auth.heimdall.watch Open in urlscan Pro
20.99.161.44 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auth.heimdall.watch/
Submission: On August 28 via automatic, source certstream-suspicious (August 28th 2024, 2:07:32 pm UTC) — Scanned from CH

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 20.99.161.44, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is auth.heimdall.watch.
TLS certificate: Issued by R11 on August 28th 2024. Valid for: 3 months.

This is the only time auth.heimdall.watch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	20.99.161.44 20.99.161.44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
1	47.246.46.210 47.246.46.210	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
11	3

8 20.99.161.44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

auth.heimdall.watch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)

cdn.casbin.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.46.210 (Milan, Italy)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cdn.casdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	heimdall.watch auth.heimdall.watch	801 KB
2	casbin.org cdn.casbin.org	71 KB
1	casdoor.com cdn.casdoor.com	38 KB
11	3

	Domain	Requested by
8	auth.heimdall.watch	auth.heimdall.watch
2	cdn.casbin.org
1	cdn.casdoor.com
11	3

This site contains no links.

Subject Issuer	Validity	Valid
auth.heimdall.watch R11	`2024-08-28` - `2024-11-26`	3 months	crt.sh
cdn.casbin.org R10	`2024-07-07` - `2024-10-05`	3 months	crt.sh
*.casdoor.com R10	`2024-08-01` - `2024-10-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.heimdall.watch/
Frame ID: 987CE60641B5CB5E0F134AE3820AF31E
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Casdoor

Page Statistics

11
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

910 kB
Transfer

4473 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response auth.heimdall.watch/	760 B 686 B	2385ms 185ms	Document text/html	20.99.161.44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://auth.heimdall.watch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 20.99.161.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software beegoServer:1.12.3 / Resource Hash `e4ff18f92220e11cd5074eb46397661b61e83ecfc2bf49adf7ce30955a4aaa5d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding gzip content-length 472 content-type text/html; charset=utf-8 date Wed, 28 Aug 2024 14:07:21 GMT last-modified Tue, 27 Aug 2024 15:57:07 GMT server beegoServer:1.12.3
GET H2	200	main.d7df4648.js Show response auth.heimdall.watch/static/js/	3 MB 708 KB	194ms 192ms	Script application/javascript	20.99.161.44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://auth.heimdall.watch/static/js/main.d7df4648.js Requested by Host: auth.heimdall.watch URL: https://auth.heimdall.watch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 20.99.161.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software beegoServer:1.12.3 / Resource Hash `0c1a7a5c38186eade1f6ff70a006737318cee7b1419a65e2b083afa525528bf3` Request headers Referer https://auth.heimdall.watch/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 14:07:21 GMT content-encoding gzip last-modified Tue, 27 Aug 2024 15:57:07 GMT server beegoServer:1.12.3 accept-ranges bytes content-type application/javascript
GET H2	200	main.b5f23b34.css auth.heimdall.watch/static/css/	3 KB 1 KB	179ms 179ms	Stylesheet text/css	20.99.161.44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://auth.heimdall.watch/static/css/main.b5f23b34.css Requested by Host: auth.heimdall.watch URL: https://auth.heimdall.watch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 20.99.161.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software beegoServer:1.12.3 / Resource Hash `4a4859d0af1aa286329ebb1c613e5ef9abfba2d8a0aa6055af97dae472620b59` Request headers Referer https://auth.heimdall.watch/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 14:07:21 GMT content-encoding gzip last-modified Tue, 27 Aug 2024 15:57:07 GMT server beegoServer:1.12.3 accept-ranges bytes content-length 1080 content-type text/css; charset=utf-8
GET H2	200	get-account Show response auth.heimdall.watch/api/	130 B 182 B	189ms 189ms	Fetch application/json	20.99.161.44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://auth.heimdall.watch/api/get-account Requested by Host: auth.heimdall.watch URL: https://auth.heimdall.watch/static/js/main.d7df4648.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 20.99.161.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software beegoServer:1.12.3 / Resource Hash `ee611932fce2d2d017fa0ffa9e73b97721bb5ef9cc69c9882079540bbdf485c8` Request headers Accept-Language en;q=0.9,en;q=0.8 Referer https://auth.heimdall.watch/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 14:07:24 GMT content-encoding gzip server beegoServer:1.12.3 content-length 109 content-type application/json; charset=utf-8
GET H2	200	6524.bf14a480.chunk.js auth.heimdall.watch/static/js/	743 KB 0	182ms 181ms	Script application/javascript	20.99.161.44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://auth.heimdall.watch/static/js/6524.bf14a480.chunk.js Requested by Host: auth.heimdall.watch URL: https://auth.heimdall.watch/static/js/main.d7df4648.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 20.99.161.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software beegoServer:1.12.3 / Resource Hash Request headers Referer https://auth.heimdall.watch/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 14:07:24 GMT content-encoding gzip last-modified Tue, 27 Aug 2024 15:57:07 GMT server beegoServer:1.12.3 accept-ranges bytes content-type application/javascript
GET H2	200	7457.002bc29a.chunk.js auth.heimdall.watch/static/js/	321 KB 0	381ms 380ms	Script application/javascript	20.99.161.44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://auth.heimdall.watch/static/js/7457.002bc29a.chunk.js Requested by Host: auth.heimdall.watch URL: https://auth.heimdall.watch/static/js/main.d7df4648.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 20.99.161.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software beegoServer:1.12.3 / Resource Hash Request headers Referer https://auth.heimdall.watch/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 14:07:24 GMT content-encoding gzip last-modified Tue, 27 Aug 2024 15:57:07 GMT server beegoServer:1.12.3 accept-ranges bytes content-type application/javascript
GET H2	200	4837.b9e68e0d.chunk.css auth.heimdall.watch/static/css/	12 KB 3 KB	358ms 357ms	Stylesheet text/css	20.99.161.44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://auth.heimdall.watch/static/css/4837.b9e68e0d.chunk.css Requested by Host: auth.heimdall.watch URL: https://auth.heimdall.watch/static/js/main.d7df4648.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 20.99.161.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software beegoServer:1.12.3 / Resource Hash `6d48e7d66168369bb4222d134c85ccaafcc5e569f26ed6f4e78d2ed9f6dfe2eb` Request headers Referer https://auth.heimdall.watch/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 14:07:24 GMT content-encoding gzip last-modified Tue, 27 Aug 2024 15:57:07 GMT server beegoServer:1.12.3 accept-ranges bytes content-type text/css; charset=utf-8
GET H2	200	4837.a144d319.chunk.js Show response auth.heimdall.watch/static/js/	614 KB 88 KB	360ms 360ms	Script application/javascript	20.99.161.44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://auth.heimdall.watch/static/js/4837.a144d319.chunk.js Requested by Host: auth.heimdall.watch URL: https://auth.heimdall.watch/static/js/main.d7df4648.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 20.99.161.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software beegoServer:1.12.3 / Resource Hash `d3b166e3bddaeda501a4df2cbdac69f48eb226f3dac28fb9ba7642024098e4f3` Request headers Referer https://auth.heimdall.watch/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 14:07:24 GMT content-encoding gzip last-modified Tue, 27 Aug 2024 15:57:07 GMT server beegoServer:1.12.3 accept-ranges bytes content-type application/javascript
GET H2	200	casdoor-logo_1185x256.png cdn.casbin.org/img/	71 KB 71 KB	1197ms 28ms	Image image/png	2606:50c0:8001::153 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.casbin.org/img/casdoor-logo_1185x256.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US), Reverse DNS Software GitHub.com / Resource Hash `cad005da477becf0b404368be7523b78aeaaf4ec595ce9bdee5c396948d3800d` Request headers Referer https://auth.heimdall.watch/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Sat, 24 Aug 2024 03:44:33 GMT x-fastly-request-id 9c0de03914c0681c452a3ebf04a46b9b3363a6d0 date Wed, 28 Aug 2024 14:07:26 GMT via 1.1 varnish x-cache-hits 1 age 161 x-cache HIT content-length 72204 x-served-by cache-fra-eddf8230101-FRA last-modified Fri, 12 Jul 2024 03:28:34 GMT server GitHub.com x-github-request-id D2A5:0DB6:1B93E03:1C161C7:66C954C8 x-timer S1724854046.112724,VS0,VE3 etag "6690a2e2-11a0c" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS
GET H2	200	favicon.png cdn.casdoor.com/static/	38 KB 38 KB	1429ms 85ms	Other image/png	47.246.46.210 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://cdn.casdoor.com/static/favicon.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 47.246.46.210 Milan, Italy, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `708946828401ef738b4a10cc63029d94e835307c094974b129ead5f4dc48d6ec` Request headers Referer https://auth.heimdall.watch/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 13:12:41 GMT via cache28.l2us1[0,0,304-0,H], cache35.l2us1[1,0], ens-cache14.it4[0,0,200-0,H], ens-cache14.it4[1,0] x-oss-request-id 66CF22490BFF4B3931577901 content-md5 ze235AeAdtSWwOj+yZOdFA== age 3285 x-swift-cachetime 3600 x-cache HIT TCP_MEM_HIT dirn:-2:-2 x-oss-cdn-auth success x-swift-savetime Wed, 28 Aug 2024 13:58:32 GMT content-length 38624 x-oss-object-type Normal last-modified Sun, 13 Feb 2022 15:28:51 GMT server Tengine etag "CDEDB7E4078076D496C0E8FEC9939D14" ali-swift-global-savetime 1724850761 content-type image/png access-control-allow-origin * x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 4006038206320433066 eagleid 2ff62ea217248540464672315e x-oss-server-time 36
GET H2	200	casdoor-logo_1185x256.png cdn.casbin.org/img/	71 KB 0	0ms 0ms	Image image/png	2606:50c0:8001::153 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.casbin.org/img/casdoor-logo_1185x256.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US), Reverse DNS Software GitHub.com / Resource Hash `cad005da477becf0b404368be7523b78aeaaf4ec595ce9bdee5c396948d3800d` Request headers Referer https://auth.heimdall.watch/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Sat, 24 Aug 2024 03:44:33 GMT x-fastly-request-id 9c0de03914c0681c452a3ebf04a46b9b3363a6d0 date Wed, 28 Aug 2024 14:07:26 GMT via 1.1 varnish x-cache-hits 1 age 161 x-cache HIT content-length 72204 x-served-by cache-fra-eddf8230101-FRA last-modified Fri, 12 Jul 2024 03:28:34 GMT server GitHub.com x-github-request-id D2A5:0DB6:1B93E03:1C161C7:66C954C8 x-timer S1724854046.112724,VS0,VE3 etag "6690a2e2-11a0c" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkweb function| clearImmediate function| setImmediate object| regeneratorRuntime

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			auth.heimdall.watch/	1970-01-20 23:50:46	Name: casdoor_session_id Value: 473a19cc1e4e53dc9a28e0a5cb71c15a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.heimdall.watch
cdn.casbin.org
cdn.casdoor.com
20.99.161.44
2606:50c0:8001::153
47.246.46.210
0c1a7a5c38186eade1f6ff70a006737318cee7b1419a65e2b083afa525528bf3
4a4859d0af1aa286329ebb1c613e5ef9abfba2d8a0aa6055af97dae472620b59
6d48e7d66168369bb4222d134c85ccaafcc5e569f26ed6f4e78d2ed9f6dfe2eb
708946828401ef738b4a10cc63029d94e835307c094974b129ead5f4dc48d6ec
cad005da477becf0b404368be7523b78aeaaf4ec595ce9bdee5c396948d3800d
d3b166e3bddaeda501a4df2cbdac69f48eb226f3dac28fb9ba7642024098e4f3
e4ff18f92220e11cd5074eb46397661b61e83ecfc2bf49adf7ce30955a4aaa5d
ee611932fce2d2d017fa0ffa9e73b97721bb5ef9cc69c9882079540bbdf485c8

auth.heimdall.watch Open in urlscan Pro 20.99.161.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

11 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

910 kBTransfer

4473 kBSize

1 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Indicators

auth.heimdall.watch Open in urlscan Pro
20.99.161.44 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

910 kB
Transfer

4473 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions