auth.avl.com
Open in
urlscan Pro
192.102.17.59
Public Scan
Effective URL: https://auth.avl.com/login/?realm=/user&spEntityID=https://securemail.avl.com/webmailSAML&service=avlnormalauth&goto=...
Submission: On November 29 via manual from AT — Scanned from AT
Summary
TLS certificate: Issued by Thawte RSA CA 2018 on December 5th 2022. Valid for: a year.
This is the only time auth.avl.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 192.102.17.80 192.102.17.80 | 8447 (A1TELEKOM...) (A1TELEKOM-AT A1 Telekom Austria AG) | |
2 20 | 192.102.17.59 192.102.17.59 | 8447 (A1TELEKOM...) (A1TELEKOM-AT A1 Telekom Austria AG) | |
18 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
avl.com
3 redirects
securemail.avl.com auth.avl.com — Cisco Umbrella Rank: 943064 |
676 KB |
18 | 1 |
Domain | Requested by | |
---|---|---|
20 | auth.avl.com |
2 redirects
auth.avl.com
|
1 | securemail.avl.com | 1 redirects |
18 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.avl.com |
www.linkedin.com |
www.facebook.com |
twitter.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.avl.com Thawte RSA CA 2018 |
2022-12-05 - 2024-01-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth.avl.com/login/?realm=/user&spEntityID=https://securemail.avl.com/webmailSAML&service=avlnormalauth&goto=https://auth.avl.com:443/auth/saml2/continue/metaAlias/user/idp?secondVisitUrl%3D/auth/SSORedirect/metaAlias/user/idp?ReqID%253D_6215aa1189b90671d6d0bc41646886b7&AMAuthCookie=
Frame ID: D9344045E1A41486139DCADC8D718E2E
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
AVL LoginPage URL History Show full URLs
-
https://securemail.avl.com/responsiveUI/ServiceHandler?service=webSSOProvider&IdpId=5_2&RelayState=%2Fr...
HTTP 302
https://auth.avl.com/openam/SSORedirect/metaAlias/idp?SAMLRequest=fVLRjtowEPwVy%2B8kOOQCWARED50O6... Page URL
-
https://auth.avl.com/auth/UI/Login?realm=/user&spEntityID=https://securemail.avl.com/webmailSAML&...
HTTP 302
https://auth.avl.com/auth/XUI/?realm=/user&spEntityID=https://securemail.avl.com/webmailSAML&serv... HTTP 302
https://auth.avl.com/login/?realm=/user&spEntityID=https://securemail.avl.com/webmailSAML&service... Page URL
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Forgot password?
Search URL Search Domain Scan URL
Title: Problem logging-in?
Search URL Search Domain Scan URL
Title: No AVL Account? Create one now.
Search URL Search Domain Scan URL
Title: Legal Information
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Imprint
Search URL Search Domain Scan URL
Title: Hotlines
Search URL Search Domain Scan URL
Title: © AVL 2023
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://securemail.avl.com/responsiveUI/ServiceHandler?service=webSSOProvider&IdpId=5_2&RelayState=%2FresponsiveUI%2Fwebmail%2FmailFolder.xhtml
HTTP 302
https://auth.avl.com/openam/SSORedirect/metaAlias/idp?SAMLRequest=fVLRjtowEPwVy%2B8kOOQCWARED50O6dpLCfShL5XjLD1Ljp16Ha79%2B5oAV3rS8ej1zuzszM4WvxtNDuBQWZNTFg0pASNtrczPnO62D4MJXcxnKBqdtHzZ%2BRezgV8doCcBaJCffnLaOcOtQIXciAaQe8nL5ecnnkRD3jrrrbSakiUiOB9G3VuDXQOuBHdQEnabp5y%2BeN8ij2ME2TlohNKROOhI2iZ2gG1AqAPs1vEZ8yhMrcEt8PTMxXtuSlZBpzLC97td6EVY4kLM03QU2xaC5rgsnzdQKwfSxw14sdRKYKzqlpIH6yT0y%2BfUuw4oWa9y%2BiNL2J0QjE2m1XSYjVmd1cNKpixLs8kkq8ahDYsgK8jO6V5oPAIRO1gb9ML4nCbDZDRgbJBMtyzlyZTfjSI2Hn%2BnpDh79kmZUxa3DK5OTcgft9tiUDyXW0q%2BXTINDfScIO%2Bnu%2BvobhO%2FeUrnN9J5her4PqJm8fWgt8P5EpjXq8JqJf%2BQpdb29d6B8P9sCQ43wn8shkWsr6h6sO9beWewBan2CmpKyuI44Wsn9LHgbt7SlVoaz8%2BC%2F7%2Ft%2BV8%3D&RelayState=%2FresponsiveUI%2Fwebmail%2FmailFolder.xhtml&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=LOC0TXGH929VJgMf0uiq5xwRpaQ9rKpuwn2ac%2FfUA6XpxK3%2FxhzypIGUFQLN9LJv4I98UWxeLgEd3faZqZIb8FtyIPhhoxT6OoDrzn9DymogkHFb%2FdE30jMs8uBK4HzXVX0uupU1ZGh46YqJnCoxB%2BcSbbULQBlWlntOcOvpzzX5qvxeqtTa8kkZmriZiPThf5%2F0ehridn0kKhfUDiQQktbXyp0v0Xnxv74%2F%2Fgxqnviv%2F%2BzT%2FIoLRZRMAd1RTjdE9aHQJvwtRJ4VpzH%2B1lX6GIL27OiscvI2K8AkVLbRPAxfsARhK01krovLkc8HJmi0tJpCDdFbRrpRBowc6dUNIg%3D%3D Page URL
-
https://auth.avl.com/auth/UI/Login?realm=/user&spEntityID=https://securemail.avl.com/webmailSAML&service=avlnormalauth&goto=https://auth.avl.com:443/auth/saml2/continue/metaAlias/user/idp?secondVisitUrl%3D/auth/SSORedirect/metaAlias/user/idp?ReqID%253D_6215aa1189b90671d6d0bc41646886b7&AMAuthCookie=
HTTP 302
https://auth.avl.com/auth/XUI/?realm=/user&spEntityID=https://securemail.avl.com/webmailSAML&service=avlnormalauth&goto=https://auth.avl.com:443/auth/saml2/continue/metaAlias/user/idp?secondVisitUrl%3D/auth/SSORedirect/metaAlias/user/idp?ReqID%253D_6215aa1189b90671d6d0bc41646886b7&AMAuthCookie= HTTP 302
https://auth.avl.com/login/?realm=/user&spEntityID=https://securemail.avl.com/webmailSAML&service=avlnormalauth&goto=https://auth.avl.com:443/auth/saml2/continue/metaAlias/user/idp?secondVisitUrl%3D/auth/SSORedirect/metaAlias/user/idp?ReqID%253D_6215aa1189b90671d6d0bc41646886b7&AMAuthCookie= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://securemail.avl.com/responsiveUI/ServiceHandler?service=webSSOProvider&IdpId=5_2&RelayState=%2FresponsiveUI%2Fwebmail%2FmailFolder.xhtml HTTP 302
- https://auth.avl.com/openam/SSORedirect/metaAlias/idp?SAMLRequest=fVLRjtowEPwVy%2B8kOOQCWARED50O6dpLCfShL5XjLD1Ljp16Ha79%2B5oAV3rS8ej1zuzszM4WvxtNDuBQWZNTFg0pASNtrczPnO62D4MJXcxnKBqdtHzZ%2BRezgV8doCcBaJCffnLaOcOtQIXciAaQe8nL5ecnnkRD3jrrrbSakiUiOB9G3VuDXQOuBHdQEnabp5y%2BeN8ij2ME2TlohNKROOhI2iZ2gG1AqAPs1vEZ8yhMrcEt8PTMxXtuSlZBpzLC97td6EVY4kLM03QU2xaC5rgsnzdQKwfSxw14sdRKYKzqlpIH6yT0y%2BfUuw4oWa9y%2BiNL2J0QjE2m1XSYjVmd1cNKpixLs8kkq8ahDYsgK8jO6V5oPAIRO1gb9ML4nCbDZDRgbJBMtyzlyZTfjSI2Hn%2BnpDh79kmZUxa3DK5OTcgft9tiUDyXW0q%2BXTINDfScIO%2Bnu%2BvobhO%2FeUrnN9J5her4PqJm8fWgt8P5EpjXq8JqJf%2BQpdb29d6B8P9sCQ43wn8shkWsr6h6sO9beWewBan2CmpKyuI44Wsn9LHgbt7SlVoaz8%2BC%2F7%2Ft%2BV8%3D&RelayState=%2FresponsiveUI%2Fwebmail%2FmailFolder.xhtml&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=LOC0TXGH929VJgMf0uiq5xwRpaQ9rKpuwn2ac%2FfUA6XpxK3%2FxhzypIGUFQLN9LJv4I98UWxeLgEd3faZqZIb8FtyIPhhoxT6OoDrzn9DymogkHFb%2FdE30jMs8uBK4HzXVX0uupU1ZGh46YqJnCoxB%2BcSbbULQBlWlntOcOvpzzX5qvxeqtTa8kkZmriZiPThf5%2F0ehridn0kKhfUDiQQktbXyp0v0Xnxv74%2F%2Fgxqnviv%2F%2BzT%2FIoLRZRMAd1RTjdE9aHQJvwtRJ4VpzH%2B1lX6GIL27OiscvI2K8AkVLbRPAxfsARhK01krovLkc8HJmi0tJpCDdFbRrpRBowc6dUNIg%3D%3D
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
idp
auth.avl.com/openam/SSORedirect/metaAlias/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saml2-write.js
auth.avl.com/auth/js/ |
839 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
auth.avl.com/login/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chunk-vendors.017143c9.js
auth.avl.com/login/assets/js/ |
344 KB 345 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.26c99143.js
auth.avl.com/login/assets/js/ |
44 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.347f67d7.css
auth.avl.com/login/assets/css/ |
60 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.json
auth.avl.com/login/ |
686 B 968 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
authenticate
auth.avl.com/auth/json/realms/root/realms/user/ |
3 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.json
auth.avl.com/login/ |
686 B 968 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.json
auth.avl.com/login/ |
686 B 968 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
linkedin.873733ba.svg
auth.avl.com/login/assets/img/ |
648 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebook.a6659f67.svg
auth.avl.com/login/assets/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
twitter.f3619a0f.svg
auth.avl.com/login/assets/img/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
youtube.f78bb7f4.svg
auth.avl.com/login/assets/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HKGrotesk-Bold.16f484db.ttf
auth.avl.com/login/assets/fonts/ |
79 KB 79 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HKGrotesk-Regular.10c49725.ttf
auth.avl.com/login/assets/fonts/ |
79 KB 79 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HKGrotesk-Medium.1c552991.ttf
auth.avl.com/login/assets/fonts/ |
80 KB 81 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.json
auth.avl.com/login/ |
686 B 968 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture undefined| color function| getCookie object| webpackChunkc106_login function| clearImmediate function| setImmediate7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
securemail.avl.com/responsiveUI | Name: JSESSIONID Value: 668EAD0CEB7EE77ECC5F198D52F48604 |
|
auth.avl.com/auth | Name: JSESSIONID Value: 62FC30DDA32067E754434F7D8F086C9C |
|
securemail.avl.com/ | Name: NSC_wtsw_mc_uun_ttm Value: ffffffff0905f95045525d5f4f58455e445a4a42378b |
|
auth.avl.com/ | Name: INGRESSCOOKIE Value: 1701268194.427.33.773630|7ec3287133b6127e1ec8990d4ae7b6ac |
|
.avl.com/ | Name: lbcookie Value: 01 |
|
auth.avl.com/ | Name: uule Value: wKgHtGVnSuF5+AAhA4mMAg== |
|
auth.avl.com/ | Name: i18next Value: en |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' https://*.avl.com:* https://*.dispatcher.hana.ondemand.com:* https://*.e1-solutions.com:* https://*.avl.zone:* |
Strict-Transport-Security | max-age=15552000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.avl.com
securemail.avl.com
192.102.17.59
192.102.17.80
1727e30757f95212614d8c9d284c0efb81cddc04155331369ac3e50cc32bd2d4
321df9ddc17f1fbeb9d7ef1065b988466168935fa584009f91a158f16207a225
3611c929bcf4c96e34b5ebf904b6105007114fcc2ebb7616d48a3782c02b10d6
4831356d19955d8173172d5655465a9aa7b4cef89e3de65570dfbcf1465a7c62
6220e57ea9c35cae6b4a3ec4ec4b889df6be15926a0e21ab66725b85f12c46cf
6b50b325f06212109f2e0528859d34d90ecbe4364e7c16642e6063134247cbf3
98b7ca9d70af7b3e882cd8c00e3aa999cf32658d50635548e60d4e9433f86fbd
a5bacb2c61547bb524c18b530c45465266d2f92ac9d4b1cef21cf6447ebacadd
c2164a7fe5bcbc92c4e3b8eb4ceb63ccafa504b828232b7f827ba18acf6f162e
e020b87058012c7680692f28d8a22a220c5e49f8ee117bea826f1a6de1aa9aaa
e82ecc52caa5c989104b237fa265d207a9cb5a8fc4df7e6bed19100660d3403e
e9dfae2c94fcb3e5b3bcde2b18b65bd7ed75da976a6a6697922109c05e687484
f37eef0bc8dbd8753b88f381e543586fd002fdbe7268c482066f32bb0c006ca0
fbdab9ab9552605703469b9c5179166623772738823af8830e5d9ed875ee47c6