auth.shareback.xyz Open in urlscan Pro
2a00:1450:4001:82f::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auth.shareback.xyz/
Submission: On September 16 via automatic, source certstream-suspicious (September 16th 2022, 10:14:54 am UTC) — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 2a00:1450:4001:82f::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is auth.shareback.xyz.
TLS certificate: Issued by GTS CA 1D4 on September 16th 2022. Valid for: 3 months.

This is the only time auth.shareback.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2a00:1450:400... 2a00:1450:4001:82f::2013	15169 (GOOGLE) (GOOGLE)
1	63.33.12.234 63.33.12.234	16509 (AMAZON-02) (AMAZON-02)
8	2

7 2a00:1450:4001:82f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

auth.shareback.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.12.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-12-234.eu-west-1.compute.amazonaws.com

miro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	shareback.xyz auth.shareback.xyz	1 MB
1	miro.com miro.com — Cisco Umbrella Rank: 11721	6 KB
8	2

	Domain	Requested by
7	auth.shareback.xyz	auth.shareback.xyz
1	miro.com	auth.shareback.xyz
8	2

This site contains no links.

Subject Issuer	Validity	Valid
auth.shareback.xyz GTS CA 1D4	`2022-09-16` - `2022-12-15`	3 months	crt.sh
miro.com Amazon	`2021-12-08` - `2023-01-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://auth.shareback.xyz/
Frame ID: 0DBAA7B241D3B906A720D4F0211568D2
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SharebackShareback

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1222 kB
Transfer

1353 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
auth.shareback.xyz/ 34 KB
13 KB 289ms
32ms Document
text/html 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.shareback.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 55468b0ae587bdb3d1d0eeb19d2a27f9d99f90b439f5312e5a22acb455c92092

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html
date: Fri, 16 Sep 2022 10:14:49 GMT
etag: W/"63208432-8651"
last-modified: Tue, 13 Sep 2022 13:22:58 GMT
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 fonts.css
auth.shareback.xyz/fonts/ 554 B
698 B 58ms
57ms Stylesheet
text/css 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.shareback.xyz/fonts/fonts.css
Requested by: Host: auth.shareback.xyz
URL: https://auth.shareback.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: bde2f98066f543e17b3c66d76ff64cf72dc8ea04f532f5fa1c3d4ec9c003f36c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.shareback.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:14:49 GMT
last-modified: Tue, 13 Sep 2022 13:22:57 GMT
server: Google Frontend
etag: "63208431-22a"
content-type: text/css
x-cloud-trace-context: 491223234c16f1f2b4e571368d1ddd8a
accept-ranges: bytes
content-length: 554

GET
H2 200 boardsPicker.1.0.js Show response
miro.com/app/static/ 13 KB
6 KB 116ms
39ms Script
application/javascript 63.33.12.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://miro.com/app/static/boardsPicker.1.0.js

Requested by

Host: auth.shareback.xyz
URL: https://auth.shareback.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.12.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-12-234.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b6cbd56a1fc5722da6c14643117f59892c4f8108391d0fd0dc492d7ba95177a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'unsafe-eval' data: blob: filesystem: about: miroapp: wss: ws: ; frame-src 'unsafe-inline' 'unsafe-eval' data: blob: miroapp: ; base-uri 'unsafe-inline' about: data: ; form-action 'unsafe-inline' data: post-it-alpha: post-it: com.mmm.postit.miro: ; worker-src 'unsafe-inline' data: blob: miroapp: *; report-uri https://s.realtimeboard.com/api/25/security/?sentry_key=fb5e3001534f453e85d1771b1088b293&sentry_environment=production;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.shareback.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:14:49 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 14:04:01 GMT
server: nginx
etag: W/"63208dd1-354f"
x-frame-options: SAMEORIGIN
content-type: application/javascript
current-server: autoscaling-web-i-0e0f64162faa01ec0
cache-control: no-cache, must-revalidate, proxy-revalidate, max-age=0, private
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' data: blob: filesystem: about: miroapp: wss: ws: *; frame-src 'unsafe-inline' 'unsafe-eval' data: blob: miroapp: *; base-uri 'unsafe-inline' about: data: *; form-action 'unsafe-inline' data: post-it-alpha: post-it: com.mmm.postit.miro: *; worker-src 'unsafe-inline' data: blob: miroapp: *; report-uri https://s.realtimeboard.com/api/25/security/?sentry_key=fb5e3001534f453e85d1771b1088b293&sentry_environment=production;
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 index.1b31898d.js Show response
auth.shareback.xyz/assets/ 884 KB
885 KB 64ms
63ms Script
application/javascript 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.shareback.xyz/assets/index.1b31898d.js
Requested by: Host: auth.shareback.xyz
URL: https://auth.shareback.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 198d1d86b6c42073b97bd4e544f6da53ebe469c6b345110bb1e588d5a0c890ff

Request headers

Referer: https://auth.shareback.xyz/
Origin: https://auth.shareback.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:14:49 GMT
last-modified: Tue, 13 Sep 2022 13:22:58 GMT
server: Google Frontend
etag: "63208432-dd1be"
content-type: application/javascript
x-cloud-trace-context: 68e95472cfdb2ddf7da97f24d44d33cb
accept-ranges: bytes
content-length: 905662

GET
H2 200 index.9a40d1dc.css
auth.shareback.xyz/assets/ 127 KB
22 KB 55ms
54ms Stylesheet
text/css 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.shareback.xyz/assets/index.9a40d1dc.css
Requested by: Host: auth.shareback.xyz
URL: https://auth.shareback.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 9a40d1dcddab6bcd733126df6edeea87f46fd67afc99cecd496a7a166f521679

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.shareback.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:14:49 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 13:22:58 GMT
server: Google Frontend
etag: W/"63208432-1fab1"
vary: Accept-Encoding
content-type: text/css
cache-control: private

GET
H2 200 wotfard-semibold-webfont.ttf
auth.shareback.xyz/fonts/ 98 KB
98 KB 42ms
40ms Font
application/octet-stream 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.shareback.xyz/fonts/wotfard-semibold-webfont.ttf
Requested by: Host: auth.shareback.xyz
URL: https://auth.shareback.xyz/fonts/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c950dc15ce711b45588cd1bc77b34c03f7680ce18469a2031af6ad00b5a45b57

Request headers

Referer: https://auth.shareback.xyz/fonts/fonts.css
Origin: https://auth.shareback.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:14:50 GMT
last-modified: Tue, 13 Sep 2022 13:22:57 GMT
server: Google Frontend
etag: "63208431-188cc"
content-type: application/octet-stream
x-cloud-trace-context: 0483e1229ff961503baec17a2836c7e2
accept-ranges: bytes
content-length: 100556

GET
H2 200 wotfard-regular-webfont.ttf
auth.shareback.xyz/fonts/ 98 KB
98 KB 49ms
47ms Font
application/octet-stream 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.shareback.xyz/fonts/wotfard-regular-webfont.ttf
Requested by: Host: auth.shareback.xyz
URL: https://auth.shareback.xyz/fonts/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 902acb2f1a61e0e0ee35a3f2923accdcd0a6e4bb43d8b7719ac24fdf962dea5f

Request headers

Referer: https://auth.shareback.xyz/fonts/fonts.css
Origin: https://auth.shareback.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:14:50 GMT
last-modified: Tue, 13 Sep 2022 13:22:57 GMT
server: Google Frontend
etag: "63208431-186b0"
content-type: application/octet-stream
x-cloud-trace-context: f27962ba8e48e9a5f386d443807d26de
accept-ranges: bytes
content-length: 100016

GET
H2 200 wotfard-medium-webfont.ttf
auth.shareback.xyz/fonts/ 98 KB
99 KB 62ms
62ms Font
application/octet-stream 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.shareback.xyz/fonts/wotfard-medium-webfont.ttf
Requested by: Host: auth.shareback.xyz
URL: https://auth.shareback.xyz/fonts/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 3c2b6f3046d2e57da35cbe07fe2774cb85902bd34fba1357a6d3d010c4d0df50

Request headers

Referer: https://auth.shareback.xyz/fonts/fonts.css
Origin: https://auth.shareback.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:14:50 GMT
last-modified: Tue, 13 Sep 2022 13:22:57 GMT
server: Google Frontend
etag: "63208431-1895c"
content-type: application/octet-stream
x-cloud-trace-context: 40cabd61b419d8a57080cf24318e0acd
accept-ranges: bytes
content-length: 100700

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.shareback.xyz
miro.com
2a00:1450:4001:82f::2013
63.33.12.234
198d1d86b6c42073b97bd4e544f6da53ebe469c6b345110bb1e588d5a0c890ff
3c2b6f3046d2e57da35cbe07fe2774cb85902bd34fba1357a6d3d010c4d0df50
55468b0ae587bdb3d1d0eeb19d2a27f9d99f90b439f5312e5a22acb455c92092
902acb2f1a61e0e0ee35a3f2923accdcd0a6e4bb43d8b7719ac24fdf962dea5f
9a40d1dcddab6bcd733126df6edeea87f46fd67afc99cecd496a7a166f521679
b6cbd56a1fc5722da6c14643117f59892c4f8108391d0fd0dc492d7ba95177a5
bde2f98066f543e17b3c66d76ff64cf72dc8ea04f532f5fa1c3d4ec9c003f36c
c950dc15ce711b45588cd1bc77b34c03f7680ce18469a2031af6ad00b5a45b57

auth.shareback.xyz Open in urlscan Pro 2a00:1450:4001:82f::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

1222 kBTransfer

1353 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

Indicators

auth.shareback.xyz Open in urlscan Pro
2a00:1450:4001:82f::2013 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1222 kB
Transfer

1353 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions