urlscan.io logo urlscan.io
SecurityTrails logo

objectstorage.us-ashburn-1.oraclecloud.com Open in urlscan Pro
134.70.28.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://myvictoryfireworks.com/Zencart/trigger.php?r_link=https%3A%2F%2FSignprints.qatar-glass.com%23YnJpYW5Ac2lnbnByaW50cy5jb2...
Effective URL: https://objectstorage.us-ashburn-1.oraclecloud.com/p/sgdDtA6XM8Mco-boqjwxZFT0A8u9busBqMW5nBszrHV8c4z_zprt_YRbNiHP5PT6/n/ideqj1mexoeo/b/rk001-2539-1...
Submission: On April 27 via manual from HK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 11 domains to perform 11 HTTP transactions. The main IP is 134.70.28.1, located in Ashburn, United States and belongs to ORACLE-BMC-31898, US. The main domain is objectstorage.us-ashburn-1.oraclecloud.com. The Cisco Umbrella rank of the primary domain is 51773.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on October 25th 2023. Valid for: a year.
This is the only time objectstorage.us-ashburn-1.oraclecloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 198.54.115.26 22612 (NAMECHEAP...)
1 172.67.185.2 13335 (CLOUDFLAR...)
1 1 172.67.129.53 13335 (CLOUDFLAR...)
1 172.67.151.233 13335 (CLOUDFLAR...)
1 1 50.62.139.186 398101 (GO-DADDY-...)
2 134.70.28.1 31898 (ORACLE-BM...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:233... 15133 (EDGECAST)
1 104.18.11.207 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4802:7a0... 27357 (RACKSPACE)
11 9
1    198.54.115.26 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: host45-2.registrar-servers.com
myvictoryfireworks.com
1    172.67.185.2 (United States)

ASN13335 (CLOUDFLARENET, US)
signprints.qatar-glass.com
1    172.67.129.53 (United States)

ASN13335 (CLOUDFLARENET, US)
www.elamuteenused.ee
1    172.67.151.233 (United States)

ASN13335 (CLOUDFLARENET, US)
xn--6qqv1q6r1d.qantasair.com.au
1    50.62.139.186 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 186.139.62.50.host.secureserver.net
sigatek.com
2    134.70.28.1 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
objectstorage.us-ashburn-1.oraclecloud.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
static.emailsrvr.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4802:7a01:10::4 (United States)

ASN27357 (RACKSPACE, US)
apps.rackspace.com
Apex Domain
Subdomains		 Transfer
2 gstatic.com
fonts.gstatic.com
31 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
ajax.googleapis.com — Cisco Umbrella Rank: 363
31 KB
2 oraclecloud.com
objectstorage.us-ashburn-1.oraclecloud.com — Cisco Umbrella Rank: 51773
979 KB
1 rackspace.com
apps.rackspace.com — Cisco Umbrella Rank: 154176
1 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3015
15 KB
1 emailsrvr.com
static.emailsrvr.com — Cisco Umbrella Rank: 168300
8 KB
1 sigatek.com
sigatek.com
289 B
1 qantasair.com.au
xn--6qqv1q6r1d.qantasair.com.au
294 KB
1 elamuteenused.ee
www.elamuteenused.ee
552 B
1 qatar-glass.com
signprints.qatar-glass.com
258 KB
1 myvictoryfireworks.com
myvictoryfireworks.com
242 B
11 11
Domain Requested by
2 fonts.gstatic.com fonts.googleapis.com
2 objectstorage.us-ashburn-1.oraclecloud.com signprints.qatar-glass.com
1 apps.rackspace.com
1 stackpath.bootstrapcdn.com signprints.qatar-glass.com
1 static.emailsrvr.com signprints.qatar-glass.com
1 ajax.googleapis.com signprints.qatar-glass.com
1 fonts.googleapis.com signprints.qatar-glass.com
1 sigatek.com 1 redirects
1 xn--6qqv1q6r1d.qantasair.com.au signprints.qatar-glass.com
1 www.elamuteenused.ee 1 redirects
1 signprints.qatar-glass.com
1 myvictoryfireworks.com 1 redirects
11 12

This site contains no links.

Subject Issuer Validity Valid
qatar-glass.com
GTS CA 1P5		 2024-04-10 -
2024-07-09		 3 months crt.sh
qantasair.com.au
E1		 2024-04-10 -
2024-07-09		 3 months crt.sh
objectstorage.us-ashburn-1.oraclecloud.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
sni9278gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-27 -
2025-04-27		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
apps.rackspace.com
Thawte EV RSA CA G2		 2023-08-08 -
2024-08-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://objectstorage.us-ashburn-1.oraclecloud.com/p/sgdDtA6XM8Mco-boqjwxZFT0A8u9busBqMW5nBszrHV8c4z_zprt_YRbNiHP5PT6/n/ideqj1mexoeo/b/rk001-2539-1106-67/o/mjrkvnq.html
Frame ID: 3D95CA194C3DE823A6D5C7024C1176F6
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rackspace Webmail: Hosted Email for Business

Page URL History Show full URLs

  1. http://myvictoryfireworks.com/Zencart/trigger.php?r_link=https%3A%2F%2FSignprints.qatar-glass.com%23YnJpYW... HTTP 307
    https://myvictoryfireworks.com/Zencart/trigger.php?r_link=https%3A%2F%2FSignprints.qatar-glass.com%23YnJpYW... HTTP 302
    https://signprints.qatar-glass.com/ Page URL
  2. http://www.elamuteenused.ee/modules/babel/redirect.php?newlang=ru_RU&newurl=https%3A%2F%2F%E4%BD%A0%E5%9... HTTP 307
    https://www.elamuteenused.ee/modules/babel/redirect.php?newlang=ru_RU&newurl=https%3A%2F%2F%E4%BD%A0%E5%9... HTTP 302
    https://xn--6qqv1q6r1d.qantasair.com.au/ Page URL
  3. https://sigatek.com/trigger.php?r_link=https%3A%2F%2Fobjectstorage.us-ashburn-1.oraclecloud.com%... HTTP 302
    https://objectstorage.us-ashburn-1.oraclecloud.com/p/sgdDtA6XM8Mco-boqjwxZFT0A8u9busBqMW5nBszrHV8c4z_zprt_YRbNiHP5PT6/n/ideqj1m... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

42 %
IPv6

11
Domains

12
Subdomains

9
IPs

3
Countries

1618 kB
Transfer

4284 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://myvictoryfireworks.com/Zencart/trigger.php?r_link=https%3A%2F%2FSignprints.qatar-glass.com%23YnJpYW5Ac2lnbnByaW50cy5jb20%3D HTTP 307
    https://myvictoryfireworks.com/Zencart/trigger.php?r_link=https%3A%2F%2FSignprints.qatar-glass.com%23YnJpYW5Ac2lnbnByaW50cy5jb20%3D HTTP 302
    https://signprints.qatar-glass.com/ Page URL
  2. http://www.elamuteenused.ee/modules/babel/redirect.php?newlang=ru_RU&newurl=https%3A%2F%2F%E4%BD%A0%E5%9C%96%E9%98%BF.qantasair.com.au HTTP 307
    https://www.elamuteenused.ee/modules/babel/redirect.php?newlang=ru_RU&newurl=https%3A%2F%2F%E4%BD%A0%E5%9C%96%E9%98%BF.qantasair.com.au HTTP 302
    https://xn--6qqv1q6r1d.qantasair.com.au/ Page URL
  3. https://sigatek.com/trigger.php?r_link=https%3A%2F%2Fobjectstorage.us-ashburn-1.oraclecloud.com%2Fp%2FsgdDtA6XM8Mco-boqjwxZFT0A8u9busBqMW5nBszrHV8c4z_zprt_YRbNiHP5PT6%2Fn%2Fideqj1mexoeo%2Fb%2Frk001-2539-1106-67%2Fo%2Fmjrkvnq.html HTTP 302
    https://objectstorage.us-ashburn-1.oraclecloud.com/p/sgdDtA6XM8Mco-boqjwxZFT0A8u9busBqMW5nBszrHV8c4z_zprt_YRbNiHP5PT6/n/ideqj1mexoeo/b/rk001-2539-1106-67/o/mjrkvnq.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://myvictoryfireworks.com/Zencart/trigger.php?r_link=https%3A%2F%2FSignprints.qatar-glass.com%23YnJpYW5Ac2lnbnByaW50cy5jb20%3D HTTP 307
  • https://myvictoryfireworks.com/Zencart/trigger.php?r_link=https%3A%2F%2FSignprints.qatar-glass.com%23YnJpYW5Ac2lnbnByaW50cy5jb20%3D HTTP 302
  • https://signprints.qatar-glass.com/
Request Chain 1
  • http://www.elamuteenused.ee/modules/babel/redirect.php?newlang=ru_RU&newurl=https%3A%2F%2F%E4%BD%A0%E5%9C%96%E9%98%BF.qantasair.com.au HTTP 307
  • https://www.elamuteenused.ee/modules/babel/redirect.php?newlang=ru_RU&newurl=https%3A%2F%2F%E4%BD%A0%E5%9C%96%E9%98%BF.qantasair.com.au HTTP 302
  • https://xn--6qqv1q6r1d.qantasair.com.au/

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
signprints.qatar-glass.com/
Redirect Chain
  • http://myvictoryfireworks.com/Zencart/trigger.php?r_link=https%3A%2F%2FSignprints.qatar-glass.com%23YnJpYW5Ac2lnbnByaW50cy5jb20%3D
  • https://myvictoryfireworks.com/Zencart/trigger.php?r_link=https%3A%2F%2FSignprints.qatar-glass.com%23YnJpYW5Ac2lnbnByaW50cy5jb20%3D
  • https://signprints.qatar-glass.com/
1 MB
258 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://signprints.qatar-glass.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87af7d75ca90a037-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 Apr 2024 14:26:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IdHjCyxCXwV5botICL1K%2FigJsSMm9p84ZnBCi6OL8hThCEHfjWjUhYjJ2g8SNA9QtBS07AcMZouOZjSAWlRSCHydh5GFJF%2B60UnyBw3Uzb4M7wKJ4GYCYjcIJsGDYrks3ZD14qvyHPqQ%2FzxBFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 27 Apr 2024 14:26:52 GMT
location
https://Signprints.qatar-glass.com#YnJpYW5Ac2lnbnByaW50cy5jb20=
server
Apache
x-powered-by
PHP/5.6.40
/
xn--6qqv1q6r1d.qantasair.com.au/
Redirect Chain
  • http://www.elamuteenused.ee/modules/babel/redirect.php?newlang=ru_RU&newurl=https%3A%2F%2F%E4%BD%A0%E5%9C%96%E9%98%BF.qantasair.com.au
  • https://www.elamuteenused.ee/modules/babel/redirect.php?newlang=ru_RU&newurl=https%3A%2F%2F%E4%BD%A0%E5%9C%96%E9%98%BF.qantasair.com.au
  • https://xn--6qqv1q6r1d.qantasair.com.au/
2 MB
294 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn--6qqv1q6r1d.qantasair.com.au/
Requested by
Host: signprints.qatar-glass.com
URL: https://signprints.qatar-glass.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://signprints.qatar-glass.com/#YnJpYW5Ac2lnbnByaW50cy5jb20=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87af7d7febe51c8b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 Apr 2024 14:26:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cOINzkQ4tT35ZFnlH4j2AcjMzbLAnl%2BRLOV9f%2FupslwGZRzHpPgnYw91Qf7Qvt8RNfTToEW462tnE%2FivFpKJ9badsoJa4wZtNWtSInKaQx9fgUQPGNH7cqsz%2Ba8usEUIH%2Bc8VJUUeaDlkxnRKiZSENp2"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87af7d7e3ebb0374-FRA
content-type
text/html; charset=UTF-8
date
Sat, 27 Apr 2024 14:26:53 GMT
location
https://你圖阿.qantasair.com.au
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qvbG%2Btzs%2BngO6Cr9BWIT4y3IxxIuMyt%2FctPlsVo3rvgjO01tBQGtnnyM%2Fv%2Bv5%2Fp2XAGVfDzadTCP465Pmmdt4CfUsWC74lq0OECaBdTBAzBCNxUz0zWvWHvhpYwKPYeOr35Xfb9raA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
Primary Request mjrkvnq.html
objectstorage.us-ashburn-1.oraclecloud.com/p/sgdDtA6XM8Mco-boqjwxZFT0A8u9busBqMW5nBszrHV8c4z_zprt_YRbNiHP5PT6/n/ideqj1mexoeo/b/rk001-2539-1106-67/o/
Redirect Chain
  • https://sigatek.com/trigger.php?r_link=https%3A%2F%2Fobjectstorage.us-ashburn-1.oraclecloud.com%2Fp%2FsgdDtA6XM8Mco-boqjwxZFT0A8u9busBqMW5nBszrHV8c4z_zprt_YRbNiHP5PT6%2Fn%2Fideqj1mexoeo%2Fb%2Frk001...
  • https://objectstorage.us-ashburn-1.oraclecloud.com/p/sgdDtA6XM8Mco-boqjwxZFT0A8u9busBqMW5nBszrHV8c4z_zprt_YRbNiHP5PT6/n/ideqj1mexoeo/b/rk001-2539-1106-67/o/mjrkvnq.html
964 KB
965 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://objectstorage.us-ashburn-1.oraclecloud.com/p/sgdDtA6XM8Mco-boqjwxZFT0A8u9busBqMW5nBszrHV8c4z_zprt_YRbNiHP5PT6/n/ideqj1mexoeo/b/rk001-2539-1106-67/o/mjrkvnq.html
Requested by
Host: signprints.qatar-glass.com
URL: https://signprints.qatar-glass.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.70.28.1 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
79f547647ad57e9fbd8cb3a16f7577f0cef5e2a3c30e50213dfe0cb331a8b797
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://xn--6qqv1q6r1d.qantasair.com.au/#YnJpYW5Ac2lnbnByaW50cy5jb20=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Content-Length
987538
Content-Type
text/html
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
content-md5
Rmq/ET16k4koNgZ8i5+bSg==
date
Sat, 27 Apr 2024 14:26:56 GMT
etag
1ad9c608-cf52-43c1-a1a5-4cff1b1ead5c
last-modified
Mon, 15 Apr 2024 21:31:13 GMT
opc-request-id
iad-1:Ftis3B5sZrAn06WE0OIJOivxiqzAKQIzVZlwLoVRUIt10oKQQhuClGgZ5eYEQCXC
storage-tier
Standard
strict-transport-security
max-age=31536000; includeSubDomains
version-id
7df496b7-dba6-4a45-b99a-d74e090e4d84
x-api-id
native
x-content-type-options
nosniff

Redirect headers

content-encoding
br
content-length
1
content-type
text/html; charset=UTF-8
date
Sat, 27 Apr 2024 14:26:55 GMT
location
https://objectstorage.us-ashburn-1.oraclecloud.com/p/sgdDtA6XM8Mco-boqjwxZFT0A8u9busBqMW5nBszrHV8c4z_zprt_YRbNiHP5PT6/n/ideqj1mexoeo/b/rk001-2539-1106-67/o/mjrkvnq.html
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,400,500,700
Requested by
Host: signprints.qatar-glass.com
URL: https://signprints.qatar-glass.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
54421efb548eb2edbf6a252fd296afdd850a5ab2d0a56b5046dbad39d6826365
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://objectstorage.us-ashburn-1.oraclecloud.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Apr 2024 14:26:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Apr 2024 12:55:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Apr 2024 14:26:57 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: signprints.qatar-glass.com
URL: https://signprints.qatar-glass.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://objectstorage.us-ashburn-1.oraclecloud.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 14:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Apr 2025 14:13:57 GMT
Rackspace_Technology_Logo_RGB_WHT.png
static.emailsrvr.com/beta_apps_rackspace_com/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.emailsrvr.com/beta_apps_rackspace_com/images/Rackspace_Technology_Logo_RGB_WHT.png
Requested by
Host: signprints.qatar-glass.com
URL: https://signprints.qatar-glass.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA4) / ASP.NET
Resource Hash
97669a98a4d13725fbefcfd567ea8adf12fc3c06eef40e71d824bb47267ccb18

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://objectstorage.us-ashburn-1.oraclecloud.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 14:26:57 GMT
last-modified
Mon, 13 Jul 2020 19:51:24 GMT
server
ECAcc (frc/4CA4)
age
469301
etag
"ffe73fd4e59d61:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
cache-control
max-age=300
accept-ranges
bytes
content-length
8173
expires
Sat, 27 Apr 2024 14:31:57 GMT
Swimmingtraining%20SeBrAsHe.jpg
objectstorage.us-ashburn-1.oraclecloud.com/p/NlD-rxOErC_dyTaZ5Q6lr6ephgxZBU8bNrkRFOG1Xmp1Tq_iL3v8Boodt6V51nTA/n/ideqj1mexoeo/b/swim-train-r001/o/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://objectstorage.us-ashburn-1.oraclecloud.com/p/NlD-rxOErC_dyTaZ5Q6lr6ephgxZBU8bNrkRFOG1Xmp1Tq_iL3v8Boodt6V51nTA/n/ideqj1mexoeo/b/swim-train-r001/o/Swimmingtraining%20SeBrAsHe.jpg
Requested by
Host: signprints.qatar-glass.com
URL: https://signprints.qatar-glass.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.70.28.1 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
0b1a3dc20c03a873791a9ac9056678cb75128d6dd53aacdffe29a91f9fc08d78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://objectstorage.us-ashburn-1.oraclecloud.com/p/sgdDtA6XM8Mco-boqjwxZFT0A8u9busBqMW5nBszrHV8c4z_zprt_YRbNiHP5PT6/n/ideqj1mexoeo/b/rk001-2539-1106-67/o/mjrkvnq.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 14:26:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-md5
aAPV80cZ8lr4rBZggvOeuA==
storage-tier
Standard
Content-Length
12533
last-modified
Fri, 12 Apr 2024 18:01:05 GMT
opc-request-id
iad-1:Ki2gS_KPgixrHAElWqMTbgfknvNfgnSAdqY6l3OZBvsPOloYs-VKykpaclfCMUu8
x-api-id
native
etag
12cb9a8a-7fe7-44be-bcb3-1348aecb48fb
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
image/jpeg
version-id
cc22ced4-988d-448c-87e7-ee2fdb5f28bb
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
access-control-allow-credentials
true
accept-ranges
bytes
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: signprints.qatar-glass.com
URL: https://signprints.qatar-glass.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://objectstorage.us-ashburn-1.oraclecloud.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 14:26:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
723
age
1103927
cdn-cachedat
11/15/2021 23:30:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a35b0179a28ed953258d0fb41376a09c
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
87af7d9629853482-WAW
cdn-requestpullsuccess
True
KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://objectstorage.us-ashburn-1.oraclecloud.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 23:33:04 GMT
x-content-type-options
nosniff
age
53633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15764
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Apr 2025 23:33:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://objectstorage.us-ashburn-1.oraclecloud.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 03:50:46 GMT
x-content-type-options
nosniff
age
38171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Apr 2025 03:50:46 GMT
favicon.ico
apps.rackspace.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://apps.rackspace.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4802:7a01:10::4 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
openresty /
Resource Hash
453800da3256a06ddeb36cbcf66cdfb788fd140021d3785de9fab8dfb246f977
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://objectstorage.us-ashburn-1.oraclecloud.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 27 Apr 2024 14:26:58 GMT
Server
openresty
Connection
keep-alive
Content-Length
1150
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-ico

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| data function| _0x59c2 function| _0x29f5 function| _0x71b61c function| $ function| jQuery object| bootstrap function| _0x143281 function| _0x10e1a5 function| _0x2f0a44 function| _0x14d9d5 function| _0x1ea955 function| _0x48a4 function| _0x6f1c24 function| _0x1a8548 function| _0xf53623 function| _0x2c17 function| _0x1aac46

3 Cookies

Domain/Path Name / Value
myvictoryfireworks.com/Zencart Name: MobCookie
Value: full
www.elamuteenused.ee/ Name: usrlang
Value: ru_RU
sigatek.com/ Name: ResCookie
Value: full

4 Console Messages

Source Level URL
Text
javascript warning (Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning (Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning (Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
recommendation verbose URL: https://objectstorage.us-ashburn-1.oraclecloud.com/p/sgdDtA6XM8Mco-boqjwxZFT0A8u9busBqMW5nBszrHV8c4z_zprt_YRbNiHP5PT6/n/ideqj1mexoeo/b/rk001-2539-1106-67/o/mjrkvnq.html#brian@signprints.com
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o