login.authserv.me - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 5 HTTP transactions. The main IP is 134.255.226.247, located in Frankfurt am Main, Germany and belongs to ACTIVE-SERVERS active-servers.com, DE. The main domain is login.authserv.me.
TLS certificate: Issued by R3 on October 1st 2023. Valid for: 3 months.

This is the only time login.authserv.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	109.230.254.230 109.230.254.230	197071 (ACTIVE-SE...) (ACTIVE-SERVERS active-servers.com)
2 7	134.255.226.247 134.255.226.247	197071 (ACTIVE-SE...) (ACTIVE-SERVERS active-servers.com)
5	1

2 109.230.254.230 (Germany) 2 redirects

ASN197071 (ACTIVE-SERVERS active-servers.com, DE)
PTR: node1.roessner-net.de

mymail.zip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
oauth.authserv.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 134.255.226.247 (Frankfurt am Main, Germany) 2 redirects

ASN197071 (ACTIVE-SERVERS active-servers.com, DE)
PTR: mx.roessner-net.de

login.authserv.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	authserv.me 3 redirects oauth.authserv.me login.authserv.me	52 KB
1	mymail.zip 1 redirects mymail.zip	656 B
5	2

	Domain	Requested by
7	login.authserv.me	2 redirects login.authserv.me
1	oauth.authserv.me	1 redirects
1	mymail.zip	1 redirects
5	3

This site contains links to these domains. Also see Links.

Domain
roessner-network-solutions.com

Subject Issuer	Validity	Valid
login.authserv.me R3	`2023-10-01` - `2023-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.authserv.me/login/en?login_challenge=75488567f50f4f4ca9a5da5da85d25bf
Frame ID: D52CD79984884A25298622F2FE8DBDB6
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

http://mymail.zip/ HTTP 307
https://mymail.zip/ HTTP 302
https://oauth.authserv.me:4444/oauth2/auth?response_type=code&client_id=2fc4335f-c120-4360-aef6-7ac9bec9fae... HTTP 302
https://login.authserv.me/login?login_challenge=75488567f50f4f4ca9a5da5da85d25bf HTTP 301
https://login.authserv.me/login/?login_challenge=75488567f50f4f4ca9a5da5da85d25bf HTTP 302
https://login.authserv.me/login/en?login_challenge=75488567f50f4f4ca9a5da5da85d25bf Page URL

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

1
IPs

1
Countries

51 kB
Transfer

50 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://roessner-network-solutions.com/anwendungen/
Title: Get further information about this application...

Search URL Search Domain Scan URL

URL: https://roessner-network-solutions.com/kontakt/datenschutz/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://roessner-network-solutions.com/kontakt/impressum/
Title: Terms of service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mymail.zip/ HTTP 307
https://mymail.zip/ HTTP 302
https://oauth.authserv.me:4444/oauth2/auth?response_type=code&client_id=2fc4335f-c120-4360-aef6-7ac9bec9faea&scope=openid+offline_access+profile+email+dovecot&redirect_uri=https%3A%2F%2Fmymail.zip%2Findex.php%2Flogin%2Foauth&state=ON4r2oEXtvrR&nonce=755845906 HTTP 302
https://login.authserv.me/login?login_challenge=75488567f50f4f4ca9a5da5da85d25bf HTTP 301
https://login.authserv.me/login/?login_challenge=75488567f50f4f4ca9a5da5da85d25bf HTTP 302
https://login.authserv.me/login/en?login_challenge=75488567f50f4f4ca9a5da5da85d25bf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request en Show response
login.authserv.me/login/
Redirect Chain

http://mymail.zip/
https://mymail.zip/
https://oauth.authserv.me:4444/oauth2/auth?response_type=code&client_id=2fc4335f-c120-4360-aef6-7ac9bec9faea&scope=openid+offline_access+profile+email+dovecot&redirect_uri=https%3A%2F%2Fmymail.zip%...
https://login.authserv.me/login?login_challenge=75488567f50f4f4ca9a5da5da85d25bf
https://login.authserv.me/login/?login_challenge=75488567f50f4f4ca9a5da5da85d25bf
https://login.authserv.me/login/en?login_challenge=75488567f50f4f4ca9a5da5da85d25bf

3 KB
4 KB

74ms
73ms

Document
text/html

134.255.226.247
ACTIVE-SERVERS ac...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.authserv.me/login/en?login_challenge=75488567f50f4f4ca9a5da5da85d25bf

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

134.255.226.247 Frankfurt am Main, Germany, ASN197071 (ACTIVE-SERVERS active-servers.com, DE),

Reverse DNS

mx.roessner-net.de

Software

/

Resource Hash

6e569b85dccae466102894e345986cc9ef706fbf19235e3f17bf20276ba562a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 3580
content-type: text/html; charset=utf-8
date: Thu, 30 Nov 2023 08:01:30 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
vary: Cookie

Redirect headers

content-length: 3653
content-type: text/html; charset=utf-8
date: Thu, 30 Nov 2023 08:01:30 GMT
location: /login/en?login_challenge=75488567f50f4f4ca9a5da5da85d25bf
strict-transport-security: max-age=16000000; includeSubDomains; preload;
vary: Cookie

GET
H2 200 style.css
login.authserv.me/static/css/ 5 KB
5 KB 74ms
73ms Stylesheet
text/css 134.255.226.247
ACTIVE-SERVERS ac...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.authserv.me/static/css/style.css

Requested by

Host: login.authserv.me
URL: https://login.authserv.me/login/en?login_challenge=75488567f50f4f4ca9a5da5da85d25bf

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

134.255.226.247 Frankfurt am Main, Germany, ASN197071 (ACTIVE-SERVERS active-servers.com, DE),

Reverse DNS

mx.roessner-net.de

Software

/

Resource Hash

f6bec91e87df49b7766e7397a2ede4a657acf5526c5ba781e9e28b3847a2f1da

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://login.authserv.me/login/en?login_challenge=75488567f50f4f4ca9a5da5da85d25bf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 08:01:30 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
last-modified: Wed, 29 Nov 2023 13:11:05 GMT
accept-ranges: bytes
content-length: 4837
content-type: text/css; charset=utf-8

GET
H2 200 logo.png
login.authserv.me/static/img/ 25 KB
25 KB 71ms
70ms Image
image/png 134.255.226.247
ACTIVE-SERVERS ac...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.authserv.me/static/img/logo.png

Requested by

Host: login.authserv.me
URL: https://login.authserv.me/login/en?login_challenge=75488567f50f4f4ca9a5da5da85d25bf

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

134.255.226.247 Frankfurt am Main, Germany, ASN197071 (ACTIVE-SERVERS active-servers.com, DE),

Reverse DNS

mx.roessner-net.de

Software

/

Resource Hash

a757ce23b55a333708ef2e5cde0d96daa9baaecb951f5fddf59c2888917d5b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://login.authserv.me/login/en?login_challenge=75488567f50f4f4ca9a5da5da85d25bf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 08:01:30 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
last-modified: Wed, 29 Nov 2023 13:11:05 GMT
accept-ranges: bytes
content-length: 25615
content-type: image/png

GET
H2 200 main.js Show response
login.authserv.me/static/js/login/ 1 KB
1 KB 72ms
72ms Script
text/javascript 134.255.226.247
ACTIVE-SERVERS ac...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.authserv.me/static/js/login/main.js

Requested by

Host: login.authserv.me
URL: https://login.authserv.me/login/en?login_challenge=75488567f50f4f4ca9a5da5da85d25bf

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

134.255.226.247 Frankfurt am Main, Germany, ASN197071 (ACTIVE-SERVERS active-servers.com, DE),

Reverse DNS

mx.roessner-net.de

Software

/

Resource Hash

ac346c706b964d773626d669e1505bcc4a5dd41e2adb331e365d8525d06ba5e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://login.authserv.me/login/en?login_challenge=75488567f50f4f4ca9a5da5da85d25bf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 08:01:30 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
last-modified: Wed, 29 Nov 2023 13:11:05 GMT
accept-ranges: bytes
content-length: 1061
content-type: text/javascript; charset=utf-8

GET
H2 200 Raleway.woff2
login.authserv.me/static/fonts/ 16 KB
16 KB 34ms
34ms Font
font/woff2 134.255.226.247
ACTIVE-SERVERS ac...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.authserv.me/static/fonts/Raleway.woff2

Requested by

Host: login.authserv.me
URL: https://login.authserv.me/static/css/style.css

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

134.255.226.247 Frankfurt am Main, Germany, ASN197071 (ACTIVE-SERVERS active-servers.com, DE),

Reverse DNS

mx.roessner-net.de

Software

/

Resource Hash

3ab508a80596607de17f5f10ce14bbffa8e6e1961a79ca0dbd8f90060e91aa61

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Referer: https://login.authserv.me/static/css/style.css
Origin: https://login.authserv.me
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 08:01:30 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
last-modified: Wed, 29 Nov 2023 13:11:05 GMT
accept-ranges: bytes
content-length: 16224
content-type: font/woff2

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.authserv.me/login	1970-01-21 01:21:07	Name: csrf_token Value: 0FYAakhPDJ+qcJEFzV5DXeCJgFaDjiOaEJ5kgcf2jeE=
mymail.zip/	1969-12-31 23:59:59	Name: roundcube_sessid Value: 854c968a381a5b81e31ba9c1bff7e382
oauth.authserv.me/	1970-01-20 16:35:33	Name: ory_hydra_login_csrf_433476581 Value: MTcwMTMzMTI4OXxLa2p5VTNmNnlPaEdSdDNjS0d5cGpnSEEtZWZUTXRCYmRRMTJyMF9HalJxcXRGdmxiLTFrTWdGZWF2MDJMa29hUG9ldnFsV19UQUpBdnBwTnNYdnRKaGIyWkd4bFdiRk1XSlRRbERPanlOclpmZm1tQzJaRWxTR2FDR0oxNXc9PXyp8JkSsaq_WtLjd2j8IUQ9aHMTpB_1d6oj_FFJv71Feg==
login.authserv.me/	1969-12-31 23:59:59	Name: server_used Value: 3858d3fc9bdf46ea
login.authserv.me/	1969-12-31 23:59:59	Name: Nauthilus_session Value: MTcwMTMzMTI5MHxIbnp3bEcxaE1RbExjb1AtYUotSTR6WVRYazVzMmo2Tk9vZFFlQzJ0S0IxelJfS0huMmlobVhpUDgtNlpGUFhCM0UwQkdoSDZ0NVFPVDhUVlpjRnJ8W6dhTcXNWp0PvT_L-VIhi8ewuWn-j3E8Ioa-juq1JTM=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.authserv.me
mymail.zip
oauth.authserv.me
109.230.254.230
134.255.226.247
3ab508a80596607de17f5f10ce14bbffa8e6e1961a79ca0dbd8f90060e91aa61
6e569b85dccae466102894e345986cc9ef706fbf19235e3f17bf20276ba562a6
a757ce23b55a333708ef2e5cde0d96daa9baaecb951f5fddf59c2888917d5b3b
ac346c706b964d773626d669e1505bcc4a5dd41e2adb331e365d8525d06ba5e1
f6bec91e87df49b7766e7397a2ede4a657acf5526c5ba781e9e28b3847a2f1da

login.authserv.me Open in urlscan Pro 134.255.226.247 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

1 IPs

1 Countries

51 kBTransfer

50 kBSize

5 Cookies

3 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

login.authserv.me Open in urlscan Pro
134.255.226.247 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

1
IPs

1
Countries

51 kB
Transfer

50 kB
Size

5
Cookies

5 HTTP transactions
0 data transactions