login.cybersecurity.aoe.host

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 4 HTTP transactions. The main IP is 18.194.91.1, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is login.cybersecurity.aoe.host.
TLS certificate: Issued by Amazon on March 8th 2022. Valid for: a year.

This is the only time login.cybersecurity.aoe.host was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	18.192.163.187 18.192.163.187	16509 (AMAZON-02) (AMAZON-02)
2	18.194.91.1 18.194.91.1	16509 (AMAZON-02) (AMAZON-02)
2	185.56.133.26 185.56.133.26	25291 (INTERDOTL...) (INTERDOTLINK-SYSELEVEN powered by Inter.link)
4	3

3 18.192.163.187 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-163-187.eu-central-1.compute.amazonaws.com

prometheus-alertmanager.cybersecurity.aoe.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prometheus-alertmanager.bareid.rocks	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth.bareid.rocks	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.91.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-91-1.eu-central-1.compute.amazonaws.com

login.cybersecurity.aoe.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.56.133.26 (Germany)

ASN25291 (INTERDOTLINK-SYSELEVEN powered by Inter.link, DE)

assets.bare.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	aoe.host 1 redirects prometheus-alertmanager.cybersecurity.aoe.host login.cybersecurity.aoe.host	14 KB
2	bare.id assets.bare.id	712 KB
2	bareid.rocks 2 redirects prometheus-alertmanager.bareid.rocks auth.bareid.rocks	871 B
4	3

	Domain	Requested by
2	assets.bare.id	login.cybersecurity.aoe.host
2	login.cybersecurity.aoe.host	login.cybersecurity.aoe.host
1	auth.bareid.rocks	1 redirects
1	prometheus-alertmanager.bareid.rocks	1 redirects
1	prometheus-alertmanager.cybersecurity.aoe.host	1 redirects
4	5

This site contains no links.

Subject Issuer	Validity	Valid
*.cybersecurity.aoe.host Amazon	`2022-03-08` - `2023-04-06`	a year	crt.sh
assets.bare.id R3	`2022-11-14` - `2023-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.cybersecurity.aoe.host/auth/realms/cybersecurity-team/protocol/openid-connect/auth?approval_prompt=force&client_id=oauth2-proxy.aws&redirect_uri=https%3A%2F%2Fauth.bareid.rocks%2Foauth2%2Fcallback&response_type=code&scope=openid+email+profile&state=V0jjXqNsVWgEfn2dPsQNlRWn1qj8bFlqxNmRNJOno6U%3Ahttps%3A%2F%2Fprometheus-alertmanager.bareid.rocks%2F
Frame ID: D18CD751FA9A48300A62EB801737790B
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden bei cybersecurity-team

Page URL History Show full URLs

https://prometheus-alertmanager.cybersecurity.aoe.host/ HTTP 308
https://prometheus-alertmanager.bareid.rocks/ HTTP 302
https://auth.bareid.rocks/oauth2/start?rd=https://prometheus-alertmanager.bareid.rocks%2F HTTP 302
https://login.cybersecurity.aoe.host/auth/realms/cybersecurity-team/protocol/openid-connect/auth?approval_prompt=... Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

3
IPs

1
Countries

726 kB
Transfer

741 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://prometheus-alertmanager.cybersecurity.aoe.host/ HTTP 308
https://prometheus-alertmanager.bareid.rocks/ HTTP 302
https://auth.bareid.rocks/oauth2/start?rd=https://prometheus-alertmanager.bareid.rocks%2F HTTP 302
https://login.cybersecurity.aoe.host/auth/realms/cybersecurity-team/protocol/openid-connect/auth?approval_prompt=force&client_id=oauth2-proxy.aws&redirect_uri=https%3A%2F%2Fauth.bareid.rocks%2Foauth2%2Fcallback&response_type=code&scope=openid+email+profile&state=V0jjXqNsVWgEfn2dPsQNlRWn1qj8bFlqxNmRNJOno6U%3Ahttps%3A%2F%2Fprometheus-alertmanager.bareid.rocks%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request auth Show response
login.cybersecurity.aoe.host/auth/realms/cybersecurity-team/protocol/openid-connect/
Redirect Chain

https://prometheus-alertmanager.cybersecurity.aoe.host/
https://prometheus-alertmanager.bareid.rocks/
https://auth.bareid.rocks/oauth2/start?rd=https://prometheus-alertmanager.bareid.rocks%2F
https://login.cybersecurity.aoe.host/auth/realms/cybersecurity-team/protocol/openid-connect/auth?approval_prompt=force&client_id=oauth2-proxy.aws&redirect_uri=https%3A%2F%2Fauth.bareid.rocks%2Foaut...

7 KB
8 KB

182ms
15ms

Document
text/html

18.194.91.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.cybersecurity.aoe.host/auth/realms/cybersecurity-team/protocol/openid-connect/auth?approval_prompt=force&client_id=oauth2-proxy.aws&redirect_uri=https%3A%2F%2Fauth.bareid.rocks%2Foauth2%2Fcallback&response_type=code&scope=openid+email+profile&state=V0jjXqNsVWgEfn2dPsQNlRWn1qj8bFlqxNmRNJOno6U%3Ahttps%3A%2F%2Fprometheus-alertmanager.bareid.rocks%2F

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.91.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-91-1.eu-central-1.compute.amazonaws.com

Software

/

Resource Hash

3b23f0080745a30892653a9a46dfe3461593a44b200183f15e2465bf2df03bc1

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, must-revalidate, max-age=0
content-language: de
content-length: 6663
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Sat, 24 Dec 2022 14:17:57 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 405
content-type: text/html; charset=utf-8
date: Sat, 24 Dec 2022 14:17:57 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
location: https://login.cybersecurity.aoe.host/auth/realms/cybersecurity-team/protocol/openid-connect/auth?approval_prompt=force&client_id=oauth2-proxy.aws&redirect_uri=https%3A%2F%2Fauth.bareid.rocks%2Foauth2%2Fcallback&response_type=code&scope=openid+email+profile&state=V0jjXqNsVWgEfn2dPsQNlRWn1qj8bFlqxNmRNJOno6U%3Ahttps%3A%2F%2Fprometheus-alertmanager.bareid.rocks%2F
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 styles.css
login.cybersecurity.aoe.host/auth/resources/uypk1/login/whitelabel-theme/css/ 24 KB
6 KB 12ms
12ms Stylesheet
text/css 18.194.91.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.cybersecurity.aoe.host/auth/resources/uypk1/login/whitelabel-theme/css/styles.css?1

Requested by

Host: login.cybersecurity.aoe.host
URL: https://login.cybersecurity.aoe.host/auth/realms/cybersecurity-team/protocol/openid-connect/auth?approval_prompt=force&client_id=oauth2-proxy.aws&redirect_uri=https%3A%2F%2Fauth.bareid.rocks%2Foauth2%2Fcallback&response_type=code&scope=openid+email+profile&state=V0jjXqNsVWgEfn2dPsQNlRWn1qj8bFlqxNmRNJOno6U%3Ahttps%3A%2F%2Fprometheus-alertmanager.bareid.rocks%2F

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.91.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-91-1.eu-central-1.compute.amazonaws.com

Software

/

Resource Hash

2a2193fe9866d420fdaff7213d049399fd84e7d2e52353fad1a137c0287070b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 14:17:57 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 5629
x-xss-protection: 1; mode=block

GET
H2 200 logo-dark.svg
assets.bare.id/ 1 KB
2 KB 161ms
19ms Image
image/svg+xml 185.56.133.26
INTERDOTLINK-SYSE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bare.id/logo-dark.svg
Requested by: Host: login.cybersecurity.aoe.host
URL: https://login.cybersecurity.aoe.host/auth/realms/cybersecurity-team/protocol/openid-connect/auth?approval_prompt=force&client_id=oauth2-proxy.aws&redirect_uri=https%3A%2F%2Fauth.bareid.rocks%2Foauth2%2Fcallback&response_type=code&scope=openid+email+profile&state=V0jjXqNsVWgEfn2dPsQNlRWn1qj8bFlqxNmRNJOno6U%3Ahttps%3A%2F%2Fprometheus-alertmanager.bareid.rocks%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.56.133.26 , Germany, ASN25291 (INTERDOTLINK-SYSELEVEN powered by Inter.link, DE),
Reverse DNS
Software: /
Resource Hash: 59fdeaf2ac57488a1d130e5a1d33999e40b0fef6c3e9bfe7a7cee4a64f29393f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 14:17:57 GMT
last-modified: Tue, 20 Dec 2022 07:35:19 GMT
etag: "63a165b7-556"
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1366
expires: Mon, 23 Jan 2023 14:17:57 GMT

GET
H2 200 bg-customer.png
assets.bare.id/ 709 KB
711 KB 145ms
20ms Image
image/png 185.56.133.26
INTERDOTLINK-SYSE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bare.id/bg-customer.png
Requested by: Host: login.cybersecurity.aoe.host
URL: https://login.cybersecurity.aoe.host/auth/resources/uypk1/login/whitelabel-theme/css/styles.css?1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.56.133.26 , Germany, ASN25291 (INTERDOTLINK-SYSELEVEN powered by Inter.link, DE),
Reverse DNS
Software: /
Resource Hash: cdcf0649ad0aff4d64bcd156c4f13e972f6931f72b2b3710964b0bcd6b7439a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 14:17:57 GMT
last-modified: Tue, 20 Dec 2022 07:35:19 GMT
etag: "63a165b7-b149c"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 726172
expires: Mon, 23 Jan 2023 14:17:57 GMT

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2b43ecde6e726ba840a2aade0f4443d47050e6f1e6a3fb981448ae74f224b29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.cybersecurity.aoe.host/auth/realms/cybersecurity-team/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 787a6e68-6332-4893-940b-2b9c580287f3.keycloak-keycloakx-0-36643
login.cybersecurity.aoe.host/auth/realms/cybersecurity-team/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 787a6e68-6332-4893-940b-2b9c580287f3.keycloak-keycloakx-0-36643
login.cybersecurity.aoe.host/auth/realms/cybersecurity-team/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIwN2MxOGY4My0yMDhiLTRkNzUtOGRiZC02OWU5ZGI0YmNlZTAifQ.eyJjaWQiOiJvYXV0aDItcHJveHkuYXdzIiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9hdXRoLmJhcmVpZC5yb2Nrcy9vYXV0aDIvY2FsbGJhY2siLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJzY29wZSI6Im9wZW5pZCBlbWFpbCBwcm9maWxlIiwiaXNzIjoiaHR0cHM6Ly9sb2dpbi5jeWJlcnNlY3VyaXR5LmFvZS5ob3N0L2F1dGgvcmVhbG1zL2N5YmVyc2VjdXJpdHktdGVhbSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwiY2xpZW50X3JlcXVlc3RfcGFyYW1fYXBwcm92YWxfcHJvbXB0IjoiZm9yY2UiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL2F1dGguYmFyZWlkLnJvY2tzL29hdXRoMi9jYWxsYmFjayIsInN0YXRlIjoiVjBqalhxTnNWV2dFZm4yZFBzUU5sUlduMXFqOGJGbHF4Tm1STkpPbm82VTpodHRwczovL3Byb21ldGhldXMtYWxlcnRtYW5hZ2VyLmJhcmVpZC5yb2Nrcy8ifX0.0hfoYZGMlHReXqqJvPWrKqqXxMaLe4glTt5qWN9bFVA
.bareid.rocks/	1970-01-20 08:34:56	Name: auth-proxy_csrf Value: BH__uxLp_LtnwqBy8rPqA6oo9okx5voY1ej6QGmBxu01RajE8GBcJAxfTnvh1OLbowk_Goqc8XH0PNBEx-viJXHZCvIQxyZggYWKVk3HrFiJ8ZOHivvw_Oo=\|1671891477\|LkyIcU45ecYX7nvun01hGngFC7_Y-2HcuBkRy7X_W0g=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.bare.id
auth.bareid.rocks
login.cybersecurity.aoe.host
prometheus-alertmanager.bareid.rocks
prometheus-alertmanager.cybersecurity.aoe.host
18.192.163.187
18.194.91.1
185.56.133.26
2a2193fe9866d420fdaff7213d049399fd84e7d2e52353fad1a137c0287070b0
3b23f0080745a30892653a9a46dfe3461593a44b200183f15e2465bf2df03bc1
59fdeaf2ac57488a1d130e5a1d33999e40b0fef6c3e9bfe7a7cee4a64f29393f
c2b43ecde6e726ba840a2aade0f4443d47050e6f1e6a3fb981448ae74f224b29
cdcf0649ad0aff4d64bcd156c4f13e972f6931f72b2b3710964b0bcd6b7439a6

login.cybersecurity.aoe.host Open in urlscan Pro 18.194.91.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

3 Domains

5 Subdomains

3 IPs

1 Countries

726 kBTransfer

741 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

login.cybersecurity.aoe.host Open in urlscan Pro
18.194.91.1 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

3
IPs

1
Countries

726 kB
Transfer

741 kB
Size

4
Cookies

4 HTTP transactions
1 data transactions