nospam.safecloudservers.com

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 2 HTTP transactions. The main IP is 198.38.79.112, located in United States and belongs to TOTALCHOICE, US. The main domain is nospam.safecloudservers.com.

This is the only time nospam.safecloudservers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	198.38.79.112 198.38.79.112	16556 (TOTALCHOICE) (TOTALCHOICE)
1 1	208.76.80.221 208.76.80.221	16556 (TOTALCHOICE) (TOTALCHOICE)
1 2	208.76.86.35 208.76.86.35	16556 (TOTALCHOICE) (TOTALCHOICE)
2	2

1 198.38.79.112 (United States)

ASN16556 (TOTALCHOICE, US)
PTR: cirrus.safecloudservers.com

nospam.safecloudservers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.76.80.221 (United States) 1 redirects

ASN16556 (TOTALCHOICE, US)
PTR: s1.totalchoicehosting.com

nospam.totalchoicehosting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.76.86.35 (United States) 1 redirects

ASN16556 (TOTALCHOICE, US)
PTR: nospam.myserverstatus.com

nospam.myserverstatus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	myserverstatus.com 1 redirects nospam.myserverstatus.com	386 B
1	totalchoicehosting.com 1 redirects nospam.totalchoicehosting.com	308 B
1	safecloudservers.com nospam.safecloudservers.com	939 B
2	3

	Domain	Requested by
2	nospam.myserverstatus.com	1 redirects nospam.safecloudservers.com
1	nospam.totalchoicehosting.com	1 redirects
1	nospam.safecloudservers.com
2	3

This site contains no links.

Subject Issuer	Validity	Valid
nospam.myserverstatus.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-10-24`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://nospam.safecloudservers.com/
Frame ID: 2D2512370F199D875E37CF1CF5544300
Requests: 1 HTTP requests in this frame

Frame: https://nospam.myserverstatus.com/login.php
Frame ID: 31453144FED5805F6C7062A7D8F37C1F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

No Spam - Safe Cloud

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

1 kB
Transfer

1 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://nospam.totalchoicehosting.com/ HTTP 301
https://nospam.myserverstatus.com/ HTTP 302
https://nospam.myserverstatus.com/login.php

2 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
nospam.safecloudservers.com/ 614 B
939 B 734ms
114ms Document
text/html 198.38.79.112
TOTALCHOICE

General

Check archive.org

Show headers Download Go to

Full URL: http://nospam.safecloudservers.com/
Protocol: HTTP/1.1
Server: 198.38.79.112 , United States, ASN16556 (TOTALCHOICE, US),
Reverse DNS: cirrus.safecloudservers.com
Software: Apache/2.4.53 (cPanel) OpenSSL/1.1.1n mod_bwlimited/1.4 /
Resource Hash: 50ee2e06367aea3645b85d5ebb172bd38c62063d8e98711ce63da91e4d71da66

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 614
Content-Type: text/html
Date: Sat, 22 Jul 2023 01:46:56 GMT
ETag: "280b4d-266-5728a11963800"
Keep-Alive: timeout=5, max=100
Last-Modified: Fri, 03 Aug 2018 16:03:29 GMT
Server: Apache/2.4.53 (cPanel) OpenSSL/1.1.1n mod_bwlimited/1.4

GET
H/1.1

200
OK

login.php
nospam.myserverstatus.com/ Frame 3145
Redirect Chain

http://nospam.totalchoicehosting.com/
https://nospam.myserverstatus.com/
https://nospam.myserverstatus.com/login.php

0
0

308ms
308ms

Document
text/html

208.76.86.35
TOTALCHOICE

General

Check archive.org

Show headers Download Go to

Full URL

https://nospam.myserverstatus.com/login.php

Requested by

Host: nospam.safecloudservers.com
URL: http://nospam.safecloudservers.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

208.76.86.35 , United States, ASN16556 (TOTALCHOICE, US),

Reverse DNS

nospam.myserverstatus.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nospam.safecloudservers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 4310
Content-Type: text/html
Date: Sat, 22 Jul 2023 01:46:57 GMT
Keep-Alive: timeout=5, max=99
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: Upgrade, Keep-Alive
Content-Length: 0
Content-Type: text/html
Date: Sat, 22 Jul 2023 01:46:57 GMT
Keep-Alive: timeout=5, max=100
Location: login.php
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Upgrade: h2
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://nospam.myserverstatus.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nospam.myserverstatus.com
nospam.safecloudservers.com
nospam.totalchoicehosting.com
198.38.79.112
208.76.80.221
208.76.86.35
50ee2e06367aea3645b85d5ebb172bd38c62063d8e98711ce63da91e4d71da66

nospam.safecloudservers.com Open in urlscan Pro 198.38.79.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

2 Requests

50 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

1 kBTransfer

1 kBSize

0 Cookies

0 Outgoing links

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

nospam.safecloudservers.com Open in urlscan Pro
198.38.79.112 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

1 kB
Transfer

1 kB
Size

0
Cookies

2 HTTP transactions
0 data transactions