auth.eu.shadow.tech Open in urlscan Pro
2606:4700:10::ac43:a06 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://drive.shadow.tech/
Effective URL:
https://auth.eu.shadow.tech/ui/hydra/landing?login_challenge=29690f05ec754f7db6c8c8000716ab29
Submission: On June 28 via manual (June 28th 2023, 2:55:31 pm UTC) from FR — Scanned from FR

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 2606:4700:10::ac43:a06, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth.eu.shadow.tech.
TLS certificate: Issued by E1 on June 12th 2023. Valid for: 3 months.

This is the only time auth.eu.shadow.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	46.105.132.157 46.105.132.157	16276 (OVH) (OVH)
3 3	46.105.132.156 46.105.132.156	16276 (OVH) (OVH)
1 12	2606:4700:10:... 2606:4700:10::ac43:a06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2

1 46.105.132.157 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip157.ip-46-105-132.eu

drive.shadow.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.105.132.156 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ip156.ip-46-105-132.eu

drive.shadow.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:10::ac43:a06 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hydra.eu.shadow.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth.eu.shadow.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	shadow.tech 5 redirects drive.shadow.tech hydra.eu.shadow.tech auth.eu.shadow.tech	101 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1174	7 KB
12	2

	Domain	Requested by
11	auth.eu.shadow.tech	auth.eu.shadow.tech static.cloudflareinsights.com
4	drive.shadow.tech	4 redirects
1	static.cloudflareinsights.com	auth.eu.shadow.tech
1	hydra.eu.shadow.tech	1 redirects
12	4

This site contains no links.

Subject Issuer	Validity	Valid
auth.eu.shadow.tech E1	`2023-06-12` - `2023-09-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://auth.eu.shadow.tech/ui/hydra/landing?login_challenge=29690f05ec754f7db6c8c8000716ab29
Frame ID: 0B7DAAFCFC076A57EB3B3D59619AA3A2
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shadow

Page URL History Show full URLs

http://drive.shadow.tech/ HTTP 302
https://drive.shadow.tech/ HTTP 302
https://drive.shadow.tech/login HTTP 302
https://drive.shadow.tech/apps/oidc_login/oidc HTTP 302
https://hydra.eu.shadow.tech/oauth2/auth?response_type=code&redirect_uri=https%3A%2F%2Fdrive.shadow.tech%... HTTP 302
https://auth.eu.shadow.tech/ui/hydra/landing?login_challenge=29690f05ec754f7db6c8c8000716ab29 Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

12
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

4
Subdomains

2
IPs

2
Countries

104 kB
Transfer

151 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://drive.shadow.tech/ HTTP 302
https://drive.shadow.tech/ HTTP 302
https://drive.shadow.tech/login HTTP 302
https://drive.shadow.tech/apps/oidc_login/oidc HTTP 302
https://hydra.eu.shadow.tech/oauth2/auth?response_type=code&redirect_uri=https%3A%2F%2Fdrive.shadow.tech%2Fapps%2Foidc_login%2Foidc&client_id=ddcb1636-e4c1-4914-875d-6c78674ba731&nonce=1472762fa7ebe7fae01284fd42f0bdf0&state=b54fc2e453340dc86e6037d448c19128&scope=openid+profile+email+storage+openid HTTP 302
https://auth.eu.shadow.tech/ui/hydra/landing?login_challenge=29690f05ec754f7db6c8c8000716ab29 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request landing Show response
auth.eu.shadow.tech/ui/hydra/
Redirect Chain

http://drive.shadow.tech/
https://drive.shadow.tech/
https://drive.shadow.tech/login
https://drive.shadow.tech/apps/oidc_login/oidc
https://hydra.eu.shadow.tech/oauth2/auth?response_type=code&redirect_uri=https%3A%2F%2Fdrive.shadow.tech%2Fapps%2Foidc_login%2Foidc&client_id=ddcb1636-e4c1-4914-875d-6c78674ba731&nonce=1472762fa7eb...
https://auth.eu.shadow.tech/ui/hydra/landing?login_challenge=29690f05ec754f7db6c8c8000716ab29

3 KB
2 KB

120ms
64ms

Document
text/html

2606:4700:10::ac43:a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.eu.shadow.tech/ui/hydra/landing?login_challenge=29690f05ec754f7db6c8c8000716ab29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:a06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17db5393b02db0a097f11262f991fa4940c680be472385d4dcd537489b28494e

Security Headers

Name	Value
Content-Security-Policy	form-action *;script-src 'nonce-fb13717045d702488129c5479b914d71' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-fb13717045d702488129c5479b914d71' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7de6c54af9a42155-CDG
content-encoding: br
content-language: fr-FR
content-security-policy: form-action *;script-src 'nonce-fb13717045d702488129c5479b914d71' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-fb13717045d702488129c5479b914d71' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Wed, 28 Jun 2023 14:55:25 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 15
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

Redirect headers

cache-control: private, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7de6c54a4b50d60d-CDG
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 14:55:25 GMT
location: https://auth.eu.shadow.tech/ui/hydra/landing?login_challenge=29690f05ec754f7db6c8c8000716ab29
server: cloudflare
x-envoy-upstream-service-time: 15

GET
H2 200 root.css
auth.eu.shadow.tech/ui/hydra/styles/ 222 B
640 B 138ms
137ms Stylesheet
text/css 2606:4700:10::ac43:a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.eu.shadow.tech/ui/hydra/styles/root.css

Requested by

Host: auth.eu.shadow.tech
URL: https://auth.eu.shadow.tech/ui/hydra/landing?login_challenge=29690f05ec754f7db6c8c8000716ab29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:a06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37b298b663b25a621774977c219c974f09637756200c7be506da03f14a15465d

Security Headers

Name	Value
Content-Security-Policy	form-action *;script-src 'nonce-0f8a009c0c5e025589bcee9414ace557' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-0f8a009c0c5e025589bcee9414ace557' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 14:55:26 GMT
content-security-policy: form-action *;script-src 'nonce-0f8a009c0c5e025589bcee9414ace557' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-0f8a009c0c5e025589bcee9414ace557' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
content-encoding: br
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 6
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"de-0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=14400
cf-ray: 7de6c54b7a1b2155-CDG

GET
H2 200 fonts.css
auth.eu.shadow.tech/ui/hydra/styles/ 635 B
550 B 139ms
138ms Stylesheet
text/css 2606:4700:10::ac43:a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.eu.shadow.tech/ui/hydra/styles/fonts.css

Requested by

Host: auth.eu.shadow.tech
URL: https://auth.eu.shadow.tech/ui/hydra/landing?login_challenge=29690f05ec754f7db6c8c8000716ab29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:a06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f4b55d5c9549a14573fa8089e719298e1f94b0131724856979049207bd788dd

Security Headers

Name	Value
Content-Security-Policy	form-action *;script-src 'nonce-2f546146e73f4ee358361b0b4ff0d073' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-2f546146e73f4ee358361b0b4ff0d073' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 14:55:26 GMT
content-security-policy: form-action *;script-src 'nonce-2f546146e73f4ee358361b0b4ff0d073' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-2f546146e73f4ee358361b0b4ff0d073' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
content-encoding: br
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 5
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"27b-0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=14400
cf-ray: 7de6c54b8a1c2155-CDG

GET
H2 200 tailwind.css
auth.eu.shadow.tech/ui/hydra/styles/ 23 KB
6 KB 140ms
139ms Stylesheet
text/css 2606:4700:10::ac43:a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.eu.shadow.tech/ui/hydra/styles/tailwind.css

Requested by

Host: auth.eu.shadow.tech
URL: https://auth.eu.shadow.tech/ui/hydra/landing?login_challenge=29690f05ec754f7db6c8c8000716ab29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:a06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26ae0a6c453838f6262ef5d3bd052d7d5bd777f65cfe670b016ab14bdadf1760

Security Headers

Name	Value
Content-Security-Policy	form-action *;script-src 'nonce-13a339ad219e1ae28835971eec0987bd' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-13a339ad219e1ae28835971eec0987bd' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 14:55:26 GMT
content-security-policy: form-action *;script-src 'nonce-13a339ad219e1ae28835971eec0987bd' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-13a339ad219e1ae28835971eec0987bd' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
content-encoding: br
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 6
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"5baa-0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=14400
cf-ray: 7de6c54b8a1e2155-CDG

GET
H2 200 variables.css
auth.eu.shadow.tech/ui/hydra/styles/ 12 KB
2 KB 140ms
139ms Stylesheet
text/css 2606:4700:10::ac43:a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.eu.shadow.tech/ui/hydra/styles/variables.css

Requested by

Host: auth.eu.shadow.tech
URL: https://auth.eu.shadow.tech/ui/hydra/landing?login_challenge=29690f05ec754f7db6c8c8000716ab29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:a06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1afc8213b8441b1402a0d83a74677e6372a6014ce10e6603373c9dfcf256806

Security Headers

Name	Value
Content-Security-Policy	form-action *;script-src 'nonce-e9cbfcad900d39288b9217a11c068078' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-e9cbfcad900d39288b9217a11c068078' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 14:55:26 GMT
content-security-policy: form-action *;script-src 'nonce-e9cbfcad900d39288b9217a11c068078' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-e9cbfcad900d39288b9217a11c068078' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
content-encoding: br
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"2e2d-0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=14400
cf-ray: 7de6c54b8a1f2155-CDG

GET
H2 200 form-validation.js Show response
auth.eu.shadow.tech/ui/hydra/scripts/ 7 KB
2 KB 139ms
138ms Script
application/javascript 2606:4700:10::ac43:a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.eu.shadow.tech/ui/hydra/scripts/form-validation.js

Requested by

Host: auth.eu.shadow.tech
URL: https://auth.eu.shadow.tech/ui/hydra/landing?login_challenge=29690f05ec754f7db6c8c8000716ab29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:a06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f69945d4de741109a3a901e37d9d75747c4a035954055bf36fa1adc116901b8a

Security Headers

Name	Value
Content-Security-Policy	form-action *;script-src 'nonce-0e139e0192e07bc1601b914f5d617311' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-0e139e0192e07bc1601b914f5d617311' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 14:55:26 GMT
content-security-policy: form-action *;script-src 'nonce-0e139e0192e07bc1601b914f5d617311' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-0e139e0192e07bc1601b914f5d617311' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
content-encoding: br
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 6
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"1b77-0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=14400
cf-ray: 7de6c54b8a222155-CDG

GET
H2 200 logo-shadow-white.svg
auth.eu.shadow.tech/ui/hydra/assets/ 8 KB
3 KB 45ms
44ms Image
image/svg+xml 2606:4700:10::ac43:a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.eu.shadow.tech/ui/hydra/assets/logo-shadow-white.svg

Requested by

Host: auth.eu.shadow.tech
URL: https://auth.eu.shadow.tech/ui/hydra/landing?login_challenge=29690f05ec754f7db6c8c8000716ab29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:a06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f76f57f48823b7be78ae05556f9b587db163b3834b7251b3f9b902347493b66

Security Headers

Name	Value
Content-Security-Policy	form-action *;script-src 'nonce-6bc39d15caa1b315f7596f18dbd2aceb' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-6bc39d15caa1b315f7596f18dbd2aceb' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 14:55:26 GMT
content-security-policy: form-action *;script-src 'nonce-6bc39d15caa1b315f7596f18dbd2aceb' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-6bc39d15caa1b315f7596f18dbd2aceb' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
content-encoding: br
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 3
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"1e2a-0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
origin-agent-cluster: ?1
cache-control: public, max-age=14400
cf-ray: 7de6c54c6aef2155-CDG

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 119ms
55ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: auth.eu.shadow.tech
URL: https://auth.eu.shadow.tech/ui/hydra/landing?login_challenge=29690f05ec754f7db6c8c8000716ab29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer
Origin: https://auth.eu.shadow.tech
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 14:55:26 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7de6c54cccbad2c9-CDG

GET
H2 200 icon-checkbox.svg
auth.eu.shadow.tech/ui/hydra/assets/ 225 B
543 B 48ms
48ms Image
image/svg+xml 2606:4700:10::ac43:a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.eu.shadow.tech/ui/hydra/assets/icon-checkbox.svg

Requested by

Host: auth.eu.shadow.tech
URL: https://auth.eu.shadow.tech/ui/hydra/styles/tailwind.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:a06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebfc922411b4c9b2a301c90a7eb647ae00997a5235e10dae4ef40ae989835026

Security Headers

Name	Value
Content-Security-Policy	form-action *;script-src 'nonce-e5a31c08ba7a873e20cb3c53247cf486' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-e5a31c08ba7a873e20cb3c53247cf486' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 14:55:26 GMT
content-security-policy: form-action *;script-src 'nonce-e5a31c08ba7a873e20cb3c53247cf486' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-e5a31c08ba7a873e20cb3c53247cf486' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
content-encoding: br
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 5
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"e1-0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
origin-agent-cluster: ?1
cache-control: public, max-age=14400
cf-ray: 7de6c54c6af52155-CDG

GET
H2 200 nexa-text-regular.woff2
auth.eu.shadow.tech/ui/hydra/styles/fonts/ 39 KB
40 KB 57ms
57ms Font
font/woff2 2606:4700:10::ac43:a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.eu.shadow.tech/ui/hydra/styles/fonts/nexa-text-regular.woff2

Requested by

Host: auth.eu.shadow.tech
URL: https://auth.eu.shadow.tech/ui/hydra/styles/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:a06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a799ee58c49f87390df18fe46980df8c9885266f4811aa34d2534036910682d

Security Headers

Name	Value
Content-Security-Policy	form-action *;script-src 'nonce-e2c896452130702fead36d39f05c6569' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-e2c896452130702fead36d39f05c6569' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://auth.eu.shadow.tech
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 14:55:26 GMT
content-security-policy: form-action *;script-src 'nonce-e2c896452130702fead36d39f05c6569' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-e2c896452130702fead36d39f05c6569' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 4
cross-origin-resource-policy: same-origin
content-length: 40080
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"9c90-0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
origin-agent-cluster: ?1
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7de6c54c6af62155-CDG

GET
H2 200 nexa-text-book.woff2
auth.eu.shadow.tech/ui/hydra/styles/fonts/ 39 KB
40 KB 66ms
65ms Font
font/woff2 2606:4700:10::ac43:a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.eu.shadow.tech/ui/hydra/styles/fonts/nexa-text-book.woff2

Requested by

Host: auth.eu.shadow.tech
URL: https://auth.eu.shadow.tech/ui/hydra/styles/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:a06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1affa83858acb2c612b3bdcba4fc19ba8dbdc53f73be57fcf2ff91485cbc1e83

Security Headers

Name	Value
Content-Security-Policy	form-action *;script-src 'nonce-02a9447603eca25d58c03084c1fde3f9' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-02a9447603eca25d58c03084c1fde3f9' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://auth.eu.shadow.tech
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 14:55:26 GMT
content-security-policy: form-action *;script-src 'nonce-02a9447603eca25d58c03084c1fde3f9' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-02a9447603eca25d58c03084c1fde3f9' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 4
cross-origin-resource-policy: same-origin
content-length: 40112
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"9cb0-0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
origin-agent-cluster: ?1
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7de6c54c6af92155-CDG

POST
H2 204 rum Show response
auth.eu.shadow.tech/cdn-cgi/ 0
173 B 30ms
29ms XHR
text/plain 2606:4700:10::ac43:a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.eu.shadow.tech/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:a06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json

Response headers

date: Wed, 28 Jun 2023 14:55:26 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://auth.eu.shadow.tech
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7de6c54d3b9d2155-CDG

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| __cfBeacon

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
drive.shadow.tech/	1969-12-31 23:59:59	Name: oc_sessionPassphrase Value: axjpJkJSMH7n3dj9q4I5RRIPt1sPq9pUCzCmW%2BGdBYMlw4UrCQTK3K0ashnniibiANWdQqcxK1hfgMJhUbW0ZoKUkDa%2BA%2FRcd11GlNa6XtRahCEw9S0R2L6zzOUwLMDg
drive.shadow.tech/	1970-01-20 22:28:44	Name: __Host-nc_sameSiteCookielax Value: true
drive.shadow.tech/	1970-01-20 22:28:44	Name: __Host-nc_sameSiteCookiestrict Value: true
drive.shadow.tech/	1969-12-31 23:59:59	Name: oc2zrx1kz7m6 Value: ab8b8h0p330buf4pheej8857v3
hydra.eu.shadow.tech/	1970-01-20 12:52:45	Name: ory_hydra_login_csrf_349011175 Value: MTY4Nzk2NDEyNXxfeWV0TE1iOWFFeW1hVm1yMzV2MGhSNmR3c0lfRDJqTzY3VldfT2FMdjM4RGwxWjlrdnV4M2lxYXI0bzVsM2NlenlYSl9wTmoxTUhxMk9Nd2hDQ2hsYTZub0p2cmh1UmFSV2VKMjhZMVkwQXNKTkRHWWc3dmFyRWpoR0ktMXc9PXwHp4lCz_eSc0gNpymjoldC9k7FUwNfZJjUozQiy4p5tQ==
auth.eu.shadow.tech/	1969-12-31 23:59:59	Name: __host-bid Value: s%3Aj%3A%7B%22id%22%3A%22e05fc7c3-fa5e-4be4-858d-320c8ec693f5%22%2C%22agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36%22%2C%22ip%22%3A%222001%3A41d0%3Ad%3A364d%3A%3A8%22%7D.O2b41Swao8pesmbEVWzywlf%2FwjsF579DdbvPV6%2FbgRs
auth.eu.shadow.tech/	1969-12-31 23:59:59	Name: _csrf Value: -qglGZavRGp49LbpTm4HSW9e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	form-action *;script-src 'nonce-fb13717045d702488129c5479b914d71' 'self';script-src-attr 'unsafe-inline';script-src-elem 'nonce-fb13717045d702488129c5479b914d71' 'self';frame-ancestors http://localhost:3000 http://localhost:3001;default-src 'self';base-uri 'self';font-src 'self' https: data:;img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.eu.shadow.tech
drive.shadow.tech
hydra.eu.shadow.tech
static.cloudflareinsights.com
2606:4700:10::ac43:a06
2606:4700::6810:3865
46.105.132.156
46.105.132.157
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
17db5393b02db0a097f11262f991fa4940c680be472385d4dcd537489b28494e
1a799ee58c49f87390df18fe46980df8c9885266f4811aa34d2534036910682d
1affa83858acb2c612b3bdcba4fc19ba8dbdc53f73be57fcf2ff91485cbc1e83
26ae0a6c453838f6262ef5d3bd052d7d5bd777f65cfe670b016ab14bdadf1760
37b298b663b25a621774977c219c974f09637756200c7be506da03f14a15465d
3f76f57f48823b7be78ae05556f9b587db163b3834b7251b3f9b902347493b66
5f4b55d5c9549a14573fa8089e719298e1f94b0131724856979049207bd788dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebfc922411b4c9b2a301c90a7eb647ae00997a5235e10dae4ef40ae989835026
f1afc8213b8441b1402a0d83a74677e6372a6014ce10e6603373c9dfcf256806
f69945d4de741109a3a901e37d9d75747c4a035954055bf36fa1adc116901b8a

auth.eu.shadow.tech Open in urlscan Pro 2606:4700:10::ac43:a06 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

50 %IPv6

2 Domains

4 Subdomains

2 IPs

2 Countries

104 kBTransfer

151 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

7 Cookies

Security Headers

Indicators

auth.eu.shadow.tech Open in urlscan Pro
2606:4700:10::ac43:a06 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

4
Subdomains

2
IPs

2
Countries

104 kB
Transfer

151 kB
Size

7
Cookies

12 HTTP transactions
0 data transactions