auth-backend.prod.au.archistar.ai Open in urlscan Pro
54.252.63.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://auth-backend.prod.au.archistar.ai/
Effective URL:
https://auth-backend.prod.au.archistar.ai/login
Submission: On August 14 via automatic, source certstream-suspicious (August 14th 2024, 12:19:50 pm UTC) — Scanned from AU

Summary HTTP 15 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 15 HTTP transactions. The main IP is 54.252.63.166, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is auth-backend.prod.au.archistar.ai.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 10th 2023. Valid for: a year.

This is the only time auth-backend.prod.au.archistar.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	54.252.63.166 54.252.63.166	16509 (AMAZON-02) (AMAZON-02)
3	173.194.174.95 173.194.174.95	15169 (GOOGLE) (GOOGLE)
2 3	104.17.245.203 104.17.245.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.186.31 104.18.186.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.67.110.76 18.67.110.76	16509 (AMAZON-02) (AMAZON-02)
2	142.251.221.35 142.251.221.35	15169 (GOOGLE) (GOOGLE)
1	52.4.120.72 52.4.120.72	14618 (AMAZON-AES) (AMAZON-AES)
15	7

7 54.252.63.166 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-252-63-166.ap-southeast-2.compute.amazonaws.com

auth-backend.prod.au.archistar.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.174.95 (United States)

ASN15169 (GOOGLE, US)
PTR: td-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.245.203 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.186.31 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.110.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-76.syd62.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.221.35 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s03-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.120.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-120-72.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	archistar.ai 1 redirects auth-backend.prod.au.archistar.ai	435 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 1314	27 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
2	gstatic.com fonts.gstatic.com	47 KB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 5185 heapanalytics.com — Cisco Umbrella Rank: 4304	38 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	22 KB
15	6

	Domain	Requested by
7	auth-backend.prod.au.archistar.ai	1 redirects auth-backend.prod.au.archistar.ai
3	unpkg.com	2 redirects auth-backend.prod.au.archistar.ai
3	fonts.googleapis.com	auth-backend.prod.au.archistar.ai
2	fonts.gstatic.com	fonts.googleapis.com
1	heapanalytics.com	auth-backend.prod.au.archistar.ai
1	cdn.heapanalytics.com	auth-backend.prod.au.archistar.ai
1	cdn.jsdelivr.net	auth-backend.prod.au.archistar.ai
15	7

This site contains links to these domains. Also see Links.

Domain
www.archistar.ai

Subject Issuer	Validity	Valid
*.prod.au.archistar.ai Amazon RSA 2048 M02	`2023-12-10` - `2025-01-07`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2024-05-29` - `2025-06-26`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://auth-backend.prod.au.archistar.ai/login
Frame ID: 257FB3E14E0D56CAC2AAA6C71A036961
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

auth-backend

Page URL History Show full URLs

https://auth-backend.prod.au.archistar.ai/ HTTP 302
https://auth-backend.prod.au.archistar.ai/login Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

15
Requests

93 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

569 kB
Transfer

984 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.archistar.ai/createaccount
Title: Create a free account

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://auth-backend.prod.au.archistar.ai/ HTTP 302
https://auth-backend.prod.au.archistar.ai/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://unpkg.com/feather-icons HTTP 302
https://unpkg.com/feather-icons@4.29.2 HTTP 302
https://unpkg.com/feather-icons@4.29.2/dist/feather.min.js

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
auth-backend.prod.au.archistar.ai/
Redirect Chain

https://auth-backend.prod.au.archistar.ai/
https://auth-backend.prod.au.archistar.ai/login

9 KB
4 KB

37ms
37ms

Document
text/html

54.252.63.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-backend.prod.au.archistar.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.252.63.166 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-252-63-166.ap-southeast-2.compute.amazonaws.com

Software

/ PHP/8.2.19

Resource Hash

4d4a310c619397f3417d31089dd274c70e1cc25a533550770872a6563a7271a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.archistar.ai https://archistar.ai
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://www.archistar.ai https://archistar.ai
content-type: text/html; charset=UTF-8
date: Wed, 14 Aug 2024 12:19:43 GMT
vary: Accept-Encoding
x-frame-options: DENY
x-powered-by: PHP/8.2.19

Redirect headers

cache-control: no-cache, private
content-security-policy: frame-ancestors 'self' https://www.archistar.ai https://archistar.ai
content-type: text/html; charset=UTF-8
date: Wed, 14 Aug 2024 12:19:43 GMT
location: https://auth-backend.prod.au.archistar.ai/login
x-powered-by: PHP/8.2.19

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 403ms
134ms Stylesheet
text/css 173.194.174.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap

Requested by

Host: auth-backend.prod.au.archistar.ai
URL: https://auth-backend.prod.au.archistar.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.174.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

td-in-f95.1e100.net

Software

ESF /

Resource Hash

2ceb044fbea6e5616887f79557f76fe8b1053593d01b862aa3d50f986d9ac272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://auth-backend.prod.au.archistar.ai/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Aug 2024 12:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Aug 2024 12:17:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Aug 2024 12:19:44 GMT

GET
H2

200

feather.min.js Show response
unpkg.com/feather-icons@4.29.2/dist/
Redirect Chain

https://unpkg.com/feather-icons
https://unpkg.com/feather-icons@4.29.2
https://unpkg.com/feather-icons@4.29.2/dist/feather.min.js

74 KB
27 KB

21ms
21ms

Script
application/javascript

104.17.245.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/feather-icons@4.29.2/dist/feather.min.js

Requested by

Host: auth-backend.prod.au.archistar.ai
URL: https://auth-backend.prod.au.archistar.ai/login

Protocol

Server

104.17.245.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea465ac6b69a037dc49fda6ab1c585f95725091eff4515df61db91d9d3c5e54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth-backend.prod.au.archistar.ai/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 12:19:44 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9096337
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HWSAAN8VA5GTN2P5DQPC90G8-syd
server: cloudflare
etag: "1290f-X/pK4GwdM6kTkoZ77NToWvhCbGg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b30e519b8aa5738-SYD

Redirect headers

date: Wed, 14 Aug 2024 12:19:44 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HWSANY5C0MANSHBQ0TF8MWR6-syd
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9095968
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /feather-icons@4.29.2/dist/feather.min.js
cache-control: public, max-age=31536000
cf-ray: 8b30e519a88d5738-SYD

GET
H2 200 feather.min.js Show response
cdn.jsdelivr.net/npm/feather-icons/dist/ 74 KB
22 KB 326ms
16ms Script
application/javascript 104.18.186.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/feather-icons/dist/feather.min.js

Requested by

Host: auth-backend.prod.au.archistar.ai
URL: https://auth-backend.prod.au.archistar.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea465ac6b69a037dc49fda6ab1c585f95725091eff4515df61db91d9d3c5e54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth-backend.prod.au.archistar.ai/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 12:19:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15752
x-jsd-version: 4.29.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21865
x-served-by: cache-fra-etou8220052-FRA, cache-lga21957-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"1290f-X/pK4GwdM6kTkoZ77NToWvhCbGg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JugHaFbclz9sBLyeEPt6TYqKTzfIOCf4YHpHEwwziz9At8me2SMtNU5h2mbo%2FotcN8qV2vxrnaRvjMXNk1BqbqLRtpKiyZkY9enhn1f%2BSeDBuKZVmRv%2BYZS5qlDX8q1DnOo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b30e51978aba892-SYD

GET
H2 200 app.css
auth-backend.prod.au.archistar.ai/css/ 143 KB
23 KB 18ms
17ms Stylesheet
text/css 54.252.63.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-backend.prod.au.archistar.ai/css/app.css
Requested by: Host: auth-backend.prod.au.archistar.ai
URL: https://auth-backend.prod.au.archistar.ai/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.252.63.166 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-252-63-166.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: 637652931daaa4a1c301203d6b05ceeca7c5ec0920f09f5a72957d210cc3c75b

Request headers

Referer: https://auth-backend.prod.au.archistar.ai/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 12:19:43 GMT
content-encoding: gzip
last-modified: Fri, 09 Aug 2024 02:02:20 GMT
etag: W/"66b578ac-23d36"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 archistar-logo-dark.svg
auth-backend.prod.au.archistar.ai/images/ 11 KB
5 KB 8ms
8ms Image
image/svg+xml 54.252.63.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auth-backend.prod.au.archistar.ai/images/archistar-logo-dark.svg
Requested by: Host: auth-backend.prod.au.archistar.ai
URL: https://auth-backend.prod.au.archistar.ai/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.252.63.166 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-252-63-166.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: c843014c42e416b4c6a2bf19a197ccee163345837cb28b6bb7ce5c5880f3c6b8

Request headers

Referer: https://auth-backend.prod.au.archistar.ai/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 12:19:44 GMT
content-encoding: gzip
last-modified: Fri, 09 Aug 2024 02:02:20 GMT
etag: W/"66b578ac-2d46"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 background_image.svg
auth-backend.prod.au.archistar.ai/images/ 110 KB
20 KB 33ms
32ms Image
image/svg+xml 54.252.63.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auth-backend.prod.au.archistar.ai/images/background_image.svg
Requested by: Host: auth-backend.prod.au.archistar.ai
URL: https://auth-backend.prod.au.archistar.ai/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.252.63.166 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-252-63-166.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: 57a627b2a9b85cb54bc28ec3ac6a1e10126cd889d81dac1f0c1cd3c2309dc0a9

Request headers

Referer: https://auth-backend.prod.au.archistar.ai/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 12:19:43 GMT
content-encoding: gzip
last-modified: Fri, 09 Aug 2024 02:02:20 GMT
etag: W/"66b578ac-1b947"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 app.js Show response
auth-backend.prod.au.archistar.ai/js/ 373 KB
374 KB 10ms
9ms Script
application/javascript 54.252.63.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-backend.prod.au.archistar.ai/js/app.js
Requested by: Host: auth-backend.prod.au.archistar.ai
URL: https://auth-backend.prod.au.archistar.ai/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.252.63.166 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-252-63-166.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: c82d28041a239aea8428ed69eaab3385adffd4a9d2b3a16b097b5eb4fd973c2b

Request headers

Referer: https://auth-backend.prod.au.archistar.ai/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 12:19:43 GMT
last-modified: Fri, 09 Aug 2024 02:02:20 GMT
accept-ranges: bytes
etag: "66b578ac-5d5c1"
content-length: 382401
content-type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ 717 B
443 B 136ms
135ms Stylesheet
text/css 173.194.174.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: auth-backend.prod.au.archistar.ai
URL: https://auth-backend.prod.au.archistar.ai/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.174.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

td-in-f95.1e100.net

Software

ESF /

Resource Hash

77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://auth-backend.prod.au.archistar.ai/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Aug 2024 12:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Aug 2024 10:38:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Aug 2024 12:19:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
698 B 139ms
139ms Stylesheet
text/css 173.194.174.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter

Requested by

Host: auth-backend.prod.au.archistar.ai
URL: https://auth-backend.prod.au.archistar.ai/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.174.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

td-in-f95.1e100.net

Software

ESF /

Resource Hash

7b3b60c3cb01c1db4f6d8b45005fd2fa2d10c163195b6bd855abb5bff4aa655c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://auth-backend.prod.au.archistar.ai/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Aug 2024 12:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Aug 2024 12:19:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Aug 2024 12:19:44 GMT

GET
H2 200 heap-193321016.js Show response
cdn.heapanalytics.com/js/ 118 KB
38 KB 25ms
8ms Script
application/javascript 18.67.110.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-193321016.js

Requested by

Host: auth-backend.prod.au.archistar.ai
URL: https://auth-backend.prod.au.archistar.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.110.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-110-76.syd62.r.cloudfront.net

Software

nginx / Express

Resource Hash

aa3346a24708faf8d901ed16ae7b634666daf916b9f5cca211073fccc4ebcd5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth-backend.prod.au.archistar.ai/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 12:18:45 GMT
content-encoding: br
via: 1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SYD62-P2
age: 59
x-powered-by: Express
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: nginx
etag: W/"1d931-ySiv1dA4XsaJEtdtFX8lF1N33B4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
x-amz-cf-id: 3gJuDKUS3Oc3tSksjbcBw0XS3qjUpVAuQvl8QDka69oYuVySaBwzag==

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 824ms
248ms Font
font/woff2 142.251.221.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.35 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://auth-backend.prod.au.archistar.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 09:20:23 GMT
x-content-type-options: nosniff
age: 529162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Aug 2025 09:20:23 GMT

GET
H2 200 UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v18/ 23 KB
24 KB 702ms
126ms Font
font/woff2 142.251.221.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuLyfAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.35 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f3.1e100.net

Software

sffe /

Resource Hash

dd05e326cf8eac3b55acecf29c842ed73e6e6dd06491cf47f7e8800680ab3e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://auth-backend.prod.au.archistar.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 08:55:35 GMT
x-content-type-options: nosniff
age: 530650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23692
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:45:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Aug 2025 08:55:35 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 615ms
204ms Image
image/gif 52.4.120.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=193321016&u=6914991842549243&v=241784673255804&s=4363809308203729&b=web&tv=4.0&z=0&h=%2Flogin&d=auth-backend.prod.au.archistar.ai&t=auth-backend&ts=1723637984580&sch=1200&scw=1600&st=1723637984583&lv=4.23.3&ld=cdn.heapanalytics.com

Requested by

Host: auth-backend.prod.au.archistar.ai
URL: https://auth-backend.prod.au.archistar.ai/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.4.120.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-120-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth-backend.prod.au.archistar.ai/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 12:19:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 favicon.ico
auth-backend.prod.au.archistar.ai/ 15 KB
8 KB 12ms
11ms Other
image/x-icon 54.252.63.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-backend.prod.au.archistar.ai/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.252.63.166 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-252-63-166.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: 1597a689e6477055cf66be9c7cb4ca38ff29b38b6a3aab72b395f0f9f3e7ee57

Request headers

Referer: https://auth-backend.prod.au.archistar.ai/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 12:19:45 GMT
content-encoding: gzip
last-modified: Fri, 09 Aug 2024 02:02:20 GMT
etag: W/"66b578ac-3c2e"
vary: Accept-Encoding
content-type: image/x-icon

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
auth-backend.prod.au.archistar.ai/	1970-01-20 23:07:27	Name: XSRF-TOKEN Value: eyJpdiI6Ik92ZUF3eGtKYmpwNTZVaTRrRm9jYmc9PSIsInZhbHVlIjoiT0xtU2FJZTlFaFZWVkFFSHN3TGJyZXBwM0x0S2VIRTFyRWljRFVucjg5VUdkbGtjWlIrNzJSRnBwcEVDKzhGbk9tKzJoSDlTTDNMOG1JMkhZR1ZzdHhxdk5SdEgxVW1pQnF0UGMvOTFBVk5sU0Y1aEQ4ay9nWnRPQUoyWTc0RFIiLCJtYWMiOiI1NTcyMjI0OTMxM2NjMDkxNzBkMDNkZmExOWZjZjc5MmVmMzYzMTNkZDQyYmI2NjM5ZTY5NWRhNDNmYTBlNmEzIiwidGFnIjoiIn0%3D
auth-backend.prod.au.archistar.ai/	1970-01-20 23:07:27	Name: auth_backend_production_session Value: eyJpdiI6Im5jLzN5OGI1MnNuNkRoY0NRWHc4TUE9PSIsInZhbHVlIjoiTUdGbmhxU1BJSTc2UFZlbzRWaXhJcFE2ckV5dVQrL2NRQjE0UHZQdVlLczRQeTAyUytPTTVaTmJtMDRhYlBLNFBXYyt3OFNNSGoxTkVwaDRiNkVvaHNSc1A4UmZwY0pkaVgyNjhab2tQQkJPampSUWJva0Q2RkhZZDE0dkw4emwiLCJtYWMiOiI2MDVlMjQ4OWRmOTNjOGZlNWE0YWI5N2UzM2IyZDA0ZDQwZDQ2MmJjMTg1YjhmZjdhNGNiNzM0MWFlOWQ3NDQyIiwidGFnIjoiIn0%3D
.archistar.ai/	1970-01-21 08:15:15	Name: _hp2_id.193321016 Value: %7B%22userId%22%3A%226914991842549243%22%2C%22pageviewId%22%3A%22241784673255804%22%2C%22sessionId%22%3A%224363809308203729%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.archistar.ai/	1970-01-20 22:47:19	Name: _hp2_ses_props.193321016 Value: %7B%22ts%22%3A1723637984580%2C%22d%22%3A%22auth-backend.prod.au.archistar.ai%22%2C%22h%22%3A%22%2Flogin%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://www.archistar.ai https://archistar.ai
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth-backend.prod.au.archistar.ai
cdn.heapanalytics.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
unpkg.com
104.17.245.203
104.18.186.31
142.251.221.35
173.194.174.95
18.67.110.76
52.4.120.72
54.252.63.166
1597a689e6477055cf66be9c7cb4ca38ff29b38b6a3aab72b395f0f9f3e7ee57
2ceb044fbea6e5616887f79557f76fe8b1053593d01b862aa3d50f986d9ac272
4d4a310c619397f3417d31089dd274c70e1cc25a533550770872a6563a7271a1
57a627b2a9b85cb54bc28ec3ac6a1e10126cd889d81dac1f0c1cd3c2309dc0a9
637652931daaa4a1c301203d6b05ceeca7c5ec0920f09f5a72957d210cc3c75b
77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37
7b3b60c3cb01c1db4f6d8b45005fd2fa2d10c163195b6bd855abb5bff4aa655c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
aa3346a24708faf8d901ed16ae7b634666daf916b9f5cca211073fccc4ebcd5b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c82d28041a239aea8428ed69eaab3385adffd4a9d2b3a16b097b5eb4fd973c2b
c843014c42e416b4c6a2bf19a197ccee163345837cb28b6bb7ce5c5880f3c6b8
dd05e326cf8eac3b55acecf29c842ed73e6e6dd06491cf47f7e8800680ab3e33
ea465ac6b69a037dc49fda6ab1c585f95725091eff4515df61db91d9d3c5e54e

auth-backend.prod.au.archistar.ai Open in urlscan Pro 54.252.63.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

7 IPs

3 Countries

569 kBTransfer

984 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

auth-backend.prod.au.archistar.ai Open in urlscan Pro
54.252.63.166 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

569 kB
Transfer

984 kB
Size

4
Cookies

15 HTTP transactions
0 data transactions