Submitted URL: https://auth.loretrek.cc/
Effective URL: https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
Submission: On February 21 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 18.185.145.248, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is auth.loretrek.cc.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 20th 2023. Valid for: a year.
This is the only time auth.loretrek.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
1 8 18.185.145.248 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
9 2
Apex Domain
Subdomains
Transfer
8 loretrek.cc
auth.loretrek.cc
331 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 196
9 KB
9 2
Domain Requested by
8 auth.loretrek.cc 1 redirects auth.loretrek.cc
2 cdnjs.cloudflare.com auth.loretrek.cc
9 2

This site contains links to these domains. Also see Links.

Domain
loretrek.cc
Subject Issuer Validity Valid
auth.loretrek.cc
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh

This page contains 1 frames:

Primary Page: https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
Frame ID: 8C3FFD8E85E5AA8C8ECD2E22CBEB58DB
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

Log in

Page URL History Show full URLs

  1. https://auth.loretrek.cc/ HTTP 302
    https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

340 kB
Transfer

357 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://auth.loretrek.cc/ HTTP 302
    https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Login
auth.loretrek.cc/Identity/Account/
Redirect Chain
  • https://auth.loretrek.cc/
  • https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
5 KB
6 KB
Document
General
Full URL
https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.145.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-145-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
dc99fe96844b4e8ba7599580d02b70d5fd9184b8ee9d9ac302f96ad973b42bba
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache,no-store
content-length
4980
content-type
text/html; charset=utf-8
date
Tue, 21 Feb 2023 12:25:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=2592000
x-amz-apigw-id
AsG9NGWEliAFXIw=
x-amzn-requestid
ffdfb755-95b3-46b7-98a2-3d979da9a912
x-amzn-trace-id
Root=1-63f4b854-09dbf9e049b0466218ece27e;Sampled=0
x-frame-options
SAMEORIGIN

Redirect headers

content-length
0
date
Tue, 21 Feb 2023 12:25:56 GMT
location
https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
strict-transport-security
max-age=2592000
x-amz-apigw-id
AsG9NECyliAFeEA=
x-amzn-requestid
f4c26d45-c9a4-4408-bf98-10223517ef1c
x-amzn-trace-id
Root=1-63f4b854-0b2da54e3f5049937d7b635a;Sampled=0
bootstrap.min.css
auth.loretrek.cc/lib/bootstrap/dist/css/
159 KB
159 KB
Stylesheet
General
Full URL
https://auth.loretrek.cc/lib/bootstrap/dist/css/bootstrap.min.css
Requested by
Host: auth.loretrek.cc
URL: https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.145.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-145-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
cfc391e34328c09f0680ae8ff3d63e86224ae7e71c973147ccb84540b2fdd9b8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 12:25:56 GMT
strict-transport-security
max-age=2592000
x-amzn-remapped-content-length
162720
last-modified
Thu, 02 Feb 2023 18:31:00 GMT
x-amzn-requestid
20ceb01c-3940-48ce-a2a6-ca561b899570
etag
"1d937347f6db1a0"
x-amzn-trace-id
Root=1-63f4b854-360adba045cb5fbe0298d703;Sampled=0
content-type
text/css
accept-ranges
bytes
x-amz-apigw-id
AsG9OHRQFiAFVww=
content-length
162720
site.css
auth.loretrek.cc/css/
362 B
674 B
Stylesheet
General
Full URL
https://auth.loretrek.cc/css/site.css?v=pAGv4ietcJNk_EwsQZ5BN9-K4MuNYS2a9wl4Jw-q9D0
Requested by
Host: auth.loretrek.cc
URL: https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.145.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-145-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a401afe227ad709364fc4c2c419e4137df8ae0cb8d612d9af70978270faaf43d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 12:25:56 GMT
strict-transport-security
max-age=2592000
x-amzn-remapped-content-length
362
last-modified
Thu, 02 Feb 2023 18:31:00 GMT
x-amzn-requestid
3bb52cba-898c-43c0-b66c-ac30effe1c58
etag
"1d937347f6fcb6a"
x-amzn-trace-id
Root=1-63f4b854-46e203e816062ebd23df95d7;Sampled=0
content-type
text/css
accept-ranges
bytes
x-amz-apigw-id
AsG9OH-ZFiAFQLQ=
content-length
362
LoreTrekAuth.styles.css
auth.loretrek.cc/
0
0
Stylesheet
General
Full URL
https://auth.loretrek.cc/LoreTrekAuth.styles.css
Requested by
Host: auth.loretrek.cc
URL: https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.145.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-145-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 12:25:56 GMT
strict-transport-security
max-age=2592000
x-amzn-trace-id
Root=1-63f4b854-168e3bb81c9dac604c394064;Sampled=0
x-amzn-requestid
2a0e0596-3a3d-43bb-afb1-75dfb65c927a
content-length
0
x-amz-apigw-id
AsG9OGpkliAFdzg=
jquery.min.js
auth.loretrek.cc/lib/jquery/dist/
87 KB
88 KB
Script
General
Full URL
https://auth.loretrek.cc/lib/jquery/dist/jquery.min.js
Requested by
Host: auth.loretrek.cc
URL: https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.145.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-145-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 12:25:56 GMT
strict-transport-security
max-age=2592000
x-amzn-remapped-content-length
89501
last-modified
Thu, 02 Feb 2023 18:31:00 GMT
x-amzn-requestid
7561492c-e626-4a5f-975a-27d0bec60630
etag
"1d937347f6e979d"
x-amzn-trace-id
Root=1-63f4b854-6962c60e3347d5a95a48d132;Sampled=0
content-type
text/javascript
accept-ranges
bytes
x-amz-apigw-id
AsG9OHGMFiAFnhg=
content-length
89501
bootstrap.bundle.min.js
auth.loretrek.cc/lib/bootstrap/dist/js/
77 KB
77 KB
Script
General
Full URL
https://auth.loretrek.cc/lib/bootstrap/dist/js/bootstrap.bundle.min.js
Requested by
Host: auth.loretrek.cc
URL: https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.145.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-145-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2aebc2552d7dadf4e3a0b80cc830c274e91146584dad8e29b04338b9ecedb363
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 12:25:56 GMT
strict-transport-security
max-age=2592000
x-amzn-remapped-content-length
78468
last-modified
Thu, 02 Feb 2023 18:31:00 GMT
x-amzn-requestid
618a0ed8-1b0a-4814-be41-96cf207f6e76
etag
"1d937347f6ef884"
x-amzn-trace-id
Root=1-63f4b854-5cd50fe3151f18fd275b0837;Sampled=0
content-type
text/javascript
accept-ranges
bytes
x-amz-apigw-id
AsG9OHxWliAFiSQ=
content-length
78468
site.js
auth.loretrek.cc/js/
230 B
548 B
Script
General
Full URL
https://auth.loretrek.cc/js/site.js?v=4q1jwFhaPaZgr8WAUSrux6hAuh0XDg9kPS3xIVq36I0
Requested by
Host: auth.loretrek.cc
URL: https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.145.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-145-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
33f35692fd57e7407f9a7a650fcc5cc12b828824f44f8f2c4d133323d87b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 12:25:56 GMT
strict-transport-security
max-age=2592000
x-amzn-remapped-content-length
230
last-modified
Thu, 02 Feb 2023 18:31:00 GMT
x-amzn-requestid
3be53495-4764-4ccc-85d7-3b6916a85f09
etag
"1d937347f6fcae6"
x-amzn-trace-id
Root=1-63f4b854-5987479f0a2f855030a38469;Sampled=0
content-type
text/javascript
accept-ranges
bytes
x-amz-apigw-id
AsG9OEl7FiAFslw=
content-length
230
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/
23 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/jquery.validate.min.js
Requested by
Host: auth.loretrek.cc
URL: https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.loretrek.cc/
Origin
https://auth.loretrek.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 12:25:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
18022124
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6677
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-5add"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vlojVwpIkGL%2BU49BHFU4lbcodAcbOBVLM%2BHi%2FAzueDAYgoPIzR1AicD8lw%2Bkr8ur4bU%2FHrUv%2FgIIXpdui5AWN8euOuUfS026Vcmdfn9GS7I7PrM9bVd7qdSKEHRIJ8qodgIa%2Fh7Q4ErnTH%2FFEOWIB8P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
79cf77af7dac8fca-FRA
expires
Sun, 11 Feb 2024 12:25:56 GMT
jquery.validate.unobtrusive.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.11/
6 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.11/jquery.validate.unobtrusive.min.js
Requested by
Host: auth.loretrek.cc
URL: https://auth.loretrek.cc/Identity/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46c9ca499e58948c90d50ea3f4504bbf6ec9bd53eddd9d0507f3edd6d74be46
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.loretrek.cc/
Origin
https://auth.loretrek.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 12:25:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7066303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1947
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-16ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSKO8SLzNhxlRIwpWm8ijuMl3KWW9gtjZgBnXYBOdZQLJ5i6x4XIM1pECXF%2Fng5lYliExKI6TG1kZozPUD39EPGQHWT8zdKNNE9gTMqCZSpLr7TO8YXnXa%2Bsoa8Tf0RjALWk7G9XbU1wJQrILKNlQ%2F2r"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
79cf77af7dad8fca-FRA
expires
Sun, 11 Feb 2024 12:25:56 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery number| uidEvent object| bootstrap

1 Cookies

Domain/Path Name / Value
auth.loretrek.cc/ Name: .AspNetCore.Antiforgery.JfTHg5CyIuY
Value: CfDJ8D7vkftUVV5OlkZ6JgXXCKZV_f8o984OxMu4WpoBRuY3lduc5W0L88UkaC6nhwp425O8fZ-jJrM7cvKsZVKPloZGRR2_bQ2jPRfaTmR1d-KwV6jurL_Ke9eDa6iYel3n7X2Tt0lt5z4UZ14vw_NAPu8

1 Console Messages

Source Level URL
Text
network error URL: https://auth.loretrek.cc/LoreTrekAuth.styles.css
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN