redauto.bloodhoundenterprise.io Open in urlscan Pro
3.225.244.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://redauto.bloodhoundenterprise.io/
Effective URL:
https://redauto.bloodhoundenterprise.io/ui
Submission: On July 20 via manual (July 20th 2023, 12:17:44 am UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 3.225.244.68, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is redauto.bloodhoundenterprise.io.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 24th 2023. Valid for: a year.

This is the only time redauto.bloodhoundenterprise.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	3.225.244.68 3.225.244.68	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:225... 2600:9000:2251:4400:1f:596a:bec0:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2

11 3.225.244.68 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-244-68.compute-1.amazonaws.com

redauto.bloodhoundenterprise.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:4400:1f:596a:bec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.analytics.bloodhoundenterprise.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	bloodhoundenterprise.io 1 redirects redauto.bloodhoundenterprise.io content.analytics.bloodhoundenterprise.io	2 MB
11	1

	Domain	Requested by
11	redauto.bloodhoundenterprise.io	1 redirects redauto.bloodhoundenterprise.io
1	content.analytics.bloodhoundenterprise.io	redauto.bloodhoundenterprise.io
11	2

This site contains no links.

Subject Issuer	Validity	Valid
23150418-89a5-4edf-b5f8-0e8c8da3a517.bloodhoundenterprise.io Amazon RSA 2048 M01	`2023-02-24` - `2024-01-19`	a year	crt.sh
content.analytics.bloodhoundenterprise.io Amazon RSA 2048 M02	`2023-02-28` - `2023-11-19`	9 months	crt.sh

This page contains 1 frames:

Primary Page: https://redauto.bloodhoundenterprise.io/ui
Frame ID: 19BCD92FE5C2B64701EE9789BCA46454
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BloodHound Enterprise

Page URL History Show full URLs

https://redauto.bloodhoundenterprise.io/ HTTP 301
https://redauto.bloodhoundenterprise.io/ui Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

2551 kB
Transfer

2816 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://redauto.bloodhoundenterprise.io/ HTTP 301
https://redauto.bloodhoundenterprise.io/ui Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ui Show response
redauto.bloodhoundenterprise.io/
Redirect Chain

https://redauto.bloodhoundenterprise.io/
https://redauto.bloodhoundenterprise.io/ui

1 KB
2 KB

118ms
117ms

Document
text/html

3.225.244.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://redauto.bloodhoundenterprise.io/ui

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.244.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-244-68.compute-1.amazonaws.com

Software

Resource Hash

c46db484ce38e4c2593aa3275a4c974e1d7a149858fb7e11b6def7f41462aac1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .bloodhoundenterprise.io; script-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' .bloodhoundenterprise.io data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 1301
content-security-policy: default-src 'self' *.bloodhoundenterprise.io; script-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' *.bloodhoundenterprise.io data:;
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 00:17:38 GMT
permissions-policy: fullscreen=*, unsized-media=*, unoptimized-images=*, geolocation=(), camera=(), microphone=(), payment=()
preference-applied: wait=30.000000
referrer-policy: strict-origin-when-cross-origin
requestid: 99ba2244-a8c8-460a-b938-16f6a2711c92
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-rate-limit-duration: 1
x-rate-limit-limit: 55.00
x-rate-limit-request-forwarded-for: 217.114.218.21
x-rate-limit-request-remote-addr: 10.160.38.166:12210

Redirect headers

content-length: 38
content-security-policy: default-src 'self' *.bloodhoundenterprise.io; script-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' *.bloodhoundenterprise.io data:;
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 00:17:38 GMT
location: /ui
permissions-policy: fullscreen=*, unsized-media=*, unoptimized-images=*, geolocation=(), camera=(), microphone=(), payment=()
preference-applied: wait=30.000000
referrer-policy: strict-origin-when-cross-origin
requestid: b78d76c4-2312-4965-bf9e-2446ffe3ae2f
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-rate-limit-duration: 1
x-rate-limit-limit: 55.00
x-rate-limit-request-forwarded-for: 217.114.218.21
x-rate-limit-request-remote-addr: 10.160.59.199:62140

GET
H2 200 main.eb4bb3cb.js Show response
redauto.bloodhoundenterprise.io/ui/static/js/ 2 MB
2 MB 118ms
116ms Script
text/javascript 3.225.244.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://redauto.bloodhoundenterprise.io/ui/static/js/main.eb4bb3cb.js

Requested by

Host: redauto.bloodhoundenterprise.io
URL: https://redauto.bloodhoundenterprise.io/ui

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.244.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-244-68.compute-1.amazonaws.com

Software

Resource Hash

f3b06bf27df1b7af97f5f8e92cadd78cf00a6df184c8f5e573fffa0a179253f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .bloodhoundenterprise.io; script-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' .bloodhoundenterprise.io data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redauto.bloodhoundenterprise.io/ui
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-rate-limit-request-remote-addr: 10.160.54.22:57483
date: Thu, 20 Jul 2023 00:17:38 GMT
content-security-policy: default-src 'self' *.bloodhoundenterprise.io; script-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' *.bloodhoundenterprise.io data:;
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-rate-limit-request-forwarded-for: 217.114.218.21
x-content-type-options: nosniff
x-rate-limit-limit: 55.00
requestid: 30598015-1c3f-4e2b-a276-a5bed6560048
x-frame-options: SAMEORIGIN
preference-applied: wait=30.000000
content-type: text/javascript; charset=utf-8
permissions-policy: fullscreen=*, unsized-media=*, unoptimized-images=*, geolocation=(), camera=(), microphone=(), payment=()
x-rate-limit-duration: 1

GET
H2 200 main.02a96be2.css
redauto.bloodhoundenterprise.io/ui/static/css/ 19 KB
20 KB 344ms
343ms Stylesheet
text/css 3.225.244.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://redauto.bloodhoundenterprise.io/ui/static/css/main.02a96be2.css

Requested by

Host: redauto.bloodhoundenterprise.io
URL: https://redauto.bloodhoundenterprise.io/ui

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.244.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-244-68.compute-1.amazonaws.com

Software

Resource Hash

310c7f359a1c73eca37820c5db3da9eb6cd3ecde60a8d0813ef4394db66a8db6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .bloodhoundenterprise.io; script-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' .bloodhoundenterprise.io data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redauto.bloodhoundenterprise.io/ui
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-rate-limit-request-remote-addr: 10.160.69.162:33171
date: Thu, 20 Jul 2023 00:17:38 GMT
content-security-policy: default-src 'self' *.bloodhoundenterprise.io; script-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' *.bloodhoundenterprise.io data:;
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-rate-limit-request-forwarded-for: 217.114.218.21
x-content-type-options: nosniff
x-rate-limit-limit: 55.00
requestid: d3549305-ef82-4c94-afb6-08c2fef890fc
x-frame-options: SAMEORIGIN
preference-applied: wait=30.000000
content-type: text/css; charset=utf-8
permissions-policy: fullscreen=*, unsized-media=*, unoptimized-images=*, geolocation=(), camera=(), microphone=(), payment=()
x-rate-limit-duration: 1

GET
H2 200 pendo.js Show response
content.analytics.bloodhoundenterprise.io/agent/static/603a5aff-099a-4329-4c33-02b3cdcabd01/ 411 KB
137 KB 790ms
601ms Script
application/javascript 2600:9000:2251:4400:1f:596a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.analytics.bloodhoundenterprise.io/agent/static/603a5aff-099a-4329-4c33-02b3cdcabd01/pendo.js
Requested by: Host: redauto.bloodhoundenterprise.io
URL: https://redauto.bloodhoundenterprise.io/ui
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4400:1f:596a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 65c6c495bcddb2a3e437c3748f9b7926e3744b4866d606676cba87dc8ab8c4d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redauto.bloodhoundenterprise.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 00:17:39 GMT
content-encoding: gzip
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 0
x-guploader-uploadid: ADPycduElRmIuc-2wNHg8XVDAh0ycXCt9bdl3dr0EnQWxDQizTzXaVR-zHHNj51hVvv5yc7csj1xeuBqStn8iJeW6fFEtA
x-cache: Miss from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 139500
last-modified: Thu, 13 Jul 2023 18:11:57 GMT
server: UploadServer
etag: "9fb1a7052557eea51010057c2d5bcc8c"
vary: Accept-Encoding
x-goog-generation: 1689271917868889
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=lXming==, md5=n7GnBSVX7qUQEAV8LVvMjA==
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 139500
accept-ranges: bytes
x-amz-cf-id: ZzsYngZ4RQTkaxX2olIfGieucqGT6pXU7Rl04gm0imZQ3AmNki0U5Q==
expires: Thu, 20 Jul 2023 00:25:09 GMT

GET
H2 200 features Show response
redauto.bloodhoundenterprise.io/api/v2/ 3 KB
3 KB 197ms
197ms XHR
application/json 3.225.244.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://redauto.bloodhoundenterprise.io/api/v2/features

Requested by

Host: redauto.bloodhoundenterprise.io
URL: https://redauto.bloodhoundenterprise.io/ui/static/js/main.eb4bb3cb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.244.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-244-68.compute-1.amazonaws.com

Software

Resource Hash

4f813e9c3aab330a60aec7df5f50508f0af2399ceee1660874332534c5cfb606

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .bloodhoundenterprise.io; script-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' .bloodhoundenterprise.io data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://redauto.bloodhoundenterprise.io/ui
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-rate-limit-request-remote-addr: 10.160.61.66:29656
date: Thu, 20 Jul 2023 00:17:39 GMT
content-security-policy: default-src 'self' *.bloodhoundenterprise.io; script-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' *.bloodhoundenterprise.io data:;
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-rate-limit-request-forwarded-for: 217.114.218.21
x-content-type-options: nosniff
x-rate-limit-limit: 55.00
requestid: 0eb9d29d-8554-4325-8a97-605c0c10e865
x-frame-options: SAMEORIGIN
preference-applied: wait=30.000000
content-type: application/json
permissions-policy: fullscreen=*, unsized-media=*, unoptimized-images=*, geolocation=(), camera=(), microphone=(), payment=()
x-rate-limit-duration: 1

GET
H2 200 937.cd341485.chunk.js Show response
redauto.bloodhoundenterprise.io/ui/static/js/ 6 KB
7 KB 186ms
186ms Script
text/javascript 3.225.244.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://redauto.bloodhoundenterprise.io/ui/static/js/937.cd341485.chunk.js

Requested by

Host: redauto.bloodhoundenterprise.io
URL: https://redauto.bloodhoundenterprise.io/ui/static/js/main.eb4bb3cb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.244.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-244-68.compute-1.amazonaws.com

Software

Resource Hash

a39f3fad832f96080d1eb8384e7021eb7d4c597bc69460d76379a3534214d0b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .bloodhoundenterprise.io; script-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' .bloodhoundenterprise.io data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redauto.bloodhoundenterprise.io/ui/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-rate-limit-request-remote-addr: 10.160.71.45:20619
date: Thu, 20 Jul 2023 00:17:39 GMT
content-security-policy: default-src 'self' *.bloodhoundenterprise.io; script-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' *.bloodhoundenterprise.io data:;
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-rate-limit-request-forwarded-for: 217.114.218.21
x-content-type-options: nosniff
x-rate-limit-limit: 55.00
requestid: 0791a703-6bb3-453f-bafb-668d1d764485
x-frame-options: SAMEORIGIN
preference-applied: wait=30.000000
content-type: text/javascript; charset=utf-8
permissions-policy: fullscreen=*, unsized-media=*, unoptimized-images=*, geolocation=(), camera=(), microphone=(), payment=()
x-rate-limit-duration: 1

GET
H2 200 985.a46be539.chunk.js Show response
redauto.bloodhoundenterprise.io/ui/static/js/ 7 KB
7 KB 185ms
185ms Script
text/javascript 3.225.244.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://redauto.bloodhoundenterprise.io/ui/static/js/985.a46be539.chunk.js

Requested by

Host: redauto.bloodhoundenterprise.io
URL: https://redauto.bloodhoundenterprise.io/ui/static/js/main.eb4bb3cb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.244.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-244-68.compute-1.amazonaws.com

Software

Resource Hash

320853548436d0564c62e9eca1c3e8d75ac3f1ce63e5b26eee61702b73f4e8a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .bloodhoundenterprise.io; script-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' .bloodhoundenterprise.io data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redauto.bloodhoundenterprise.io/ui/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-rate-limit-request-remote-addr: 10.160.44.250:5872
date: Thu, 20 Jul 2023 00:17:39 GMT
content-security-policy: default-src 'self' *.bloodhoundenterprise.io; script-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' *.bloodhoundenterprise.io data:;
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-rate-limit-request-forwarded-for: 217.114.218.21
x-content-type-options: nosniff
x-rate-limit-limit: 55.00
requestid: 5e649c9d-bfb5-4186-a8e7-2952b781eedb
x-frame-options: SAMEORIGIN
preference-applied: wait=30.000000
content-type: text/javascript; charset=utf-8
permissions-policy: fullscreen=*, unsized-media=*, unoptimized-images=*, geolocation=(), camera=(), microphone=(), payment=()
x-rate-limit-duration: 1

GET
H2 200 Print-Brandmark-Stacked.svg
redauto.bloodhoundenterprise.io/ui/img/ 7 KB
8 KB 115ms
115ms Image
image/svg+xml 3.225.244.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redauto.bloodhoundenterprise.io/ui/img/Print-Brandmark-Stacked.svg

Requested by

Host: redauto.bloodhoundenterprise.io
URL: https://redauto.bloodhoundenterprise.io/ui/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.244.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-244-68.compute-1.amazonaws.com

Software

Resource Hash

9d148802a5fec785a54b6ef5d5e3550985f6387c4f3199b5108d1b16adb10859

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .bloodhoundenterprise.io; script-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' .bloodhoundenterprise.io data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redauto.bloodhoundenterprise.io/ui/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-rate-limit-request-remote-addr: 10.160.59.199:62140
date: Thu, 20 Jul 2023 00:17:40 GMT
content-security-policy: default-src 'self' *.bloodhoundenterprise.io; script-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' *.bloodhoundenterprise.io data:;
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-rate-limit-request-forwarded-for: 217.114.218.21
x-content-type-options: nosniff
x-rate-limit-limit: 55.00
requestid: 037c842f-cce8-44e0-b389-a75e1e59eacd
x-frame-options: SAMEORIGIN
preference-applied: wait=30.000000
content-type: image/svg+xml
permissions-policy: fullscreen=*, unsized-media=*, unoptimized-images=*, geolocation=(), camera=(), microphone=(), payment=()
x-rate-limit-duration: 1

GET
H2 200 sso Show response
redauto.bloodhoundenterprise.io/api/v2/saml/ 134 B
794 B 115ms
114ms XHR
application/json 3.225.244.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://redauto.bloodhoundenterprise.io/api/v2/saml/sso

Requested by

Host: redauto.bloodhoundenterprise.io
URL: https://redauto.bloodhoundenterprise.io/ui/static/js/main.eb4bb3cb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.244.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-244-68.compute-1.amazonaws.com

Software

Resource Hash

4c510516c2eb6653d54200bab754b0f2d98a89ca8f8ec7ba10cde3d6755e0c91

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .bloodhoundenterprise.io; script-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' .bloodhoundenterprise.io data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://redauto.bloodhoundenterprise.io/ui/login
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-rate-limit-request-remote-addr: 10.160.38.166:12210
date: Thu, 20 Jul 2023 00:17:40 GMT
content-security-policy: default-src 'self' *.bloodhoundenterprise.io; script-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' *.bloodhoundenterprise.io data:;
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-rate-limit-request-forwarded-for: 217.114.218.21
x-content-type-options: nosniff
x-rate-limit-limit: 55.00
requestid: 6c6e8203-0c60-4ce1-8cd5-439daca3ac62
x-frame-options: SAMEORIGIN
preference-applied: wait=30.000000
content-type: application/json
permissions-policy: fullscreen=*, unsized-media=*, unoptimized-images=*, geolocation=(), camera=(), microphone=(), payment=()
content-length: 134
x-rate-limit-duration: 1

GET
H2 200 roboto-latin-400-normal.b009a76ad6afe4ebd301.woff2
redauto.bloodhoundenterprise.io/ui/static/media/ 15 KB
16 KB 115ms
114ms Font
font/woff 3.225.244.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://redauto.bloodhoundenterprise.io/ui/static/media/roboto-latin-400-normal.b009a76ad6afe4ebd301.woff2

Requested by

Host: redauto.bloodhoundenterprise.io
URL: https://redauto.bloodhoundenterprise.io/ui/static/css/main.02a96be2.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.244.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-244-68.compute-1.amazonaws.com

Software

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .bloodhoundenterprise.io; script-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' .bloodhoundenterprise.io data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://redauto.bloodhoundenterprise.io/ui/static/css/main.02a96be2.css
Origin: https://redauto.bloodhoundenterprise.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-rate-limit-request-remote-addr: 10.160.69.162:33171
date: Thu, 20 Jul 2023 00:17:40 GMT
content-security-policy: default-src 'self' *.bloodhoundenterprise.io; script-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' *.bloodhoundenterprise.io data:;
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-rate-limit-request-forwarded-for: 217.114.218.21
x-content-type-options: nosniff
x-rate-limit-limit: 55.00
requestid: 51104c9b-2182-41fd-bbe5-d31eabc4cbd6
x-frame-options: SAMEORIGIN
preference-applied: wait=30.000000
content-type: font/woff
permissions-policy: fullscreen=*, unsized-media=*, unoptimized-images=*, geolocation=(), camera=(), microphone=(), payment=()
x-rate-limit-duration: 1

GET
H2 200 roboto-latin-500-normal.f25d774ecfe0996f8eb5.woff2
redauto.bloodhoundenterprise.io/ui/static/media/ 16 KB
16 KB 115ms
114ms Font
font/woff 3.225.244.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://redauto.bloodhoundenterprise.io/ui/static/media/roboto-latin-500-normal.f25d774ecfe0996f8eb5.woff2

Requested by

Host: redauto.bloodhoundenterprise.io
URL: https://redauto.bloodhoundenterprise.io/ui/static/css/main.02a96be2.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.244.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-244-68.compute-1.amazonaws.com

Software

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .bloodhoundenterprise.io; script-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' .bloodhoundenterprise.io data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://redauto.bloodhoundenterprise.io/ui/static/css/main.02a96be2.css
Origin: https://redauto.bloodhoundenterprise.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-rate-limit-request-remote-addr: 10.160.54.22:57483
date: Thu, 20 Jul 2023 00:17:40 GMT
content-security-policy: default-src 'self' *.bloodhoundenterprise.io; script-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' *.bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' *.bloodhoundenterprise.io data:;
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-rate-limit-request-forwarded-for: 217.114.218.21
x-content-type-options: nosniff
x-rate-limit-limit: 55.00
requestid: adcbe446-6ea5-4543-be0b-9b8d4eb7d78e
x-frame-options: SAMEORIGIN
preference-applied: wait=30.000000
content-type: font/woff
permissions-policy: fullscreen=*, unsized-media=*, unoptimized-images=*, geolocation=(), camera=(), microphone=(), payment=()
x-rate-limit-duration: 1

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'unsized-media'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'unoptimized-images'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .bloodhoundenterprise.io; script-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; style-src 'self' .bloodhoundenterprise.io 'unsafe-inline'; img-src 'self' .bloodhoundenterprise.io data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content.analytics.bloodhoundenterprise.io
redauto.bloodhoundenterprise.io
2600:9000:2251:4400:1f:596a:bec0:93a1
3.225.244.68
310c7f359a1c73eca37820c5db3da9eb6cd3ecde60a8d0813ef4394db66a8db6
320853548436d0564c62e9eca1c3e8d75ac3f1ce63e5b26eee61702b73f4e8a1
4c510516c2eb6653d54200bab754b0f2d98a89ca8f8ec7ba10cde3d6755e0c91
4f813e9c3aab330a60aec7df5f50508f0af2399ceee1660874332534c5cfb606
65c6c495bcddb2a3e437c3748f9b7926e3744b4866d606676cba87dc8ab8c4d4
9d148802a5fec785a54b6ef5d5e3550985f6387c4f3199b5108d1b16adb10859
a39f3fad832f96080d1eb8384e7021eb7d4c597bc69460d76379a3534214d0b3
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c46db484ce38e4c2593aa3275a4c974e1d7a149858fb7e11b6def7f41462aac1
f3b06bf27df1b7af97f5f8e92cadd78cf00a6df184c8f5e573fffa0a179253f3
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

redauto.bloodhoundenterprise.io Open in urlscan Pro 3.225.244.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

50 %IPv6

1 Domains

2 Subdomains

2 IPs

1 Countries

2551 kBTransfer

2816 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

redauto.bloodhoundenterprise.io Open in urlscan Pro
3.225.244.68 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

2551 kB
Transfer

2816 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions