auth.oclock.school Open in urlscan Pro
15.188.165.117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://vpn.eddi.cloud/
Effective URL:
https://auth.oclock.school/realms/oclock/protocol/openid-connect/auth?response_type=code&client_id=Vpn-compose&redirect_uri...
Submission: On April 10 via api (April 10th 2024, 4:49:54 pm UTC) from US — Scanned from US

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 15.188.165.117, located in Paris, France and belongs to AMAZON-02, US. The main domain is auth.oclock.school.
TLS certificate: Issued by Amazon RSA 2048 M03 on February 6th 2024. Valid for: a year.

This is the only time auth.oclock.school was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	35.181.45.35 35.181.45.35	16509 (AMAZON-02) (AMAZON-02)
9	15.188.165.117 15.188.165.117	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2003	15169 (GOOGLE) (GOOGLE)
11	3

2 35.181.45.35 (Paris, France) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-45-35.eu-west-3.compute.amazonaws.com

vpn.eddi.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 15.188.165.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-165-117.eu-west-3.compute.amazonaws.com

auth.oclock.school	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	oclock.school auth.oclock.school	47 KB
2	eddi.cloud 2 redirects vpn.eddi.cloud	466 B
1	gstatic.com fonts.gstatic.com	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 116	1 KB
11	4

	Domain	Requested by
9	auth.oclock.school	auth.oclock.school
2	vpn.eddi.cloud	2 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	auth.oclock.school
11	4

This site contains no links.

Subject Issuer	Validity	Valid
auth.oclock.school Amazon RSA 2048 M03	`2024-02-06` - `2025-03-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.oclock.school/realms/oclock/protocol/openid-connect/auth?response_type=code&client_id=Vpn-compose&redirect_uri=http%3A%2F%2Fvpn.eddi.cloud%2Fauthorize&scope=openid+email+profile&state=wSTDPYDo890i3rKga6TfuD1dSBKZeu&nonce=ZYH0lvUoLALg2xTP90ca
Frame ID: 9EB7AC54DF5ED044FD0E09BDB30AC4A6
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Connection - Oclock

Page URL History Show full URLs

https://vpn.eddi.cloud/ HTTP 302
https://vpn.eddi.cloud/login?next=http%3A%2F%2Fvpn.eddi.cloud%2F HTTP 302
https://auth.oclock.school/realms/oclock/protocol/openid-connect/auth?response_type=code&client_id=Vpn-... Page URL

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

94 kB
Transfer

111 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://vpn.eddi.cloud/ HTTP 302
https://vpn.eddi.cloud/login?next=http%3A%2F%2Fvpn.eddi.cloud%2F HTTP 302
https://auth.oclock.school/realms/oclock/protocol/openid-connect/auth?response_type=code&client_id=Vpn-compose&redirect_uri=http%3A%2F%2Fvpn.eddi.cloud%2Fauthorize&scope=openid+email+profile&state=wSTDPYDo890i3rKga6TfuD1dSBKZeu&nonce=ZYH0lvUoLALg2xTP90ca Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request auth Show response
auth.oclock.school/realms/oclock/protocol/openid-connect/
Redirect Chain

https://vpn.eddi.cloud/
https://vpn.eddi.cloud/login?next=http%3A%2F%2Fvpn.eddi.cloud%2F
https://auth.oclock.school/realms/oclock/protocol/openid-connect/auth?response_type=code&client_id=Vpn-compose&redirect_uri=http%3A%2F%2Fvpn.eddi.cloud%2Fauthorize&scope=openid+email+profile&state=...

6 KB
7 KB

309ms
94ms

Document
text/html

15.188.165.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.oclock.school/realms/oclock/protocol/openid-connect/auth?response_type=code&client_id=Vpn-compose&redirect_uri=http%3A%2F%2Fvpn.eddi.cloud%2Fauthorize&scope=openid+email+profile&state=wSTDPYDo890i3rKga6TfuD1dSBKZeu&nonce=ZYH0lvUoLALg2xTP90ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.165.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-165-117.eu-west-3.compute.amazonaws.com

Software

Resource Hash

81ca29aa991e5c8adb9400890d18cd5d3f4631a6b576213e687a8c954930fd18

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, must-revalidate, max-age=0
content-language: en
content-length: 6263
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Wed, 10 Apr 2024 16:49:49 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000
content-length: 735
content-type: text/html; charset=utf-8
date: Wed, 10 Apr 2024 16:49:49 GMT
location: https://auth.oclock.school/realms/oclock/protocol/openid-connect/auth?response_type=code&client_id=Vpn-compose&redirect_uri=http%3A%2F%2Fvpn.eddi.cloud%2Fauthorize&scope=openid+email+profile&state=wSTDPYDo890i3rKga6TfuD1dSBKZeu&nonce=ZYH0lvUoLALg2xTP90ca
server: Caddy Werkzeug/3.0.1 Python/3.12.3
vary: Cookie

GET
H2 200 reset.css
auth.oclock.school/resources/f2aju/login/oclock/css/ 3 KB
1 KB 95ms
93ms Stylesheet
text/css 15.188.165.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.oclock.school/resources/f2aju/login/oclock/css/reset.css

Requested by

Host: auth.oclock.school
URL: https://auth.oclock.school/realms/oclock/protocol/openid-connect/auth?response_type=code&client_id=Vpn-compose&redirect_uri=http%3A%2F%2Fvpn.eddi.cloud%2Fauthorize&scope=openid+email+profile&state=wSTDPYDo890i3rKga6TfuD1dSBKZeu&nonce=ZYH0lvUoLALg2xTP90ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.165.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-165-117.eu-west-3.compute.amazonaws.com

Software

Resource Hash

54133ff3cfcc88755637476e549e3077a348d1f4ca5d91512838d2ae927cc5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 16:49:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 1141
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
auth.oclock.school/resources/f2aju/login/oclock/css/ 7 KB
2 KB 132ms
130ms Stylesheet
text/css 15.188.165.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.oclock.school/resources/f2aju/login/oclock/css/styles.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.165.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-165-117.eu-west-3.compute.amazonaws.com

Software

Resource Hash

a76eb080cfcded020ab0e7e2ba113515b593bd7663ab8a7a80fd89d3ef4f227d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 16:49:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 2071
x-xss-protection: 1; mode=block

GET
H2 200 password-validation.js Show response
auth.oclock.school/resources/f2aju/login/oclock/js/ 3 KB
1 KB 133ms
131ms Script
text/javascript 15.188.165.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.oclock.school/resources/f2aju/login/oclock/js/password-validation.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.165.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-165-117.eu-west-3.compute.amazonaws.com

Software

Resource Hash

bcc3f8543700811e069b7f27f0103b41973560b91fa00915f62903d5d1122980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 16:49:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000
content-length: 1257
x-xss-protection: 1; mode=block

GET
H2 200 toast-error.js Show response
auth.oclock.school/resources/f2aju/login/oclock/js/ 1 KB
771 B 130ms
129ms Script
text/javascript 15.188.165.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.oclock.school/resources/f2aju/login/oclock/js/toast-error.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.165.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-165-117.eu-west-3.compute.amazonaws.com

Software

Resource Hash

eda166ea45292661b25df1f0f54777fd3ac0f995da45ea679846dc71a8b5b977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 16:49:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000
content-length: 534
x-xss-protection: 1; mode=block

GET
H2 200 logo.svg
auth.oclock.school/resources/f2aju/login/oclock/img/ 2 KB
1 KB 137ms
136ms Image
image/svg+xml 15.188.165.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.oclock.school/resources/f2aju/login/oclock/img/logo.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.165.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-165-117.eu-west-3.compute.amazonaws.com

Software

Resource Hash

b89810213f8f6a2bd9759046f5af8c64d9a5bc60187e21ac9703fa7b351f11bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 16:49:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
content-type: image/svg+xml
cache-control: max-age=2592000
content-length: 980
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 121ms
48ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@500;600;700&display=swap

Requested by

Host: auth.oclock.school
URL: https://auth.oclock.school/resources/f2aju/login/oclock/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a78993e0a66057d523122f4fcecbb681c566e5281ef2897a3d9939498705566e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Apr 2024 16:49:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 16:48:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Apr 2024 16:49:50 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 115ms
45ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://auth.oclock.school
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 22:13:15 GMT
x-content-type-options: nosniff
age: 153395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Apr 2025 22:13:15 GMT

GET
H2 404 oclock-bold
auth.oclock.school/resources/f2aju/login/oclock/fonts/ 0
0 99ms
98ms Font
text/plain 15.188.165.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.oclock.school/resources/f2aju/login/oclock/fonts/oclock-bold

Requested by

Host: auth.oclock.school
URL: https://auth.oclock.school/resources/f2aju/login/oclock/css/styles.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.165.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-165-117.eu-west-3.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://auth.oclock.school
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 16:49:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 oclock-bold.woff
auth.oclock.school/resources/f2aju/login/oclock/fonts/ 32 KB
32 KB 99ms
98ms Font
application/octet-stream 15.188.165.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.oclock.school/resources/f2aju/login/oclock/fonts/oclock-bold.woff

Requested by

Host: auth.oclock.school
URL: https://auth.oclock.school/resources/f2aju/login/oclock/css/styles.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.165.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-165-117.eu-west-3.compute.amazonaws.com

Software

Resource Hash

5686386743090ba7a6e2dd38c4a4d72d1de49e9df197d04fc998587e26f366b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://auth.oclock.school
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 16:49:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
content-type: application/octet-stream
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
auth.oclock.school/resources/f2aju/login/oclock/img/ 4 KB
733 B 94ms
93ms Other
application/octet-stream 15.188.165.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.oclock.school/resources/f2aju/login/oclock/img/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.188.165.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-165-117.eu-west-3.compute.amazonaws.com

Software

Resource Hash

869ec9496f3722236c9dfce71d8ab29b6ef7514c23db62db9e551136ebeda9ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 16:49:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
content-type: application/octet-stream
cache-control: max-age=2592000
content-length: 501
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
auth.oclock.school/realms/oclock/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI5YTVlNmRiNC1iNDYwLTQxZmMtODEyZC1jYzlhMzFhYjRjNGEifQ.eyJjaWQiOiJWcG4tY29tcG9zZSIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHA6Ly92cG4uZWRkaS5jbG91ZC9hdXRob3JpemUiLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJzY29wZSI6Im9wZW5pZCBlbWFpbCBwcm9maWxlIiwiaXNzIjoiaHR0cHM6Ly9hdXRoLm9jbG9jay5zY2hvb2wvcmVhbG1zL29jbG9jayIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cDovL3Zwbi5lZGRpLmNsb3VkL2F1dGhvcml6ZSIsInN0YXRlIjoid1NURFBZRG84OTBpM3JLZ2E2VGZ1RDFkU0JLWmV1Iiwibm9uY2UiOiJaWUgwbHZVb0xBTGcyeFRQOTBjYSJ9fQ.0kin6TrZGsUjmcRTxDrcC0SIVZv7F9bfMgXUOvOuXOM
auth.oclock.school/realms/oclock/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: b3aa938d-76dc-4141-9d06-9c223773900a.keycloak-school-13571
auth.oclock.school/realms/oclock/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: b3aa938d-76dc-4141-9d06-9c223773900a.keycloak-school-13571

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://auth.oclock.school/resources/f2aju/login/oclock/fonts/oclock-bold Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.oclock.school
fonts.googleapis.com
fonts.gstatic.com
vpn.eddi.cloud
15.188.165.117
2607:f8b0:4006:80e::2003
2607:f8b0:4006:81d::200a
35.181.45.35
54133ff3cfcc88755637476e549e3077a348d1f4ca5d91512838d2ae927cc5a7
5686386743090ba7a6e2dd38c4a4d72d1de49e9df197d04fc998587e26f366b8
81ca29aa991e5c8adb9400890d18cd5d3f4631a6b576213e687a8c954930fd18
869ec9496f3722236c9dfce71d8ab29b6ef7514c23db62db9e551136ebeda9ab
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
a76eb080cfcded020ab0e7e2ba113515b593bd7663ab8a7a80fd89d3ef4f227d
a78993e0a66057d523122f4fcecbb681c566e5281ef2897a3d9939498705566e
b89810213f8f6a2bd9759046f5af8c64d9a5bc60187e21ac9703fa7b351f11bd
bcc3f8543700811e069b7f27f0103b41973560b91fa00915f62903d5d1122980
eda166ea45292661b25df1f0f54777fd3ac0f995da45ea679846dc71a8b5b977

auth.oclock.school Open in urlscan Pro 15.188.165.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

94 kBTransfer

111 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

auth.oclock.school Open in urlscan Pro
15.188.165.117 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

94 kB
Transfer

111 kB
Size

3
Cookies

11 HTTP transactions
0 data transactions