urlscan.io logo urlscan.io
SecurityTrails logo

step-eight.promotelogin.com Open in urlscan Pro
172.104.203.5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://step-eight.promotelogin.com/
Effective URL: https://step-eight.promotelogin.com/nu/sign_in
Submission: On December 07 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 172.104.203.5, located in Frankfurt am Main, Germany and belongs to LINODE-AP Linode, LLC, US. The main domain is step-eight.promotelogin.com.
TLS certificate: Issued by R3 on December 7th 2021. Valid for: 3 months.
This is the only time step-eight.promotelogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 8 172.104.203.5 63949 (LINODE-AP...)
2 2606:2800:234... 15133 (EDGECAST)
1 104.244.42.136 13414 (TWITTER)
9 3
Apex Domain
Subdomains		 Transfer
8 promotelogin.com
step-eight.promotelogin.com
1 MB
3 twitter.com
platform.twitter.com
syndication.twitter.com
133 KB
9 2
Domain Requested by
8 step-eight.promotelogin.com 2 redirects step-eight.promotelogin.com
2 platform.twitter.com step-eight.promotelogin.com
platform.twitter.com
1 syndication.twitter.com platform.twitter.com
9 3

This site contains no links.

Subject Issuer Validity Valid
step-eight.promotelogin.com
R3		 2021-12-07 -
2022-03-07		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh

This page contains 2 frames:

Primary Page: https://step-eight.promotelogin.com/nu/sign_in
Frame ID: 709D32552B71F03A72AB5AA2E0A12E19
Requests: 7 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fstep-eight.promotelogin.com
Frame ID: 0045F025764F280ABB918D96D0BDEE37
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Promote

Page URL History Show full URLs

  1. https://step-eight.promotelogin.com/ HTTP 302
    https://step-eight.promotelogin.com/desktop/users/sign_in HTTP 301
    https://step-eight.promotelogin.com/nu/sign_in Page URL

Page Statistics

9
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

1313 kB
Transfer

2897 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://step-eight.promotelogin.com/ HTTP 302
    https://step-eight.promotelogin.com/desktop/users/sign_in HTTP 301
    https://step-eight.promotelogin.com/nu/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign_in
step-eight.promotelogin.com/nu/
Redirect Chain
  • https://step-eight.promotelogin.com/
  • https://step-eight.promotelogin.com/desktop/users/sign_in
  • https://step-eight.promotelogin.com/nu/sign_in
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://step-eight.promotelogin.com/nu/sign_in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.104.203.5 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
172-104-203-5.ip.linodeusercontent.com
Software
nginx /
Resource Hash
903c2a1db899bbb6103ec57491eca042bcd9471a2c2265c5c314c71bfae01d7c
Security Headers
Name Value
Content-Security-Policy
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 07 Dec 2021 12:07:55 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
etag
W/"903c2a1db899bbb6103ec57491eca042"
cache-control
max-age=0, private, must-revalidate
content-security-policy
x-request-id
1297e494-2726-473a-b377-b0022088bdb4
x-runtime
0.049096
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip

Redirect headers

server
nginx
date
Tue, 07 Dec 2021 12:07:55 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
location
https://step-eight.promotelogin.com/nu/sign_in
cache-control
no-cache
content-security-policy
x-request-id
8a191013-17fa-4e79-8421-a9e4dab24b42
x-runtime
0.008115
strict-transport-security
max-age=63072000; includeSubDomains
airbrake.min-ea4e1ed77ab7bbcd7621eda7a00b217e816ada5baae43d7430da9b31ef64dc0a.js
step-eight.promotelogin.com/assets/third-party/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://step-eight.promotelogin.com/assets/third-party/airbrake.min-ea4e1ed77ab7bbcd7621eda7a00b217e816ada5baae43d7430da9b31ef64dc0a.js
Requested by
Host: step-eight.promotelogin.com
URL: https://step-eight.promotelogin.com/nu/sign_in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.104.203.5 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
172-104-203-5.ip.linodeusercontent.com
Software
nginx /
Resource Hash
c754b02803f442548670c4341b953fbad67b9e13f83299b6f84fd04bb0c91896

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://step-eight.promotelogin.com/nu/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 12:07:55 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 12:01:47 GMT
server
nginx
etag
"61af4d2b-318e"
content-type
application/javascript
cache-control
max-age=315360000, public
content-length
12686
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-f64062c9.css
step-eight.promotelogin.com/assets/packs/css/ 		78 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://step-eight.promotelogin.com/assets/packs/css/application-f64062c9.css
Requested by
Host: step-eight.promotelogin.com
URL: https://step-eight.promotelogin.com/nu/sign_in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.104.203.5 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
172-104-203-5.ip.linodeusercontent.com
Software
nginx /
Resource Hash
05858496d4629ac107d15746e3cc472203dd45e87f7e68175ce4d371096c2667

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://step-eight.promotelogin.com/nu/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 12:07:55 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 12:03:04 GMT
server
nginx
etag
"61af4d78-3df5"
content-type
text/css
cache-control
max-age=315360000, public
content-length
15861
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-c0af5a8426dcafdd41ce.js
step-eight.promotelogin.com/assets/packs/js/ 		2 MB
375 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://step-eight.promotelogin.com/assets/packs/js/application-c0af5a8426dcafdd41ce.js
Requested by
Host: step-eight.promotelogin.com
URL: https://step-eight.promotelogin.com/nu/sign_in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.104.203.5 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
172-104-203-5.ip.linodeusercontent.com
Software
nginx /
Resource Hash
3abd27ff4eb987b4d3b5e4566588219709e74b7be7e2f0a0269254451c61192c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://step-eight.promotelogin.com/nu/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 12:07:55 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 12:03:04 GMT
server
nginx
etag
"61af4d78-5da5f"
content-type
application/javascript
cache-control
max-age=315360000, public
content-length
383583
expires
Thu, 31 Dec 2037 23:55:55 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: step-eight.promotelogin.com
URL: https://step-eight.promotelogin.com/assets/packs/js/application-c0af5a8426dcafdd41ce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668A) /
Resource Hash
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://step-eight.promotelogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 07 Dec 2021 12:07:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Dec 2021 21:35:27 GMT
Server
ECS (frb/668A)
Age
24
Etag
"50ec7e701ed018305368886c39cac301+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29126
logo-1bda63ba.svg
step-eight.promotelogin.com/assets/packs/media/nu/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step-eight.promotelogin.com/assets/packs/media/nu/logo-1bda63ba.svg
Requested by
Host: step-eight.promotelogin.com
URL: https://step-eight.promotelogin.com/assets/packs/css/application-f64062c9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.104.203.5 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
172-104-203-5.ip.linodeusercontent.com
Software
nginx /
Resource Hash
83c27505d9e28f63c18a9c5fad772ddfeba1fdc561401831f7ce203dfc69fb3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://step-eight.promotelogin.com/assets/packs/css/application-f64062c9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 12:07:55 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 12:03:04 GMT
server
nginx
etag
"61af4d78-ad3"
content-type
image/svg+xml
cache-control
max-age=315360000, public
content-length
2771
expires
Thu, 31 Dec 2037 23:55:55 GMT
image_branding-939d0f20.jpg
step-eight.promotelogin.com/assets/packs/media/nu/ 		767 KB
768 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step-eight.promotelogin.com/assets/packs/media/nu/image_branding-939d0f20.jpg
Requested by
Host: step-eight.promotelogin.com
URL: https://step-eight.promotelogin.com/assets/packs/css/application-f64062c9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.104.203.5 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
172-104-203-5.ip.linodeusercontent.com
Software
nginx /
Resource Hash
832ff7720e74d521485a546c9706b1a837d3431127def609eef7dce0c031024e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://step-eight.promotelogin.com/assets/packs/css/application-f64062c9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 12:07:55 GMT
last-modified
Tue, 07 Dec 2021 12:03:04 GMT
server
nginx
etag
"61af4d78-bfafe"
content-type
image/jpeg
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
785150
expires
Thu, 31 Dec 2037 23:55:55 GMT
widget_iframe.21f942bb866c2823339b839747a0c50c.html
platform.twitter.com/widgets/ Frame 0045 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fstep-eight.promotelogin.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6739) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://step-eight.promotelogin.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
57047
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 07 Dec 2021 12:07:55 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Thu, 02 Dec 2021 21:34:18 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6739)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
settings
syndication.twitter.com/ Frame 0045 		232 B
448 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=062572df7279ce1d4285fc0b18bca297e74aa6c2
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fstep-eight.promotelogin.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-response-time
110
date
Tue, 07 Dec 2021 12:07:55 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 12:07:55 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
f32b653291aa68685bbb86b57238bdc451dfaa4fa55c3451368e69ee079f83ed
content-length
166

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| Airbrake object| airbrake function| setImmediate function| clearImmediate object| regeneratorRuntime object| twttr function| makeEditor object| Turbolinks boolean| _rails_loaded object| FontAwesomeConfig object| ___FONT_AWESOME___ function| _ object| __twttrll object| __twttr

3 Cookies

Domain/Path Name / Value
step-eight.promotelogin.com/ Name: intended_path
Value: %2F
step-eight.promotelogin.com/ Name: _session_id
Value: 04458c54b697f99c6461823c78bef670
step-eight.promotelogin.com/ Name: detected_time_zone
Value: %7B%22name%22%3A%22Etc%2FUTC%22%2C%22offset%22%3A%2200%3A00%22%2C%22is_dst%22%3Afalse%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN