login.web-dev-mj.demeter.link Open in urlscan Pro
104.17.254.182 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://login.web-dev-mj.demeter.link/
Effective URL:
https://login.web-dev-mj.demeter.link/login?state=hKFo2SAzYUwyVWMxWkRBaVJkT29GUUE3ZFBqUll1dUJURnBtcKFupWxvZ2luo3RpZNkgeFBKZi1nQnZMdmI2...
Submission: On July 06 via automatic, source certstream-suspicious (July 6th 2024, 7:26:45 am UTC) — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 104.17.254.182, located in and belongs to CLOUDFLARENET, US. The main domain is login.web-dev-mj.demeter.link.
TLS certificate: Issued by E5 on July 6th 2024. Valid for: 3 months.

This is the only time login.web-dev-mj.demeter.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700::68... 2606:4700::6811:feb6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	13.225.78.97 13.225.78.97	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:cfad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.17.254.182 104.17.254.182	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:235... 2600:9000:2359:6600:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
1	52.92.164.224 52.92.164.224	16509 (AMAZON-02) (AMAZON-02)
12	6

2 2606:4700::6811:feb6 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

login.web-dev-mj.demeter.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.78.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-97.fra2.r.cloudfront.net

web-dev-mj.demeter.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:cfad (United States)

ASN13335 (CLOUDFLARENET, US)

hello.myfonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.254.182 (None, )

ASN13335 (CLOUDFLARENET, US)

login.web-dev-mj.demeter.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2359:6600:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.164.224 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	demeter.link 2 redirects login.web-dev-mj.demeter.link web-dev-mj.demeter.link	1 MB
1	amazonaws.com s3-us-west-2.amazonaws.com	9 KB
1	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 7845	197 KB
1	myfonts.net hello.myfonts.net — Cisco Umbrella Rank: 14997	357 B
12	4

	Domain	Requested by
5	web-dev-mj.demeter.link	web-dev-mj.demeter.link
5	login.web-dev-mj.demeter.link	2 redirects web-dev-mj.demeter.link cdn.auth0.com
1	s3-us-west-2.amazonaws.com	login.web-dev-mj.demeter.link
1	cdn.auth0.com	login.web-dev-mj.demeter.link
1	hello.myfonts.net	client
12	5

This site contains no links.

Subject Issuer	Validity	Valid
*.demeter.link Amazon RSA 2048 M03	`2024-05-15` - `2025-06-13`	a year	crt.sh
*.myfonts.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-09-28`	a year	crt.sh
login.web-dev-mj.demeter.link E5	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.auth0.com Amazon RSA 2048 M03	`2024-01-25` - `2025-02-22`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-05-15` - `2025-05-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.web-dev-mj.demeter.link/login?state=hKFo2SAzYUwyVWMxWkRBaVJkT29GUUE3ZFBqUll1dUJURnBtcKFupWxvZ2luo3RpZNkgeFBKZi1nQnZMdmI2Z1JYZjIxVlRidEhkbHZDZnA0UHWjY2lk2SBjYWMzSnhXVXZoV3l3QlZZVmhwQmd0TmFpN2xmWkFRNA&client=cac3JxWUvhWywBVYVhpBgtNai7lfZAQ4&protocol=oauth2&audience=https%3A%2F%2Fapi-dev.demeter-venture.net&scope=openid%20profile%20email%20offline_access&redirect_uri=https%3A%2F%2Fweb-dev-mj.demeter.link&response_type=code&response_mode=query&nonce=VzlMb01MRkYyQUNrWEY5emYyYnp6Y3IyRk9ZVnpNZlpjc0pLMjBrVWRtRg%3D%3D&code_challenge=NdFumSPuxwTA-VeX3BnCXomeS9pvSv4VxtujHn_XQ1Y&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
Frame ID: 781195F429E04C6FCEAC323463001AD2
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In To e-Gro

Page URL History Show full URLs

https://login.web-dev-mj.demeter.link/ HTTP 302
https://web-dev-mj.demeter.link/ Page URL
https://login.web-dev-mj.demeter.link/authorize?audience=https%3A%2F%2Fapi-dev.demeter-venture.net&scope=openid%20... HTTP 302
https://login.web-dev-mj.demeter.link/login?state=hKFo2SAzYUwyVWMxWkRBaVJkT29GUUE3ZFBqUll1dUJURnBtcKFupWxvZ2luo3Rp... Page URL

Detected technologies

Auth0 Lock (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/lock/([\d.]+)/lock(?:.min)?\.js

Page Statistics

12
Requests

92 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

1377 kB
Transfer

4952 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login.web-dev-mj.demeter.link/ HTTP 302
https://web-dev-mj.demeter.link/ Page URL
https://login.web-dev-mj.demeter.link/authorize?audience=https%3A%2F%2Fapi-dev.demeter-venture.net&scope=openid%20profile%20email%20offline_access&client_id=cac3JxWUvhWywBVYVhpBgtNai7lfZAQ4&redirect_uri=https%3A%2F%2Fweb-dev-mj.demeter.link&response_type=code&response_mode=query&state=WWlxdk51aEFESTk2eVF5MXFFaXdTdC1oTzRSMHg0SG1BS0NZSk5LZV9RVg%3D%3D&nonce=VzlMb01MRkYyQUNrWEY5emYyYnp6Y3IyRk9ZVnpNZlpjc0pLMjBrVWRtRg%3D%3D&code_challenge=NdFumSPuxwTA-VeX3BnCXomeS9pvSv4VxtujHn_XQ1Y&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D HTTP 302
https://login.web-dev-mj.demeter.link/login?state=hKFo2SAzYUwyVWMxWkRBaVJkT29GUUE3ZFBqUll1dUJURnBtcKFupWxvZ2luo3RpZNkgeFBKZi1nQnZMdmI2Z1JYZjIxVlRidEhkbHZDZnA0UHWjY2lk2SBjYWMzSnhXVXZoV3l3QlZZVmhwQmd0TmFpN2xmWkFRNA&client=cac3JxWUvhWywBVYVhpBgtNai7lfZAQ4&protocol=oauth2&audience=https%3A%2F%2Fapi-dev.demeter-venture.net&scope=openid%20profile%20email%20offline_access&redirect_uri=https%3A%2F%2Fweb-dev-mj.demeter.link&response_type=code&response_mode=query&nonce=VzlMb01MRkYyQUNrWEY5emYyYnp6Y3IyRk9ZVnpNZlpjc0pLMjBrVWRtRg%3D%3D&code_challenge=NdFumSPuxwTA-VeX3BnCXomeS9pvSv4VxtujHn_XQ1Y&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://login.web-dev-mj.demeter.link/ HTTP 302
https://web-dev-mj.demeter.link/

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
web-dev-mj.demeter.link/
Redirect Chain

https://login.web-dev-mj.demeter.link/
https://web-dev-mj.demeter.link/

747 B
1 KB

163ms
48ms

Document
text/html

13.225.78.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-dev-mj.demeter.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-97.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6788ae494fcdd4de239fc3a485acce44c6e99b5bba0f741e4015b4b11cc377b3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 74220
content-length: 747
content-type: text/html
date: Fri, 05 Jul 2024 10:49:39 GMT
etag: "e0a8b70201326983fce8a58bc58925c9"
last-modified: Fri, 05 Jul 2024 10:44:09 GMT
server: AmazonS3
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
x-amz-cf-id: epGR_UYh4paBHb1x_lMgWx_npZbhS0A2UvJqfbOt69BmTKv0G-RftA==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront

Redirect headers

age: 1
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=60
cf-cache-status: HIT
cf-ray: 89edde248f8a2c5e-FRA
content-type: text/html; charset=utf-8
date: Sat, 06 Jul 2024 07:26:38 GMT
location: https://web-dev-mj.demeter.link/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-auth0-requestid: 91776b953f664dd3930e
x-content-type-options: nosniff

GET
H2 200 index.6f71befa5a2cbfb90e00.js Show response
web-dev-mj.demeter.link/ 4 MB
988 KB 51ms
51ms Script
text/javascript 13.225.78.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-dev-mj.demeter.link/index.6f71befa5a2cbfb90e00.js
Requested by: Host: web-dev-mj.demeter.link
URL: https://web-dev-mj.demeter.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-97.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ff467f7f3fb3a4e3d751c4ce6222b7d2a60b547785948df2aeff3e61eb7fdb0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://web-dev-mj.demeter.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 10:49:39 GMT
content-encoding: gzip
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Fri, 05 Jul 2024 10:44:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 74221
etag: W/"f4b2d051e355ba879ae5504d70d5dcbb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: hSSMKkBwa6bv-3Tnrtl-i7opO7zcGlAYDE8tQ7FP6tfFwv7WPKhdUA==

GET
H2 200 381565
hello.myfonts.net/count/ 0
357 B 157ms
55ms Stylesheet
text/css 2606:4700::6812:cfad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.myfonts.net/count/381565
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:cfad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://web-dev-mj.demeter.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 07:26:39 GMT
server: cloudflare
age: 1
expect-ct: null
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 89edde294ceb90f4-FRA
content-length: 0
expires: Sun, 06 Jul 2025 07:26:39 GMT

GET
H2 200 249215fa47574d761792c88683b4b729.woff2
web-dev-mj.demeter.link/ 40 KB
41 KB 51ms
50ms Font
font/woff2 13.225.78.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-dev-mj.demeter.link/249215fa47574d761792c88683b4b729.woff2
Requested by: Host: web-dev-mj.demeter.link
URL: https://web-dev-mj.demeter.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-97.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://web-dev-mj.demeter.link/
Origin: https://web-dev-mj.demeter.link
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 10:49:40 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Fri, 05 Jul 2024 10:44:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 74220
etag: "70c6e4bc38c8f3556de94751c98a2ae0"
x-cache: Hit from cloudfront
content-type: font/woff2
content-length: 41150
x-amz-cf-id: DE7gksiTavhjNp4xPvdjK-iDNU1dEOHsgl-QVzHnz_7n8DDzpkF9Zg==

GET
H2 200 0c35d18bf06992036b691da73d635fc4.woff2
web-dev-mj.demeter.link/ 125 KB
126 KB 48ms
48ms Font
font/woff2 13.225.78.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-dev-mj.demeter.link/0c35d18bf06992036b691da73d635fc4.woff2
Requested by: Host: web-dev-mj.demeter.link
URL: https://web-dev-mj.demeter.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-97.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://web-dev-mj.demeter.link/
Origin: https://web-dev-mj.demeter.link
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 10:49:40 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Fri, 05 Jul 2024 10:44:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 74220
etag: "53436aca8627a49f4deaaa44dc9e3c05"
x-cache: Hit from cloudfront
content-type: font/woff2
content-length: 128352
x-amz-cf-id: 6yTp4LW9U_3MwhKe7fMNKiA0zTMoRtsqX4cBKPg2c-FZXybj0DZiCQ==

GET
BLOB 200
OK c5b5d14c-a264-4b59-9d4c-a9c4000d251b
https://web-dev-mj.demeter.link/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://web-dev-mj.demeter.link/c5b5d14c-a264-4b59-9d4c-a9c4000d251b
Requested by: Host: web-dev-mj.demeter.link
URL: https://web-dev-mj.demeter.link/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 5040
Content-Type: application/javascript

GET
H3

200

Primary Request login Show response
login.web-dev-mj.demeter.link/
Redirect Chain

https://login.web-dev-mj.demeter.link/authorize?audience=https%3A%2F%2Fapi-dev.demeter-venture.net&scope=openid%20profile%20email%20offline_access&client_id=cac3JxWUvhWywBVYVhpBgtNai7lfZAQ4&redirec...
https://login.web-dev-mj.demeter.link/login?state=hKFo2SAzYUwyVWMxWkRBaVJkT29GUUE3ZFBqUll1dUJURnBtcKFupWxvZ2luo3RpZNkgeFBKZi1nQnZMdmI2Z1JYZjIxVlRidEhkbHZDZnA0UHWjY2lk2SBjYWMzSnhXVXZoV3l3QlZZVmhwQmd...

8 KB
9 KB

330ms
329ms

Document
text/html

104.17.254.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.web-dev-mj.demeter.link/login?state=hKFo2SAzYUwyVWMxWkRBaVJkT29GUUE3ZFBqUll1dUJURnBtcKFupWxvZ2luo3RpZNkgeFBKZi1nQnZMdmI2Z1JYZjIxVlRidEhkbHZDZnA0UHWjY2lk2SBjYWMzSnhXVXZoV3l3QlZZVmhwQmd0TmFpN2xmWkFRNA&client=cac3JxWUvhWywBVYVhpBgtNai7lfZAQ4&protocol=oauth2&audience=https%3A%2F%2Fapi-dev.demeter-venture.net&scope=openid%20profile%20email%20offline_access&redirect_uri=https%3A%2F%2Fweb-dev-mj.demeter.link&response_type=code&response_mode=query&nonce=VzlMb01MRkYyQUNrWEY5emYyYnp6Y3IyRk9ZVnpNZlpjc0pLMjBrVWRtRg%3D%3D&code_challenge=NdFumSPuxwTA-VeX3BnCXomeS9pvSv4VxtujHn_XQ1Y&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D

Requested by

Host: web-dev-mj.demeter.link
URL: https://web-dev-mj.demeter.link/index.6f71befa5a2cbfb90e00.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.254.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd1b2249769c06ee4917a613a0d631999742987d78338c81af8068cb113f2788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://web-dev-mj.demeter.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 89edde2dfee4c042-WAW
content-type: text/html; charset=utf-8
date: Sat, 06 Jul 2024 07:26:40 GMT
etag: W/"2072-blFxuhzR63gu2QsqhHT3fPWto9s"
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-auth0-requestid: 2a9478328c9937608a2f
x-content-type-options: nosniff
x-ratelimit-limit: 100
x-ratelimit-remaining: 99
x-ratelimit-reset: 1720250801
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 89edde2baf032c5e-FRA
content-length: 1428
content-type: text/html; charset=utf-8
date: Sat, 06 Jul 2024 07:26:40 GMT
location: /login?state=hKFo2SAzYUwyVWMxWkRBaVJkT29GUUE3ZFBqUll1dUJURnBtcKFupWxvZ2luo3RpZNkgeFBKZi1nQnZMdmI2Z1JYZjIxVlRidEhkbHZDZnA0UHWjY2lk2SBjYWMzSnhXVXZoV3l3QlZZVmhwQmd0TmFpN2xmWkFRNA&client=cac3JxWUvhWywBVYVhpBgtNai7lfZAQ4&protocol=oauth2&audience=https%3A%2F%2Fapi-dev.demeter-venture.net&scope=openid%20profile%20email%20offline_access&redirect_uri=https%3A%2F%2Fweb-dev-mj.demeter.link&response_type=code&response_mode=query&nonce=VzlMb01MRkYyQUNrWEY5emYyYnp6Y3IyRk9ZVnpNZlpjc0pLMjBrVWRtRg%3D%3D&code_challenge=NdFumSPuxwTA-VeX3BnCXomeS9pvSv4VxtujHn_XQ1Y&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-auth0-requestid: 9c93d13d670c6ea81089
x-content-type-options: nosniff
x-ratelimit-limit: 100
x-ratelimit-remaining: 99
x-ratelimit-reset: 1720250801

GET
H2 200 favicon.ico
web-dev-mj.demeter.link/ 5 KB
6 KB 49ms
48ms Other
image/vnd.microsoft.icon 13.225.78.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-dev-mj.demeter.link/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-97.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://web-dev-mj.demeter.link/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 13:11:09 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Fri, 05 Jul 2024 10:44:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 65731
etag: "a975b076cfde58023b99f6e808435180"
x-cache: Hit from cloudfront
content-type: image/vnd.microsoft.icon
content-length: 5430
x-amz-cf-id: xFdLAlUq_JRp2WTV-kYlIDEsX0vKo5p3lFll7EYUyPO2Ql8o1V8uzg==

GET
H2 200 lock.min.js Show response
cdn.auth0.com/js/lock/10.20.0/ 711 KB
197 KB 281ms
43ms Script
application/javascript 2600:9000:2359:6600:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/js/lock/10.20.0/lock.min.js

Requested by

Host: login.web-dev-mj.demeter.link
URL: https://login.web-dev-mj.demeter.link/login?state=hKFo2SAzYUwyVWMxWkRBaVJkT29GUUE3ZFBqUll1dUJURnBtcKFupWxvZ2luo3RpZNkgeFBKZi1nQnZMdmI2Z1JYZjIxVlRidEhkbHZDZnA0UHWjY2lk2SBjYWMzSnhXVXZoV3l3QlZZVmhwQmd0TmFpN2xmWkFRNA&client=cac3JxWUvhWywBVYVhpBgtNai7lfZAQ4&protocol=oauth2&audience=https%3A%2F%2Fapi-dev.demeter-venture.net&scope=openid%20profile%20email%20offline_access&redirect_uri=https%3A%2F%2Fweb-dev-mj.demeter.link&response_type=code&response_mode=query&nonce=VzlMb01MRkYyQUNrWEY5emYyYnp6Y3IyRk9ZVnpNZlpjc0pLMjBrVWRtRg%3D%3D&code_challenge=NdFumSPuxwTA-VeX3BnCXomeS9pvSv4VxtujHn_XQ1Y&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:6600:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

49455d4a24ffd7f80a2089995f61b07ca319818101b7833b26cc5945523245e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: CmUAZ88TPSZlZDsLk2ewJizoxIaXehe0
content-encoding: gzip
via: 1.1 7ccd3c44ed70cdb4cd40f0ff29b1254c.cloudfront.net (CloudFront)
date: Fri, 05 Jul 2024 07:34:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 85961
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Aug 2017 23:09:40 GMT
server: AmazonS3
etag: W/"68d3fc578da742821ce6f255753bb08b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2628000,public
x-robots-tag: noindex
x-amz-cf-id: JB347iEZjvY5Bf6cFBG5M96ZY7fn0buEecAsLF6DDWVaxTk6eUxLnQ==

GET
H/1.1 200
OK eGroLogo.svg
s3-us-west-2.amazonaws.com/public-demeter-miscellaneous/ 9 KB
9 KB 674ms
225ms Image
image/svg+xml 52.92.164.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/public-demeter-miscellaneous/eGroLogo.svg
Requested by: Host: login.web-dev-mj.demeter.link
URL: https://login.web-dev-mj.demeter.link/login?state=hKFo2SAzYUwyVWMxWkRBaVJkT29GUUE3ZFBqUll1dUJURnBtcKFupWxvZ2luo3RpZNkgeFBKZi1nQnZMdmI2Z1JYZjIxVlRidEhkbHZDZnA0UHWjY2lk2SBjYWMzSnhXVXZoV3l3QlZZVmhwQmd0TmFpN2xmWkFRNA&client=cac3JxWUvhWywBVYVhpBgtNai7lfZAQ4&protocol=oauth2&audience=https%3A%2F%2Fapi-dev.demeter-venture.net&scope=openid%20profile%20email%20offline_access&redirect_uri=https%3A%2F%2Fweb-dev-mj.demeter.link&response_type=code&response_mode=query&nonce=VzlMb01MRkYyQUNrWEY5emYyYnp6Y3IyRk9ZVnpNZlpjc0pLMjBrVWRtRg%3D%3D&code_challenge=NdFumSPuxwTA-VeX3BnCXomeS9pvSv4VxtujHn_XQ1Y&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.164.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 868670c2881f84ac283d252ae05a877761362df8b60d08d40415f9635003a177

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 06 Jul 2024 07:26:42 GMT
Last-Modified: Tue, 10 Jul 2018 17:35:56 GMT
Server: AmazonS3
x-amz-request-id: ZPC2QBEQV97M5427
ETag: "94e623a946f9cd3b73c0dd088fbf6f7b"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 8714
x-amz-id-2: yvu+EsY1fD8Ag7ZjdaPG8LKSTSwb8ETiRwDUKTWCiB1IZKgoRqBjvLgwODvY2rHRm+oLWFjzoh0=

GET
H3 200 cac3JxWUvhWywBVYVhpBgtNai7lfZAQ4.js Show response
login.web-dev-mj.demeter.link/client/ 446 B
610 B 302ms
301ms Script
application/x-javascript 104.17.254.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.web-dev-mj.demeter.link/client/cac3JxWUvhWywBVYVhpBgtNai7lfZAQ4.js?t1720250801215

Requested by

Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/10.20.0/lock.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.254.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

079484e7ac8c27d3b8eb05d28bbd95b0b61a1d1939a6be5d6e969c26f855dcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://login.web-dev-mj.demeter.link/login?state=hKFo2SAzYUwyVWMxWkRBaVJkT29GUUE3ZFBqUll1dUJURnBtcKFupWxvZ2luo3RpZNkgeFBKZi1nQnZMdmI2Z1JYZjIxVlRidEhkbHZDZnA0UHWjY2lk2SBjYWMzSnhXVXZoV3l3QlZZVmhwQmd0TmFpN2xmWkFRNA&client=cac3JxWUvhWywBVYVhpBgtNai7lfZAQ4&protocol=oauth2&audience=https%3A%2F%2Fapi-dev.demeter-venture.net&scope=openid%20profile%20email%20offline_access&redirect_uri=https%3A%2F%2Fweb-dev-mj.demeter.link&response_type=code&response_mode=query&nonce=VzlMb01MRkYyQUNrWEY5emYyYnp6Y3IyRk9ZVnpNZlpjc0pLMjBrVWRtRg%3D%3D&code_challenge=NdFumSPuxwTA-VeX3BnCXomeS9pvSv4VxtujHn_XQ1Y&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 07:26:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-auth0-requestid: 59597cdd392a10da575d
server: cloudflare
etag: W/"1be-BgihyBhW5NvBwIiE6i5r6IIVkQA"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=60, stale-while-revalidate=60, stale-if-error=86400
cf-ray: 89edde33ccb6c042-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 404 favicon.ico
login.web-dev-mj.demeter.link/ 9 B
273 B 298ms
297ms Other
text/plain 104.17.254.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.web-dev-mj.demeter.link/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.254.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://login.web-dev-mj.demeter.link/login?state=hKFo2SAzYUwyVWMxWkRBaVJkT29GUUE3ZFBqUll1dUJURnBtcKFupWxvZ2luo3RpZNkgeFBKZi1nQnZMdmI2Z1JYZjIxVlRidEhkbHZDZnA0UHWjY2lk2SBjYWMzSnhXVXZoV3l3QlZZVmhwQmd0TmFpN2xmWkFRNA&client=cac3JxWUvhWywBVYVhpBgtNai7lfZAQ4&protocol=oauth2&audience=https%3A%2F%2Fapi-dev.demeter-venture.net&scope=openid%20profile%20email%20offline_access&redirect_uri=https%3A%2F%2Fweb-dev-mj.demeter.link&response_type=code&response_mode=query&nonce=VzlMb01MRkYyQUNrWEY5emYyYnp6Y3IyRk9ZVnpNZlpjc0pLMjBrVWRtRg%3D%3D&code_challenge=NdFumSPuxwTA-VeX3BnCXomeS9pvSv4VxtujHn_XQ1Y&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 07:26:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-auth0-not-found: 1
cf-cache-status: MISS
x-auth0-requestid: bc37d47298c15ef52771
server: cloudflare
x-content-type-options: nosniff
etag: W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: public, max-age=300
cf-ray: 89edde37d862c042-WAW
alt-svc: h3=":443"; ma=86400
content-length: 9

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.web-dev-mj.demeter.link/usernamepassword/login	1970-01-20 22:05:14	Name: _csrf Value: hgDvUwJSdUFUBbj_Q1EXGGHp
.myfonts.net/	1970-01-20 21:50:52	Name: __cf_bm Value: ib_5WNSanWyDBwbvuPjuC_Df0OKds3s9hPonG0bEFAw-1720250799-1.0.1.1-2BTBm31B9ojLMJzmWZes7rUqPGjdPVFq.EC5nCaYXIhzY57jQpmI5FwFTvGOzkvoHIE_WrJc.Ek_6IYvqJzalw
login.web-dev-mj.demeter.link/	1970-01-21 06:36:48	Name: did Value: s%3Av0%3A8f42f01f-6bf1-4cef-bc2a-0424c7a7aacf.E%2BV3LPdMing9Awvb5ehq5ZzHFfpLM4LZdxHMNJa%2BtVE
login.web-dev-mj.demeter.link/	1970-01-20 21:55:10	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQAr1Mo88_FhUbDsym5MJibqLZ4HTzv-njhT8S_lJ7tTWx2XJWNJFekKUe1M5j1KsmOZRzOAvoVlWo27FgzcPND2mY29va2llg6dleHBpcmVz1_8mYqkAZozmMK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.FCCDBNJrYbhqH1PmDSqhSHaUtmd7IrZbeaomlPEu3fQ
login.web-dev-mj.demeter.link/	1970-01-21 06:36:48	Name: did_compat Value: s%3Av0%3A8f42f01f-6bf1-4cef-bc2a-0424c7a7aacf.E%2BV3LPdMing9Awvb5ehq5ZzHFfpLM4LZdxHMNJa%2BtVE
login.web-dev-mj.demeter.link/	1970-01-20 21:55:10	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQAr1Mo88_FhUbDsym5MJibqLZ4HTzv-njhT8S_lJ7tTWx2XJWNJFekKUe1M5j1KsmOZRzOAvoVlWo27FgzcPND2mY29va2llg6dleHBpcmVz1_8mYqkAZozmMK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.FCCDBNJrYbhqH1PmDSqhSHaUtmd7IrZbeaomlPEu3fQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://login.web-dev-mj.demeter.link/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.auth0.com
hello.myfonts.net
login.web-dev-mj.demeter.link
s3-us-west-2.amazonaws.com
web-dev-mj.demeter.link
104.17.254.182
13.225.78.97
2600:9000:2359:6600:10:474e:104a:2961
2606:4700::6811:feb6
2606:4700::6812:cfad
52.92.164.224
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
079484e7ac8c27d3b8eb05d28bbd95b0b61a1d1939a6be5d6e969c26f855dcd9
49455d4a24ffd7f80a2089995f61b07ca319818101b7833b26cc5945523245e1
4ff467f7f3fb3a4e3d751c4ce6222b7d2a60b547785948df2aeff3e61eb7fdb0
6788ae494fcdd4de239fc3a485acce44c6e99b5bba0f741e4015b4b11cc377b3
868670c2881f84ac283d252ae05a877761362df8b60d08d40415f9635003a177
bd1b2249769c06ee4917a613a0d631999742987d78338c81af8068cb113f2788
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

login.web-dev-mj.demeter.link Open in urlscan Pro 104.17.254.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

50 %IPv6

4 Domains

5 Subdomains

6 IPs

2 Countries

1377 kBTransfer

4952 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

6 Cookies

1 Console Messages

Indicators

login.web-dev-mj.demeter.link Open in urlscan Pro
104.17.254.182 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

1377 kB
Transfer

4952 kB
Size

6
Cookies

12 HTTP transactions
0 data transactions