login.citadel.dev Open in urlscan Pro
2606:4700:3030::ac43:949a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://proxmox2.citadel.dev/
Effective URL:
https://login.citadel.dev/auth/realms/default/protocol/openid-connect/auth?client_id=sso&redirect_uri=https%3A%2F%2Fsso.ci...
Submission: On July 15 via api (July 15th 2024, 1:48:42 pm UTC) from US — Scanned from US

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3030::ac43:949a, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.citadel.dev.
TLS certificate: Issued by WE1 on June 19th 2024. Valid for: 3 months.

This is the only time login.citadel.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3030::ac43:949a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:303... 2606:4700:3032::6815:b5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	3

2 2606:4700:3030::ac43:949a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

proxmox2.citadel.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.citadel.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3032::6815:b5f (United States)

ASN13335 (CLOUDFLARENET, US)

login.citadel.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	citadel.dev 1 redirects proxmox2.citadel.dev login.citadel.dev	160 KB
12	1

	Domain	Requested by
12	login.citadel.dev	login.citadel.dev
1	proxmox2.citadel.dev	1 redirects
12	2

This site contains no links.

Subject Issuer	Validity	Valid
citadel.dev WE1	`2024-06-19` - `2024-09-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.citadel.dev/auth/realms/default/protocol/openid-connect/auth?client_id=sso&redirect_uri=https%3A%2F%2Fsso.citadel.dev%2F_oauth&response_type=code&scope=openid+profile+email&state=2146d199be2d8d0a31f44fabaa868102%3Aoidc%3Ahttps%3A%2F%2Fproxmox2.citadel.dev%2F
Frame ID: F8BF4E5C682ACE2EA672007F80819CE6
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to Timo

Page URL History Show full URLs

https://proxmox2.citadel.dev/ HTTP 307
https://login.citadel.dev/auth/realms/default/protocol/openid-connect/auth?client_id=sso&redirect_uri=... Page URL

Page Statistics

12
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

2
Subdomains

3
IPs

1
Countries

159 kB
Transfer

1032 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://proxmox2.citadel.dev/ HTTP 307
https://login.citadel.dev/auth/realms/default/protocol/openid-connect/auth?client_id=sso&redirect_uri=https%3A%2F%2Fsso.citadel.dev%2F_oauth&response_type=code&scope=openid+profile+email&state=2146d199be2d8d0a31f44fabaa868102%3Aoidc%3Ahttps%3A%2F%2Fproxmox2.citadel.dev%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request auth Show response
login.citadel.dev/auth/realms/default/protocol/openid-connect/
Redirect Chain

https://proxmox2.citadel.dev/
https://login.citadel.dev/auth/realms/default/protocol/openid-connect/auth?client_id=sso&redirect_uri=https%3A%2F%2Fsso.citadel.dev%2F_oauth&response_type=code&scope=openid+profile+email&state=2146...

4 KB
2 KB

939ms
880ms

Document
text/html

2606:4700:3030::ac43:949a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.citadel.dev/auth/realms/default/protocol/openid-connect/auth?client_id=sso&redirect_uri=https%3A%2F%2Fsso.citadel.dev%2F_oauth&response_type=code&scope=openid+profile+email&state=2146d199be2d8d0a31f44fabaa868102%3Aoidc%3Ahttps%3A%2F%2Fproxmox2.citadel.dev%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:949a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2be176053e804904f29c52a417b89094881948947281addc67dc781b04072f8a

Security Headers

Name	Value
Content-Security-Policy	frame-src https://.citadel.dev/ 'self' https://.duosecurity.com/ https://.live.com/ https://.windows.net/; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8a3a35e64a7f4373-EWR
content-encoding: br
content-language: en
content-security-policy: frame-src https://*.citadel.dev/ 'self' https://*.duosecurity.com/ https://*.live.com/ https://*.windows.net/; frame-ancestors 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Mon, 15 Jul 2024 13:48:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tN4m2D%2FSMePuH5cvD9axr%2B5DN%2Bg3%2FbaSGQNT3D5sj5qefbelB5%2Fv1Nnb99%2FY5vK4LgMjNNBBA48KwG3wbaCBrMoS5ZB6KMf9qqp5%2FBz9XEyxwXuBXbpvuSLW3vQtL2Lf0jIpCx%2BWmYdA6GjmY%2Flqew%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a3a35e09c204373-EWR
content-type: text/html; charset=utf-8
date: Mon, 15 Jul 2024 13:48:30 GMT
location: https://login.citadel.dev/auth/realms/default/protocol/openid-connect/auth?client_id=sso&redirect_uri=https%3A%2F%2Fsso.citadel.dev%2F_oauth&response_type=code&scope=openid+profile+email&state=2146d199be2d8d0a31f44fabaa868102%3Aoidc%3Ahttps%3A%2F%2Fproxmox2.citadel.dev%2F
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tHDbd%2BU2U7nST1GQn9Y%2FOAmUi7H%2BMVkuhC%2BEE4%2Fj4tnyZ9ks5oTQlgMPzSVu4G%2B8a4yY%2FbPxGEHks9iYx2dnT0iz%2FRWviZ6v1cshllhEcJwAUkml1J5VDhyCj3qvBPcqSgMfsSIQWdxb%2F3NZK2b9fa70TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 base.css
login.citadel.dev/auth/resources/ej9yd/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 38 KB
6 KB 858ms
855ms Stylesheet
text/css 2606:4700:3032::6815:b5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.citadel.dev/auth/resources/ej9yd/common/keycloak/web_modules/@patternfly/react-core/dist/styles/base.css

Requested by

Host: login.citadel.dev
URL: https://login.citadel.dev/auth/realms/default/protocol/openid-connect/auth?client_id=sso&redirect_uri=https%3A%2F%2Fsso.citadel.dev%2F_oauth&response_type=code&scope=openid+profile+email&state=2146d199be2d8d0a31f44fabaa868102%3Aoidc%3Ahttps%3A%2F%2Fproxmox2.citadel.dev%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:b5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aef2ee595f506315b93b2bf2f5b80ff9fd98513bd61b3004f0e569ec66366c1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 13:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400
content-length: 5766
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 15 Jul 2024 13:48:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IjXxUJOYVnW6A8iDH1h%2BAJ469Vhdzr%2FKkcJ4S2FshjUbBYi1X3O3S1aLEjn3lJs5T9WZcp2ucPxNSKWgNCEjRhPYWIx8EvoMsZsZh5HY%2BgTTs5NnDy4CE7%2F8wAmrhlDYbUubPnmjuoOG1QjtHTtSZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8a3a35ed6dae189d-EWR

GET
H3 200 app.css
login.citadel.dev/auth/resources/ej9yd/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 497 KB
51 KB 1338ms
1336ms Stylesheet
text/css 2606:4700:3032::6815:b5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.citadel.dev/auth/resources/ej9yd/common/keycloak/web_modules/@patternfly/react-core/dist/styles/app.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:b5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37001dcbfa631ba0bec6e5ea46e5c43206f54909786ac129d8ca4eae2966fda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 13:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 15 Jul 2024 13:48:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FWVFGgG08i0EC%2BvmLd4mDfAGASKwyu5dePhwnV51O2VM1uOzD796sU%2Bzz5Gws3bwNVVGqmKZTnzfnfmc5lsDgKWedDe3edpUT0L3Gw72gbdVmMeh%2Fu0GLQfL%2F9dze%2BnJE95MS2drSC1uYhbtP6XnZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
cf-ray: 8a3a35ed6db4189d-EWR

GET
H3 200 patternfly.min.css
login.citadel.dev/auth/resources/ej9yd/common/keycloak/node_modules/patternfly/dist/css/ 178 KB
31 KB 1209ms
1206ms Stylesheet
text/css 2606:4700:3032::6815:b5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.citadel.dev/auth/resources/ej9yd/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:b5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 13:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 15 Jul 2024 13:48:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8rcqY8k5kV3btXcttrXbD1WAv%2B7NI9QCCb7N7VgyxKiA78zSrl0agOV3ycEPgD5PNoB8rQLGPG%2B7l3Mt4qx2u1AzHQJC5EYmj9U2Bbjyn0qK6MpRZva4Smds05L39GAMk5U6SaWr4%2BKG7nTyqWNhxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
cf-ray: 8a3a35ed6db5189d-EWR

GET
H3 200 patternfly-additions.min.css
login.citadel.dev/auth/resources/ej9yd/common/keycloak/node_modules/patternfly/dist/css/ 220 KB
31 KB 1112ms
1109ms Stylesheet
text/css 2606:4700:3032::6815:b5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.citadel.dev/auth/resources/ej9yd/common/keycloak/node_modules/patternfly/dist/css/patternfly-additions.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:b5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 13:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 15 Jul 2024 13:48:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B5TL398l1lCZAeZBZ3QgONuSDwrceeX2mkJ7tVyWo2OpSgrvK0%2Fw%2FF7owzvXBY2f7oqwGDKj4CIYcodM58%2BKJb45q8uWR62m4pY1s6gwkp%2BancDfSaJ2iJcsdCQ8hMGPFfR%2F%2F72yqpsaKoikH%2F0aFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
cf-ray: 8a3a35ed6db9189d-EWR

GET
H3 200 pficon.css
login.citadel.dev/auth/resources/ej9yd/common/keycloak/lib/pficon/ 577 B
842 B 884ms
880ms Stylesheet
text/css 2606:4700:3032::6815:b5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.citadel.dev/auth/resources/ej9yd/common/keycloak/lib/pficon/pficon.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:b5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 13:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400
content-length: 323
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 15 Jul 2024 13:48:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wZIADIzAfwanNZ%2BQlQlN7YcfUXJCQuZqNxUQWAeC6wxLm%2FzpnuGHXYyvdoJewVEsJ%2B4%2FAcXeTmf2rNgxzraLnSoAtq0cMGXF0718kYjpHwlFv3HhozvvkBza6xXiuLndE8o%2BvMWc101fUVJcm0%2B%2Bog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8a3a35ed6dc2189d-EWR

GET
H3 200 login.css
login.citadel.dev/auth/resources/ej9yd/login/timo/css/ 43 KB
10 KB 1110ms
1106ms Stylesheet
text/css 2606:4700:3032::6815:b5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.citadel.dev/auth/resources/ej9yd/login/timo/css/login.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:b5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10439c2aa72530cc5d5ac082d479e0d84e89297229514b4a98a37608f249c323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 13:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400
content-length: 9762
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 15 Jul 2024 13:48:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z3bqkztlyw5un31mb5ufuijlQWI3SXO41hJETlBcp2MBzmCh4CMQdo1%2BZRGTL6CY1PB2GOeK7RKsgdLVyhh8%2BQSYHMioe8M%2FEYP9TLVOwzj4O3%2BiZz9BRevoY1RqogduEyH%2F2SDSkBVyFvQSimywVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8a3a35ed6dc4189d-EWR

GET
H3 200 tile.css
login.citadel.dev/auth/resources/ej9yd/login/timo/css/ 7 KB
2 KB 876ms
873ms Stylesheet
text/css 2606:4700:3032::6815:b5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.citadel.dev/auth/resources/ej9yd/login/timo/css/tile.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:b5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38f57a9833dde172f48a5d3294357b7cdde64c6ad734ad59261e2c4246e4dd40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 13:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400
content-length: 1263
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 15 Jul 2024 13:48:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3bnex%2B1ctePB2EhPkISWOtcOo4pUlmyeIqsB8NTU4kV4A5MmGpkA43RrlsHs%2FA420FDgxiAwnTCRPyD7YCuMViQfG8FEa7D1NlEA6rRgyNw7h7UbI490fjTdHlLuRwwvnPR6md1%2FZQTgS11dIKHp1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8a3a35ed6dc8189d-EWR

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7426103ee1eabc0098bf28230ca648ad310329e7f60786086160143da03d02a1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 timo-hollow.svg
login.citadel.dev/auth/resources/ej9yd/login/timo/img/ 2 KB
2 KB 889ms
889ms Image
image/svg+xml 2606:4700:3032::6815:b5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.citadel.dev/auth/resources/ej9yd/login/timo/img/timo-hollow.svg

Requested by

Host: login.citadel.dev
URL: https://login.citadel.dev/auth/resources/ej9yd/login/timo/css/login.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:b5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9acc651b6cc0d3b4bcf833923767a063953b868661e6561db39b20ce5c77c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 13:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400
content-length: 1087
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 15 Jul 2024 13:48:34 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y2MNkCFEUsf0QGYXV88aFKmK32G5jUQFw7ssXcuGYz6uH3BpswbHSsIO9o%2F7iLvUpvfkxGSnjIhSyvOYBlnZtSTaG%2FCoC2cotX%2FWfaNO74RnqkjgMqEBvlgd53npta9At7Uco771ZOE55fVu3vrF9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8a3a35f64e26189d-EWR

GET
H3 200 N4duVc9C58uwPiY8_59Fz_79_ZuUxCigM2DespTnFaw.woff2
login.citadel.dev/auth/resources/ej9yd/login/timo/css/fonts/ 10 KB
11 KB 1246ms
1245ms Font
application/octet-stream 2606:4700:3032::6815:b5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.citadel.dev/auth/resources/ej9yd/login/timo/css/fonts/N4duVc9C58uwPiY8_59Fz_79_ZuUxCigM2DespTnFaw.woff2

Requested by

Host: login.citadel.dev
URL: https://login.citadel.dev/auth/resources/ej9yd/login/timo/css/login.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:b5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ce90479f5b0a918d97d44ca63d819383dd5f8e15c9c2129bb009c677ef7f33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://login.citadel.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 13:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400
content-length: 10487
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 15 Jul 2024 13:48:34 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0VBurs5ZHiKmGXloZr2SMVd4UQE2YBj7WjGn8qy5wt88w7ZHKmpI52B9ImI2zs4BeVTPp0vDnl776RFDqcaB5LRaVm5v05tI%2F%2BBP95F8PFguUP3MlkaEVKt30m6LvwE6etoOR2XysGjGspyiXnM3bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8a3a35f6ae7a189d-EWR

GET
H3 200 hMqPNLsu_dywMa4C_DEpY4gp9Q8gbYrhqGlRav_IXfk.woff2
login.citadel.dev/auth/resources/ej9yd/login/timo/css/fonts/ 10 KB
11 KB 1144ms
1143ms Font
application/octet-stream 2606:4700:3032::6815:b5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.citadel.dev/auth/resources/ej9yd/login/timo/css/fonts/hMqPNLsu_dywMa4C_DEpY4gp9Q8gbYrhqGlRav_IXfk.woff2

Requested by

Host: login.citadel.dev
URL: https://login.citadel.dev/auth/resources/ej9yd/login/timo/css/login.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:b5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19d66566875d8b6e620f2c49209f8a665d0b6947b67d7d85073c477fe6b513d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://login.citadel.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 13:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400
content-length: 10683
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 15 Jul 2024 13:48:34 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gTEcg1dI%2B5qTdgWGFn9uwE1nEaXKh4XGIoChtQ6Ux7LvlZ2%2B%2Bt1%2BUKfbEVqhD6bPBbM%2FvkqKlNS92sEW2h%2FylaK4yzX24uVLqkB1Uz1wOhZnJwXUVqzHoYXhDj%2BcAc2c6RYmKrJdFTBNH2jD9CIItg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8a3a35f6ae7c189d-EWR

GET
H3 200 favicon.ico
login.citadel.dev/auth/resources/ej9yd/login/timo/img/ 20 KB
1 KB 850ms
849ms Other
application/octet-stream 2606:4700:3032::6815:b5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.citadel.dev/auth/resources/ej9yd/login/timo/img/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:b5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10e4c8f4848259c1b82df58f3623927ee4e08c56ebf45f942f071c8816e79d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 13:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400
content-length: 930
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 15 Jul 2024 13:48:34 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oy0Cf1tKjEXvTFI0H6M6gts5jcN9%2BN2EtHchv4pnGO9bNjRY5P0o4O3%2Ff0Dex1C%2FHRDW1cZsOgW%2F34E3KmjRE9cDUvaL3GlUBs8X%2BhvpDk5HAg%2Bi%2BGIgHZNcz2Kcm0qVTQ8so%2FHWteZm3P%2BYReRK4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8a3a35f6eebb189d-EWR

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.citadel.dev/auth/realms/default/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 6dc089aa-8284-4e6f-858b-24d71841b2a3.013d009d2641
login.citadel.dev/auth/realms/default/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 6dc089aa-8284-4e6f-858b-24d71841b2a3.013d009d2641
login.citadel.dev/auth/realms/default/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkYzgyYjE0ZC1jNGE4LTQyMmYtYTBmMC05ZTg0ZmExMzVjMWYifQ.eyJjaWQiOiJzc28iLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL3Nzby5jaXRhZGVsLmRldi9fb2F1dGgiLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJzY29wZSI6Im9wZW5pZCBwcm9maWxlIGVtYWlsIiwiaXNzIjoiaHR0cHM6Ly9sb2dpbi5jaXRhZGVsLmRldi9hdXRoL3JlYWxtcy9kZWZhdWx0IiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL3Nzby5jaXRhZGVsLmRldi9fb2F1dGgiLCJzdGF0ZSI6IjIxNDZkMTk5YmUyZDhkMGEzMWY0NGZhYmFhODY4MTAyOm9pZGM6aHR0cHM6Ly9wcm94bW94Mi5jaXRhZGVsLmRldi8ifX0.IFsJ26ng12Tt9R639-DD60EFPEBrVkH-GJs0L7Mt4lw
.citadel.dev/	1970-01-20 22:04:54	Name: _forward_auth_csrf Value: 2146d199be2d8d0a31f44fabaa868102

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src https://.citadel.dev/ 'self' https://.duosecurity.com/ https://.live.com/ https://.windows.net/; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.citadel.dev
proxmox2.citadel.dev
2606:4700:3030::ac43:949a
2606:4700:3032::6815:b5f
0ce90479f5b0a918d97d44ca63d819383dd5f8e15c9c2129bb009c677ef7f33e
10439c2aa72530cc5d5ac082d479e0d84e89297229514b4a98a37608f249c323
19d66566875d8b6e620f2c49209f8a665d0b6947b67d7d85073c477fe6b513d4
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
2be176053e804904f29c52a417b89094881948947281addc67dc781b04072f8a
37001dcbfa631ba0bec6e5ea46e5c43206f54909786ac129d8ca4eae2966fda4
38f57a9833dde172f48a5d3294357b7cdde64c6ad734ad59261e2c4246e4dd40
7426103ee1eabc0098bf28230ca648ad310329e7f60786086160143da03d02a1
81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
aef2ee595f506315b93b2bf2f5b80ff9fd98513bd61b3004f0e569ec66366c1c
de9acc651b6cc0d3b4bcf833923767a063953b868661e6561db39b20ce5c77c1
e10e4c8f4848259c1b82df58f3623927ee4e08c56ebf45f942f071c8816e79d2

login.citadel.dev Open in urlscan Pro 2606:4700:3030::ac43:949a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

100 %HTTPS

100 %IPv6

1 Domains

2 Subdomains

3 IPs

1 Countries

159 kBTransfer

1032 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

login.citadel.dev Open in urlscan Pro
2606:4700:3030::ac43:949a Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

2
Subdomains

3
IPs

1
Countries

159 kB
Transfer

1032 kB
Size

4
Cookies

12 HTTP transactions
1 data transactions