login.rugway.de Open in urlscan Pro
94.130.90.245 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://login.rugway.de/
Effective URL:
https://login.rugway.de/en/login
Submission: On February 01 via automatic, source certstream-suspicious (February 1st 2021, 7:15:21 am UTC)

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 94.130.90.245, located in Germany and belongs to HETZNER-AS, DE. The main domain is login.rugway.de.
TLS certificate: Issued by R3 on February 1st 2021. Valid for: 3 months.

This is the only time login.rugway.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 10	94.130.90.245 94.130.90.245		24940 (HETZNER-AS) (HETZNER-AS)
8	1

10 94.130.90.245 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: awt1.timmeserver.de

login.rugway.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	rugway.de 2 redirects login.rugway.de	233 KB
8	1

	Domain	Requested by
10	login.rugway.de	2 redirects login.rugway.de
8	1

This site contains no links.

Subject Issuer	Validity	Valid
login.rugway.de R3	`2021-02-01` - `2021-05-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.rugway.de/en/login
Frame ID: 919F37C34B5964B9E75C36F7AD06D995
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://login.rugway.de/ HTTP 302
https://login.rugway.de/en/homepage HTTP 302
https://login.rugway.de/en/login Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

233 kB
Transfer

936 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login.rugway.de/ HTTP 302
https://login.rugway.de/en/homepage HTTP 302
https://login.rugway.de/en/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response login.rugway.de/en/ Redirect Chain https://login.rugway.de/ https://login.rugway.de/en/homepage https://login.rugway.de/en/login	3 KB 1 KB	256ms 256ms	Document text/html	94.130.90.245 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login.rugway.de/en/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.130.90.245 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS awt1.timmeserver.de Software nginx / Resource Hash `925841c71afb6d69465ba7ff9360b2b64e2745f4c82dab95af23a724dcf4273e` Request headers :method GET :authority login.rugway.de :scheme https :path /en/login pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie MOCKSESSID=a031340cf14b3740d0ff36f8ae7891a36926075ab16ab779275ab87b1b49cb99 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server nginx content-type text/html; charset=UTF-8 vary Accept-Encoding cache-control max-age=0, must-revalidate, private date Mon, 01 Feb 2021 07:15:03 GMT x-robots-tag noindex expires Mon, 01 Feb 2021 07:15:03 GMT set-cookie MOCKSESSID=a031340cf14b3740d0ff36f8ae7891a36926075ab16ab779275ab87b1b49cb99; path=/; httponly content-encoding br Redirect headers server nginx content-type text/html; charset=UTF-8 location https://login.rugway.de/en/login cache-control max-age=0, must-revalidate, private date Mon, 01 Feb 2021 07:15:03 GMT x-robots-tag noindex expires Mon, 01 Feb 2021 07:15:03 GMT set-cookie MOCKSESSID=a031340cf14b3740d0ff36f8ae7891a36926075ab16ab779275ab87b1b49cb99; path=/; httponly
GET H2	200	2.4340acb0.css login.rugway.de/build/	175 KB 25 KB	55ms 53ms	Stylesheet text/css	94.130.90.245 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login.rugway.de/build/2.4340acb0.css Requested by Host: login.rugway.de URL: https://login.rugway.de/en/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.130.90.245 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS awt1.timmeserver.de Software nginx / Resource Hash `469886cb566cb9bcc12cffb574154f6f75e4576cfc92c53b8df0fc754c5e1186` Request headers Referer https://login.rugway.de/en/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Feb 2021 07:15:03 GMT content-encoding br last-modified Mon, 30 Mar 2020 13:29:55 GMT server nginx etag W/"5e81f453-2bd9a" vary Accept-Encoding content-type text/css
GET H2	200	app.74e037c1.css login.rugway.de/build/	186 KB 35 KB	72ms 70ms	Stylesheet text/css	94.130.90.245 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login.rugway.de/build/app.74e037c1.css Requested by Host: login.rugway.de URL: https://login.rugway.de/en/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.130.90.245 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS awt1.timmeserver.de Software nginx / Resource Hash `c4022deff6f5a607ee8619c9550117282ba4656c20b5324b757068be94276fd2` Request headers Referer https://login.rugway.de/en/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Feb 2021 07:15:03 GMT content-encoding br last-modified Mon, 30 Mar 2020 13:29:55 GMT server nginx etag W/"5e81f453-2e9e3" vary Accept-Encoding content-type text/css
GET H2	200	runtime.09fcd0fa.js Show response login.rugway.de/build/	1 KB 863 B	72ms 70ms	Script application/javascript	94.130.90.245 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login.rugway.de/build/runtime.09fcd0fa.js Requested by Host: login.rugway.de URL: https://login.rugway.de/en/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.130.90.245 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS awt1.timmeserver.de Software nginx / Resource Hash `0353b94424a5508eaab2046b8a11bae7236ea347bc52127ab3110f766a566c66` Request headers Referer https://login.rugway.de/en/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Feb 2021 07:15:03 GMT content-encoding br last-modified Mon, 30 Mar 2020 13:29:55 GMT server nginx etag W/"5e81f453-5e0" vary Accept-Encoding content-type application/javascript
GET H2	200	0.c3c0ac90.js Show response login.rugway.de/build/	86 KB 31 KB	72ms 71ms	Script application/javascript	94.130.90.245 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login.rugway.de/build/0.c3c0ac90.js Requested by Host: login.rugway.de URL: https://login.rugway.de/en/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.130.90.245 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS awt1.timmeserver.de Software nginx / Resource Hash `44d55170d291aa1395dda48dc98bdc66453146b19cf7ac283ca4bedb9b609bd3` Request headers Referer https://login.rugway.de/en/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Feb 2021 07:15:03 GMT content-encoding br last-modified Mon, 30 Mar 2020 13:29:55 GMT server nginx etag W/"5e81f453-159ef" vary Accept-Encoding content-type application/javascript
GET H2	200	2.d6c34c41.js Show response login.rugway.de/build/	401 KB 111 KB	72ms 71ms	Script application/javascript	94.130.90.245 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login.rugway.de/build/2.d6c34c41.js Requested by Host: login.rugway.de URL: https://login.rugway.de/en/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.130.90.245 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS awt1.timmeserver.de Software nginx / Resource Hash `e99c27370224175f0348cb153d56ca03d2023d070b992628fa5e5247b6ec5aa9` Request headers Referer https://login.rugway.de/en/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Feb 2021 07:15:03 GMT content-encoding br last-modified Mon, 30 Mar 2020 13:29:55 GMT server nginx etag W/"5e81f453-64553" vary Accept-Encoding content-type application/javascript
GET H2	200	app.38aaa2ae.js Show response login.rugway.de/build/	64 KB 11 KB	72ms 71ms	Script application/javascript	94.130.90.245 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login.rugway.de/build/app.38aaa2ae.js Requested by Host: login.rugway.de URL: https://login.rugway.de/en/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.130.90.245 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS awt1.timmeserver.de Software nginx / Resource Hash `d722ea10e38951cc3d0f50da01e6216397e1510fa2664c93cf88ff19764e5c8d` Request headers Referer https://login.rugway.de/en/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Feb 2021 07:15:03 GMT content-encoding br last-modified Mon, 30 Mar 2020 13:29:55 GMT server nginx etag W/"5e81f453-ffaf" vary Accept-Encoding content-type application/javascript
GET H2	200	glyphicons-halflings-regular.448c34a5.woff2 login.rugway.de/build/fonts/	18 KB 18 KB	66ms 66ms	Font application/octet-stream	94.130.90.245 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login.rugway.de/build/fonts/glyphicons-halflings-regular.448c34a5.woff2 Requested by Host: login.rugway.de URL: https://login.rugway.de/build/app.74e037c1.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.130.90.245 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS awt1.timmeserver.de Software nginx / Resource Hash `fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c` Request headers Origin https://login.rugway.de Referer https://login.rugway.de/build/app.74e037c1.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Feb 2021 07:15:03 GMT last-modified Mon, 30 Mar 2020 13:29:55 GMT server nginx etag "5e81f453-466c" vary Accept-Encoding content-type application/octet-stream accept-ranges bytes content-length 18028

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			login.rugway.de/	1969-12-31 23:59:59	Name: MOCKSESSID Value: a031340cf14b3740d0ff36f8ae7891a36926075ab16ab779275ab87b1b49cb99

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.rugway.de
94.130.90.245
0353b94424a5508eaab2046b8a11bae7236ea347bc52127ab3110f766a566c66
44d55170d291aa1395dda48dc98bdc66453146b19cf7ac283ca4bedb9b609bd3
469886cb566cb9bcc12cffb574154f6f75e4576cfc92c53b8df0fc754c5e1186
925841c71afb6d69465ba7ff9360b2b64e2745f4c82dab95af23a724dcf4273e
c4022deff6f5a607ee8619c9550117282ba4656c20b5324b757068be94276fd2
d722ea10e38951cc3d0f50da01e6216397e1510fa2664c93cf88ff19764e5c8d
e99c27370224175f0348cb153d56ca03d2023d070b992628fa5e5247b6ec5aa9
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

login.rugway.de Open in urlscan Pro 94.130.90.245 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

233 kBTransfer

936 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

1 Cookies

Indicators

login.rugway.de Open in urlscan Pro
94.130.90.245 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

233 kB
Transfer

936 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions