urlscan.io logo urlscan.io
SecurityTrails logo

k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud Open in urlscan Pro
158.177.118.97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/redirect.html
Effective URL: https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/undefinedblackroundcube%20copy%206.html
Submission: On May 22 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 5 HTTP transactions. The main IP is 158.177.118.97, located in United States and belongs to SOFTLAYER, US. The main domain is k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 23rd 2020. Valid for: a year.
This is the only time k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 158.177.118.97 36351 (SOFTLAYER)
1 1 54.82.188.107 14618 (AMAZON-AES)
1 51.68.36.8 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
5 5
2    158.177.118.97 (United States)

ASN36351 (SOFTLAYER, US)
PTR: s3.eu-de.objectstorage.softlayer.net
k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud
1    54.82.188.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-188-107.compute-1.amazonaws.com
roudauth.herokuapp.com
1    51.68.36.8 (France)

ASN16276 (OVH, FR)
PTR: ns3121917.ip-51-68-36.eu
i.gifer.com
1    2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
Domain Requested by
2 k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud
1 code.jquery.com k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud
1 ajax.cloudflare.com k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud
1 i.gifer.com k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud
1 roudauth.herokuapp.com 1 redirects
5 5

This site contains no links.

Subject Issuer Validity Valid
*.s3.eu-de.cloud-object-storage.appdomain.cloud
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-23 -
2021-12-13		 a year crt.sh
gifer.com
R3		 2021-05-08 -
2021-08-06		 3 months crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/undefinedblackroundcube%20copy%206.html
Frame ID: F57E20E039D55B2B32115764128F74D9
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/redirect.html Page URL
  2. https://roudauth.herokuapp.com/ HTTP 302
    https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/undefinedblackroundcube%20copy%206.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<title>RoundCube/i
Overall confidence: 100%
Detected patterns
  • html /<title>RoundCube/i

Page Statistics

5
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

685 kB
Transfer

752 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/redirect.html Page URL
  2. https://roudauth.herokuapp.com/ HTTP 302
    https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/undefinedblackroundcube%20copy%206.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
redirect.html
k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/ 		494 B
861 B 		Document
General
Check archive.org
Download Go to
Full URL
https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/redirect.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.177.118.97 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
s3.eu-de.objectstorage.softlayer.net
Software
Cleversafe /
Resource Hash
7556e7fc56a3991020846149679d112dfb655591048f40db0241e107a6693a5d

Request headers

Host
k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:58:37 GMT
X-Clv-Request-Id
21729985-d0f9-4751-86a6-b4ecc9549bb9
Server
Cleversafe
X-Clv-S3-Version
2.5
Accept-Ranges
bytes
x-amz-request-id
21729985-d0f9-4751-86a6-b4ecc9549bb9
ETag
"a77c85d2b6df07f849b0afc556a42a88"
Content-Type
text/html
Last-Modified
Fri, 21 May 2021 14:41:29 GMT
Content-Length
494
Primary Request undefinedblackroundcube%20copy%206.html
k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/
Redirect Chain
  • https://roudauth.herokuapp.com/
  • https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/undefinedblackroundcube%20copy%206.html
613 KB
613 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/undefinedblackroundcube%20copy%206.html
Requested by
Host: k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud
URL: https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/redirect.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.177.118.97 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
s3.eu-de.objectstorage.softlayer.net
Software
Cleversafe /
Resource Hash
f24f5493810868994b248f89412d31ec38ae06ac002a2329f2fcd62143af385e

Request headers

Host
k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/redirect.html

Response headers

Date
Sat, 22 May 2021 03:58:38 GMT
X-Clv-Request-Id
40710d0f-2484-48d5-87d7-2a2dcef032dd
Server
Cleversafe
X-Clv-S3-Version
2.5
Accept-Ranges
bytes
x-amz-request-id
40710d0f-2484-48d5-87d7-2a2dcef032dd
ETag
"2ed344dbb70ba28f72da2ca37eb48697"
Content-Type
text/html
Last-Modified
Fri, 21 May 2021 11:22:17 GMT
Content-Length
627666

Redirect headers

Server
Cowboy
Connection
keep-alive
X-Powered-By
Express
Location
https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/undefinedblackroundcube%20copy%206.html
Vary
Accept
Content-Type
text/html; charset=utf-8
Content-Length
288
Date
Sat, 22 May 2021 03:58:38 GMT
Via
1.1 vegur
34338d26023e5515f6cc8969aa027bca_w200.gif
i.gifer.com/origin/34/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.gifer.com/origin/34/34338d26023e5515f6cc8969aa027bca_w200.gif
Requested by
Host: k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud
URL: https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/undefinedblackroundcube%20copy%206.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.36.8 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3121917.ip-51-68-36.eu
Software
nginx /
Resource Hash
fd969eab7bf38ffda200dcbf707646810df3039138abe643793c20404ecf5900
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:58:38 GMT
last-modified
Sun, 17 Sep 2017 15:20:23 GMT
server
nginx
etag
"59be92b7-8ccc"
strict-transport-security
max-age=604800
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
36044
expires
Thu, 31 Dec 2037 23:55:55 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud
URL: https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/undefinedblackroundcube%20copy%206.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
0a33d2aee300003244402e7000000001
last-modified
Wed, 19 May 2021 09:21:20 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"60a4d890-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BUPKxaRC5pK0QDDLwhRm4OeWTPUCvb1pIt%2FgDThCg1K67au3iTZsJA3sicGuHNtw99JahRo1KYKrjxo%2Buk4lRYGDNZomcFm20SyLBvMLvvH%2Flgk7%2Fa0czYsBBMvtpS9S"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
653320916dab3244-FRA
expires
Mon, 24 May 2021 03:58:38 GMT
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud
URL: https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/undefinedblackroundcube%20copy%206.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Origin
https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud
Referer
https://k9j8j9j7h6g5f6d4d3w2r5y7j9k0.s3.eu-de.cloud-object-storage.appdomain.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:58:38 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
nginx
etag
W/"5eb09f0f-15d84"
vary
Accept-Encoding
x-hw
1621655918.dop239.fr8.t,1621655918.cds264.fr8.hn,1621655918.cds142.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
85256d019c76dafce023e67c1942fd2287ced7c7503d207991e54d33ac1b37fd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| rcube_mail_ui function| rcube_scroller function| rcube_splitter number| CONTROL_KEY number| SHIFT_KEY number| CONTROL_SHIFT_KEY function| roundcube_browser object| rcube_event function| rcube_event_engine function| rcube_check_email function| rcube_clone_object function| urlencode function| rcube_find_object function| rcube_mouse_is_over function| setCookie function| getCookie object| bw undefined| rcube_parse_query undefined| Base64 object| jstz function| $ function| jQuery object| search boolean| k object| s function| r object| c object| d string| h object| __cfQR undefined| rcmail undefined| UI boolean| __cfRLUnblockHandlers

0 Cookies

1 Console Messages

Source Level URL
Text
console-api warning URL: https://code.jquery.com/jquery-3.5.1.min.js(Line 2)
Message:
jQuery.Deferred exception: Cannot read property 'init' of undefined TypeError: Cannot read property 'init' of undefined at HTMLDocument.<anonymous> (<anonymous>:1:22) at e (https://code.jquery.com/jquery-3.5.1.min.js:2:30005) at t (https://code.jquery.com/jquery-3.5.1.min.js:2:30307) undefined