auth.ecs-preprod.totalenergies.de Open in urlscan Pro
52.142.215.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://auth.ecs-preprod.totalenergies.de/
Effective URL:
https://auth.ecs-preprod.totalenergies.de/select
Submission: On November 02 via automatic, source certstream-suspicious (November 2nd 2022, 12:20:27 pm UTC) — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 13 HTTP transactions. The main IP is 52.142.215.190, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is auth.ecs-preprod.totalenergies.de.
TLS certificate: Issued by R3 on November 2nd 2022. Valid for: 3 months.

This is the only time auth.ecs-preprod.totalenergies.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	52.142.215.190 52.142.215.190	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.131.67.145 104.131.67.145	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:303... 2606:4700:3032::6815:54d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
13	6

7 52.142.215.190 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

auth.ecs-preprod.totalenergies.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.131.67.145 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.freebiesupply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:54d8 (United States)

ASN13335 (CLOUDFLARENET, US)

100-pics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	totalenergies.de 1 redirects auth.ecs-preprod.totalenergies.de	8 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 361	6 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	100-pics.net 100-pics.net	103 KB
1	freebiesupply.com cdn.freebiesupply.com — Cisco Umbrella Rank: 252886	36 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
13	6

	Domain	Requested by
7	auth.ecs-preprod.totalenergies.de	1 redirects auth.ecs-preprod.totalenergies.de
3	cdnjs.cloudflare.com	auth.ecs-preprod.totalenergies.de
1	fonts.gstatic.com	fonts.googleapis.com
1	100-pics.net	auth.ecs-preprod.totalenergies.de
1	cdn.freebiesupply.com	auth.ecs-preprod.totalenergies.de
1	fonts.googleapis.com	auth.ecs-preprod.totalenergies.de
13	6

This site contains no links.

Subject Issuer	Validity	Valid
auth.ecs-preprod.totalenergies.de R3	`2022-11-02` - `2023-01-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
cdn.freebiesupply.com R3	`2022-10-08` - `2023-01-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.ecs-preprod.totalenergies.de/select
Frame ID: 12E7664BA6D9E8501991B2A2626CB51B
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ECS Authenticator

Page URL History Show full URLs

https://auth.ecs-preprod.totalenergies.de/ HTTP 302
https://auth.ecs-preprod.totalenergies.de/select Page URL

Detected technologies

Milligram (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+milligram(?:\.min)?\.css

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

170 kB
Transfer

188 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://auth.ecs-preprod.totalenergies.de/ HTTP 302
https://auth.ecs-preprod.totalenergies.de/select Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request select Show response
auth.ecs-preprod.totalenergies.de/
Redirect Chain

https://auth.ecs-preprod.totalenergies.de/
https://auth.ecs-preprod.totalenergies.de/select

2 KB
2 KB

31ms
31ms

Document
text/html

52.142.215.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.ecs-preprod.totalenergies.de/select
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.142.215.190 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 5bf183181f146d3b85076bac80fab1550a5507871c7f8e1a0acfbb65bd024f45

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 1555
content-type: text/html; charset=utf-8
date: Wed, 02 Nov 2022 12:20:22 GMT
etag: W/"613-D33ah286kboim4w/nUjobjEr5IA"
x-powered-by: Express

Redirect headers

content-length: 58
content-type: text/html; charset=utf-8
date: Wed, 02 Nov 2022 12:20:22 GMT
location: /select
vary: Accept
x-powered-by: Express

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 95ms
32ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300italic,700,700italic

Requested by

Host: auth.ecs-preprod.totalenergies.de
URL: https://auth.ecs-preprod.totalenergies.de/select

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c709cbf5ca0a7721678b5c97ebffef2526f31f31e3669720877465135cb67cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.ecs-preprod.totalenergies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 02 Nov 2022 12:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 12:17:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Nov 2022 12:20:22 GMT

GET
H2 200 normalize.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/ 6 KB
2 KB 94ms
33ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/normalize.css

Requested by

Host: auth.ecs-preprod.totalenergies.de
URL: https://auth.ecs-preprod.totalenergies.de/select

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.ecs-preprod.totalenergies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 12:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2543610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1398
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-17fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlPbeip91dbwNIE8kYD8TbUa8kXZ7m3oLD8AitXNkCu98cBIhsxIIWBmnehGaWwo9YLVGJjQIy0BmXancR7YWAls%2FFISF%2Fa%2Bqx8cwyrygMFczsk5T8NcjEaBIWuesu0Y5SNbH0mN7Uxck%2BLFhkgQfQCb"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 763cd2eb2df36964-FRA
expires: Mon, 23 Oct 2023 12:20:22 GMT

GET
H2 200 milligram.css
cdnjs.cloudflare.com/ajax/libs/milligram/1.4.1/ 10 KB
2 KB 95ms
35ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/milligram/1.4.1/milligram.css

Requested by

Host: auth.ecs-preprod.totalenergies.de
URL: https://auth.ecs-preprod.totalenergies.de/select

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e79dc73372d7747b20efa42310eed3f4b9826ead1d998175ec374a51d363bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.ecs-preprod.totalenergies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 12:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 21570050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2075
last-modified: Thu, 18 Jun 2020 19:21:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eebbea1-297c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssea%2BoEDWm4lpxErEOt5WeRRF80eR0LrIjKNEwaZcO%2Fpfp7mNvqi3T0BFLWqDkz0rq2Nfh0AekU92wbLv7G32U9jxTh2ThB8kg5ADOzFUxtQJmMoziemMpwDJUriK7B7%2BofnJCjTSjEjm%2FDfpujSyPvf"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 763cd2eb2df56964-FRA
expires: Mon, 23 Oct 2023 12:20:22 GMT

GET
H2 200 style.css
auth.ecs-preprod.totalenergies.de/stylesheets/ 630 B
695 B 33ms
32ms Stylesheet
text/css 52.142.215.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.ecs-preprod.totalenergies.de/stylesheets/style.css
Requested by: Host: auth.ecs-preprod.totalenergies.de
URL: https://auth.ecs-preprod.totalenergies.de/select
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.142.215.190 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 84077b363b920d2a77f2e6056262095737c08bf61da3c5fbce83d473d2ae8331

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.ecs-preprod.totalenergies.de/select
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 12:20:22 GMT
last-modified: Mon, 01 Aug 2022 08:44:26 GMT
etag: W/"276-1825893ee10"
x-powered-by: Express
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 630

GET
H2 200 prism-coy.min.css
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/themes/ 3 KB
2 KB 186ms
49ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/themes/prism-coy.min.css

Requested by

Host: auth.ecs-preprod.totalenergies.de
URL: https://auth.ecs-preprod.totalenergies.de/select

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8241cb64ba6d6591da058fa3aab464015cce19f31ae0706148226d79e9bcc32f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.ecs-preprod.totalenergies.de/
Origin: https://auth.ecs-preprod.totalenergies.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 12:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 235987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 917
last-modified: Thu, 31 Dec 2020 20:37:57 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fee36a5-bf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgXKH%2FC6jAM9PegTJ9ZQSj2Z7uyrd%2Fhr%2FbU4nEtVXBWq46Ruh13UEI4z9sCLakyULFzThkZM1HHRKhvZCDBIEvKkduD223vn3ebqIb%2B9iO0LvHiyIFzlHMX2yGyGzhfRAeIhWYwvJf%2BvfiD5%2ByJMqiw4"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 763cd2ebaa2a9018-FRA
expires: Mon, 23 Oct 2023 12:20:23 GMT

GET
H2 200 main.js Show response
auth.ecs-preprod.totalenergies.de/javascripts/ 144 B
260 B 31ms
31ms Script
application/javascript 52.142.215.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.ecs-preprod.totalenergies.de/javascripts/main.js
Requested by: Host: auth.ecs-preprod.totalenergies.de
URL: https://auth.ecs-preprod.totalenergies.de/select
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.142.215.190 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 00ea70e050c581828c5a098d5ec046edd93292d3ad303fd9e0744fe0227aa6a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.ecs-preprod.totalenergies.de/select
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 12:20:22 GMT
last-modified: Mon, 01 Aug 2022 08:44:26 GMT
etag: W/"90-1825893ee10"
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 144

GET
H/1.1 200
OK azure-active-directory-logo.png
cdn.freebiesupply.com/logos/thumbs/2x/ 35 KB
36 KB 450ms
209ms Image
image/png 104.131.67.145
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.freebiesupply.com/logos/thumbs/2x/azure-active-directory-logo.png
Requested by: Host: auth.ecs-preprod.totalenergies.de
URL: https://auth.ecs-preprod.totalenergies.de/select
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.131.67.145 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 2e8112ecfee942857fad0c3b09959b83468c592b07bac6463ca4de1746e494fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.ecs-preprod.totalenergies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Wed, 02 Nov 2022 12:20:23 GMT
Last-Modified: Sat, 31 Mar 2018 09:52:06 GMT
Server: nginx
x-amz-request-id: 2E0D26EE3EF0A0C3
ETag: "6e7bf3c906858e96ad51ae03bf9cda5a"
X-Cache-Status: HIT
Content-Type: image/png
Cache-Control: max-age=15552000, public, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36235
x-amz-id-2: YHnqxxsJzZjyHrw5sooyp4lngKZyeSx6PZxe2fDdIt36V6CJcvOZhiBBjAuZFB1rOknjMQcovZg=
Expires: Mon, 01 May 2023 12:20:23 GMT

GET
H2 200 logos_343_928629.png
100-pics.net/images/answers/de/logos/ 103 KB
103 KB 483ms
413ms Image
image/png 2606:4700:3032::6815:54d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://100-pics.net/images/answers/de/logos/logos_343_928629.png
Requested by: Host: auth.ecs-preprod.totalenergies.de
URL: https://auth.ecs-preprod.totalenergies.de/select
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:54d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7901d2676b97da57c2342ecf7546227ac6a1cb93d6d45efb5a2af151c1a1531f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.ecs-preprod.totalenergies.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 12:20:23 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Dec 2015 16:26:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "568162a5-19b83"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FqYmJ8u2lUVvX1ZDuOvrTCi%2Bzxeeras43F%2FE%2B6AmnEgelThPiyqUcv4L0R%2BTjBWSfkZusKX2PtzlKUPPMyr4aKTjnpbGwyWmJ6pqRmSxcdUuvM46czdzWdFe7fSx08q30LnPP3S2x8gpbVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 763cd2ec6acabbf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105347

GET
H2 200 colors.css
auth.ecs-preprod.totalenergies.de/stylesheets/ 4 KB
4 KB 32ms
31ms Stylesheet
text/css 52.142.215.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.ecs-preprod.totalenergies.de/stylesheets/colors.css
Requested by: Host: auth.ecs-preprod.totalenergies.de
URL: https://auth.ecs-preprod.totalenergies.de/stylesheets/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.142.215.190 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: cdc07baec5e8c7759aa3a406342275ae3efd20237a92beb648690525d6ec411f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.ecs-preprod.totalenergies.de/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 12:20:22 GMT
last-modified: Mon, 01 Aug 2022 08:44:26 GMT
etag: W/"10c0-1825893ee10"
x-powered-by: Express
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 4288

GET
H2 200 base.css
auth.ecs-preprod.totalenergies.de/stylesheets/ 152 B
197 B 36ms
31ms Stylesheet
text/css 52.142.215.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.ecs-preprod.totalenergies.de/stylesheets/base.css
Requested by: Host: auth.ecs-preprod.totalenergies.de
URL: https://auth.ecs-preprod.totalenergies.de/stylesheets/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.142.215.190 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 122a1575f54c2356dc62a5b632acc60dc6149582ec8d211d18cf1f2755880be6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.ecs-preprod.totalenergies.de/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 12:20:22 GMT
last-modified: Mon, 01 Aug 2022 08:44:26 GMT
etag: W/"98-1825893ee10"
x-powered-by: Express
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 152

GET
H2 200 components.css
auth.ecs-preprod.totalenergies.de/stylesheets/ 488 B
535 B 36ms
32ms Stylesheet
text/css 52.142.215.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.ecs-preprod.totalenergies.de/stylesheets/components.css
Requested by: Host: auth.ecs-preprod.totalenergies.de
URL: https://auth.ecs-preprod.totalenergies.de/stylesheets/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.142.215.190 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: f94ca7546c322cd5e567d645080bcaf3922b1f9f048bb40f74f769b9039846de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.ecs-preprod.totalenergies.de/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 12:20:22 GMT
last-modified: Mon, 01 Aug 2022 08:44:26 GMT
etag: W/"1e8-1825893ee10"
x-powered-by: Express
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 488

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 81ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://auth.ecs-preprod.totalenergies.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 401979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 20:40:44 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

100-pics.net
auth.ecs-preprod.totalenergies.de
cdn.freebiesupply.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
104.131.67.145
2606:4700:3032::6815:54d8
2606:4700::6811:190e
2a00:1450:4001:829::200a
2a00:1450:4001:831::2003
52.142.215.190
00ea70e050c581828c5a098d5ec046edd93292d3ad303fd9e0744fe0227aa6a1
0e79dc73372d7747b20efa42310eed3f4b9826ead1d998175ec374a51d363bab
122a1575f54c2356dc62a5b632acc60dc6149582ec8d211d18cf1f2755880be6
2e8112ecfee942857fad0c3b09959b83468c592b07bac6463ca4de1746e494fa
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
5bf183181f146d3b85076bac80fab1550a5507871c7f8e1a0acfbb65bd024f45
6c709cbf5ca0a7721678b5c97ebffef2526f31f31e3669720877465135cb67cf
7901d2676b97da57c2342ecf7546227ac6a1cb93d6d45efb5a2af151c1a1531f
8241cb64ba6d6591da058fa3aab464015cce19f31ae0706148226d79e9bcc32f
84077b363b920d2a77f2e6056262095737c08bf61da3c5fbce83d473d2ae8331
cdc07baec5e8c7759aa3a406342275ae3efd20237a92beb648690525d6ec411f
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f94ca7546c322cd5e567d645080bcaf3922b1f9f048bb40f74f769b9039846de

auth.ecs-preprod.totalenergies.de Open in urlscan Pro 52.142.215.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

170 kBTransfer

188 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

Indicators

auth.ecs-preprod.totalenergies.de Open in urlscan Pro
52.142.215.190 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

170 kB
Transfer

188 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions