auth.mainframe.zone Open in urlscan Pro
52.57.92.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://account.playpaxdei.com/
Effective URL:
https://auth.mainframe.zone/realms/paxdei/protocol/openid-connect/auth?client_id=account&redirect_uri=https%3A%2F%2Faccount....
Submission: On February 25 via automatic, source certstream-suspicious (February 25th 2023, 12:37:31 am UTC) — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 20 HTTP transactions. The main IP is 52.57.92.160, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is auth.mainframe.zone.
TLS certificate: Issued by Amazon RSA 2048 M01 on January 26th 2023. Valid for: a year.

This is the only time auth.mainframe.zone was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	143.204.215.92 143.204.215.92	16509 (AMAZON-02) (AMAZON-02)
17	52.57.92.160 52.57.92.160	16509 (AMAZON-02) (AMAZON-02)
20	2

3 143.204.215.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-92.fra53.r.cloudfront.net

account.playpaxdei.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 52.57.92.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

auth.mainframe.zone	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	mainframe.zone auth.mainframe.zone	748 KB
3	playpaxdei.com account.playpaxdei.com	246 KB
20	2

	Domain	Requested by
17	auth.mainframe.zone	account.playpaxdei.com auth.mainframe.zone
3	account.playpaxdei.com	account.playpaxdei.com
20	2

This site contains no links.

Subject Issuer	Validity	Valid
account.eu-central-1.production.mainframe.zone Amazon RSA 2048 M02	`2023-02-24` - `2024-03-24`	a year	crt.sh
eu-central-1.auth.mainframe.zone Amazon RSA 2048 M01	`2023-01-26` - `2024-02-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://auth.mainframe.zone/realms/paxdei/protocol/openid-connect/auth?client_id=account&redirect_uri=https%3A%2F%2Faccount.playpaxdei.com%2F&state=9c6d8689-67c9-4b0c-8799-ac289d475762&response_mode=fragment&response_type=code&scope=openid&nonce=b19367fc-2138-4c71-9a2a-c826e3654043
Frame ID: D90608A7029493993C008D9092D8373A
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to Pax Dei

Page URL History Show full URLs

https://account.playpaxdei.com/ Page URL
https://auth.mainframe.zone/realms/paxdei/protocol/openid-connect/auth?client_id=account&redirect_uri=ht... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

994 kB
Transfer

4601 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://account.playpaxdei.com/ Page URL
https://auth.mainframe.zone/realms/paxdei/protocol/openid-connect/auth?client_id=account&redirect_uri=https%3A%2F%2Faccount.playpaxdei.com%2F&state=9c6d8689-67c9-4b0c-8799-ac289d475762&response_mode=fragment&response_type=code&scope=openid&nonce=b19367fc-2138-4c71-9a2a-c826e3654043 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
account.playpaxdei.com/ 456 B
684 B 214ms
37ms Document
text/html 143.204.215.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.playpaxdei.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-92.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a461781feeb79d950779a9039fd02c3f8a810a044524c7c1a81ef68305c449a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 219
content-encoding: gzip
content-length: 298
content-type: text/html; charset=UTF-8
date: Sat, 25 Feb 2023 00:33:47 GMT
etag: "3e0d452f65302908ac1fc08f26b2db76"
last-modified: Fri, 24 Feb 2023 16:45:27 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: trmuctc-hlgwdYif9nU7TNUuMrcYlij92nhElCpzgMNQ4KakOvQA4A==
x-amz-cf-pop: FRA53-C1
x-amz-meta-etag: uMYkpr978/C917x566NVAw==
x-cache: Hit from cloudfront

GET
H2 200 index-aed31832.js
account.playpaxdei.com/assets/ 783 KB
238 KB 95ms
95ms Script
application/javascript 143.204.215.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.playpaxdei.com/assets/index-aed31832.js
Requested by: Host: account.playpaxdei.com
URL: https://account.playpaxdei.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-92.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://account.playpaxdei.com/
Origin: https://account.playpaxdei.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:26 GMT
content-encoding: gzip
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: RefreshHit from cloudfront
content-length: 242928
x-amz-meta-etag: uMYkpr978/C917x566NVAw==
last-modified: Fri, 24 Feb 2023 16:45:27 GMT
server: AmazonS3
etag: "3a3e3eea0fd5f00317007fba65ad2e41"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://account.eu-central-1.production.mainframe.zone
vary: Accept-Encoding
access-control-allow-credentials: true
x-amz-cf-id: LeGDyCY2rTCA_5cZbGF_XSKmvRYHN-rzOGQEDRVQiORSC5Nk1Zav-w==

GET
H2 200 index-64020e74.css
account.playpaxdei.com/assets/ 37 KB
8 KB 71ms
70ms Stylesheet
text/css 143.204.215.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.playpaxdei.com/assets/index-64020e74.css
Requested by: Host: account.playpaxdei.com
URL: https://account.playpaxdei.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-92.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64020e743c8e43a53ed550ce2a12b2d38cda8941838e5a05ebbeab8c37a6bc61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.playpaxdei.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:26 GMT
content-encoding: gzip
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 16:45:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "09abb07308cf2e4ed8e4b9e31f7a447b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css; charset=UTF-8
content-length: 7411
x-amz-cf-id: XrpBefVW-5k0tLLsj-l0PMNESQ0IiqZqXHHyeL9lwuO5IFU0rAWAyg==
x-amz-meta-etag: uMYkpr978/C917x566NVAw==

GET
H2 200 Primary Request auth Show response
auth.mainframe.zone/realms/paxdei/protocol/openid-connect/ 5 KB
6 KB 175ms
43ms Document
text/html 52.57.92.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.mainframe.zone/realms/paxdei/protocol/openid-connect/auth?client_id=account&redirect_uri=https%3A%2F%2Faccount.playpaxdei.com%2F&state=9c6d8689-67c9-4b0c-8799-ac289d475762&response_mode=fragment&response_type=code&scope=openid&nonce=b19367fc-2138-4c71-9a2a-c826e3654043

Requested by

Host: account.playpaxdei.com
URL: https://account.playpaxdei.com/assets/index-aed31832.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.92.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

478de3f2b4ed9b5d30ad498ed9f9f29db63896b4dccfabea252e7a1fe4cfe39e

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.playpaxdei.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, must-revalidate, max-age=0
content-language: en
content-length: 5473
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Sat, 25 Feb 2023 00:37:25 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 base.css
auth.mainframe.zone/resources/t6yo2/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 42 KB
6 KB 105ms
102ms Stylesheet
text/css 52.57.92.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.mainframe.zone/resources/t6yo2/common/keycloak/web_modules/@patternfly/react-core/dist/styles/base.css

Requested by

Host: auth.mainframe.zone
URL: https://auth.mainframe.zone/realms/paxdei/protocol/openid-connect/auth?client_id=account&redirect_uri=https%3A%2F%2Faccount.playpaxdei.com%2F&state=9c6d8689-67c9-4b0c-8799-ac289d475762&response_mode=fragment&response_type=code&scope=openid&nonce=b19367fc-2138-4c71-9a2a-c826e3654043

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.92.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

4891821ebc2db4c531ab849f7ce3231cde07f577c15656d7e0ace02e15f047ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:25 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 6133
x-xss-protection: 1; mode=block

GET
H2 200 app.css
auth.mainframe.zone/resources/t6yo2/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 1 MB
112 KB 41ms
37ms Stylesheet
text/css 52.57.92.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.mainframe.zone/resources/t6yo2/common/keycloak/web_modules/@patternfly/react-core/dist/styles/app.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.92.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6f521cfc1d78fe85b9d9c63f7bfc65474f8f0df4ac786cb3942f6d6451e5fcb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:25 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H2 200 patternfly.min.css
auth.mainframe.zone/resources/t6yo2/common/keycloak/node_modules/patternfly/dist/css/ 178 KB
31 KB 106ms
103ms Stylesheet
text/css 52.57.92.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.mainframe.zone/resources/t6yo2/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.92.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:25 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H2 200 patternfly-additions.min.css
auth.mainframe.zone/resources/t6yo2/common/keycloak/node_modules/patternfly/dist/css/ 220 KB
30 KB 107ms
104ms Stylesheet
text/css 52.57.92.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.mainframe.zone/resources/t6yo2/common/keycloak/node_modules/patternfly/dist/css/patternfly-additions.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.92.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:25 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H2 200 pficon.css
auth.mainframe.zone/resources/t6yo2/common/keycloak/lib/pficon/ 577 B
555 B 105ms
102ms Stylesheet
text/css 52.57.92.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.mainframe.zone/resources/t6yo2/common/keycloak/lib/pficon/pficon.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.92.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:25 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 323
x-xss-protection: 1; mode=block

GET
H2 200 base.css
auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/web_modules/@patternfly/react-core/dist/styles/ 42 KB
6 KB 107ms
104ms Stylesheet
text/css 52.57.92.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/web_modules/@patternfly/react-core/dist/styles/base.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.92.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

4891821ebc2db4c531ab849f7ce3231cde07f577c15656d7e0ace02e15f047ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:25 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 6133
x-xss-protection: 1; mode=block

GET
H2 200 app.css
auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/web_modules/@patternfly/react-core/dist/styles/ 1 MB
112 KB 105ms
102ms Stylesheet
text/css 52.57.92.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/web_modules/@patternfly/react-core/dist/styles/app.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.92.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6f521cfc1d78fe85b9d9c63f7bfc65474f8f0df4ac786cb3942f6d6451e5fcb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:25 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H2 200 patternfly.min.css
auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/node_modules/patternfly/dist/css/ 178 KB
31 KB 106ms
104ms Stylesheet
text/css 52.57.92.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/node_modules/patternfly/dist/css/patternfly.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.92.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:25 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H2 200 patternfly-additions.min.css
auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/node_modules/patternfly/dist/css/ 220 KB
30 KB 105ms
103ms Stylesheet
text/css 52.57.92.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/node_modules/patternfly/dist/css/patternfly-additions.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.92.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:25 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H2 200 login.css
auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/css/ 10 KB
3 KB 108ms
106ms Stylesheet
text/css 52.57.92.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/css/login.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.92.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3b1bb09f65428eb08efc361c2dbc05b3993a8b1cc2f3301e1a15c3f4523d31c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:25 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 2714
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/css/ 711 B
614 B 107ms
105ms Stylesheet
text/css 52.57.92.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/css/styles.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.92.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

9a5262ffd3c1fb0128ef8932fbb18e11e2e322affe5069ca7aa09dfc09791428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:25 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 382
x-xss-protection: 1; mode=block

GET
H2 200 script.js Show response
auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/js/ 1 KB
701 B 106ms
105ms Script
text/javascript 52.57.92.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/js/script.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.92.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e8fa90847bb9febf94464d43227aff95a7465a65e3523105e555a189be52b4a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:25 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000
content-length: 464
x-xss-protection: 1; mode=block

GET
H2 200 pano.webp
auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/img/ 181 KB
182 KB 37ms
37ms Image
application/octet-stream 52.57.92.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/img/pano.webp

Requested by

Host: auth.mainframe.zone
URL: https://auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/css/styles.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.92.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

5972bb50598370999b341adbe23edd22a9886a9da99cd54cc00c76a2b42b115c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:25 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/octet-stream
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H2 200 OpenSans-Regular-webfont.woff2
auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/node_modules/patternfly/dist/fonts/ 61 KB
59 KB 37ms
36ms Font
application/octet-stream 52.57.92.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/node_modules/patternfly/dist/fonts/OpenSans-Regular-webfont.woff2

Requested by

Host: auth.mainframe.zone
URL: https://auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/node_modules/patternfly/dist/css/patternfly.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.92.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://auth.mainframe.zone
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:25 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/octet-stream
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H2 200 OpenSans-Light-webfont.woff2
auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/node_modules/patternfly/dist/fonts/ 62 KB
60 KB 36ms
36ms Font
application/octet-stream 52.57.92.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/node_modules/patternfly/dist/fonts/OpenSans-Light-webfont.woff2

Requested by

Host: auth.mainframe.zone
URL: https://auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/node_modules/patternfly/dist/css/patternfly.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.92.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://auth.mainframe.zone
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:25 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/octet-stream
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H2 200 fontawesome-webfont.woff2
auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/node_modules/patternfly/dist/fonts/ 75 KB
76 KB 36ms
36ms Font
application/octet-stream 52.57.92.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/node_modules/patternfly/dist/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: auth.mainframe.zone
URL: https://auth.mainframe.zone/resources/t6yo2/login/mainframe-theme/node_modules/patternfly/dist/css/patternfly.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.92.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-92-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://auth.mainframe.zone
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:37:25 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/octet-stream
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
auth.mainframe.zone/realms/paxdei/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: c01f5390-3a19-48a3-9df4-c590a2ac2de1.keycloak-1-64500
auth.mainframe.zone/realms/paxdei/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: c01f5390-3a19-48a3-9df4-c590a2ac2de1.keycloak-1-64500
auth.mainframe.zone/realms/paxdei/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkOTJkYTI2YS1mNGQ4LTRlMGEtOGQwNi03YjkwZGQzYmNjNjAifQ.eyJjaWQiOiJhY2NvdW50IiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9hY2NvdW50LnBsYXlwYXhkZWkuY29tLyIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7InNjb3BlIjoib3BlbmlkIiwiaXNzIjoiaHR0cHM6Ly9hdXRoLm1haW5mcmFtZS56b25lL3JlYWxtcy9wYXhkZWkiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vYWNjb3VudC5wbGF5cGF4ZGVpLmNvbS8iLCJzdGF0ZSI6IjljNmQ4Njg5LTY3YzktNGIwYy04Nzk5LWFjMjg5ZDQ3NTc2MiIsIm5vbmNlIjoiYjE5MzY3ZmMtMjEzOC00YzcxLTlhMmEtYzgyNmUzNjU0MDQzIiwicmVzcG9uc2VfbW9kZSI6ImZyYWdtZW50In19.tHMqR6H3tWJLlBftwmyuLZ0iRe_dtzwjfi0r6rjpEcQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.playpaxdei.com
auth.mainframe.zone
143.204.215.92
52.57.92.160
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3b1bb09f65428eb08efc361c2dbc05b3993a8b1cc2f3301e1a15c3f4523d31c1
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
478de3f2b4ed9b5d30ad498ed9f9f29db63896b4dccfabea252e7a1fe4cfe39e
4891821ebc2db4c531ab849f7ce3231cde07f577c15656d7e0ace02e15f047ed
5972bb50598370999b341adbe23edd22a9886a9da99cd54cc00c76a2b42b115c
64020e743c8e43a53ed550ce2a12b2d38cda8941838e5a05ebbeab8c37a6bc61
6f521cfc1d78fe85b9d9c63f7bfc65474f8f0df4ac786cb3942f6d6451e5fcb0
81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd
8a461781feeb79d950779a9039fd02c3f8a810a044524c7c1a81ef68305c449a
9a5262ffd3c1fb0128ef8932fbb18e11e2e322affe5069ca7aa09dfc09791428
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
e8fa90847bb9febf94464d43227aff95a7465a65e3523105e555a189be52b4a4

auth.mainframe.zone Open in urlscan Pro 52.57.92.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

994 kBTransfer

4601 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

3 Cookies

Indicators

auth.mainframe.zone Open in urlscan Pro
52.57.92.160 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

994 kB
Transfer

4601 kB
Size

3
Cookies

20 HTTP transactions
0 data transactions