staging-keycloak.hbgint.net Open in urlscan Pro
52.28.132.151 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://test.borderbulk.hermesborderguru.io/
Effective URL:
https://staging-keycloak.hbgint.net/auth/realms/hermes/protocol/openid-connect/auth?client_id=bb20-frontend-client&redirect_uri=http...
Submission: On February 14 via automatic, source certstream-suspicious (February 14th 2023, 2:32:55 am UTC) — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 52.28.132.151, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is staging-keycloak.hbgint.net.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 13th 2023. Valid for: a year.

This is the only time staging-keycloak.hbgint.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	52.222.139.16 52.222.139.16	16509 (AMAZON-02) (AMAZON-02)
11	52.28.132.151 52.28.132.151	16509 (AMAZON-02) (AMAZON-02)
15	2

4 52.222.139.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-16.ams50.r.cloudfront.net

test.borderbulk.hermesborderguru.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.28.132.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-132-151.eu-central-1.compute.amazonaws.com

staging-keycloak.hbgint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	hbgint.net staging-keycloak.hbgint.net	372 KB
4	hermesborderguru.io test.borderbulk.hermesborderguru.io	172 KB
15	2

	Domain	Requested by
11	staging-keycloak.hbgint.net	test.borderbulk.hermesborderguru.io staging-keycloak.hbgint.net
4	test.borderbulk.hermesborderguru.io	test.borderbulk.hermesborderguru.io
15	2

This site contains no links.

Subject Issuer	Validity	Valid
test.borderbulk.hermesborderguru.io Amazon	`2022-09-07` - `2023-10-06`	a year	crt.sh
hbgint.net Amazon RSA 2048 M02	`2023-02-13` - `2024-02-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://staging-keycloak.hbgint.net/auth/realms/hermes/protocol/openid-connect/auth?client_id=bb20-frontend-client&redirect_uri=https%3A%2F%2Ftest.borderbulk.hermesborderguru.io%2F&state=5cad451d-0ad9-43fe-9a76-64221540810a&response_mode=fragment&response_type=code&scope=openid&nonce=79eec435-6b65-494a-b9f3-bb03efe7ceda&code_challenge=Suo9-N4qCrJNVSYtZqazMgXOqk7lxfTvyGdg5CQJQSc&code_challenge_method=S256
Frame ID: 8D6BA8F5E1A696E7002B83B8D6CE112B
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to hermes

Page URL History Show full URLs

https://test.borderbulk.hermesborderguru.io/ Page URL
https://staging-keycloak.hbgint.net/auth/realms/hermes/protocol/openid-connect/auth?client_id=bb20-frontend-clie... Page URL

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

544 kB
Transfer

2436 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://test.borderbulk.hermesborderguru.io/ Page URL
https://staging-keycloak.hbgint.net/auth/realms/hermes/protocol/openid-connect/auth?client_id=bb20-frontend-client&redirect_uri=https%3A%2F%2Ftest.borderbulk.hermesborderguru.io%2F&state=5cad451d-0ad9-43fe-9a76-64221540810a&response_mode=fragment&response_type=code&scope=openid&nonce=79eec435-6b65-494a-b9f3-bb03efe7ceda&code_challenge=Suo9-N4qCrJNVSYtZqazMgXOqk7lxfTvyGdg5CQJQSc&code_challenge_method=S256 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
test.borderbulk.hermesborderguru.io/ 801 B
1 KB 428ms
80ms Document
text/html 52.222.139.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.borderbulk.hermesborderguru.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-16.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a20bed7aab63b63c30f14dfa46e5c0780b4631e4fcd70d7ad9f0276a43ed7694

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 801
content-type: text/html
date: Tue, 14 Feb 2023 02:32:51 GMT
etag: "e81934c3b8ae824591bf0645af7bf7d0"
last-modified: Mon, 13 Feb 2023 10:50:00 GMT
server: AmazonS3
via: 1.1 188ad9345a63903c70cb830c2aa31874.cloudfront.net (CloudFront)
x-amz-cf-id: fgX2TJqVuATkdBW1tk5sCyJU6hyMZfRAOwrys4n-UcvVzExSSrt04A==
x-amz-cf-pop: AMS50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: hGid4Z0ntW7NoE22us42VV4js9nTVEwa
x-cache: Miss from cloudfront

GET
H2 200 main.9edcd019.js Show response
test.borderbulk.hermesborderguru.io/static/js/ 395 KB
125 KB 96ms
94ms Script
application/javascript 52.222.139.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.borderbulk.hermesborderguru.io/static/js/main.9edcd019.js
Requested by: Host: test.borderbulk.hermesborderguru.io
URL: https://test.borderbulk.hermesborderguru.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-16.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 612d140dd104da0d5aee7c5e31df1cee3a3e22a12d3ef986aa8f9c7be28b6f70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test.borderbulk.hermesborderguru.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 02:32:51 GMT
x-amz-version-id: hvUCEw2Fs2_oxJpvIu71HnLp4.8ctjUj
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 10:50:02 GMT
server: AmazonS3
via: 1.1 188ad9345a63903c70cb830c2aa31874.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
etag: W/"ff37f030777802698e3661f0207e3867"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: r0ApAXgeRtGsDdE__8CTgqMs09_Ygoo2Pb_1AZnV28ymMU90UNUtwQ==

GET
H2 200 main.fe9bb542.css
test.borderbulk.hermesborderguru.io/static/css/ 352 KB
45 KB 165ms
164ms Stylesheet
text/css 52.222.139.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.borderbulk.hermesborderguru.io/static/css/main.fe9bb542.css
Requested by: Host: test.borderbulk.hermesborderguru.io
URL: https://test.borderbulk.hermesborderguru.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-16.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f1730b080693def08efb4aac5f5bce04b1a4a4a28d09368c0a435a5e04bc1ba2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test.borderbulk.hermesborderguru.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 02:32:51 GMT
x-amz-version-id: cTANTuE6RtH9J6EGalm.69yqvGbklV0w
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 10:50:00 GMT
server: AmazonS3
via: 1.1 188ad9345a63903c70cb830c2aa31874.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
etag: W/"3b011896f2b397659491ef7a46af0267"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: pisHQfXKgvHp-hRZ7GNyk2AGgD2KwhPxv_aeH_9yE3c9P70CxJDivA==

GET
H2 200 staging-keycloak.json
test.borderbulk.hermesborderguru.io/ 209 B
599 B 101ms
101ms XHR
application/json 52.222.139.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.borderbulk.hermesborderguru.io/staging-keycloak.json
Requested by: Host: test.borderbulk.hermesborderguru.io
URL: https://test.borderbulk.hermesborderguru.io/static/js/main.9edcd019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-16.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: application/json
Referer: https://test.borderbulk.hermesborderguru.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 02:32:51 GMT
x-amz-version-id: tfzKKax09xUmU9xg42poK3s3Aal0hULK
via: 1.1 188ad9345a63903c70cb830c2aa31874.cloudfront.net (CloudFront)
last-modified: Mon, 13 Feb 2023 10:50:00 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
etag: "3e749cea2e0fcdc703768f1e135c5a98"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: application/json
accept-ranges: bytes
content-length: 209
x-amz-cf-id: dLdUBb5xujKGjZIkLnbzp8dNkySuOtWChEk9BAzOviaM7dlvDSEN0w==

GET
H2 200 Primary Request auth Show response
staging-keycloak.hbgint.net/auth/realms/hermes/protocol/openid-connect/ 3 KB
5 KB 142ms
25ms Document
text/html 52.28.132.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-keycloak.hbgint.net/auth/realms/hermes/protocol/openid-connect/auth?client_id=bb20-frontend-client&redirect_uri=https%3A%2F%2Ftest.borderbulk.hermesborderguru.io%2F&state=5cad451d-0ad9-43fe-9a76-64221540810a&response_mode=fragment&response_type=code&scope=openid&nonce=79eec435-6b65-494a-b9f3-bb03efe7ceda&code_challenge=Suo9-N4qCrJNVSYtZqazMgXOqk7lxfTvyGdg5CQJQSc&code_challenge_method=S256

Requested by

Host: test.borderbulk.hermesborderguru.io
URL: https://test.borderbulk.hermesborderguru.io/static/js/main.9edcd019.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.132.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-132-151.eu-central-1.compute.amazonaws.com

Software

Resource Hash

086c70d7d777d7bed06d5cb9b5dc2c7de7bd37e90f0b5aaeaf79166d493d3a4f

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://test.borderbulk.hermesborderguru.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, must-revalidate, max-age=0
content-language: en
content-length: 3558
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Tue, 14 Feb 2023 02:32:50 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 base.css
staging-keycloak.hbgint.net/auth/resources/ltk1c/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 33 KB
5 KB 40ms
37ms Stylesheet
text/css 52.28.132.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-keycloak.hbgint.net/auth/resources/ltk1c/common/keycloak/web_modules/@patternfly/react-core/dist/styles/base.css

Requested by

Host: staging-keycloak.hbgint.net
URL: https://staging-keycloak.hbgint.net/auth/realms/hermes/protocol/openid-connect/auth?client_id=bb20-frontend-client&redirect_uri=https%3A%2F%2Ftest.borderbulk.hermesborderguru.io%2F&state=5cad451d-0ad9-43fe-9a76-64221540810a&response_mode=fragment&response_type=code&scope=openid&nonce=79eec435-6b65-494a-b9f3-bb03efe7ceda&code_challenge=Suo9-N4qCrJNVSYtZqazMgXOqk7lxfTvyGdg5CQJQSc&code_challenge_method=S256

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.132.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-132-151.eu-central-1.compute.amazonaws.com

Software

Resource Hash

1702da3d70ed3971675295bcd9d85b2e118764a639a7e8b0f543749470e7eba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 02:32:51 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 5247
x-xss-protection: 1; mode=block

GET
H2 200 app.css
staging-keycloak.hbgint.net/auth/resources/ltk1c/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 1 MB
95 KB 47ms
44ms Stylesheet
text/css 52.28.132.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-keycloak.hbgint.net/auth/resources/ltk1c/common/keycloak/web_modules/@patternfly/react-core/dist/styles/app.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.132.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-132-151.eu-central-1.compute.amazonaws.com

Software

Resource Hash

41538fbaca420db5036366ec211b8670e44a5aad43b1a5a5fc6667e4eac23036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 02:32:51 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H2 200 patternfly.min.css
staging-keycloak.hbgint.net/auth/resources/ltk1c/common/keycloak/node_modules/patternfly/dist/css/ 178 KB
31 KB 32ms
30ms Stylesheet
text/css 52.28.132.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-keycloak.hbgint.net/auth/resources/ltk1c/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.132.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-132-151.eu-central-1.compute.amazonaws.com

Software

Resource Hash

acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 02:32:51 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H2 200 patternfly-additions.min.css
staging-keycloak.hbgint.net/auth/resources/ltk1c/common/keycloak/node_modules/patternfly/dist/css/ 220 KB
30 KB 40ms
37ms Stylesheet
text/css 52.28.132.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-keycloak.hbgint.net/auth/resources/ltk1c/common/keycloak/node_modules/patternfly/dist/css/patternfly-additions.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.132.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-132-151.eu-central-1.compute.amazonaws.com

Software

Resource Hash

2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 02:32:51 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H2 200 pficon.css
staging-keycloak.hbgint.net/auth/resources/ltk1c/common/keycloak/lib/pficon/ 577 B
555 B 47ms
45ms Stylesheet
text/css 52.28.132.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-keycloak.hbgint.net/auth/resources/ltk1c/common/keycloak/lib/pficon/pficon.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.132.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-132-151.eu-central-1.compute.amazonaws.com

Software

Resource Hash

81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 02:32:51 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 323
x-xss-protection: 1; mode=block

GET
H2 200 login.css
staging-keycloak.hbgint.net/auth/resources/ltk1c/login/keycloak/css/ 16 KB
4 KB 39ms
38ms Stylesheet
text/css 52.28.132.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-keycloak.hbgint.net/auth/resources/ltk1c/login/keycloak/css/login.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.132.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-132-151.eu-central-1.compute.amazonaws.com

Software

Resource Hash

404ea35b3b92e0818cb5417a29c66690ed06f1c6808aa0eefc55b42b45672995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 02:32:51 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 3647
x-xss-protection: 1; mode=block

GET
H2 200 tile.css
staging-keycloak.hbgint.net/auth/resources/ltk1c/login/keycloak/css/ 7 KB
1 KB 46ms
45ms Stylesheet
text/css 52.28.132.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-keycloak.hbgint.net/auth/resources/ltk1c/login/keycloak/css/tile.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.132.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-132-151.eu-central-1.compute.amazonaws.com

Software

Resource Hash

38f57a9833dde172f48a5d3294357b7cdde64c6ad734ad59261e2c4246e4dd40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 02:32:51 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 1263
x-xss-protection: 1; mode=block

GET
H2 200 keycloak-bg.png
staging-keycloak.hbgint.net/auth/resources/ltk1c/login/keycloak/img/ 80 KB
80 KB 11ms
10ms Image
image/png 52.28.132.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://staging-keycloak.hbgint.net/auth/resources/ltk1c/login/keycloak/img/keycloak-bg.png

Requested by

Host: staging-keycloak.hbgint.net
URL: https://staging-keycloak.hbgint.net/auth/resources/ltk1c/login/keycloak/css/login.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.132.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-132-151.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0825175291be11f7689e8718295e422bb6fa4f8fefccc5610292b720c701ac4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 02:32:51 GMT
cache-control: max-age=2592000
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-type: image/png

GET
H2 200 OpenSans-Regular-webfont.woff2
staging-keycloak.hbgint.net/auth/resources/ltk1c/common/keycloak/node_modules/patternfly/dist/fonts/ 61 KB
59 KB 11ms
11ms Font
application/octet-stream 52.28.132.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-keycloak.hbgint.net/auth/resources/ltk1c/common/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Regular-webfont.woff2

Requested by

Host: staging-keycloak.hbgint.net
URL: https://staging-keycloak.hbgint.net/auth/resources/ltk1c/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.132.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-132-151.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://staging-keycloak.hbgint.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 02:32:51 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/octet-stream
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H2 200 OpenSans-Light-webfont.woff2
staging-keycloak.hbgint.net/auth/resources/ltk1c/common/keycloak/node_modules/patternfly/dist/fonts/ 62 KB
60 KB 14ms
13ms Font
application/octet-stream 52.28.132.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-keycloak.hbgint.net/auth/resources/ltk1c/common/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Light-webfont.woff2

Requested by

Host: staging-keycloak.hbgint.net
URL: https://staging-keycloak.hbgint.net/auth/resources/ltk1c/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.132.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-132-151.eu-central-1.compute.amazonaws.com

Software

Resource Hash

19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://staging-keycloak.hbgint.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 02:32:51 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/octet-stream
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
staging-keycloak.hbgint.net/auth/realms/hermes/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 5e2b0bdd-5dfd-46df-a6c0-e68766f1230b.81be5a28078e
staging-keycloak.hbgint.net/auth/realms/hermes/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 5e2b0bdd-5dfd-46df-a6c0-e68766f1230b.81be5a28078e
staging-keycloak.hbgint.net/auth/realms/hermes/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJiM2VhNGU4YS04NjAzLTRiZjItODMwYy0wYjdiZjBkN2QxODcifQ.eyJjaWQiOiJiYjIwLWZyb250ZW5kLWNsaWVudCIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vdGVzdC5ib3JkZXJidWxrLmhlcm1lc2JvcmRlcmd1cnUuaW8vIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQiLCJpc3MiOiJodHRwczovL3N0YWdpbmcta2V5Y2xvYWsuaGJnaW50Lm5ldC9hdXRoL3JlYWxtcy9oZXJtZXMiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL3Rlc3QuYm9yZGVyYnVsay5oZXJtZXNib3JkZXJndXJ1LmlvLyIsInN0YXRlIjoiNWNhZDQ1MWQtMGFkOS00M2ZlLTlhNzYtNjQyMjE1NDA4MTBhIiwibm9uY2UiOiI3OWVlYzQzNS02YjY1LTQ5NGEtYjlmMy1iYjAzZWZlN2NlZGEiLCJjb2RlX2NoYWxsZW5nZSI6IlN1bzktTjRxQ3JKTlZTWXRacWF6TWdYT3FrN2x4ZlR2eUdkZzVDUUpRU2MiLCJyZXNwb25zZV9tb2RlIjoiZnJhZ21lbnQifX0.BtcxgWQA6PsakU09V17YxNxNbetHuV027KrpfrJtDuk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

staging-keycloak.hbgint.net
test.borderbulk.hermesborderguru.io
52.222.139.16
52.28.132.151
0825175291be11f7689e8718295e422bb6fa4f8fefccc5610292b720c701ac4e
086c70d7d777d7bed06d5cb9b5dc2c7de7bd37e90f0b5aaeaf79166d493d3a4f
1702da3d70ed3971675295bcd9d85b2e118764a639a7e8b0f543749470e7eba3
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
38f57a9833dde172f48a5d3294357b7cdde64c6ad734ad59261e2c4246e4dd40
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
404ea35b3b92e0818cb5417a29c66690ed06f1c6808aa0eefc55b42b45672995
41538fbaca420db5036366ec211b8670e44a5aad43b1a5a5fc6667e4eac23036
612d140dd104da0d5aee7c5e31df1cee3a3e22a12d3ef986aa8f9c7be28b6f70
81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd
a20bed7aab63b63c30f14dfa46e5c0780b4631e4fcd70d7ad9f0276a43ed7694
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
f1730b080693def08efb4aac5f5bce04b1a4a4a28d09368c0a435a5e04bc1ba2

staging-keycloak.hbgint.net Open in urlscan Pro 52.28.132.151 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

544 kBTransfer

2436 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

3 Cookies

Indicators

staging-keycloak.hbgint.net Open in urlscan Pro
52.28.132.151 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

544 kB
Transfer

2436 kB
Size

3
Cookies

15 HTTP transactions
0 data transactions