telekom.auth.ws
185.53.179.128 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
http://telekom.auth.ws/ 7mo old
Submission: On May 10 via api (May 10th 2026, 12:48:52 pm UTC) from US — Scanned from IL

Summary HTTP 24 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 6 countries across 11 domains to perform 24 HTTP transactions. The main IP is 185.53.179.128, located in Germany and belongs to TEAMINTERNET-CA-AS Team Internet AG, DE. The main domain is telekom.auth.ws. 7mo old

This is the only time telekom.auth.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	185.53.179.128 185.53.179.128	206834 (TEAMINTER...) (TEAMINTERNET-CA-AS Team Internet AG)
1	99.84.152.4 99.84.152.4	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.16.239.120 104.16.239.120	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	208.91.196.46 208.91.196.46	40034 (CONFLUENC...) (CONFLUENCE-NETWORK-INC - Confluence Networks Inc)
4	54.75.69.192 54.75.69.192	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	104.21.11.124 104.21.11.124	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	150.171.109.193 150.171.109.193	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	180.222.119.247 180.222.119.247	10230 (YAHOO-SG ...) (YAHOO-SG internet content provider)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.16.79.73 104.16.79.73	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
24	12

3 185.53.179.128 (Germany)

ASN206834 (TEAMINTERNET-CA-AS Team Internet AG, DE)

telekom.auth.ws 7mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 99.84.152.4 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-99-84-152-4.fra56.r.cloudfront.net

euob.northwavepoint.com 2mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.16.239.120 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.dynadot.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 208.91.196.46 (Virgin Islands (British))

ASN40034 (CONFLUENCE-NETWORK-INC - Confluence Networks Inc, VG)

yfdpco4.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 54.75.69.192 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-75-69-192.eu-west-1.compute.amazonaws.com

obseu.northwavepoint.com 2mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 188.114.97.3 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

l.cdn-fileserver.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
s.cdn-fileserver.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 104.21.11.124 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

realtimesearchresults.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 150.171.109.193 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

scripts.clarity.ms 10mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
msadsscale.microsoft.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 180.222.119.247 (Tokyo, Japan)

ASN10230 (YAHOO-SG internet content provider, SG)
PTR: e1-bmr.ycpi.vip.jpa.yahoo.com

s.yimg.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 188.114.96.3 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

s.cdn-fileserver.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.16.79.73 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

static.cloudflareinsights.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
6	cdn-fileserver.com l.cdn-fileserver.com — Cisco Umbrella Rank: 86185 1yr old s.cdn-fileserver.com — Cisco Umbrella Rank: 113769 1yr old	45 KB
5	northwavepoint.com euob.northwavepoint.com — Cisco Umbrella Rank: 142823 2mo old obseu.northwavepoint.com — Cisco Umbrella Rank: 121466 2mo old	51 KB
3	auth.ws telekom.auth.ws 7mo old	5 KB
2	realtimesearchresults.com realtimesearchresults.com — Cisco Umbrella Rank: 244134 1yr old	28 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 302 7yr old	11 KB
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 1064 13yr old	8 KB
1	microsoft.com msadsscale.microsoft.com — Cisco Umbrella Rank: 14419 1yr old	23 KB
1	clarity.ms scripts.clarity.ms — Cisco Umbrella Rank: 609 10mo old	26 KB
1	yfdpco4.com yfdpco4.com — Cisco Umbrella Rank: 389553 1yr old	4 KB
1	dynadot.com www.dynadot.com — Cisco Umbrella Rank: 474258 13yr old	4 KB
0	Failed function sub() { [native code] }. Failed
24	11

	Domain	Requested by
4	obseu.northwavepoint.com	euob.northwavepoint.com telekom.auth.ws
3	s.cdn-fileserver.com	realtimesearchresults.com
3	l.cdn-fileserver.com	yfdpco4.com realtimesearchresults.com
3	telekom.auth.ws	telekom.auth.ws
2	realtimesearchresults.com	yfdpco4.com static.cloudflareinsights.com
1	static.cloudflareinsights.com	realtimesearchresults.com
1	s.yimg.com	yfdpco4.com
1	msadsscale.microsoft.com	yfdpco4.com
1	scripts.clarity.ms	yfdpco4.com
1	yfdpco4.com	telekom.auth.ws
1	www.dynadot.com	telekom.auth.ws
1	euob.northwavepoint.com	telekom.auth.ws
0	invalid Failed	euob.northwavepoint.com
24	13

This site contains links to these domains. Also see Links.

Domain
www.dynadot.com
skenzo.com

Subject Issuer	Validity	Valid
*.northwavepoint.com Amazon RSA 2048 M04	`2026-01-29` - `2027-02-27`	1yr	crt.sh
dynadot.com WE1	`2026-03-12` - `2026-06-10`	3mo	crt.sh
cdn-fileserver.com WE1	`2026-03-28` - `2026-06-26`	3mo	crt.sh
realtimesearchresults.com E8	`2026-05-06` - `2026-08-04`	3mo	crt.sh
scripts.clarity.ms GeoTrust TLS RSA CA G1	`2026-05-05` - `2026-11-05`	6mo	crt.sh
msadsscale.microsoft.com GeoTrust TLS RSA CA G1	`2025-12-21` - `2026-06-21`	6mo	crt.sh
*.www.yahoo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2026-04-06` - `2026-05-27`	2mo	crt.sh
cloudflareinsights.com WE1	`2026-04-17` - `2026-07-16`	3mo	crt.sh

This page contains 3 frames:

Primary Page: http://telekom.auth.ws/
Frame ID: 39A903309B06EAEF174FD623B473CB7A
Requests: 11 HTTP requests in this frame

Frame: http://yfdpco4.com/sk-park.php?pid=9PO15V947&dn=auth.ws&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F148.0.0.0+Safari%2F537.36&requrl=http%3A%2F%2Ftelekom.auth.ws%2F&al=he-IL%2Che%3Bq%3D0.9
Frame ID: F0B62727F00F738F4664BC69327DABC8
Requests: 2 HTTP requests in this frame

Frame: https://realtimesearchresults.com/sr/754870121/SAFEFRAME.html?ule=837&%214h=&%21PcGP=&%21bP=&%21bPj0=&%21h=_&-P6c=_&-P6cJxFT=&35cp=&3P=&4%21pz5bP=j0&46%28C=&4JT=qdGh4pC-w%2Fs2dwcxSd4tc%2FxSS2cC4dt4ps-&4PEi4bx=&4PT0=&4PTm=&4Pj=&5F76=_&5zFT6=_&6bP=&7TT6F=m&C-P=S&CF6hxp=_&EbP=44_J24WHR1_W_RS~1mR%21yWWRWyJS~yhhp_Pp&Ez4p=Exh&F%21PcGP=&FFzP=%7B%22FFJJ%22%3A%22GO%22%2C%22FFJTa%22%3A%22Thz+4jbj%22%2C%22FFb6%22%3A%22%22%2C%22FFFJ%22%3A%22Ls%22%2C%22FFXb6%22%3A%22%22%7D&FJ=Ls&FbXh=mmWSryH~&J7xi0=EFjSZbxTJ&J7xi2=~qDmWU~S1&JJ=GO&JPj=D2m0W&JT6bP=&JbP=H%28ky_12fI&JcbP=HSHWmW_~y&PhJiii=&Picp=m&TFJh=Om00W&Y%21bP=&a%21xZJJZhr6=&a6z6=&aPF6c=&bFbP=_&bxTJz=RhHe%3Ap~lnbCnCb9nN9%7CHVeYQ1Weo%3A.ke&chtCcz=7TT6%3A%2F%2F4CT7n5F&hJcbP=&htmlsrc=1&iF64=_&jb=m11HSm1221m11SSmmHH&kkdd=u%2A%7C%21%7C9uAHh3W%2An&pF=&tpid=&xTj=&xihcc=m&z0Ta6h=PiEz4&eobd=&eoac=RvYbkNvbY&ure=1
Frame ID: 7AE0BF9E02F022972F3F986CFCBBA97D
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

auth.ws

Page URL History Show full URLs

http://telekom.auth.ws/ HTTP 307
https://telekom.auth.ws/ HTTP 307
http://telekom.auth.ws/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

24
Requests

75 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

12
IPs

6
Countries

204 kB
Transfer

301 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dynadot.com/

Search URL Search Domain Scan URL

URL: https://skenzo.com/sk-privacy.php
Title: Privacy policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://telekom.auth.ws/ HTTP 307
https://telekom.auth.ws/ HTTP 307
http://telekom.auth.ws/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
telekom.auth.ws/
Redirect Chain

http://telekom.auth.ws/
https://telekom.auth.ws/
http://telekom.auth.ws/

11 KB
5 KB

262ms
261ms

Document
text/html

185.53.179.128
TEAMINTERNET-CA-A...

General

Domain/Path	Expires	Name / Value
.auth.ws/	1970-01-21 16:11:41	Name: _cq_duid Value: 1.1778417336.6GjjGn7T5YdTO6NB
.auth.ws/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1778417336.aBEK1yexwK1Ylr2k
.auth.ws/	1970-01-21 23:36:17	Name: _cq_session Value: 1.1778417336949.moxzEtb4dSACWJeF.1778417336949
obseu.northwavepoint.com/	1970-01-21 22:04:07	Name: cg_uuid Value: 51342f26712c220c5ae12f83c3edbfa6
.realtimesearchresults.com/	1970-01-21 22:45:53	Name: visitor-id Value: 4214189376905896000V10

Source	Level	URL Text
rendering	warning	URL: http://telekom.auth.ws/ Message: [GroupMarkerNotSet(crbug.com/242999)!:32DC137480A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
worker	warning	URL: http://telekom.auth.ws/ Message: [GroupMarkerNotSet(crbug.com/242999)!:32DC1374E0A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.

telekom.auth.ws 185.53.179.128 Public Scan Open in urlscan Pro

Internal

Effective Hostname

Submitted URL

Effective IP

Summary

urlscan.io Verdict: No classification

Domain & IP information

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

75 %HTTPS

0 %IPv6

11 Domains

13 Subdomains

12 IPs

6 Countries

204 kBTransfer

301 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

telekom.auth.ws
185.53.179.128 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

24
Requests

75 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

12
IPs

6
Countries

204 kB
Transfer

301 kB
Size

5
Cookies

24 HTTP transactions
1 data transactions