URL: https://auth.zefau.net/
Submission: On October 09 via automatic, source certstream-suspicious — Scanned from CA

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 21 HTTP transactions. The main IP is 170.133.6.74, located in Bargteheide, Germany and belongs to DE-VSM-ASN Peering, DE. The main domain is auth.zefau.net.
TLS certificate: Issued by E5 on October 3rd 2024. Valid for: 3 months.
This is the only time auth.zefau.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 170.133.6.74 198930 (DE-VSM-AS...)
21 1
Apex Domain
Subdomains
Transfer
21 zefau.net
auth.zefau.net
741 KB
21 1
Domain Requested by
21 auth.zefau.net auth.zefau.net
21 1

This site contains links to these domains. Also see Links.

Domain
www.authelia.com
Subject Issuer Validity Valid
auth.zefau.net
E5
2024-10-03 -
2025-01-01
3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth.zefau.net/
Frame ID: E762674F8AB7D30A08125BA98AE357F7
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

Login - Authelia

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

741 kB
Transfer

739 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
auth.zefau.net/
1 KB
2 KB
Document
General
Full URL
https://auth.zefau.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
118e5bfa9413881b31067c858a411b51148822ce35dbec2c9d162b13387e61fe
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'none'; object-src 'none'; style-src 'self' 'nonce-fVNDCAZlhGykqva8scAGtd618rrtTIVL'; frame-ancestors 'none'; base-uri 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
content-length
1054
content-security-policy
default-src 'self'; frame-src 'none'; object-src 'none'; style-src 'self' 'nonce-fVNDCAZlhGykqva8scAGtd618rrtTIVL'; frame-ancestors 'none'; base-uri 'self'
content-type
text/html; charset=utf-8
date
Wed, 09 Oct 2024 00:56:34 GMT
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
server
Caddy
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-frame-options
DENY
index.BaPNXOBr.js
auth.zefau.net/static/js/
542 KB
542 KB
Script
General
Full URL
https://auth.zefau.net/static/js/index.BaPNXOBr.js
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
7945595060a88cf0e0cd33345a137fddeacf49f747b641d54ad57d29922d83ab
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.zefau.net
Referer
https://auth.zefau.net/

Response headers

content-security-policy
default-src 'none'
cache-control
public, max-age=0, must-revalidate
x-dns-prefetch-control
off
etag
7aebb4cd3fa781174acf819a4f4c8052b6c0f343
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
554931
date
Wed, 09 Oct 2024 00:56:34 GMT
content-type
text/javascript; charset=utf-8
server
Caddy
x-frame-options
DENY
index.DAvGqE1x.css
auth.zefau.net/static/css/
10 KB
10 KB
Stylesheet
General
Full URL
https://auth.zefau.net/static/css/index.DAvGqE1x.css
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
0ddb4a3aedeccfc5392eb2b9cfadd7312efec6c9ce6d667f9bd617a7a6967d26
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.zefau.net
Referer
https://auth.zefau.net/

Response headers

content-security-policy
default-src 'none'
cache-control
public, max-age=0, must-revalidate
x-dns-prefetch-control
off
etag
a2984fe7030f8f7548c55f153bf25b84034993f4
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
10561
date
Wed, 09 Oct 2024 00:56:34 GMT
content-type
text/css; charset=utf-8
server
Caddy
x-frame-options
DENY
portal.json
auth.zefau.net/locales/en-US/
2 B
80 B
Fetch
General
Full URL
https://auth.zefau.net/locales/en-US/portal.json
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/static/js/index.BaPNXOBr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.zefau.net/

Response headers

content-security-policy
default-src 'none'
x-dns-prefetch-control
off
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
2
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
application/json; charset=utf-8
server
Caddy
x-frame-options
DENY
settings.json
auth.zefau.net/locales/en-US/
2 B
32 B
Fetch
General
Full URL
https://auth.zefau.net/locales/en-US/settings.json
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/static/js/index.BaPNXOBr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.zefau.net/

Response headers

content-security-policy
default-src 'none'
x-dns-prefetch-control
off
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
2
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
application/json; charset=utf-8
server
Caddy
x-frame-options
DENY
portal.json
auth.zefau.net/locales/en/
7 KB
7 KB
Fetch
General
Full URL
https://auth.zefau.net/locales/en/portal.json
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/static/js/index.BaPNXOBr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
f7450e188258cf47b2073c5238ab69b7dc8ec163bc30810dc7af87b99debecb9
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.zefau.net/

Response headers

content-security-policy
default-src 'none'
cache-control
public, max-age=0, must-revalidate
x-dns-prefetch-control
off
etag
5a1376d3bc3946c4ba9bdf1a0c1837e38d9bc8e6
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
7217
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
application/json; charset=utf-8
server
Caddy
x-frame-options
DENY
settings.json
auth.zefau.net/locales/en/
8 KB
8 KB
Fetch
General
Full URL
https://auth.zefau.net/locales/en/settings.json
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/static/js/index.BaPNXOBr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
604af8f515e7ef3b4cfd1e549c6e7ce092ecffafe9153497f3bdfd2c1aeba769
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.zefau.net/

Response headers

content-security-policy
default-src 'none'
cache-control
public, max-age=0, must-revalidate
x-dns-prefetch-control
off
etag
9e183398eddae483fddfd72ea36846ef2d8c3e00
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
8598
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
application/json; charset=utf-8
server
Caddy
x-frame-options
DENY
favicon.ico
auth.zefau.net/
4 KB
5 KB
Other
General
Full URL
https://auth.zefau.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
f435e7c21b7c31da5c34fc7ff11a0c577c174ac393b8ea1de330852e5b33dc7a
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://auth.zefau.net/

Response headers

content-security-policy
default-src 'none'
cache-control
public, max-age=0, must-revalidate
x-dns-prefetch-control
off
etag
e4a38bfd3322ca12494dbb88ad50325315f29814
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
4542
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
image/x-icon
server
Caddy
x-frame-options
DENY
state
auth.zefau.net/api/
114 B
169 B
XHR
General
Full URL
https://auth.zefau.net/api/state
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/static/js/index.BaPNXOBr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
64a51060f213a227364dbb04c435f4f8bf01d0379cb1ac9631fe151b837e5ab5
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://auth.zefau.net/

Response headers

content-security-policy
default-src 'none'
cache-control
no-store
x-dns-prefetch-control
off
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
114
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
application/json; charset=utf-8
server
Caddy
x-frame-options
DENY
portal.FirstFactorForm.D_4phGnl.js
auth.zefau.net/static/js/
15 KB
15 KB
Script
General
Full URL
https://auth.zefau.net/static/js/portal.FirstFactorForm.D_4phGnl.js
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/static/js/index.BaPNXOBr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
3a195c0b6450af7500e291636524d06808aa22a78388aa5210fa826b2587e1c8
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.zefau.net
Referer

Response headers

content-security-policy
default-src 'none'
cache-control
public, max-age=0, must-revalidate
x-dns-prefetch-control
off
etag
d001a89ff85201e6952d6cfb85ab9f8f65da79fc
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
15169
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
text/javascript; charset=utf-8
server
Caddy
x-frame-options
DENY
index.DR-THeLB.js
auth.zefau.net/static/js/
792 B
857 B
Script
General
Full URL
https://auth.zefau.net/static/js/index.DR-THeLB.js
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/static/js/index.BaPNXOBr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
ed172f14b1fbbec831eb2e3b95e19b95223e6c48b6a27c061e9d51b20b8c5d6f
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.zefau.net
Referer

Response headers

content-security-policy
default-src 'none'
cache-control
public, max-age=0, must-revalidate
x-dns-prefetch-control
off
etag
abdcdd5023197aa273d30d3d3dea8d1c1ba7aa52
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
792
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
text/javascript; charset=utf-8
server
Caddy
x-frame-options
DENY
hooks.Workflow.BrsuQth9.js
auth.zefau.net/static/js/
164 B
230 B
Script
General
Full URL
https://auth.zefau.net/static/js/hooks.Workflow.BrsuQth9.js
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/static/js/index.BaPNXOBr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
453b34d46ce2e7fdc81f55beefc5a72a7489d164810f0a209a358d8b2718d6aa
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.zefau.net
Referer

Response headers

content-security-policy
default-src 'none'
cache-control
public, max-age=0, must-revalidate
x-dns-prefetch-control
off
etag
f19177c6c33f73f23a854eab732a1896072bf832
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
164
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
text/javascript; charset=utf-8
server
Caddy
x-frame-options
DENY
layouts.Login.CM13xCjW.js
auth.zefau.net/static/js/
2 KB
2 KB
Script
General
Full URL
https://auth.zefau.net/static/js/layouts.Login.CM13xCjW.js
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/static/js/index.BaPNXOBr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
6ff29363cc8b499f34bfccf0abbbf4e3be8739877ecd5a257ad0626cb1d5acc2
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.zefau.net
Referer

Response headers

content-security-policy
default-src 'none'
cache-control
public, max-age=0, must-revalidate
x-dns-prefetch-control
off
etag
a02a4b6953c28c720da87bb8484a01a6848f80b7
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
2160
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
text/javascript; charset=utf-8
server
Caddy
x-frame-options
DENY
components.TypographyWithTooltip.CBdzIvKy.js
auth.zefau.net/static/js/
19 KB
19 KB
Script
General
Full URL
https://auth.zefau.net/static/js/components.TypographyWithTooltip.CBdzIvKy.js
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/static/js/index.BaPNXOBr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
23c75a4e42e43336348931205d305519c24f081f308a811a6b892cf33065e2dd
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.zefau.net
Referer

Response headers

content-security-policy
default-src 'none'
cache-control
public, max-age=0, must-revalidate
x-dns-prefetch-control
off
etag
08838febd21b17ec4ff2d81a911f14a0ce143b3c
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
19835
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
text/javascript; charset=utf-8
server
Caddy
x-frame-options
DENY
mui.Toolbar.DDc4MPpe.js
auth.zefau.net/static/js/
78 KB
78 KB
Script
General
Full URL
https://auth.zefau.net/static/js/mui.Toolbar.DDc4MPpe.js
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/static/js/index.BaPNXOBr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
fb32fdcc0a8a1031e7e628d80cd5045aa7c5fb3fc7ab5bdb994626593817e45f
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.zefau.net
Referer

Response headers

content-security-policy
default-src 'none'
cache-control
public, max-age=0, must-revalidate
x-dns-prefetch-control
off
etag
1bbaca2d7d809960e801ec29becbb283ba7ac3c4
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
80133
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
text/javascript; charset=utf-8
server
Caddy
x-frame-options
DENY
mui.Container.BXL_EbCu.js
auth.zefau.net/static/js/
2 KB
2 KB
Script
General
Full URL
https://auth.zefau.net/static/js/mui.Container.BXL_EbCu.js
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/static/js/index.BaPNXOBr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
fbe2a7c3afc7bd98e6cd996e5579bac95aaba89bed669e585effe93c3c22bc7a
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.zefau.net
Referer

Response headers

content-security-policy
default-src 'none'
cache-control
public, max-age=0, must-revalidate
x-dns-prefetch-control
off
etag
bb71ae20c3433b82154ae8f2985941ce53682311
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
1958
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
text/javascript; charset=utf-8
server
Caddy
x-frame-options
DENY
mui.TextField.Bhz0840J.js
auth.zefau.net/static/js/
40 KB
40 KB
Script
General
Full URL
https://auth.zefau.net/static/js/mui.TextField.Bhz0840J.js
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/static/js/index.BaPNXOBr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
1bd27daed38645d2847431926c4780b8b8b99523e9c682b93cbdc81ee5fbb59c
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.zefau.net
Referer

Response headers

content-security-policy
default-src 'none'
cache-control
public, max-age=0, must-revalidate
x-dns-prefetch-control
off
etag
9fd9dc7aa85dabd1563a7d24704fcf8f5bacb850
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
40826
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
text/javascript; charset=utf-8
server
Caddy
x-frame-options
DENY
mui.useFormControl.DXOxQ54l.js
auth.zefau.net/static/js/
259 B
325 B
Script
General
Full URL
https://auth.zefau.net/static/js/mui.useFormControl.DXOxQ54l.js
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/static/js/index.BaPNXOBr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
e7851b84ef6b8a59b02ebbcb201612d0ffcbe672218d50d680bdade90ca844cc
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.zefau.net
Referer

Response headers

content-security-policy
default-src 'none'
cache-control
public, max-age=0, must-revalidate
x-dns-prefetch-control
off
etag
cc45a343f570e9d6f8b417406065492e44e3850d
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
259
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
text/javascript; charset=utf-8
server
Caddy
x-frame-options
DENY
mui.AlertTitle.uuJpj6dv.js
auth.zefau.net/static/js/
601 B
666 B
Script
General
Full URL
https://auth.zefau.net/static/js/mui.AlertTitle.uuJpj6dv.js
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/static/js/index.BaPNXOBr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
4bd6130e1dec5705656488d019df8b4fed9ab3498d9d608d2c0d3b989fdb7bc3
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.zefau.net
Referer

Response headers

content-security-policy
default-src 'none'
cache-control
public, max-age=0, must-revalidate
x-dns-prefetch-control
off
etag
e933362d57ba298fbc3c0c6f7089d68a1d1557b7
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
601
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
text/javascript; charset=utf-8
server
Caddy
x-frame-options
DENY
mui.FormControlLabel.BPfx_vCT.js
auth.zefau.net/static/js/
4 KB
5 KB
Script
General
Full URL
https://auth.zefau.net/static/js/mui.FormControlLabel.BPfx_vCT.js
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/static/js/index.BaPNXOBr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
61feec3cee3f3323581795efa346f0aee2b465d7838494bea0ab0de0c95c6b29
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.zefau.net
Referer

Response headers

content-security-policy
default-src 'none'
cache-control
public, max-age=0, must-revalidate
x-dns-prefetch-control
off
etag
68cb088b76ab7148e6640243b5d6df2f8f6f11fe
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
4605
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
text/javascript; charset=utf-8
server
Caddy
x-frame-options
DENY
mui.Checkbox.CHnpkqUM.js
auth.zefau.net/static/js/
3 KB
3 KB
Script
General
Full URL
https://auth.zefau.net/static/js/mui.Checkbox.CHnpkqUM.js
Requested by
Host: auth.zefau.net
URL: https://auth.zefau.net/static/js/index.BaPNXOBr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.133.6.74 Bargteheide, Germany, ASN198930 (DE-VSM-ASN Peering, DE),
Reverse DNS
74-6-133-N4.customer.vsm.sh
Software
Caddy /
Resource Hash
d8a40d22c464d9fe6daf6eef4f808a605213eb996905804c2275a2c2694a1789
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://auth.zefau.net
Referer

Response headers

content-security-policy
default-src 'none'
cache-control
public, max-age=0, must-revalidate
x-dns-prefetch-control
off
etag
c2e1174c88005c1cd5a6003bdac7f99ac753db57
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), xr-spatial-tracking=(), interest-cohort=()
alt-svc
h3=":443"; ma=2592000
content-length
2706
date
Wed, 09 Oct 2024 00:56:35 GMT
content-type
text/javascript; charset=utf-8
server
Caddy
x-frame-options
DENY

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FontAwesomeConfig object| ___FONT_AWESOME___ string| __reactRouterVersion number| 2f1acc6c3a606b082e5eef5e54414ffb

0 Cookies

2 Console Messages

Source Level URL
Text
security error URL: https://auth.zefau.net/(Line 3)
Message:
Refused to set the document's base URI to 'http://auth.zefau.net/' because it violates the following Content Security Policy directive: "base-uri 'self'".
recommendation verbose URL: https://auth.zefau.net/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; frame-src 'none'; object-src 'none'; style-src 'self' 'nonce-fVNDCAZlhGykqva8scAGtd618rrtTIVL'; frame-ancestors 'none'; base-uri 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.zefau.net
170.133.6.74
0ddb4a3aedeccfc5392eb2b9cfadd7312efec6c9ce6d667f9bd617a7a6967d26
118e5bfa9413881b31067c858a411b51148822ce35dbec2c9d162b13387e61fe
1bd27daed38645d2847431926c4780b8b8b99523e9c682b93cbdc81ee5fbb59c
23c75a4e42e43336348931205d305519c24f081f308a811a6b892cf33065e2dd
3a195c0b6450af7500e291636524d06808aa22a78388aa5210fa826b2587e1c8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453b34d46ce2e7fdc81f55beefc5a72a7489d164810f0a209a358d8b2718d6aa
4bd6130e1dec5705656488d019df8b4fed9ab3498d9d608d2c0d3b989fdb7bc3
604af8f515e7ef3b4cfd1e549c6e7ce092ecffafe9153497f3bdfd2c1aeba769
61feec3cee3f3323581795efa346f0aee2b465d7838494bea0ab0de0c95c6b29
64a51060f213a227364dbb04c435f4f8bf01d0379cb1ac9631fe151b837e5ab5
6ff29363cc8b499f34bfccf0abbbf4e3be8739877ecd5a257ad0626cb1d5acc2
7945595060a88cf0e0cd33345a137fddeacf49f747b641d54ad57d29922d83ab
d8a40d22c464d9fe6daf6eef4f808a605213eb996905804c2275a2c2694a1789
e7851b84ef6b8a59b02ebbcb201612d0ffcbe672218d50d680bdade90ca844cc
ed172f14b1fbbec831eb2e3b95e19b95223e6c48b6a27c061e9d51b20b8c5d6f
f435e7c21b7c31da5c34fc7ff11a0c577c174ac393b8ea1de330852e5b33dc7a
f7450e188258cf47b2073c5238ab69b7dc8ec163bc30810dc7af87b99debecb9
fb32fdcc0a8a1031e7e628d80cd5045aa7c5fb3fc7ab5bdb994626593817e45f
fbe2a7c3afc7bd98e6cd996e5579bac95aaba89bed669e585effe93c3c22bc7a