ava-client.dev.aws.netlight.com Open in urlscan Pro
13.32.121.107 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ava-client.dev.aws.netlight.com/
Submission: On September 22 via automatic, source certstream-suspicious (September 22nd 2021, 9:48:26 am UTC) — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 10 HTTP transactions. The main IP is 13.32.121.107, located in United States and belongs to AMAZON-02, US. The main domain is ava-client.dev.aws.netlight.com.
TLS certificate: Issued by Amazon on August 6th 2021. Valid for: a year.

This is the only time ava-client.dev.aws.netlight.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	13.32.121.107 13.32.121.107	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	54.77.56.80 54.77.56.80	16509 (AMAZON-02) (AMAZON-02)
10	5

6 13.32.121.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-107.fra60.r.cloudfront.net

ava-client.dev.aws.netlight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.56.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-56-80.eu-west-1.compute.amazonaws.com

ava.dev.aws.netlight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	netlight.com ava-client.dev.aws.netlight.com ava.dev.aws.netlight.com login.playground.netlight.com Failed	362 KB
1	google-analytics.com www.google-analytics.com	379 B
1	googletagmanager.com www.googletagmanager.com	50 KB
10	3

	Domain	Requested by
6	ava-client.dev.aws.netlight.com	ava-client.dev.aws.netlight.com
1	ava.dev.aws.netlight.com	ava-client.dev.aws.netlight.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	ava-client.dev.aws.netlight.com
0	login.playground.netlight.com Failed	ava-client.dev.aws.netlight.com
10	5

This site contains no links.

Subject Issuer	Validity	Valid
ava-client.dev.aws.netlight.com Amazon	`2021-08-06` - `2022-09-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.dev.aws.netlight.com Amazon	`2021-06-21` - `2022-07-20`	a year	crt.sh

This page contains 1 frames:

Frame: https://login.playground.netlight.com/adfs/ls/?SAMLRequest=hZJBb9swDIX%2FiqC7LFtLUVeIU2QrihbosCxxe%2BhloC06EWBLnih727%2Bf5yRre2mPAh8fyfdpef27a9mIgax3Bc%2BSlDN0tTfW7Qv%2BWN6KnF%2BvlgRdq3q9HuLBbfHngBTZ1OhIHysFH4LTHsiSdtAh6Vjr3frrg1ZJqvvgo699y9maCEOcRn3xjoYOww7DaGt83D4U%2FBBjT1pKGCExOCbwixKHsbX7Q0xq38nW762T80RJ5OW5yNnNtJB1EOcjzj6zPOlb%2BLMPfnDmrRmYhmRLkrNbH2qcTyt4Ay0hZ%2Fc3BV9vvzef0iarlDB4acSiqmtRmRxFk%2BcXTaVMdZEuJi1tgMiO%2BNJNNOC9owguFlylKhPplVCqTK%2F0ItcqS7JcPXO2OeXy2bpj3u%2BFWB1FpO%2FKciM233YlZ09nbpOAnyjpeXp4jed9Yzgz4asPCZyyP0ITE9fRGgyiwwgGIvwn8s9BQG9%2FTA5TeuNSvt5tdXq%2B%2FVCrvw%3D%3D&RelayState=https%3A%2F%2Fava-client.dev.aws.netlight.com&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=vk29VcM05jtAzBKebGfubBb7lo8zlYsXD7e%2F%2FRULYefe4FbQv1a4G%2BjAy19YPur8dAmIoKsB1tRufWd8bi9gQ3EUWqBxL%2F8Pd69guDS4hG4CZuan4O9w0DwjdsKOgJnfuphxoSD3zH4O2SjYwjEpObx2dfyn%2BIKgnAHWl7p73SPdGmineodVf14QR8DwiDHFsoziKgTKCLLA9%2BiHj2ksmS%2FwVVyk1V1cx3m9zfujJV283DNP2GvaAnXnRDZnpwujKWfdNcyWZKLCUnGnfyBK8ht5TkY1wkrHior94nPnjZbP2bsFMUa9zrRSEwm2rEom69wPjGEQWUBIWjXuHfejyw%3D%3D
Frame ID: AB9EE24AC70A226FCF9C968B175F3B94
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

10
Requests

90 %
HTTPS

50 %
IPv6

3
Domains

5
Subdomains

5
IPs

3
Countries

413 kB
Transfer

1360 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://ava.dev.aws.netlight.com/login HTTP 302
http://ava.dev.aws.netlight.com/saml2/authenticate/netlight?RelayState=https://ava-client.dev.aws.netlight.com HTTP 301
https://ava.dev.aws.netlight.com/saml2/authenticate/netlight?RelayState=https://ava-client.dev.aws.netlight.com HTTP 302
https://login.playground.netlight.com/adfs/ls/?SAMLRequest=hZJBb9swDIX%2FiqC7LFtLUVeIU2QrihbosCxxe%2BhloC06EWBLnih727%2Bf5yRre2mPAh8fyfdpef27a9mIgax3Bc%2BSlDN0tTfW7Qv%2BWN6KnF%2BvlgRdq3q9HuLBbfHngBTZ1OhIHysFH4LTHsiSdtAh6Vjr3frrg1ZJqvvgo699y9maCEOcRn3xjoYOww7DaGt83D4U%2FBBjT1pKGCExOCbwixKHsbX7Q0xq38nW762T80RJ5OW5yNnNtJB1EOcjzj6zPOlb%2BLMPfnDmrRmYhmRLkrNbH2qcTyt4Ay0hZ%2Fc3BV9vvzef0iarlDB4acSiqmtRmRxFk%2BcXTaVMdZEuJi1tgMiO%2BNJNNOC9owguFlylKhPplVCqTK%2F0ItcqS7JcPXO2OeXy2bpj3u%2BFWB1FpO%2FKciM233YlZ09nbpOAnyjpeXp4jed9Yzgz4asPCZyyP0ITE9fRGgyiwwgGIvwn8s9BQG9%2FTA5TeuNSvt5tdXq%2B%2FVCrvw%3D%3D&RelayState=https%3A%2F%2Fava-client.dev.aws.netlight.com&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=vk29VcM05jtAzBKebGfubBb7lo8zlYsXD7e%2F%2FRULYefe4FbQv1a4G%2BjAy19YPur8dAmIoKsB1tRufWd8bi9gQ3EUWqBxL%2F8Pd69guDS4hG4CZuan4O9w0DwjdsKOgJnfuphxoSD3zH4O2SjYwjEpObx2dfyn%2BIKgnAHWl7p73SPdGmineodVf14QR8DwiDHFsoziKgTKCLLA9%2BiHj2ksmS%2FwVVyk1V1cx3m9zfujJV283DNP2GvaAnXnRDZnpwujKWfdNcyWZKLCUnGnfyBK8ht5TkY1wkrHior94nPnjZbP2bsFMUa9zrRSEwm2rEom69wPjGEQWUBIWjXuHfejyw%3D%3D

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ava-client.dev.aws.netlight.com/ 3 KB
2 KB 54ms
13ms Document
text/html 13.32.121.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ava-client.dev.aws.netlight.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-107.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64b8c18a0781d6beeaff701038e0fd0deafc4d8477e462ae69df20775bd967e7

Request headers

:method: GET
:authority: ava-client.dev.aws.netlight.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
date: Tue, 21 Sep 2021 15:48:59 GMT
last-modified: Wed, 15 Sep 2021 10:53:16 GMT
etag: W/"ec733f0e0fca603c0f8613c364c308c3"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: q8KSjumRTBiH93Xc3H5nzlMjwZ6i_PpPXRDvFINeoRf1IjPWK2pHEw==
age: 64762

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
50 KB 59ms
34ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MGZVC0N447

Requested by

Host: ava-client.dev.aws.netlight.com
URL: https://ava-client.dev.aws.netlight.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36d547785484cc85561123fa4c1646b90dad859fdc575056fe0ea9609f5c4f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ava-client.dev.aws.netlight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 09:48:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51067
x-xss-protection: 0
expires: Wed, 22 Sep 2021 09:48:20 GMT

GET
H2 200 2.5cbd10d4.chunk.css
ava-client.dev.aws.netlight.com/static/css/ 20 KB
3 KB 78ms
77ms Stylesheet
text/css 13.32.121.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ava-client.dev.aws.netlight.com/static/css/2.5cbd10d4.chunk.css
Requested by: Host: ava-client.dev.aws.netlight.com
URL: https://ava-client.dev.aws.netlight.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-107.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0d1b0256ff85e0149e4b804bb62ef87985b6b0accdbc0414f2c0656624ea934

Request headers

:path: /static/css/2.5cbd10d4.chunk.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ava-client.dev.aws.netlight.com
referer: https://ava-client.dev.aws.netlight.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ava-client.dev.aws.netlight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 09:48:21 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 10:53:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"3a67029c9b08e33ac74907075ccfc4b1"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-amz-cf-id: OGOSY11_VyUnlZsuqjnlYH2b_R86Z4bvkcpUnHX6B5yVKvsTz2F5IA==

GET
H2 200 main.91058869.chunk.css
ava-client.dev.aws.netlight.com/static/css/ 56 KB
10 KB 328ms
327ms Stylesheet
text/css 13.32.121.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ava-client.dev.aws.netlight.com/static/css/main.91058869.chunk.css
Requested by: Host: ava-client.dev.aws.netlight.com
URL: https://ava-client.dev.aws.netlight.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-107.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0c25a8b238fe24896af75eb9462121e1c2d6f4a4289a80a0676ad54c8160a48

Request headers

:path: /static/css/main.91058869.chunk.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ava-client.dev.aws.netlight.com
referer: https://ava-client.dev.aws.netlight.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ava-client.dev.aws.netlight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 09:48:21 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 10:53:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"a1ad7cdc85bf588477f8f1310a57ea57"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-amz-cf-id: 5UTgPCczvOz0zKMhLVCCk9bimPdGstGoABC5VdYhtkxsPnx3fpK_hg==

GET
H2 200 2.2f5f24ab.chunk.js Show response
ava-client.dev.aws.netlight.com/static/js/ 1002 KB
294 KB 139ms
139ms Script
application/javascript 13.32.121.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ava-client.dev.aws.netlight.com/static/js/2.2f5f24ab.chunk.js
Requested by: Host: ava-client.dev.aws.netlight.com
URL: https://ava-client.dev.aws.netlight.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-107.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d15ae67463b554204e3779f3512bc7a6581b52d55d9fc18c532c8f01c4340d2f

Request headers

:path: /static/js/2.2f5f24ab.chunk.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ava-client.dev.aws.netlight.com
referer: https://ava-client.dev.aws.netlight.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ava-client.dev.aws.netlight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 09:48:21 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 10:53:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"387b1362c271d3371995eb85fe159af5"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-amz-cf-id: P0wyOaziaqeGL4eVVUwqkE1eNTn8HixWioUN04P35ogvdWgbTXoQqQ==

GET
H2 200 main.58cd684a.chunk.js Show response
ava-client.dev.aws.netlight.com/static/js/ 138 KB
38 KB 107ms
107ms Script
application/javascript 13.32.121.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ava-client.dev.aws.netlight.com/static/js/main.58cd684a.chunk.js
Requested by: Host: ava-client.dev.aws.netlight.com
URL: https://ava-client.dev.aws.netlight.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-107.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 619bdec4a49dd3b28180164468acb877083f8552ba56bf05b2167b455a10ccde

Request headers

:path: /static/js/main.58cd684a.chunk.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ava-client.dev.aws.netlight.com
referer: https://ava-client.dev.aws.netlight.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ava-client.dev.aws.netlight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 09:48:21 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 10:53:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"4d15bdfdf3e87ae946f31f3daf3b23d3"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-amz-cf-id: Hi3Vf3APtIMTAItUKaaRBpq-L7GMWvnQBBXpAOAXfa0C3cnIwqn9nQ==

POST
H2 204 collect
www.google-analytics.com/g/ 0
379 B 337ms
14ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-MGZVC0N447&gtm=2oe9k0&_p=2115862948&sr=1600x1200&ul=en-us&cid=558267018.1632304101&_s=1&dl=https%3A%2F%2Fava-client.dev.aws.netlight.com%2F&dt=AVA&sid=1632304100&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MGZVC0N447
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ava-client.dev.aws.netlight.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 09:48:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ava-client.dev.aws.netlight.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proximanova-regular-webfont.a717b39c.woff2
ava-client.dev.aws.netlight.com/static/media/ 14 KB
15 KB 145ms
145ms Font
binary/octet-stream 13.32.121.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ava-client.dev.aws.netlight.com/static/media/proximanova-regular-webfont.a717b39c.woff2
Requested by: Host: ava-client.dev.aws.netlight.com
URL: https://ava-client.dev.aws.netlight.com/static/css/main.91058869.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-107.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://ava-client.dev.aws.netlight.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _ga_MGZVC0N447=GS1.1.1632304100.1.0.1632304100.0; _ga=GA1.1.558267018.1632304101
:path: /static/media/proximanova-regular-webfont.a717b39c.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ava-client.dev.aws.netlight.com
referer: https://ava-client.dev.aws.netlight.com/static/css/main.91058869.chunk.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ava-client.dev.aws.netlight.com/static/css/main.91058869.chunk.css
Origin: https://ava-client.dev.aws.netlight.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 09:48:21 GMT
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
last-modified: Wed, 15 Sep 2021 10:53:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "ef7e71575e6464317a9692fd61f2bf42"
x-cache: Miss from cloudfront
content-type: binary/octet-stream
content-length: 14792
x-amz-cf-id: qVDtbkDLhdqDwmRpzdmHTwpUP7QY-t4n-_MzmlWD84PQ49f2CMlEEQ==

GET
H2 401 user
ava.dev.aws.netlight.com/v1/ 112 B
499 B 123ms
34ms XHR
application/json 54.77.56.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ava.dev.aws.netlight.com/v1/user

Requested by

Host: ava-client.dev.aws.netlight.com
URL: https://ava-client.dev.aws.netlight.com/static/js/2.2f5f24ab.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.56.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-56-80.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://ava-client.dev.aws.netlight.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 09:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://ava-client.dev.aws.netlight.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-xss-protection: 1; mode=block
expires: 0

GET

/
login.playground.netlight.com/adfs/ls/
Redirect Chain

https://ava.dev.aws.netlight.com/login
http://ava.dev.aws.netlight.com/saml2/authenticate/netlight?RelayState=https://ava-client.dev.aws.netlight.com
https://ava.dev.aws.netlight.com/saml2/authenticate/netlight?RelayState=https://ava-client.dev.aws.netlight.com
https://login.playground.netlight.com/adfs/ls/?SAMLRequest=hZJBb9swDIX%2FiqC7LFtLUVeIU2QrihbosCxxe%2BhloC06EWBLnih727%2Bf5yRre2mPAh8fyfdpef27a9mIgax3Bc%2BSlDN0tTfW7Qv%2BWN6KnF%2BvlgRdq3q9HuLBbfHngB...

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login.playground.netlight.com
URL: https://login.playground.netlight.com/adfs/ls/?SAMLRequest=hZJBb9swDIX%2FiqC7LFtLUVeIU2QrihbosCxxe%2BhloC06EWBLnih727%2Bf5yRre2mPAh8fyfdpef27a9mIgax3Bc%2BSlDN0tTfW7Qv%2BWN6KnF%2BvlgRdq3q9HuLBbfHngBTZ1OhIHysFH4LTHsiSdtAh6Vjr3frrg1ZJqvvgo699y9maCEOcRn3xjoYOww7DaGt83D4U%2FBBjT1pKGCExOCbwixKHsbX7Q0xq38nW762T80RJ5OW5yNnNtJB1EOcjzj6zPOlb%2BLMPfnDmrRmYhmRLkrNbH2qcTyt4Ay0hZ%2Fc3BV9vvzef0iarlDB4acSiqmtRmRxFk%2BcXTaVMdZEuJi1tgMiO%2BNJNNOC9owguFlylKhPplVCqTK%2F0ItcqS7JcPXO2OeXy2bpj3u%2BFWB1FpO%2FKciM233YlZ09nbpOAnyjpeXp4jed9Yzgz4asPCZyyP0ITE9fRGgyiwwgGIvwn8s9BQG9%2FTA5TeuNSvt5tdXq%2B%2FVCrvw%3D%3D&RelayState=https%3A%2F%2Fava-client.dev.aws.netlight.com&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=vk29VcM05jtAzBKebGfubBb7lo8zlYsXD7e%2F%2FRULYefe4FbQv1a4G%2BjAy19YPur8dAmIoKsB1tRufWd8bi9gQ3EUWqBxL%2F8Pd69guDS4hG4CZuan4O9w0DwjdsKOgJnfuphxoSD3zH4O2SjYwjEpObx2dfyn%2BIKgnAHWl7p73SPdGmineodVf14QR8DwiDHFsoziKgTKCLLA9%2BiHj2ksmS%2FwVVyk1V1cx3m9zfujJV283DNP2GvaAnXnRDZnpwujKWfdNcyWZKLCUnGnfyBK8ht5TkY1wkrHior94nPnjZbP2bsFMUa9zrRSEwm2rEom69wPjGEQWUBIWjXuHfejyw%3D%3D

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.netlight.com/	1970-01-20 14:56:16	Name: _ga_MGZVC0N447 Value: GS1.1.1632304100.1.0.1632304100.0
			.netlight.com/	1970-01-20 14:56:16	Name: _ga Value: GA1.1.558267018.1632304101

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ava.dev.aws.netlight.com/v1/user Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ava-client.dev.aws.netlight.com
ava.dev.aws.netlight.com
login.playground.netlight.com
www.google-analytics.com
www.googletagmanager.com
login.playground.netlight.com
13.32.121.107
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2008
54.77.56.80
36d547785484cc85561123fa4c1646b90dad859fdc575056fe0ea9609f5c4f9e
619bdec4a49dd3b28180164468acb877083f8552ba56bf05b2167b455a10ccde
64b8c18a0781d6beeaff701038e0fd0deafc4d8477e462ae69df20775bd967e7
b0c25a8b238fe24896af75eb9462121e1c2d6f4a4289a80a0676ad54c8160a48
d0d1b0256ff85e0149e4b804bb62ef87985b6b0accdbc0414f2c0656624ea934
d15ae67463b554204e3779f3512bc7a6581b52d55d9fc18c532c8f01c4340d2f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

ava-client.dev.aws.netlight.com Open in urlscan Pro 13.32.121.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

10 Requests

90 %HTTPS

50 %IPv6

3 Domains

5 Subdomains

5 IPs

3 Countries

413 kBTransfer

1360 kBSize

2 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

ava-client.dev.aws.netlight.com Open in urlscan Pro
13.32.121.107 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

50 %
IPv6

3
Domains

5
Subdomains

5
IPs

3
Countries

413 kB
Transfer

1360 kB
Size

2
Cookies

10 HTTP transactions
0 data transactions