update.undpaul.work - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 94.130.145.107, located in Efringen-Kirchen, Germany and belongs to HETZNER-AS, DE. The main domain is update.undpaul.work.
TLS certificate: Issued by R3 on January 14th 2021. Valid for: 3 months.

This is the only time update.undpaul.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	94.130.145.107 94.130.145.107	24940 (HETZNER-AS) (HETZNER-AS)
1	52.218.101.218 52.218.101.218	16509 (AMAZON-02) (AMAZON-02)
2	2

1 94.130.145.107 (Efringen-Kirchen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: edge6-1.freistilbox.net

update.undpaul.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.101.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-3-w.amazonaws.com

f7-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	amazonaws.com f7-assets.s3.amazonaws.com	101 KB
1	undpaul.work update.undpaul.work	823 B
2	2

	Domain	Requested by
1	f7-assets.s3.amazonaws.com	update.undpaul.work
1	update.undpaul.work
2	2

This site contains links to these domains. Also see Links.

Domain
www.freistilbox.com

Subject Issuer	Validity	Valid
stage-ebiketips.road.cc R3	`2021-01-14` - `2021-04-14`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://update.undpaul.work/
Frame ID: 63AF520F12046BE2A0C08B3AD6524E6D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

101 kB
Transfer

101 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.freistilbox.com/

Search URL Search Domain Scan URL

URL: http://www.freistilbox.com/managed-hosting/drupal
Title: managed Drupal hosting

Search URL Search Domain Scan URL

URL: http://www.freistilbox.com/managed-hosting/wordpress
Title: managed WordPress hosting

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response update.undpaul.work/	994 B 823 B	109ms 41ms	Document text/html	94.130.145.107 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://update.undpaul.work/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.145.107 Efringen-Kirchen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS edge6-1.freistilbox.net Software nginx / Resource Hash `04d0181456030c3639d1775edc3594f56514a2c23e72ae47d82f77c4c1c138bc` Request headers :method GET :authority update.undpaul.work :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server nginx date Wed, 10 Feb 2021 08:00:26 GMT content-type text/html content-length 519 last-modified Thu, 04 Jun 2020 12:26:17 GMT etag "3e2-5a7414057beaa-gzip" accept-ranges bytes bytes vary Accept-Encoding content-encoding gzip x-varnish-host vm83-17 x-varnish-backend vm72_1 x-varnish-cacheable YES x-varnish 2202824288 age 0 via 1.1 varnish x-varnish-cache MISS
GET H/1.1	200 OK	freistilbox-logo-text-positive_1000x247.png f7-assets.s3.amazonaws.com/	100 KB 101 KB	211ms 86ms	Image image/png	52.218.101.218 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://f7-assets.s3.amazonaws.com/freistilbox-logo-text-positive_1000x247.png Requested by Host: update.undpaul.work URL: https://update.undpaul.work/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.101.218 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-3-w.amazonaws.com Software AmazonS3 / Resource Hash `bc6d98053bc3345dbb6239ab61ae02b12335e06f05a635408a54502f4e8f4901` Request headers Referer https://update.undpaul.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 10 Feb 2021 08:00:27 GMT Last-Modified Tue, 27 Jun 2017 15:22:23 GMT Server AmazonS3 x-amz-request-id 21AE4362E8E6B963 ETag "6c4937d4a61246f335a7473303f02e40" Content-Type image/png Accept-Ranges bytes Content-Length 102560 x-amz-id-2 XoINhW1Xn0RIjBNgh+4xcpMJYi0CAmxZxey585LnwSxu6lWu4JsgjUA7ZeXCh5s430QMICB7Fps=

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

f7-assets.s3.amazonaws.com
update.undpaul.work
52.218.101.218
94.130.145.107
04d0181456030c3639d1775edc3594f56514a2c23e72ae47d82f77c4c1c138bc
bc6d98053bc3345dbb6239ab61ae02b12335e06f05a635408a54502f4e8f4901

update.undpaul.work Open in urlscan Pro 94.130.145.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

2 Requests

50 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

101 kBTransfer

101 kBSize

0 Cookies

3 Outgoing links

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Indicators

update.undpaul.work Open in urlscan Pro
94.130.145.107 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

101 kB
Transfer

101 kB
Size

0
Cookies

2 HTTP transactions
0 data transactions