urlscan.io logo urlscan.io
SecurityTrails logo

odeumstage.com Open in urlscan Pro
104.21.23.67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://shorturl.at/JNRU8
Effective URL: https://odeumstage.com/?s1=351536&s2=1055251110&s3=1782&s4=1710&ow=&s10=739
Submission: On September 17 via manual from BE — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 13 HTTP transactions. The main IP is 104.21.23.67, located in and belongs to CLOUDFLARENET, US. The main domain is odeumstage.com.
TLS certificate: Issued by E1 on August 30th 2023. Valid for: 3 months.
This is the only time odeumstage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 188.114.97.3 13335 (CLOUDFLAR...)
1 193.124.15.80 398343 (BAXET-GROUP)
2 104.21.23.67 13335 (CLOUDFLAR...)
13 3
Apex Domain
Subdomains		 Transfer
2 odeumstage.com
odeumstage.com
28 KB
2 shorturl.at
shorturl.at — Cisco Umbrella Rank: 81233
www.shorturl.at — Cisco Umbrella Rank: 95632
1 KB
1 bystanderfog.com
bystanderfog.com
432 B
13 3
Domain Requested by
2 odeumstage.com bystanderfog.com
odeumstage.com
1 bystanderfog.com
1 www.shorturl.at 1 redirects
1 shorturl.at 1 redirects
13 4

This site contains no links.

Subject Issuer Validity Valid
bystanderfog.com
R3		 2023-08-31 -
2023-11-29		 3 months crt.sh
odeumstage.com
E1		 2023-08-30 -
2023-11-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://odeumstage.com/?s1=351536&s2=1055251110&s3=1782&s4=1710&ow=&s10=739
Frame ID: 68BBC5017BEF85C6D24F068CCE54BC3E
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://shorturl.at/JNRU8 HTTP 301
    https://www.shorturl.at/JNRU8 HTTP 302
    https://bystanderfog.com/0/0/0/d6d7213869329bbcb10ac518870a51d9/amediari8 Page URL
  2. https://odeumstage.com/?s1=351536&s2=1055251110&s3=1782&s4=1710&ow=&s10=739 Page URL

Page Statistics

13
Requests

23 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

28 kB
Transfer

171 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://shorturl.at/JNRU8 HTTP 301
    https://www.shorturl.at/JNRU8 HTTP 302
    https://bystanderfog.com/0/0/0/d6d7213869329bbcb10ac518870a51d9/amediari8 Page URL
  2. https://odeumstage.com/?s1=351536&s2=1055251110&s3=1782&s4=1710&ow=&s10=739 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://shorturl.at/JNRU8 HTTP 301
  • https://www.shorturl.at/JNRU8 HTTP 302
  • https://bystanderfog.com/0/0/0/d6d7213869329bbcb10ac518870a51d9/amediari8

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
amediari8
bystanderfog.com/0/0/0/d6d7213869329bbcb10ac518870a51d9/
Redirect Chain
  • https://shorturl.at/JNRU8
  • https://www.shorturl.at/JNRU8
  • https://bystanderfog.com/0/0/0/d6d7213869329bbcb10ac518870a51d9/amediari8
138 B
432 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bystanderfog.com/0/0/0/d6d7213869329bbcb10ac518870a51d9/amediari8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.124.15.80 , Czech Republic, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

content-length
138
content-type
text/html; charset=UTF-8
date
Sun, 17 Sep 2023 11:04:46 GMT
server
Apache

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8080debe2d1a1e68-FRA
content-type
text/html; charset=UTF-8
date
Sun, 17 Sep 2023 11:04:44 GMT
location
https://bystanderfog.com/0/0/0/d6d7213869329bbcb10ac518870a51d9/amediari8
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFFpZ994LzR3W0KLsll%2FsvOhwIDfj9CLV6bi%2FEgi%2FMJF6praFWD3vOSZEvxHNtS2EthN4KPG%2B1nxp1xrg0gZ%2BhI9KLOk8sf1dze5Fly9LRg6RLhqQN8eRxR8wORbyZ81MAQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
Primary Request /
odeumstage.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://odeumstage.com/?s1=351536&s2=1055251110&s3=1782&s4=1710&ow=&s10=739
Requested by
Host: bystanderfog.com
URL: https://bystanderfog.com/0/0/0/d6d7213869329bbcb10ac518870a51d9/amediari8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.23.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec568e1c7e59337b9e2d6f2be0100a1cd8569429f15638fca4d2f1e616bc0dcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bystanderfog.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8080deca59919b2d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 17 Sep 2023 11:04:47 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGvjmGIn7PRM7%2BLoyd2DoT6V%2FNUE4dvGXeLrB7xdQb3HfqJVjmw5rElrgve45GteeuEQSxHRgFNPdUpfk5bF7XFxhVCgBeMhUwS5zL%2FX3bjr6aJlqLuVfKv%2BvBEW%2FHa%2BYg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
be0952be9078ab623bef6131e33da661
odeumstage.com/ 		169 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odeumstage.com/be0952be9078ab623bef6131e33da661?_ax=w
Requested by
Host: odeumstage.com
URL: https://odeumstage.com/?s1=351536&s2=1055251110&s3=1782&s4=1710&ow=&s10=739
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.23.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6efe3cbfd88622489e5881d2290003a31217ecc656317247ea8a6bf23659f2fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://odeumstage.com/be0952be9078ab623bef6131e33da661
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 11:04:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSVYZoWPEguU7AzkcXukkUkrIxetA4PAeXrouADo3WyQI9jb0MKOl7rtaPIhC3028uSmvIdVj7qKq6WIIDX603blccFjOg6EzCUHKQ1PFF0%2BmtP42TkcDvzDd25GSgLqtg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
8080ded0fbd69b2d-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
bootstrap.min.css
odeumstage.com/assets/js/vendor/bootstrap/css/ 		0
0
all.css
odeumstage.com/assets/vendors/fontawesome/css/ 		0
0
common-hybrid.css
odeumstage.com/assets/css/legacy/dist/ 		0
0
1.4.css
odeumstage.com/assets/css/legacy/ 		0
0
msg.v3.js
odeumstage.com/inc/ 		0
0
jquery-3.4.1.min.js
odeumstage.com/assets/js/vendor/ 		0
0
bootstrap.min.js
odeumstage.com/assets/js/vendor/bootstrap/js/ 		0
0
functions.js
odeumstage.com/assets/js/ 		0
0
intl_functions.js
odeumstage.com/assets/js/ 		0
0
common-hybrid.js
odeumstage.com/assets/js/legacy/dist/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
odeumstage.com
URL
https://odeumstage.com/assets/js/vendor/bootstrap/css/bootstrap.min.css
Domain
odeumstage.com
URL
https://odeumstage.com/assets/vendors/fontawesome/css/all.css
Domain
odeumstage.com
URL
https://odeumstage.com/assets/css/legacy/dist/common-hybrid.css?v=69e4e738022227cfee8676bb517c25cf
Domain
odeumstage.com
URL
https://odeumstage.com/assets/css/legacy/1.4.css?v=69e4e738022227cfee8676bb517c25cf
Domain
odeumstage.com
URL
https://odeumstage.com/inc/msg.v3.js?6506dd520fdb2
Domain
odeumstage.com
URL
https://odeumstage.com/assets/js/vendor/jquery-3.4.1.min.js
Domain
odeumstage.com
URL
https://odeumstage.com/assets/js/vendor/bootstrap/js/bootstrap.min.js
Domain
odeumstage.com
URL
https://odeumstage.com/assets/js/functions.js?v=69e4e738022227cfee8676bb517c25cf
Domain
odeumstage.com
URL
https://odeumstage.com/assets/js/intl_functions.js?v=69e4e738022227cfee8676bb517c25cf
Domain
odeumstage.com
URL
https://odeumstage.com/assets/js/legacy/dist/common-hybrid.js?v=69e4e738022227cfee8676bb517c25cf

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| _0x4eba function| _0x3ccf

2 Cookies

Domain/Path Name / Value
bystanderfog.com/ Name: uid1782
Value: 1055251110-20230917070446-34b6c1c55e25b3adfca4a94d31467e0c-0
odeumstage.com/ Name: PHPSESSID
Value: ba959bc3520a5cd66c3f073de42bef2e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bystanderfog.com
odeumstage.com
shorturl.at
www.shorturl.at
odeumstage.com
104.21.23.67
188.114.97.3
193.124.15.80
6efe3cbfd88622489e5881d2290003a31217ecc656317247ea8a6bf23659f2fc
ec568e1c7e59337b9e2d6f2be0100a1cd8569429f15638fca4d2f1e616bc0dcb