c-steam1994-b13f.gcp.clockwork.io Open in urlscan Pro
34.127.53.48 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F
Submission Tags: @phishunt_io
Submission: On May 04 via api (May 4th 2022, 10:47:30 am UTC) from DE — Scanned from DE

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 34.127.53.48, located in The Dalles, United States and belongs to GOOGLE, US. The main domain is c-steam1994-b13f.gcp.clockwork.io.
TLS certificate: Issued by R3 on May 4th 2022. Valid for: 3 months.

This is the only time c-steam1994-b13f.gcp.clockwork.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	34.127.53.48 34.127.53.48		15169 (GOOGLE) (GOOGLE)
9	1

9 34.127.53.48 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 48.53.127.34.bc.googleusercontent.com

c-steam1994-b13f.gcp.clockwork.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	clockwork.io c-steam1994-b13f.gcp.clockwork.io	477 KB
9	1

	Domain	Requested by
9	c-steam1994-b13f.gcp.clockwork.io	c-steam1994-b13f.gcp.clockwork.io
9	1

This site contains links to these domains. Also see Links.

Domain
www.clockwork.io

Subject Issuer	Validity	Valid
c-steam1994-b13f.gcp.clockwork.io R3	`2022-05-04` - `2022-08-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F
Frame ID: F090C413301759CC198A7DF1586A7938
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Clockwork

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Django (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

477 kB
Transfer

476 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response c-steam1994-b13f.gcp.clockwork.io/login/	2 KB 3 KB	503ms 143ms	Document text/html	34.127.53.48 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.127.53.48 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 48.53.127.34.bc.googleusercontent.com Software / Resource Hash `f6937fdac3189dd6abdc9127aba64332873835e483090589acea3842fc698adf` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-length 2466 content-type text/html; charset=utf-8 date Wed, 04 May 2022 10:47:24 GMT vary Cookie
GET H2	200	material-icons.css c-steam1994-b13f.gcp.clockwork.io/static/css/	1 KB 1 KB	144ms 143ms	Stylesheet text/css	34.127.53.48 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c-steam1994-b13f.gcp.clockwork.io/static/css/material-icons.css Requested by Host: c-steam1994-b13f.gcp.clockwork.io URL: https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.127.53.48 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 48.53.127.34.bc.googleusercontent.com Software / Resource Hash `f08f9899d51d4c8c3f9a7b8922413bb5fe005d9a094e720226de6c360eeee5f4` Request headers accept-language de-DE,de;q=0.9 Referer https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 10:47:24 GMT last-modified Sat, 01 Jan 2000 00:00:00 GMT accept-ranges bytes content-length 1036 content-type text/css; charset=utf-8
GET H2	200	registration.css c-steam1994-b13f.gcp.clockwork.io/static/css/	190 KB 191 KB	144ms 144ms	Stylesheet text/css	34.127.53.48 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c-steam1994-b13f.gcp.clockwork.io/static/css/registration.css Requested by Host: c-steam1994-b13f.gcp.clockwork.io URL: https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.127.53.48 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 48.53.127.34.bc.googleusercontent.com Software / Resource Hash `a01fd64f943a8fc4cd257a0f860f54f12077451b19dfd2e9f2f8183029eba17f` Request headers accept-language de-DE,de;q=0.9 Referer https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 10:47:24 GMT last-modified Sat, 01 Jan 2000 00:00:00 GMT accept-ranges bytes content-length 194986 content-type text/css; charset=utf-8
GET H2	200	clockwork-logo-white.svg c-steam1994-b13f.gcp.clockwork.io/static/img/	3 KB 3 KB	434ms 433ms	Image image/svg+xml	34.127.53.48 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://c-steam1994-b13f.gcp.clockwork.io/static/img/clockwork-logo-white.svg Requested by Host: c-steam1994-b13f.gcp.clockwork.io URL: https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.127.53.48 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 48.53.127.34.bc.googleusercontent.com Software / Resource Hash `05d6c315280e848a9fc5bfea5907af3e726ad927ff57147ecab6f0c45fd00206` Request headers accept-language de-DE,de;q=0.9 Referer https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 10:47:24 GMT last-modified Sat, 01 Jan 2000 00:00:00 GMT accept-ranges bytes content-length 3404 content-type image/svg+xml
GET H2	200	jquery.min.js Show response c-steam1994-b13f.gcp.clockwork.io/static/js/	87 KB 87 KB	430ms 429ms	Script application/javascript	34.127.53.48 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c-steam1994-b13f.gcp.clockwork.io/static/js/jquery.min.js Requested by Host: c-steam1994-b13f.gcp.clockwork.io URL: https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.127.53.48 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 48.53.127.34.bc.googleusercontent.com Software / Resource Hash `f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d` Request headers accept-language de-DE,de;q=0.9 Referer https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 10:47:24 GMT last-modified Sat, 01 Jan 2000 00:00:00 GMT accept-ranges bytes content-length 89476 content-type application/javascript
GET H2	200	popper.min.js Show response c-steam1994-b13f.gcp.clockwork.io/static/js/	21 KB 21 KB	431ms 430ms	Script application/javascript	34.127.53.48 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c-steam1994-b13f.gcp.clockwork.io/static/js/popper.min.js Requested by Host: c-steam1994-b13f.gcp.clockwork.io URL: https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.127.53.48 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 48.53.127.34.bc.googleusercontent.com Software / Resource Hash `56a558946343791eaef63349a9e808074061c468832353feed25291531b7913f` Request headers accept-language de-DE,de;q=0.9 Referer https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 10:47:24 GMT last-modified Sat, 01 Jan 2000 00:00:00 GMT accept-ranges bytes content-length 21242 content-type application/javascript
GET H2	200	bootstrap.min.js Show response c-steam1994-b13f.gcp.clockwork.io/static/js/	59 KB 59 KB	432ms 431ms	Script application/javascript	34.127.53.48 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c-steam1994-b13f.gcp.clockwork.io/static/js/bootstrap.min.js Requested by Host: c-steam1994-b13f.gcp.clockwork.io URL: https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.127.53.48 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 48.53.127.34.bc.googleusercontent.com Software / Resource Hash `79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582` Request headers accept-language de-DE,de;q=0.9 Referer https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 10:47:24 GMT last-modified Sat, 01 Jan 2000 00:00:00 GMT accept-ranges bytes content-length 60044 content-type application/javascript
GET H2	200	bowser.min.js Show response c-steam1994-b13f.gcp.clockwork.io/static/js/	111 KB 111 KB	432ms 431ms	Script application/javascript	34.127.53.48 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c-steam1994-b13f.gcp.clockwork.io/static/js/bowser.min.js Requested by Host: c-steam1994-b13f.gcp.clockwork.io URL: https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.127.53.48 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 48.53.127.34.bc.googleusercontent.com Software / Resource Hash `5c855be1c0a456b971dcc27f2f6871351955811a15a96a376496e0f7d61b1183` Request headers accept-language de-DE,de;q=0.9 Referer https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 10:47:24 GMT last-modified Sat, 01 Jan 2000 00:00:00 GMT accept-ranges bytes content-length 113597 content-type application/javascript
GET H2	200	browser-alert.js Show response c-steam1994-b13f.gcp.clockwork.io/static/js/	853 B 881 B	433ms 432ms	Script application/javascript	34.127.53.48 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c-steam1994-b13f.gcp.clockwork.io/static/js/browser-alert.js Requested by Host: c-steam1994-b13f.gcp.clockwork.io URL: https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.127.53.48 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 48.53.127.34.bc.googleusercontent.com Software / Resource Hash `91d2e7397dac910b7ee3aefa3fdfffb3f7dc533eef7f2470377e3da30ba88a4d` Request headers accept-language de-DE,de;q=0.9 Referer https://c-steam1994-b13f.gcp.clockwork.io/login/?next=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 10:47:24 GMT last-modified Sat, 01 Jan 2000 00:00:00 GMT accept-ranges bytes content-length 853 content-type application/javascript

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			c-steam1994-b13f.gcp.clockwork.io/	1970-01-20 02:48:24	Name: csrftoken Value: MTY1MTY2MTI0NHxJbVpKUzBkeE16ZE5hMnBIVldoeFFtdFBjRWxCU1dWd1pVRXpXR1EyVkc1d05YbFZSMUprU21oaFpUUTlJZ289fNHg1PlB-bOO2lNz9-2HIFDZfXwWF2YPWWt_WAsvyI8T

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c-steam1994-b13f.gcp.clockwork.io
34.127.53.48
05d6c315280e848a9fc5bfea5907af3e726ad927ff57147ecab6f0c45fd00206
56a558946343791eaef63349a9e808074061c468832353feed25291531b7913f
5c855be1c0a456b971dcc27f2f6871351955811a15a96a376496e0f7d61b1183
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
91d2e7397dac910b7ee3aefa3fdfffb3f7dc533eef7f2470377e3da30ba88a4d
a01fd64f943a8fc4cd257a0f860f54f12077451b19dfd2e9f2f8183029eba17f
f08f9899d51d4c8c3f9a7b8922413bb5fe005d9a094e720226de6c360eeee5f4
f6937fdac3189dd6abdc9127aba64332873835e483090589acea3842fc698adf
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

c-steam1994-b13f.gcp.clockwork.io Open in urlscan Pro 34.127.53.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

477 kBTransfer

476 kBSize

1 Cookies

1 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

1 Cookies

Indicators

c-steam1994-b13f.gcp.clockwork.io Open in urlscan Pro
34.127.53.48 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

477 kB
Transfer

476 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions