpha.grandlyon.com%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Aexternal_services_discover+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid&state=%2F&tenantDomain=carbon.super&sessionDataKey=e65f5383-473b-45fd-b631-5e4496c42c5f&relyingParty=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://apim.wso2.alpha.grandlyon.com/publisher/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
JSESSIONID=F89601661F1E2CF028924260C1726D9A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://apim.wso2.alpha.grandlyon.com/publisher/

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 03 Dec 2020 14:01:14 GMT
server
WSO2 Carbon Server
set-cookie
JSESSIONID=745F776AA2E459057F82BED9D932DF4A6D8270446898841365B121430C649D7F8E70DA0AE7A63089A99A56B8AD42834170D7F1EC58229C175F4C2377C995ECF2D8D34D90CAC18647A101B225EC29BEA4566C6125440DFA95FC9900EE192CAFEF5E4C44ECDDA68FC9C5738B7F61128A2C35361E5134E75783EC8CBF062A317763; Path=/authenticationendpoint; Secure; HttpOnly
vary
accept-encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

date
Thu, 03 Dec 2020 14:01:14 GMT
location
https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/login.do?client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim.wso2.alpha.grandlyon.com%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Aexternal_services_discover+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid&state=%2F&tenantDomain=carbon.super&sessionDataKey=e65f5383-473b-45fd-b631-5e4496c42c5f&relyingParty=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
server
WSO2 Carbon Server
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
content-length
0
wso2-default.min.css
apim.wso2.alpha.grandlyon.com/authenticationendpoint/libs/theme/ 		734 KB
110 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/libs/theme/wso2-default.min.css
Requested by
Host: apim.wso2.alpha.grandlyon.com
URL: https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/login.do?client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim.wso2.alpha.grandlyon.com%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Aexternal_services_discover+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid&state=%2F&tenantDomain=carbon.super&sessionDataKey=e65f5383-473b-45fd-b631-5e4496c42c5f&relyingParty=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.172.135.119 , France, ASN12876 (Online SAS, FR),
Reverse DNS
119-135-172-163.instances.scw.cloud
Software
WSO2 Carbon Server /
Resource Hash
3b3d58e2ad598e46f39af48a85a9d1ab773679bced881889380e66c55a7282e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/login.do?client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim.wso2.alpha.grandlyon.com%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Aexternal_services_discover+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid&state=%2F&tenantDomain=carbon.super&sessionDataKey=e65f5383-473b-45fd-b631-5e4496c42c5f&relyingParty=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 14:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 06 Mar 2020 11:53:16 GMT
server
WSO2 Carbon Server
etag
W/"751914-1583495596000"
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
vary
accept-encoding
x-xss-protection
1; mode=block
jquery-3.4.1.js
apim.wso2.alpha.grandlyon.com/authenticationendpoint/libs/jquery_3.4.1/ 		286 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/libs/jquery_3.4.1/jquery-3.4.1.js
Requested by
Host: apim.wso2.alpha.grandlyon.com
URL: https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/login.do?client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim.wso2.alpha.grandlyon.com%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Aexternal_services_discover+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid&state=%2F&tenantDomain=carbon.super&sessionDataKey=e65f5383-473b-45fd-b631-5e4496c42c5f&relyingParty=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.172.135.119 , France, ASN12876 (Online SAS, FR),
Reverse DNS
119-135-172-163.instances.scw.cloud
Software
WSO2 Carbon Server /
Resource Hash
3f80e8e5e1945b57180397b363fb0a747e1e99cf492d59b4f8cd09bfb239f2b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/login.do?client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim.wso2.alpha.grandlyon.com%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Aexternal_services_discover+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid&state=%2F&tenantDomain=carbon.super&sessionDataKey=e65f5383-473b-45fd-b631-5e4496c42c5f&relyingParty=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 14:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 06 Mar 2020 11:51:56 GMT
server
WSO2 Carbon Server
etag
W/"292564-1583495516000"
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
vary
accept-encoding
x-xss-protection
1; mode=block
semantic.min.js
apim.wso2.alpha.grandlyon.com/authenticationendpoint/libs/theme/ 		269 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/libs/theme/semantic.min.js
Requested by
Host: apim.wso2.alpha.grandlyon.com
URL: https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/login.do?client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim.wso2.alpha.grandlyon.com%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Aexternal_services_discover+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid&state=%2F&tenantDomain=carbon.super&sessionDataKey=e65f5383-473b-45fd-b631-5e4496c42c5f&relyingParty=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.172.135.119 , France, ASN12876 (Online SAS, FR),
Reverse DNS
119-135-172-163.instances.scw.cloud
Software
WSO2 Carbon Server /
Resource Hash
b7c19ea67c8f9b0f6df9fa0c87798a36f728aea3476a648ab4a471c695048052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/login.do?client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim.wso2.alpha.grandlyon.com%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Aexternal_services_discover+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid&state=%2F&tenantDomain=carbon.super&sessionDataKey=e65f5383-473b-45fd-b631-5e4496c42c5f&relyingParty=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 14:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 06 Mar 2020 11:53:16 GMT
server
WSO2 Carbon Server
etag
W/"275730-1583495596000"
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
vary
accept-encoding
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		3 KB
588 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: apim.wso2.alpha.grandlyon.com
URL: https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/libs/theme/wso2-default.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44bbd41a152df40ae99043e510a51da8ad97dadd3f28d1c21be248a4bd98942
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/libs/theme/wso2-default.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Dec 2020 12:09:02 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Thu, 03 Dec 2020 14:01:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 03 Dec 2020 14:01:14 GMT
icons.woff2
apim.wso2.alpha.grandlyon.com/authenticationendpoint/libs/theme/assets/fonts/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/libs/theme/assets/fonts/icons.woff2
Requested by
Host: apim.wso2.alpha.grandlyon.com
URL: https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/libs/theme/wso2-default.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.172.135.119 , France, ASN12876 (Online SAS, FR),
Reverse DNS
119-135-172-163.instances.scw.cloud
Software
WSO2 Carbon Server /
Resource Hash
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Origin
https://apim.wso2.alpha.grandlyon.com
Referer
https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/libs/theme/wso2-default.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 14:01:14 GMT
x-content-type-options
nosniff
last-modified
Fri, 06 Mar 2020 11:53:16 GMT
server
WSO2 Carbon Server
etag
W/"40148-1583495596000"
x-frame-options
DENY
content-type
font/woff2
accept-ranges
bytes
content-length
40148
x-xss-protection
1; mode=block
logincontext
apim.wso2.alpha.grandlyon.com/ 		20 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apim.wso2.alpha.grandlyon.com/logincontext?sessionDataKey=e65f5383-473b-45fd-b631-5e4496c42c5f&relyingParty=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&tenantDomain=carbon.super&_=1607004074533
Requested by
Host: apim.wso2.alpha.grandlyon.com
URL: https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/libs/jquery_3.4.1/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.172.135.119 , France, ASN12876 (Online SAS, FR),
Reverse DNS
119-135-172-163.instances.scw.cloud
Software
WSO2 Carbon Server /
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://apim.wso2.alpha.grandlyon.com/authenticationendpoint/login.do?client_id=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim.wso2.alpha.grandlyon.com%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Aexternal_services_discover+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid&state=%2F&tenantDomain=carbon.super&sessionDataKey=e65f5383-473b-45fd-b631-5e4496c42c5f&relyingParty=QcR46hZlYIiPIT_mEjLSKgJuR1Ia&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 14:01:14 GMT
x-content-type-options
nosniff
server
WSO2 Carbon Server
content-length
20
x-xss-protection
1; mode=block
content-type
application/json;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| goBack function| checkSessionKey function| getParameterByName function| myFunction function| handleNoDomain function| changeUsername

2 Cookies

Domain/Path Name / Value
apim.wso2.alpha.grandlyon.com/ Name: JSESSIONID
Value: F89601661F1E2CF028924260C1726D9A
apim.wso2.alpha.grandlyon.com/authenticationendpoint Name: JSESSIONID
Value: 745F776AA2E459057F82BED9D932DF4A6D8270446898841365B121430C649D7F8E70DA0AE7A63089A99A56B8AD42834170D7F1EC58229C175F4C2377C995ECF2D8D34D90CAC18647A101B225EC29BEA4566C6125440DFA95FC9900EE192CAFEF5E4C44ECDDA68FC9C5738B7F61128A2C35361E5134E75783EC8CBF062A317763

1 Console Messages

Source Level URL
Text
console-api log URL: https://apim.wso2.alpha.grandlyon.com/publisher/site/public/dist/index.163feb73a21dc3550a02.bundle.js(Line 50)
Message:
Error: Error: 901401: No partial token found!,redirecting to login page

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block