auth.txguardians.cloverleafcms.dev Open in urlscan Pro
20.225.52.77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://auth.txguardians.cloverleafcms.dev/
Effective URL:
https://auth.txguardians.cloverleafcms.dev/Account/Login
Submission: On September 19 via automatic, source certstream-suspicious (September 19th 2023, 3:06:54 pm UTC) — Scanned from DE

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 16 HTTP transactions. The main IP is 20.225.52.77, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is auth.txguardians.cloverleafcms.dev.
TLS certificate: Issued by R3 on September 19th 2023. Valid for: 3 months.

This is the only time auth.txguardians.cloverleafcms.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 14	20.225.52.77 20.225.52.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	52.239.208.68 52.239.208.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
16	3

14 20.225.52.77 (San Antonio, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

auth.txguardians.cloverleafcms.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.239.208.68 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

fincostorage.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	cloverleafcms.dev 2 redirects auth.txguardians.cloverleafcms.dev	2 MB
4	windows.net fincostorage.blob.core.windows.net	3 MB
16	2

	Domain	Requested by
14	auth.txguardians.cloverleafcms.dev	2 redirects auth.txguardians.cloverleafcms.dev
4	fincostorage.blob.core.windows.net	auth.txguardians.cloverleafcms.dev
16	2

This site contains links to these domains. Also see Links.

Domain
www.volosoft.com

Subject Issuer	Validity	Valid
auth.txguardians.cloverleafcms.dev R3	`2023-09-19` - `2023-12-18`	3 months	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 06	`2023-08-19` - `2024-06-27`	10 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.txguardians.cloverleafcms.dev/Account/Login
Frame ID: B6839CAAC82E5C939DBBC8C27C08B5A2
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TexasGuardians

Page URL History Show full URLs

https://auth.txguardians.cloverleafcms.dev/ HTTP 302
https://auth.txguardians.cloverleafcms.dev/Account/Login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

4939 kB
Transfer

4933 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.volosoft.com/
Title: Volosoft

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://auth.txguardians.cloverleafcms.dev/ HTTP 302
https://auth.txguardians.cloverleafcms.dev/Account/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://auth.txguardians.cloverleafcms.dev/~images/logo/leptonx/logo-dark.jpeg HTTP 302
https://auth.txguardians.cloverleafcms.dev/Error?httpStatusCode=404

16 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Login Show response
auth.txguardians.cloverleafcms.dev/Account/
Redirect Chain

https://auth.txguardians.cloverleafcms.dev/
https://auth.txguardians.cloverleafcms.dev/Account/Login

9 KB
9 KB

920ms
919ms

Document
text/html

20.225.52.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.txguardians.cloverleafcms.dev/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.225.52.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bd5563609e55e56c890599a7023d62c6cde5be789a2c9acad4d2cdf27cc4493a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-type: text/html; charset=utf-8
date: Tue, 19 Sep 2023 15:06:46 GMT
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
date: Tue, 19 Sep 2023 15:06:45 GMT
location: /Account/Login
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-correlation-id: 99afa98f84e048cfb721464018762b46
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 LeptonX.Global.9325FB768F9C0093DC4664395D730921.css
auth.txguardians.cloverleafcms.dev/__bundles/ 321 KB
321 KB 262ms
261ms Stylesheet
text/css 20.225.52.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.txguardians.cloverleafcms.dev/__bundles/LeptonX.Global.9325FB768F9C0093DC4664395D730921.css?_v=638307324239033385

Requested by

Host: auth.txguardians.cloverleafcms.dev
URL: https://auth.txguardians.cloverleafcms.dev/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.225.52.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5a0b3e6780367782c256fd53c4d899ff54eb9f88b810513c5dd03d5183f121d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.txguardians.cloverleafcms.dev/Account/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 15:06:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 19 Sep 2023 15:00:23 GMT
etag: "1d9eb0a03ce5f8e"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 328206
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap-dim.css
auth.txguardians.cloverleafcms.dev/Themes/LeptonX/Global/side-menu/css/ 253 KB
254 KB 137ms
136ms Stylesheet
text/css 20.225.52.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.txguardians.cloverleafcms.dev/Themes/LeptonX/Global/side-menu/css/bootstrap-dim.css

Requested by

Host: auth.txguardians.cloverleafcms.dev
URL: https://auth.txguardians.cloverleafcms.dev/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.225.52.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8b5b872ff04a6ae05b98aed28540ecd2c40df9cdfaadb5c8a80ddf806f1df936

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.txguardians.cloverleafcms.dev/Account/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 15:06:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 04 Jul 2023 08:32:22 GMT
etag: "1d9ae520d6e1b97"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 259223
x-xss-protection: 1; mode=block

GET
H2 200 dim.css
auth.txguardians.cloverleafcms.dev/Themes/LeptonX/Global/side-menu/css/ 14 KB
14 KB 262ms
261ms Stylesheet
text/css 20.225.52.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.txguardians.cloverleafcms.dev/Themes/LeptonX/Global/side-menu/css/dim.css

Requested by

Host: auth.txguardians.cloverleafcms.dev
URL: https://auth.txguardians.cloverleafcms.dev/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.225.52.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c8d6fe27c10e613f26b31969002d46127304af9cb23cf90680c58aa2784ffc2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.txguardians.cloverleafcms.dev/Account/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 15:06:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 04 Jul 2023 08:32:22 GMT
etag: "1d9ae520d6dd891"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 14225
x-xss-protection: 1; mode=block

GET
H2 200 login-page.css
auth.txguardians.cloverleafcms.dev/ 3 KB
3 KB 262ms
261ms Stylesheet
text/css 20.225.52.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.txguardians.cloverleafcms.dev/login-page.css

Requested by

Host: auth.txguardians.cloverleafcms.dev
URL: https://auth.txguardians.cloverleafcms.dev/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.225.52.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

076fd305cb9d921f53a92ad91d4c6acb99446171da903041c5fc989461d73829

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.txguardians.cloverleafcms.dev/Account/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 15:06:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 19 Sep 2023 14:27:02 GMT
etag: "1d9eb055b1af32e"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 3118
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK GuardianLogo-min.jpeg
fincostorage.blob.core.windows.net/cloverleafcms/ 171 KB
172 KB 560ms
143ms Image
image/jpeg 52.239.208.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fincostorage.blob.core.windows.net/cloverleafcms/GuardianLogo-min.jpeg
Requested by: Host: auth.txguardians.cloverleafcms.dev
URL: https://auth.txguardians.cloverleafcms.dev/Account/Login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.208.68 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cedd7bae711f126d5d846d2bfa512b6559e4404d153507a617015b5d454d2f03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.txguardians.cloverleafcms.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 19 Sep 2023 15:06:46 GMT
Last-Modified: Tue, 19 Sep 2023 12:46:21 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: yAEpaq4JaXBleb45zUWf1g==
ETag: 0x8DBB90E6D5894DD
Content-Type: image/jpeg
x-ms-request-id: e1143bf0-501e-0065-6b0a-eb40e5000000
x-ms-version: 2009-09-19
Content-Length: 175411

GET
H/1.1 200
OK ThreeGenerations.jpeg
fincostorage.blob.core.windows.net/cloverleafcms/ 1 MB
1 MB 580ms
158ms Image
image/jpeg 52.239.208.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fincostorage.blob.core.windows.net/cloverleafcms/ThreeGenerations.jpeg
Requested by: Host: auth.txguardians.cloverleafcms.dev
URL: https://auth.txguardians.cloverleafcms.dev/Account/Login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.208.68 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: de687260c39236c05e8210f9ac16928f236820215503ef7ac9a5b2b7ac461715

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.txguardians.cloverleafcms.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 19 Sep 2023 15:06:45 GMT
Last-Modified: Tue, 19 Sep 2023 12:46:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9yKgQvAk+eYy7Jwj3hRP3A==
ETag: 0x8DBB90E6DB0457C
Content-Type: image/jpeg
x-ms-request-id: ef9b1b72-901e-0096-570a-eb938c000000
x-ms-version: 2009-09-19
Content-Length: 1174353

GET
H/1.1 200
OK Grandpa.jpeg
fincostorage.blob.core.windows.net/cloverleafcms/ 2 MB
2 MB 592ms
169ms Image
image/jpeg 52.239.208.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fincostorage.blob.core.windows.net/cloverleafcms/Grandpa.jpeg
Requested by: Host: auth.txguardians.cloverleafcms.dev
URL: https://auth.txguardians.cloverleafcms.dev/Account/Login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.208.68 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 16c68747052ebe2391c4a4ec631239e6702988c4c18c476256f1f24d353300e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.txguardians.cloverleafcms.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 19 Sep 2023 15:06:46 GMT
Last-Modified: Tue, 19 Sep 2023 12:46:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 1t5jkXljLjGOA4lhXB30LA==
ETag: 0x8DBB90E6DA46046
Content-Type: image/jpeg
x-ms-request-id: 17d6ed8c-901e-00b4-2d0a-ebfdba000000
x-ms-version: 2009-09-19
Content-Length: 1612616

GET
H/1.1 200
OK MomandSon.jpeg
fincostorage.blob.core.windows.net/cloverleafcms/ 442 KB
442 KB 608ms
169ms Image
image/jpeg 52.239.208.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fincostorage.blob.core.windows.net/cloverleafcms/MomandSon.jpeg
Requested by: Host: auth.txguardians.cloverleafcms.dev
URL: https://auth.txguardians.cloverleafcms.dev/Account/Login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.208.68 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fa863e3329569d069dcb8409fec74f13ca252214a67dce2b308d160375af9ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.txguardians.cloverleafcms.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 19 Sep 2023 15:06:45 GMT
Last-Modified: Tue, 19 Sep 2023 12:46:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: tInV9XtMMTAjv/SVfYHMhw==
ETag: 0x8DBB90E6D8D3205
Content-Type: image/jpeg
x-ms-request-id: 43e63576-201e-0048-010a-ebc325000000
x-ms-version: 2009-09-19
Content-Length: 452556

GET
H2 200 LeptonX.Global.5E87075BDB3BB74AECF012FFFF580B71.js Show response
auth.txguardians.cloverleafcms.dev/__bundles/ 891 KB
892 KB 261ms
258ms Script
application/javascript 20.225.52.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.txguardians.cloverleafcms.dev/__bundles/LeptonX.Global.5E87075BDB3BB74AECF012FFFF580B71.js?_v=638307324246237192

Requested by

Host: auth.txguardians.cloverleafcms.dev
URL: https://auth.txguardians.cloverleafcms.dev/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.225.52.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3eac4c80e3d5d632ac78f95949253ab47c02cb339b020bb16f1d8a3b9c89569a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.txguardians.cloverleafcms.dev/Account/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 15:06:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 19 Sep 2023 15:00:24 GMT
etag: "1d9eb0a046e184d"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 912461
x-xss-protection: 1; mode=block

GET
H2 200 ApplicationLocalizationScript Show response
auth.txguardians.cloverleafcms.dev/Abp/ 79 KB
80 KB 782ms
778ms Script
application/javascript 20.225.52.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.txguardians.cloverleafcms.dev/Abp/ApplicationLocalizationScript?cultureName=de-DE

Requested by

Host: auth.txguardians.cloverleafcms.dev
URL: https://auth.txguardians.cloverleafcms.dev/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.225.52.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6a566613c88f6b39150ca709f212bcc8de455a8e4e4d96fd91de9dcf9cef56c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.txguardians.cloverleafcms.dev/Account/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 15:06:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-length: 81286
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-type: application/javascript

GET
H2 200 ApplicationConfigurationScript Show response
auth.txguardians.cloverleafcms.dev/Abp/ 8 KB
9 KB 261ms
258ms Script
application/javascript 20.225.52.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.txguardians.cloverleafcms.dev/Abp/ApplicationConfigurationScript

Requested by

Host: auth.txguardians.cloverleafcms.dev
URL: https://auth.txguardians.cloverleafcms.dev/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.225.52.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0aa6e2a72c40c4d63d56697ce5aa7a3af1f7e6788f485be69f2c767849b758ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.txguardians.cloverleafcms.dev/Account/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 15:06:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache, no-store
content-length: 8302
x-xss-protection: 1; mode=block

GET
H2 200 ServiceProxyScript Show response
auth.txguardians.cloverleafcms.dev/Abp/ 158 B
351 B 261ms
257ms Script
application/javascript 20.225.52.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.txguardians.cloverleafcms.dev/Abp/ServiceProxyScript

Requested by

Host: auth.txguardians.cloverleafcms.dev
URL: https://auth.txguardians.cloverleafcms.dev/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.225.52.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6b90dca9c229b082903031f3ef8942210507359f5e1229d86452c9cf1f438cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.txguardians.cloverleafcms.dev/Account/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 15:06:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-length: 158
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-type: application/javascript

GET
H2 200 Volo.Abp.Account.Public.Web.Pages.Account.LoginModel.F7A5911E28D6821FA25AF0D82E7F53BF.js Show response
auth.txguardians.cloverleafcms.dev/__bundles/ 263 B
525 B 260ms
257ms Script
application/javascript 20.225.52.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.txguardians.cloverleafcms.dev/__bundles/Volo.Abp.Account.Public.Web.Pages.Account.LoginModel.F7A5911E28D6821FA25AF0D82E7F53BF.js?_v=638307324246499947

Requested by

Host: auth.txguardians.cloverleafcms.dev
URL: https://auth.txguardians.cloverleafcms.dev/Account/Login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.225.52.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

858175784d2a19785a144e695ead115c7d3b25df823b17d163a1e567bc21b7c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.txguardians.cloverleafcms.dev/Account/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 15:06:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 19 Sep 2023 15:00:24 GMT
etag: "1d9eb0a0463f507"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 263
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 207 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

404

Error
auth.txguardians.cloverleafcms.dev/
Redirect Chain

https://auth.txguardians.cloverleafcms.dev/~images/logo/leptonx/logo-dark.jpeg
https://auth.txguardians.cloverleafcms.dev/Error?httpStatusCode=404

7 KB
7 KB

194ms
194ms

Image
text/html

20.225.52.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.txguardians.cloverleafcms.dev/Error?httpStatusCode=404

Requested by

Host: auth.txguardians.cloverleafcms.dev
URL: https://auth.txguardians.cloverleafcms.dev/login-page.css

Protocol

Server

20.225.52.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

58efbc4854cdbb12dcb4e87f9254e3ca0a39a5d5a390c7826ae6ef8acf54d4ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.txguardians.cloverleafcms.dev/login-page.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 15:06:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 19 Sep 2023 15:06:47 GMT
x-correlation-id: 7d93fce9bddc4ef88ad97a7d6f12908e
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-frame-options: SAMEORIGIN
location: /Error?httpStatusCode=404
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 fa-regular-400.woff2
auth.txguardians.cloverleafcms.dev/libs/@fortawesome/fontawesome-free/webfonts/ 13 KB
13 KB 157ms
157ms Font
font/woff2 20.225.52.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.txguardians.cloverleafcms.dev/libs/@fortawesome/fontawesome-free/webfonts/fa-regular-400.woff2

Requested by

Host: auth.txguardians.cloverleafcms.dev
URL: https://auth.txguardians.cloverleafcms.dev/__bundles/LeptonX.Global.9325FB768F9C0093DC4664395D730921.css?_v=638307324239033385

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.225.52.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth.txguardians.cloverleafcms.dev/__bundles/LeptonX.Global.9325FB768F9C0093DC4664395D730921.css?_v=638307324239033385
Origin: https://auth.txguardians.cloverleafcms.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 15:06:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 29 Aug 2023 22:12:36 GMT
etag: "1d9dac5ea6451a8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
accept-ranges: bytes
content-length: 13224
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			auth.txguardians.cloverleafcms.dev/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.Gh6R_GKXyqc Value: CfDJ8KubSagOJVRHhXq7-UZOP9sILQlCeRX9Pte8i6uCJKv0MKFaBBiOg0jEFq14ZnGlvpm0_ZJgIrU-PkzHIiCMpoGiUrj5kf9izao-aywygVrx6ogeUORs9ojlUnmwyP2S6VoQM98IqUNcSBV7z7knPv4
			auth.txguardians.cloverleafcms.dev/	1970-01-21 00:28:16	Name: XSRF-TOKEN Value: CfDJ8KubSagOJVRHhXq7-UZOP9tr3aIv_udz4NYLPdjIM1haqKeAoYoj1qWjyi7zx0PJjMdBwwOQ2SQ_LNONzOH6hCqnDfscn1okq_jzGdXxcEODoBST7uVTVZ34-FwAR59E_v2iSF70fFJXVa63Z2grxQo

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://auth.txguardians.cloverleafcms.dev/Error?httpStatusCode=404 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.txguardians.cloverleafcms.dev
fincostorage.blob.core.windows.net
20.225.52.77
52.239.208.68
076fd305cb9d921f53a92ad91d4c6acb99446171da903041c5fc989461d73829
0aa6e2a72c40c4d63d56697ce5aa7a3af1f7e6788f485be69f2c767849b758ea
16c68747052ebe2391c4a4ec631239e6702988c4c18c476256f1f24d353300e8
3eac4c80e3d5d632ac78f95949253ab47c02cb339b020bb16f1d8a3b9c89569a
58efbc4854cdbb12dcb4e87f9254e3ca0a39a5d5a390c7826ae6ef8acf54d4ba
5a0b3e6780367782c256fd53c4d899ff54eb9f88b810513c5dd03d5183f121d2
6a566613c88f6b39150ca709f212bcc8de455a8e4e4d96fd91de9dcf9cef56c3
6b90dca9c229b082903031f3ef8942210507359f5e1229d86452c9cf1f438cfb
858175784d2a19785a144e695ead115c7d3b25df823b17d163a1e567bc21b7c4
8b5b872ff04a6ae05b98aed28540ecd2c40df9cdfaadb5c8a80ddf806f1df936
bd5563609e55e56c890599a7023d62c6cde5be789a2c9acad4d2cdf27cc4493a
c8d6fe27c10e613f26b31969002d46127304af9cb23cf90680c58aa2784ffc2d
cedd7bae711f126d5d846d2bfa512b6559e4404d153507a617015b5d454d2f03
d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113
de687260c39236c05e8210f9ac16928f236820215503ef7ac9a5b2b7ac461715
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
fa863e3329569d069dcb8409fec74f13ca252214a67dce2b308d160375af9ac9
fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd

auth.txguardians.cloverleafcms.dev Open in urlscan Pro 20.225.52.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

94 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

4939 kBTransfer

4933 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

auth.txguardians.cloverleafcms.dev Open in urlscan Pro
20.225.52.77 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

4939 kB
Transfer

4933 kB
Size

2
Cookies

16 HTTP transactions
2 data transactions