auth.pdq.com Open in urlscan Pro
2606:4700::6810:d9f1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://landing.pdq.com/e3t/Ctc/2B*113/bsJN04/VWXNCD7D2_w1W7NnHVK55j2WjW6rg8CD57DF0RN2H2jzb3qgyTW7lCdLW6lZ3ndW18HfT71VNX...
Effective URL:
https://auth.pdq.com/u/login?state=hKFo2SBLQW5JQXBCSWw4b3JEUE03dHdFNXdrSFgzaUtyNjdPdaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIF...
Submission: On December 29 via manual (December 29th 2023, 11:11:42 am UTC) from IE — Scanned from DE

Summary HTTP 6 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 6 HTTP transactions. The main IP is 2606:4700::6810:d9f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth.pdq.com.
TLS certificate: Issued by E1 on December 22nd 2023. Valid for: 3 months.

This is the only time auth.pdq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2 2	2606:4700::68... 2606:4700::6812:9d3b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:d9f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:244... 2600:9000:2449:ea00:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	52.238.56.180 52.238.56.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
6	7

2 2606:2c40::c73c:67fe (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

landing.pdq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:9d3b (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

portal.pdq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:d9f1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

auth.pdq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2449:ea00:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.238.56.180 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pdqblob.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	pdq.com 4 redirects landing.pdq.com — Cisco Umbrella Rank: 624194 portal.pdq.com auth.pdq.com	37 KB
1	gstatic.com fonts.gstatic.com	46 KB
1	windows.net pdqblob.blob.core.windows.net	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 6793	63 KB
6	5

	Domain	Requested by
2	auth.pdq.com	1 redirects landing.pdq.com
2	portal.pdq.com	2 redirects
2	landing.pdq.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	pdqblob.blob.core.windows.net	auth.pdq.com
1	fonts.googleapis.com	auth.pdq.com
1	cdn.auth0.com	auth.pdq.com
6	7

This site contains no links.

Subject Issuer	Validity	Valid
landing.pdq.com GTS CA 1P5	`2023-11-21` - `2024-02-19`	3 months	crt.sh
auth.pdq.com E1	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.auth0.com Amazon RSA 2048 M01	`2023-02-24` - `2024-03-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 05	`2023-11-15` - `2024-06-27`	7 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.pdq.com/u/login?state=hKFo2SBLQW5JQXBCSWw4b3JEUE03dHdFNXdrSFgzaUtyNjdPdaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFRMVHhtWHVHeWFaMHQ5R3NPVWpxSnR6QjNLY1lxZktUo2NpZNkgUG5BWkhwalpXVmFRbWFqVFF2bTNGYnY5ZTY0VnJtYlA
Frame ID: 28130047818AC2F7835B1544C0A1B89B
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in to portal.pdq.com

Page URL History Show full URLs

https://landing.pdq.com/e3t/Ctc/2B*113/bsJN04/VWXNCD7D2_w1W7NnHVK55j2WjW6rg8CD57DF0RN2H2jzb3qgyTW7lC... Page URL
https://landing.pdq.com/events/public/v1/encoded/track/tc/2B*113/bsJN04/VWXNCD7D2_w1W7NnHVK55j2WjW6r... HTTP 307
https://portal.pdq.com/cart/deploy_and_inventory?utm_campaign=2023q4_di_trial&utm_medium=email&_hsm... HTTP 302
https://portal.pdq.com/auth/auth0?state=SFMyNTY.g2gDbQAAAQwvY2FydC9kZXBsb3lfYW5kX2ludmVudG9yeT9faHN... HTTP 302
https://auth.pdq.com/authorize?client_id=PnAZHpjZWVaQmajTQvm3Fbv9e64VrmbP&redirect_uri=https%3A%2... HTTP 302
https://auth.pdq.com/u/login?state=hKFo2SBLQW5JQXBCSWw4b3JEUE03dHdFNXdrSFgzaUtyNjdPdaFur3VuaXZlcn... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

6
Requests

100 %
HTTPS

86 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

189 kB
Transfer

404 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://landing.pdq.com/e3t/Ctc/2B*113/bsJN04/VWXNCD7D2_w1W7NnHVK55j2WjW6rg8CD57DF0RN2H2jzb3qgyTW7lCdLW6lZ3ndW18HfT71VNXbrN16ZxVqztQ7-W8ysKLG2K5KvkW7zV97V5Ms51TVf6PpF67tbSlW2TfN4M6HrcwHW30y0-J4_8vQHW46JSJ777lrxrW64F9_-6XF-rHW5W9BS979zCn1W7N4MVB2HTtrcW7lQN596DNlVHW760Hlp8wqYbDW1jLG9g5cxRcvW1H6y-f56_RyQW3y5WPQ8q1MdkW7SWPM8233096W1n2Rqn4mkcbZW6sPLxz6Wd1DkVCJc1T3RKx_ZW79J8Yq89Lq2HW548xbk5K8wSnVy2Tbz2ZBbnyW8VYKt66WrNLKf4YbKk204 Page URL
https://landing.pdq.com/events/public/v1/encoded/track/tc/2B*113/bsJN04/VWXNCD7D2_w1W7NnHVK55j2WjW6rg8CD57DF0RN2H2jzb3qgyTW7lCdLW6lZ3ndW18HfT71VNXbrN16ZxVqztQ7-W8ysKLG2K5KvkW7zV97V5Ms51TVf6PpF67tbSlW2TfN4M6HrcwHW30y0-J4_8vQHW46JSJ777lrxrW64F9_-6XF-rHW5W9BS979zCn1W7N4MVB2HTtrcW7lQN596DNlVHW760Hlp8wqYbDW1jLG9g5cxRcvW1H6y-f56_RyQW3y5WPQ8q1MdkW7SWPM8233096W1n2Rqn4mkcbZW6sPLxz6Wd1DkVCJc1T3RKx_ZW79J8Yq89Lq2HW548xbk5K8wSnVy2Tbz2ZBbnyW8VYKt66WrNLKf4YbKk204?_ud=660174e6-adf3-444a-b275-28c7ae4f5dd9&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://portal.pdq.com/cart/deploy_and_inventory?utm_campaign=2023q4_di_trial&utm_medium=email&_hsmi=281977501&_hsenc=p2ANqtz--tgpAga3jveHIaRw-aetl-41PgAF_LBB9SKE8bZ8FO6DMslaD7y3xOlTVLxRwTz3xe_RKqvDDTZPugv6c8-sb3SWfGUg&utm_content=281977501&utm_source=hs_automation HTTP 302
https://portal.pdq.com/auth/auth0?state=SFMyNTY.g2gDbQAAAQwvY2FydC9kZXBsb3lfYW5kX2ludmVudG9yeT9faHNlbmM9cDJBTnF0ei0tdGdwQWdhM2p2ZUhJYVJ3LWFldGwtNDFQZ0FGX0xCQjlTS0U4Ylo4Rk82RE1zbGFEN3kzeE9sVFZMeFJ3VHozeGVfUktxdkREVFpQdWd2NmM4LXNiM1NXZkdVZyZfaHNtaT0yODE5Nzc1MDEmc2t1PWRlcGxveV9hbmRfaW52ZW50b3J5JnV0bV9jYW1wYWlnbj0yMDIzcTRfZGlfdHJpYWwmdXRtX2NvbnRlbnQ9MjgxOTc3NTAxJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1oc19hdXRvbWF0aW9ubgYA7MJFtYwBYgABUYA.AAy6BjtLndTx13bJVDD41jAw043JSNeF7pdfiitaMAY HTTP 302
https://auth.pdq.com/authorize?client_id=PnAZHpjZWVaQmajTQvm3Fbv9e64VrmbP&redirect_uri=https%3A%2F%2Fportal.pdq.com%2Fauth%2Fauth0%2Fcallback&response_type=code&scope=openid+profile+email&state=SFMyNTY.g2gDbQAAAQwvY2FydC9kZXBsb3lfYW5kX2ludmVudG9yeT9faHNlbmM9cDJBTnF0ei0tdGdwQWdhM2p2ZUhJYVJ3LWFldGwtNDFQZ0FGX0xCQjlTS0U4Ylo4Rk82RE1zbGFEN3kzeE9sVFZMeFJ3VHozeGVfUktxdkREVFpQdWd2NmM4LXNiM1NXZkdVZyZfaHNtaT0yODE5Nzc1MDEmc2t1PWRlcGxveV9hbmRfaW52ZW50b3J5JnV0bV9jYW1wYWlnbj0yMDIzcTRfZGlfdHJpYWwmdXRtX2NvbnRlbnQ9MjgxOTc3NTAxJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1oc19hdXRvbWF0aW9ubgYA7MJFtYwBYgABUYA.AAy6BjtLndTx13bJVDD41jAw043JSNeF7pdfiitaMAY HTTP 302
https://auth.pdq.com/u/login?state=hKFo2SBLQW5JQXBCSWw4b3JEUE03dHdFNXdrSFgzaUtyNjdPdaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFRMVHhtWHVHeWFaMHQ5R3NPVWpxSnR6QjNLY1lxZktUo2NpZNkgUG5BWkhwalpXVmFRbWFqVFF2bTNGYnY5ZTY0VnJtYlA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWXNCD7D2_w1W7NnHVK55j2WjW6rg8CD57DF0RN2H2jzb3qgyTW7lCdLW6lZ3ndW18HfT71VNXbrN16ZxVqztQ7-W8ysKLG2K5KvkW7zV97V5Ms51TVf6PpF67tbSlW2TfN4M6HrcwHW30y0-J4_8vQHW46JSJ777lrxrW64F9_-6XF-rHW5W9BS979zCn1W7N4MV...
landing.pdq.com/e3t/Ctc/2B*113/bsJN04/ 8 KB
4 KB 274ms
196ms Document
text/html 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.pdq.com/e3t/Ctc/2B*113/bsJN04/VWXNCD7D2_w1W7NnHVK55j2WjW6rg8CD57DF0RN2H2jzb3qgyTW7lCdLW6lZ3ndW18HfT71VNXbrN16ZxVqztQ7-W8ysKLG2K5KvkW7zV97V5Ms51TVf6PpF67tbSlW2TfN4M6HrcwHW30y0-J4_8vQHW46JSJ777lrxrW64F9_-6XF-rHW5W9BS979zCn1W7N4MVB2HTtrcW7lQN596DNlVHW760Hlp8wqYbDW1jLG9g5cxRcvW1H6y-f56_RyQW3y5WPQ8q1MdkW7SWPM8233096W1n2Rqn4mkcbZW6sPLxz6Wd1DkVCJc1T3RKx_ZW79J8Yq89Lq2HW548xbk5K8wSnVy2Tbz2ZBbnyW8VYKt66WrNLKf4YbKk204

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 83d19a6c19503a6d-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Fri, 29 Dec 2023 11:11:36 GMT
last-modified: Fri, 29 Dec 2023 11:11:36 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJa9%2FNde6DF6phWWE%2BuMYLRs%2FX5GK1NVZNpLyKfUZkO35aSi5X%2FsEh1%2Fa8B7MQ02QUvqmuiF3YMKwuVkQkEpKDWgKi%2FDoAo4zlM2HpYNfyjru7mCuDWZ668WyFeMJBherXHqjc5Tbup2LS5Dfg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 9
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-cb48dccbd-d2zdw
x-evy-trace-virtual-host: all
x-hs-https-only: worker
x-hubspot-correlation-id: 8fd78232-eb05-430c-8c07-aeac0a572529
x-request-id: 8fd78232-eb05-430c-8c07-aeac0a572529
x-robots-tag: none

GET
H2

200

Primary Request login Show response
auth.pdq.com/u/
Redirect Chain

https://landing.pdq.com/events/public/v1/encoded/track/tc/2B*113/bsJN04/VWXNCD7D2_w1W7NnHVK55j2WjW6rg8CD57DF0RN2H2jzb3qgyTW7lCdLW6lZ3ndW18HfT71VNXbrN16ZxVqztQ7-W8ysKLG2K5KvkW7zV97V5Ms51TVf6PpF67tbS...
https://portal.pdq.com/cart/deploy_and_inventory?utm_campaign=2023q4_di_trial&utm_medium=email&_hsmi=281977501&_hsenc=p2ANqtz--tgpAga3jveHIaRw-aetl-41PgAF_LBB9SKE8bZ8FO6DMslaD7y3xOlTVLxRwTz3xe_RKqv...
https://portal.pdq.com/auth/auth0?state=SFMyNTY.g2gDbQAAAQwvY2FydC9kZXBsb3lfYW5kX2ludmVudG9yeT9faHNlbmM9cDJBTnF0ei0tdGdwQWdhM2p2ZUhJYVJ3LWFldGwtNDFQZ0FGX0xCQjlTS0U4Ylo4Rk82RE1zbGFEN3kzeE9sVFZMeFJ3V...
https://auth.pdq.com/authorize?client_id=PnAZHpjZWVaQmajTQvm3Fbv9e64VrmbP&redirect_uri=https%3A%2F%2Fportal.pdq.com%2Fauth%2Fauth0%2Fcallback&response_type=code&scope=openid+profile+email&state=SFM...
https://auth.pdq.com/u/login?state=hKFo2SBLQW5JQXBCSWw4b3JEUE03dHdFNXdrSFgzaUtyNjdPdaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFRMVHhtWHVHeWFaMHQ5R3NPVWpxSnR6QjNLY1lxZktUo2NpZNkgUG5BWkhwalpXVmFRbWFqVFF2bTNGYn...

29 KB
29 KB

339ms
339ms

Document
text/html

2606:4700::6810:d9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.pdq.com/u/login?state=hKFo2SBLQW5JQXBCSWw4b3JEUE03dHdFNXdrSFgzaUtyNjdPdaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFRMVHhtWHVHeWFaMHQ5R3NPVWpxSnR6QjNLY1lxZktUo2NpZNkgUG5BWkhwalpXVmFRbWFqVFF2bTNGYnY5ZTY0VnJtYlA

Requested by

Host: landing.pdq.com
URL: https://landing.pdq.com/e3t/Ctc/2B*113/bsJN04/VWXNCD7D2_w1W7NnHVK55j2WjW6rg8CD57DF0RN2H2jzb3qgyTW7lCdLW6lZ3ndW18HfT71VNXbrN16ZxVqztQ7-W8ysKLG2K5KvkW7zV97V5Ms51TVf6PpF67tbSlW2TfN4M6HrcwHW30y0-J4_8vQHW46JSJ777lrxrW64F9_-6XF-rHW5W9BS979zCn1W7N4MVB2HTtrcW7lQN596DNlVHW760Hlp8wqYbDW1jLG9g5cxRcvW1H6y-f56_RyQW3y5WPQ8q1MdkW7SWPM8233096W1n2Rqn4mkcbZW6sPLxz6Wd1DkVCJc1T3RKx_ZW79J8Yq89Lq2HW548xbk5K8wSnVy2Tbz2ZBbnyW8VYKt66WrNLKf4YbKk204

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:d9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

414e80c0c805ca5a0772e4f4eacf245b55dc5409a63cb9d1ea0c3f319ddb0d56

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://landing.pdq.com/e3t/Ctc/2B*113/bsJN04/VWXNCD7D2_w1W7NnHVK55j2WjW6rg8CD57DF0RN2H2jzb3qgyTW7lCdLW6lZ3ndW18HfT71VNXbrN16ZxVqztQ7-W8ysKLG2K5KvkW7zV97V5Ms51TVf6PpF67tbSlW2TfN4M6HrcwHW30y0-J4_8vQHW46JSJ777lrxrW64F9_-6XF-rHW5W9BS979zCn1W7N4MVB2HTtrcW7lQN596DNlVHW760Hlp8wqYbDW1jLG9g5cxRcvW1H6y-f56_RyQW3y5WPQ8q1MdkW7SWPM8233096W1n2Rqn4mkcbZW6sPLxz6Wd1DkVCJc1T3RKx_ZW79J8Yq89Lq2HW548xbk5K8wSnVy2Tbz2ZBbnyW8VYKt66WrNLKf4YbKk204
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 83d19a76dffa5d6d-FRA
content-language: en
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Fri, 29 Dec 2023 11:11:38 GMT
etag: W/"7426-1Y6+76nJnQu8aNCl8sw+lf8rxC8"
expires: Fri, 29 Dec 2023 11:11:38 GMT
ot-baggage-auth0-request-id: 83d19a76dffa5d6d
ot-tracer-sampled: true
ot-tracer-spanid: 086b197a45beb188
ot-tracer-traceid: 3a521d4571b76792
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-00000000000000003a521d4571b76792-086b197a45beb188-01
tracestate: auth0-request-id=83d19a76dffa5d6d,auth0=true
vary: Accept-Encoding
x-auth0-dl: 35
x-auth0-requestid: cf07d400b427070b2b3d
x-content-type-options: nosniff
x-frame-options: deny
x-ratelimit-limit: 20
x-ratelimit-remaining: 19
x-ratelimit-reset: 1703848305
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 83d19a746d7c5d6d-FRA
content-length: 424
content-type: text/html; charset=utf-8
date: Fri, 29 Dec 2023 11:11:38 GMT
location: /u/login?state=hKFo2SBLQW5JQXBCSWw4b3JEUE03dHdFNXdrSFgzaUtyNjdPdaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFRMVHhtWHVHeWFaMHQ5R3NPVWpxSnR6QjNLY1lxZktUo2NpZNkgUG5BWkhwalpXVmFRbWFqVFF2bTNGYnY5ZTY0VnJtYlA
ot-baggage-auth0-request-id: 83d19a746d7c5d6d
ot-tracer-sampled: true
ot-tracer-spanid: 2ac1ff8d214e0b05
ot-tracer-traceid: 66a3e169767eaa76
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-000000000000000066a3e169767eaa76-2ac1ff8d214e0b05-01
tracestate: auth0-request-id=83d19a746d7c5d6d,auth0=true
vary: Accept, Accept-Encoding
x-auth0-requestid: 5d49d26301a07a6a0b1f
x-content-type-options: nosniff
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1703848298

GET
H2 200 main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.84.5/css/ 267 KB
63 KB 114ms
29ms Stylesheet
text/css 2600:9000:2449:ea00:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/ulp/react-components/1.84.5/css/main.cdn.min.css

Requested by

Host: auth.pdq.com
URL: https://auth.pdq.com/u/login?state=hKFo2SBLQW5JQXBCSWw4b3JEUE03dHdFNXdrSFgzaUtyNjdPdaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFRMVHhtWHVHeWFaMHQ5R3NPVWpxSnR6QjNLY1lxZktUo2NpZNkgUG5BWkhwalpXVmFRbWFqVFF2bTNGYnY5ZTY0VnJtYlA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2449:ea00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b708a06ca138f75e0cc6ebb934cd1de9b15775e3a1ebbda78489057e792c0e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: nLAjANvxUtfjrMS3SjInM9ZfJBsP2QP_
content-encoding: gzip
via: 1.1 c2905f891f96a0ec9c7fab16916dbb46.cloudfront.net (CloudFront)
date: Fri, 29 Dec 2023 01:58:36 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: AMS58-P6
age: 33182
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
last-modified: Fri, 15 Dec 2023 16:11:36 GMT
server: AmazonS3
etag: W/"e71c8afd519994c8d9eee6ff17f89723"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2628000,public
x-robots-tag: noindex
x-amz-cf-id: GqDQ_PDByNEbAR0MGHOEPIlkMyLUIpw3MvFCHwi5nWXvyCP6y8xFrA==

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 75ms
30ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0bc1f159c17f08cb6b3c78049738a9617e0f1741f386ff85eb559741be7ad55d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Dec 2023 11:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 11:05:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Dec 2023 11:11:38 GMT

GET
H/1.1 200
OK PDQ_logo_square2019-01.png
pdqblob.blob.core.windows.net/communityuploads/ 46 KB
46 KB 812ms
198ms Image
image/png 52.238.56.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdqblob.blob.core.windows.net/communityuploads/PDQ_logo_square2019-01.png
Requested by: Host: auth.pdq.com
URL: https://auth.pdq.com/u/login?state=hKFo2SBLQW5JQXBCSWw4b3JEUE03dHdFNXdrSFgzaUtyNjdPdaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFRMVHhtWHVHeWFaMHQ5R3NPVWpxSnR6QjNLY1lxZktUo2NpZNkgUG5BWkhwalpXVmFRbWFqVFF2bTNGYnY5ZTY0VnJtYlA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.238.56.180 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c8d910155b45a758cc1485305bc42e0b72b87ab9c99f6c42f1c226133d4595fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 29 Dec 2023 11:11:39 GMT
Last-Modified: Wed, 04 Dec 2019 19:47:27 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D778F2CAC713D1
Content-Type: image/png
x-ms-request-id: 567e1224-a01e-0070-6a47-3a70f6000000
x-ms-version: 2009-09-19
Content-Length: 47112

GET
DATA 200
OK truncated
/ 650 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

Referer
Origin: https://auth.pdq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 688 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd0c91dae3964654557348546b167581cdac13a2e00555b3c5b73e0981d4b165

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bffa8868ec1b685d9f0442f30636f2f70c5040b059c75ec6ad8c4f3c0aa14eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 310 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e852b2600a69469e5309761dfa02c3ac66ab0dacc98b0de1c3ba96e94a22aed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 64ms
19ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://auth.pdq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 08:53:58 GMT
x-content-type-options: nosniff
age: 267460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 08:53:58 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.landing.pdq.com/	1970-01-20 17:17:30	Name: __cf_bm Value: lHECvesL__ZA1k4.GF2H6IW0bNLXmbkR8pYoUdDZTew-1703848296-1-AfWauVlHDcV3uNAZeDBgyyNs3X/sqK30aW/5JbddLnBUnAUXfvf9xx0rP/bZEcuUiQdjyBqPo9JhS3ipUeI5jtw=
.landing.pdq.com/	1969-12-31 23:59:59	Name: __cfruid Value: 799024f8a97886840b6f46a67ecccce7ecb55690-1703848296
portal.pdq.com/	1969-12-31 23:59:59	Name: ueberauth.state_param Value: SFMyNTY.g2gDbQAAAQwvY2FydC9kZXBsb3lfYW5kX2ludmVudG9yeT9faHNlbmM9cDJBTnF0ei0tdGdwQWdhM2p2ZUhJYVJ3LWFldGwtNDFQZ0FGX0xCQjlTS0U4Ylo4Rk82RE1zbGFEN3kzeE9sVFZMeFJ3VHozeGVfUktxdkREVFpQdWd2NmM4LXNiM1NXZkdVZyZfaHNtaT0yODE5Nzc1MDEmc2t1PWRlcGxveV9hbmRfaW52ZW50b3J5JnV0bV9jYW1wYWlnbj0yMDIzcTRfZGlfdHJpYWwmdXRtX2NvbnRlbnQ9MjgxOTc3NTAxJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1oc19hdXRvbWF0aW9ubgYA7MJFtYwBYgABUYA.AAy6BjtLndTx13bJVDD41jAw043JSNeF7pdfiitaMAY
auth.pdq.com/	1970-01-21 02:03:25	Name: did Value: s%3Av0%3A08f836b0-a63b-11ee-954a-39202d1fb0e0.%2B%2Fe3NrCrAYD%2FU0x1Am4MolJ9m6anh2mC1SKE32pAzE0
auth.pdq.com/	1970-01-20 17:21:47	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQANcqF6waY1Q8aIlbL2n_3XrRdMpyCfncx7d7qAclslthkTDvpQiYnIn8D8IyIw1NEWLUpmV49u_nvZCEj1GUf-mY29va2llg6dleHBpcmVz1__hi0IAZZKd6a5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.VhneDszfe8jCLkS%2B9zM9%2FGDIJv2QAFbbKNexwJeKB2Q
auth.pdq.com/	1970-01-21 02:03:25	Name: did_compat Value: s%3Av0%3A08f836b0-a63b-11ee-954a-39202d1fb0e0.%2B%2Fe3NrCrAYD%2FU0x1Am4MolJ9m6anh2mC1SKE32pAzE0
auth.pdq.com/	1970-01-20 17:21:47	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQANcqF6waY1Q8aIlbL2n_3XrRdMpyCfncx7d7qAclslthkTDvpQiYnIn8D8IyIw1NEWLUpmV49u_nvZCEj1GUf-mY29va2llg6dleHBpcmVz1__hi0IAZZKd6a5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.VhneDszfe8jCLkS%2B9zM9%2FGDIJv2QAFbbKNexwJeKB2Q

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.pdq.com
cdn.auth0.com
fonts.googleapis.com
fonts.gstatic.com
landing.pdq.com
pdqblob.blob.core.windows.net
portal.pdq.com
2600:9000:2449:ea00:10:474e:104a:2961
2606:2c40::c73c:67fe
2606:4700::6810:d9f1
2606:4700::6812:9d3b
2a00:1450:4001:802::2003
2a00:1450:4001:82b::200a
52.238.56.180
0bc1f159c17f08cb6b3c78049738a9617e0f1741f386ff85eb559741be7ad55d
414e80c0c805ca5a0772e4f4eacf245b55dc5409a63cb9d1ea0c3f319ddb0d56
4e852b2600a69469e5309761dfa02c3ac66ab0dacc98b0de1c3ba96e94a22aed
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce
b708a06ca138f75e0cc6ebb934cd1de9b15775e3a1ebbda78489057e792c0e5d
bffa8868ec1b685d9f0442f30636f2f70c5040b059c75ec6ad8c4f3c0aa14eb5
c8d910155b45a758cc1485305bc42e0b72b87ab9c99f6c42f1c226133d4595fe
fd0c91dae3964654557348546b167581cdac13a2e00555b3c5b73e0981d4b165

auth.pdq.com Open in urlscan Pro 2606:4700::6810:d9f1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

86 %IPv6

5 Domains

7 Subdomains

7 IPs

2 Countries

189 kBTransfer

404 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

7 Cookies

Security Headers

Indicators

auth.pdq.com Open in urlscan Pro
2606:4700::6810:d9f1 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

86 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

189 kB
Transfer

404 kB
Size

7
Cookies

6 HTTP transactions
4 data transactions