Submitted URL: https://activity.maruyu.work/
Effective URL: https://auth.maruyu.work/signin?clientId=lsgtfbufzq&redirectUri=https%3A%2F%2Factivity.maruyu.work%2Fapi%2Foauth%2Fcallba...
Submission: On August 17 via automatic, source certstream-suspicious — Scanned from JP

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 110.67.152.203, located in Takasago, Japan and belongs to SO-NET Sony Network Communications Inc., JP. The main domain is auth.maruyu.work.
TLS certificate: Issued by R10 on August 17th 2024. Valid for: 3 months.
This is the only time auth.maruyu.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 6 110.67.152.203 2527 (SO-NET So...)
4 2a04:4e42:200... 54113 (FASTLY)
8 2
Apex Domain
Subdomains
Transfer
6 maruyu.work
activity.maruyu.work
auth.maruyu.work
425 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
118 KB
8 2
Domain Requested by
5 auth.maruyu.work 1 redirects auth.maruyu.work
4 cdn.jsdelivr.net auth.maruyu.work
1 activity.maruyu.work 1 redirects
8 3

This site contains no links.

Subject Issuer Validity Valid
auth.maruyu.work
R10
2024-08-17 -
2024-11-15
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh

This page contains 1 frames:

Primary Page: https://auth.maruyu.work/signin?clientId=lsgtfbufzq&redirectUri=https%3A%2F%2Factivity.maruyu.work%2Fapi%2Foauth%2Fcallback&signinToken=mlr19tK3sSL8sL5mqK1hNJzCWgULg573loclLngWfCnhvtx9FW
Frame ID: 8B09EF3703CBB1BC1D1059E6D4C4F7A2
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Auth

Page URL History Show full URLs

  1. https://activity.maruyu.work/ HTTP 302
    https://auth.maruyu.work/api/oauth/authorize?client_id=lsgtfbufzq&redirect_uri=https%3A%2F%2Factivity... HTTP 302
    https://auth.maruyu.work/signin?clientId=lsgtfbufzq&redirectUri=https%3A%2F%2Factivity.maruyu.work%2F... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

541 kB
Transfer

867 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://activity.maruyu.work/ HTTP 302
    https://auth.maruyu.work/api/oauth/authorize?client_id=lsgtfbufzq&redirect_uri=https%3A%2F%2Factivity.maruyu.work%2Fapi%2Foauth%2Fcallback&response_type=code&state=82ec25a4-5935-4055-a6b8-2a6325f93380&scope=user&client_secret=qq8Ed8IjhlEWMo8W4mJjjwln2X6ru8T12nbh8wPumNSe6fEoE8&code_challenge=lF3a9krCy57HB8QMOEv0PiYEcSnXFCMI_fKcLNOERgA&code_challenge_method=S256 HTTP 302
    https://auth.maruyu.work/signin?clientId=lsgtfbufzq&redirectUri=https%3A%2F%2Factivity.maruyu.work%2Fapi%2Foauth%2Fcallback&signinToken=mlr19tK3sSL8sL5mqK1hNJzCWgULg573loclLngWfCnhvtx9FW Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request signin
auth.maruyu.work/
Redirect Chain
  • https://activity.maruyu.work/
  • https://auth.maruyu.work/api/oauth/authorize?client_id=lsgtfbufzq&redirect_uri=https%3A%2F%2Factivity.maruyu.work%2Fapi%2Foauth%2Fcallback&response_type=code&state=82ec25a4-5935-4055-a6b8-2a6325f93...
  • https://auth.maruyu.work/signin?clientId=lsgtfbufzq&redirectUri=https%3A%2F%2Factivity.maruyu.work%2Fapi%2Foauth%2Fcallback&signinToken=mlr19tK3sSL8sL5mqK1hNJzCWgULg573loclLngWfCnhvtx9FW
2 KB
2 KB
Document
General
Full URL
https://auth.maruyu.work/signin?clientId=lsgtfbufzq&redirectUri=https%3A%2F%2Factivity.maruyu.work%2Fapi%2Foauth%2Fcallback&signinToken=mlr19tK3sSL8sL5mqK1hNJzCWgULg573loclLngWfCnhvtx9FW
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
110.67.152.203 Takasago, Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
fp6e4398cb.tkyc107.ap.nuro.jp
Software
nginx /
Resource Hash
92862f5fd2a1f7a4370a99a1987418ded3a612129f0051d4cfa43fb94e100122

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Content-Length
1778
Content-Type
text/html; charset=UTF-8
Date
Sat, 17 Aug 2024 10:32:33 GMT
ETag
W/"6f2-1882ab7ddc8"
Last-Modified
Wed, 17 May 2023 17:17:52 GMT
RateLimit-Limit
20
RateLimit-Policy
20;w=900
RateLimit-Remaining
16
RateLimit-Reset
724
Server
nginx

Redirect headers

Connection
keep-alive
Content-Length
432
Content-Type
text/html; charset=utf-8
Date
Sat, 17 Aug 2024 10:32:33 GMT
Location
https://auth.maruyu.work/signin?clientId=lsgtfbufzq&redirectUri=https%3A%2F%2Factivity.maruyu.work%2Fapi%2Foauth%2Fcallback&signinToken=mlr19tK3sSL8sL5mqK1hNJzCWgULg573loclLngWfCnhvtx9FW
Server
nginx
Vary
Accept
react.production.min.js
cdn.jsdelivr.net/npm/react/umd/
10 KB
4 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/react/umd/react.production.min.js
Requested by
Host: auth.maruyu.work
URL: https://auth.maruyu.work/signin?clientId=lsgtfbufzq&redirectUri=https%3A%2F%2Factivity.maruyu.work%2Fapi%2Foauth%2Fcallback&signinToken=mlr19tK3sSL8sL5mqK1hNJzCWgULg573loclLngWfCnhvtx9FW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d949f1c3687aedadcedac85261865f29b17cd273997e7f6b2bfc53b2f9d4c4dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.maruyu.work/
Origin
https://auth.maruyu.work
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Aug 2024 10:32:33 GMT
x-content-type-options
nosniff
content-encoding
br
age
9079
x-jsd-version
18.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4467
x-served-by
cache-fra-eddf8230081-FRA, cache-nrt-rjtf7700067-NRT
x-jsd-version-type
version
etag
W/"29ff-qneuTEn1Jbwh3h0E8Ipdc5YsfM4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
react-dom.production.min.js
cdn.jsdelivr.net/npm/react-dom/umd/
129 KB
44 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/react-dom/umd/react-dom.production.min.js
Requested by
Host: auth.maruyu.work
URL: https://auth.maruyu.work/signin?clientId=lsgtfbufzq&redirectUri=https%3A%2F%2Factivity.maruyu.work%2Fapi%2Foauth%2Fcallback&signinToken=mlr19tK3sSL8sL5mqK1hNJzCWgULg573loclLngWfCnhvtx9FW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
35f4f974f4b2bcd44da73963347f8952e341f83909e4498227d4e26b98f66f0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.maruyu.work/
Origin
https://auth.maruyu.work
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Aug 2024 10:32:33 GMT
x-content-type-options
nosniff
content-encoding
br
age
38975
x-jsd-version
18.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
44549
x-served-by
cache-fra-eddf8230141-FRA, cache-nrt-rjtf7700067-NRT
x-jsd-version-type
version
etag
W/"202fb-/rjdydBWak+glxpuEThlhhjNrP4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
react-bootstrap.min.js
cdn.jsdelivr.net/npm/react-bootstrap@next/dist/
116 KB
40 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/react-bootstrap@next/dist/react-bootstrap.min.js
Requested by
Host: auth.maruyu.work
URL: https://auth.maruyu.work/signin?clientId=lsgtfbufzq&redirectUri=https%3A%2F%2Factivity.maruyu.work%2Fapi%2Foauth%2Fcallback&signinToken=mlr19tK3sSL8sL5mqK1hNJzCWgULg573loclLngWfCnhvtx9FW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
150523e0558852a799aae470ee18fdb61f89cf260ee6da8efd8687621156ae33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.maruyu.work/
Origin
https://auth.maruyu.work
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Aug 2024 10:32:33 GMT
x-content-type-options
nosniff
content-encoding
br
age
41573
x-jsd-version
2.9.0-beta.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
40369
x-served-by
cache-fra-eddf8230077-FRA, cache-nrt-rjtf7700067-NRT
x-jsd-version-type
version
etag
W/"1d187-o2+OYezMEsMzpEcT3E+ubsFUj8Q"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/
190 KB
30 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: auth.maruyu.work
URL: https://auth.maruyu.work/signin?clientId=lsgtfbufzq&redirectUri=https%3A%2F%2Factivity.maruyu.work%2Fapi%2Foauth%2Fcallback&signinToken=mlr19tK3sSL8sL5mqK1hNJzCWgULg573loclLngWfCnhvtx9FW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.maruyu.work/
Origin
https://auth.maruyu.work
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Aug 2024 10:32:33 GMT
x-content-type-options
nosniff
content-encoding
br
age
992358
x-jsd-version
5.2.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
30336
x-served-by
cache-fra-eddf8230122-FRA, cache-nrt-rjtf7700067-NRT
x-jsd-version-type
version
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
main.js
auth.maruyu.work/
410 KB
411 KB
Script
General
Full URL
https://auth.maruyu.work/main.js
Requested by
Host: auth.maruyu.work
URL: https://auth.maruyu.work/signin?clientId=lsgtfbufzq&redirectUri=https%3A%2F%2Factivity.maruyu.work%2Fapi%2Foauth%2Fcallback&signinToken=mlr19tK3sSL8sL5mqK1hNJzCWgULg573loclLngWfCnhvtx9FW
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
110.67.152.203 Takasago, Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
fp6e4398cb.tkyc107.ap.nuro.jp
Software
nginx /
Resource Hash
9480e322b9134533547131e8863d45d5bf6de9d70243c1c9e6f2bbba5945c69a

Request headers

Referer
https://auth.maruyu.work/signin?clientId=lsgtfbufzq&redirectUri=https%3A%2F%2Factivity.maruyu.work%2Fapi%2Foauth%2Fcallback&signinToken=mlr19tK3sSL8sL5mqK1hNJzCWgULg573loclLngWfCnhvtx9FW
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 17 Aug 2024 10:32:33 GMT
Last-Modified
Wed, 24 Jul 2024 15:11:04 GMT
Server
nginx
ETag
W/"668cf-190e54bbc3d"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
420047
me
auth.maruyu.work/api/auth/
178 B
550 B
Fetch
General
Full URL
https://auth.maruyu.work/api/auth/me
Requested by
Host: auth.maruyu.work
URL: https://auth.maruyu.work/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
110.67.152.203 Takasago, Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
fp6e4398cb.tkyc107.ap.nuro.jp
Software
nginx /
Resource Hash
98cffc0c24de09b4c63795843dfb5013dc59f936f582233f4522af4c3784c6f2

Request headers

Accept
application/json
mode
same-origin
Referer
https://auth.maruyu.work/signin?clientId=lsgtfbufzq&redirectUri=https%3A%2F%2Factivity.maruyu.work%2Fapi%2Foauth%2Fcallback&signinToken=mlr19tK3sSL8sL5mqK1hNJzCWgULg573loclLngWfCnhvtx9FW
credential
same-origin
Authorization
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Sat, 17 Aug 2024 10:32:33 GMT
Server
nginx
Connection
keep-alive
ETag
W/"b2-HFgTgPA9Ekfa0N2AzTK3o7/P7yk"
Content-Length
178
Content-Type
application/json; charset=utf-8
favicon.ico
auth.maruyu.work/
9 KB
10 KB
Other
General
Full URL
https://auth.maruyu.work/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
110.67.152.203 Takasago, Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
fp6e4398cb.tkyc107.ap.nuro.jp
Software
nginx /
Resource Hash
94c7d4b52ae4d481fb3f4cbd4615fe4fd7307df8870545419cf4963b8d8c16e9

Request headers

Referer
https://auth.maruyu.work/signin?clientId=lsgtfbufzq&redirectUri=https%3A%2F%2Factivity.maruyu.work%2Fapi%2Foauth%2Fcallback&signinToken=mlr19tK3sSL8sL5mqK1hNJzCWgULg573loclLngWfCnhvtx9FW
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 17 Aug 2024 10:32:33 GMT
Last-Modified
Wed, 24 Jul 2024 12:51:55 GMT
Server
nginx
ETag
W/"2545-190e4cc58ea"
Content-Type
image/x-icon
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9541

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| React object| ReactDOM object| ReactBootstrap object| Alert

2 Cookies

Domain/Path Name / Value
activity.maruyu.work/ Name: connect.sid
Value: s%3ABV6GBHtUuhZqHoH_ayJc6nTW0G-2g5ir.Yb7LY5tWT2pj97ViqQFQUg%2BXHPy7m9GrbXLYqvr3%2B24
auth.maruyu.work/ Name: connect.sid
Value: s%3A-CaW89xfxhm2kpLmEg4In3v88dR98gzo.C57j2KpyGh%2FS4Rsdg1CZGfEITeycp%2B50UFyxVXRpD2s

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://auth.maruyu.work/signin?clientId=lsgtfbufzq&redirectUri=https%3A%2F%2Factivity.maruyu.work%2Fapi%2Foauth%2Fcallback&signinToken=mlr19tK3sSL8sL5mqK1hNJzCWgULg573loclLngWfCnhvtx9FW
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o