auth.lithium.demo.blackrainbow.cloud Open in urlscan Pro
20.119.128.9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://auth.lithium.demo.blackrainbow.cloud/
Effective URL:
https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound
Submission: On September 15 via automatic, source certstream-suspicious (September 15th 2024, 4:18:07 am UTC) — Scanned from IT

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 20.119.128.9, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is auth.lithium.demo.blackrainbow.cloud.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on September 15th 2024. Valid for: 6 months.

This is the only time auth.lithium.demo.blackrainbow.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 11	20.119.128.9 20.119.128.9		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	1

11 20.119.128.9 (Boydton, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

auth.lithium.demo.blackrainbow.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	blackrainbow.cloud 2 redirects auth.lithium.demo.blackrainbow.cloud	231 KB
9	1

	Domain	Requested by
11	auth.lithium.demo.blackrainbow.cloud	2 redirects auth.lithium.demo.blackrainbow.cloud
9	1

This site contains no links.

Subject Issuer	Validity	Valid
auth.lithium.demo.blackrainbow.cloud GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-09-15` - `2025-03-15`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound
Frame ID: A083E796516F45E894EC0DA0671BF5B6
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BlackRainbow | NIMBUS

Page URL History Show full URLs

https://auth.lithium.demo.blackrainbow.cloud/ HTTP 302
https://auth.lithium.demo.blackrainbow.cloud/Account/Login HTTP 302
https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

230 kB
Transfer

307 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://auth.lithium.demo.blackrainbow.cloud/ HTTP 302
https://auth.lithium.demo.blackrainbow.cloud/Account/Login HTTP 302
https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request PageNotFound Show response
auth.lithium.demo.blackrainbow.cloud/Home/
Redirect Chain

https://auth.lithium.demo.blackrainbow.cloud/
https://auth.lithium.demo.blackrainbow.cloud/Account/Login
https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound

2 KB
1 KB

176ms
173ms

Document
text/html

20.119.128.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.119.128.9 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7b4b8755d13a6119817806a7f9c8540f02ae4cc7c1b78494c3f6dda227da470f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 15 Sep 2024 04:18:01 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-powered-by: ASP.NET

Redirect headers

content-length: 0
date: Sun, 15 Sep 2024 04:18:01 GMT
location: /Home/PageNotFound
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ASP.NET

GET
H2 200 auth-style.css
auth.lithium.demo.blackrainbow.cloud/css/ 8 KB
3 KB 409ms
397ms Stylesheet
text/css 20.119.128.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.lithium.demo.blackrainbow.cloud/css/auth-style.css?v=8eW2RuyRs1u1trDWi0Khvop0v_CLPpV9TaTf6Md3X7A

Requested by

Host: auth.lithium.demo.blackrainbow.cloud
URL: https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.119.128.9 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b45204c2e7186f74a05250d27acb6e93bc32b33496b86d6b4ad54f6ea8a6bb08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 15 Sep 2024 04:18:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 30 Jul 2024 16:31:22 GMT
server: Microsoft-IIS/10.0
etag: "1dae29de9bbf737"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes

GET
H2 200 fontawesome.min.css
auth.lithium.demo.blackrainbow.cloud/css/ 101 KB
30 KB 246ms
235ms Stylesheet
text/css 20.119.128.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.lithium.demo.blackrainbow.cloud/css/fontawesome.min.css

Requested by

Host: auth.lithium.demo.blackrainbow.cloud
URL: https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.119.128.9 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b18396e713b243f9113534922681f3aeea9c5026c440a4afb7202e1c8adc574c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 15 Sep 2024 04:18:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 30 Jul 2024 16:31:22 GMT
server: Microsoft-IIS/10.0
etag: "1dae29de9ba7b69"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes

GET
H2 200 error-style.css
auth.lithium.demo.blackrainbow.cloud/css/ 2 KB
755 B 192ms
181ms Stylesheet
text/css 20.119.128.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.lithium.demo.blackrainbow.cloud/css/error-style.css?v=PAXT7lw2Y-RcNhR4lGqB1-gfyRuHm6eaxNfgD3qOZ9M

Requested by

Host: auth.lithium.demo.blackrainbow.cloud
URL: https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.119.128.9 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

06bfc40584d17a0d14436f137749b865482d6ed02f7e66ae17da8173a0045963

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 15 Sep 2024 04:18:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 30 Jul 2024 16:31:22 GMT
server: Microsoft-IIS/10.0
etag: "1dae29de9bbef2d"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes

GET
H2 200 nimbus-logo.svg
auth.lithium.demo.blackrainbow.cloud/images/ 2 KB
2 KB 192ms
181ms Image
image/svg+xml 20.119.128.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.lithium.demo.blackrainbow.cloud/images/nimbus-logo.svg

Requested by

Host: auth.lithium.demo.blackrainbow.cloud
URL: https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.119.128.9 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

40c13e1e4679d898f0d501ad37132569ceae76a97bc38a775f55a3fb878a613c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 15 Sep 2024 04:18:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 30 Jul 2024 16:31:22 GMT
server: Microsoft-IIS/10.0
etag: "1dae29de9bbe1cb"
x-powered-by: ASP.NET
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2251

GET
H2 200 black-rainbow-logo-ring-opaque.svg
auth.lithium.demo.blackrainbow.cloud/images/ 6 KB
6 KB 399ms
389ms Image
image/svg+xml 20.119.128.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.lithium.demo.blackrainbow.cloud/images/black-rainbow-logo-ring-opaque.svg

Requested by

Host: auth.lithium.demo.blackrainbow.cloud
URL: https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.119.128.9 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c7681f1cc61215ab0eaf6fb93ef9800fc9c88c7f7a354933631b718f0906eb2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 15 Sep 2024 04:18:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 30 Jul 2024 16:31:22 GMT
server: Microsoft-IIS/10.0
etag: "1dae29de9bbffbf"
x-powered-by: ASP.NET
content-type: image/svg+xml
accept-ranges: bytes
content-length: 5823

GET
H2 200 BR-Nimbus-Stacked-Center-White.svg
auth.lithium.demo.blackrainbow.cloud/images/ 9 KB
9 KB 390ms
390ms Image
image/svg+xml 20.119.128.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.lithium.demo.blackrainbow.cloud/images/BR-Nimbus-Stacked-Center-White.svg

Requested by

Host: auth.lithium.demo.blackrainbow.cloud
URL: https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.119.128.9 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0ae0e04aef69668b33c8b8e2a86574c958c65df777a0b056926e343ae737c16c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 15 Sep 2024 04:18:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 30 Jul 2024 16:31:22 GMT
server: Microsoft-IIS/10.0
etag: "1dae29de9bbcb27"
x-powered-by: ASP.NET
content-type: image/svg+xml
accept-ranges: bytes
content-length: 8743

GET
H2 200 background-1.jpg
auth.lithium.demo.blackrainbow.cloud/images/ 178 KB
178 KB 215ms
213ms Image
image/jpeg 20.119.128.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.lithium.demo.blackrainbow.cloud/images/background-1.jpg

Requested by

Host: auth.lithium.demo.blackrainbow.cloud
URL: https://auth.lithium.demo.blackrainbow.cloud/css/auth-style.css?v=8eW2RuyRs1u1trDWi0Khvop0v_CLPpV9TaTf6Md3X7A

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.119.128.9 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

db83ff2ea216a54058a2272011e454213335fb709250a858e38e9678bbd69a47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://auth.lithium.demo.blackrainbow.cloud/css/auth-style.css?v=8eW2RuyRs1u1trDWi0Khvop0v_CLPpV9TaTf6Md3X7A
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 15 Sep 2024 04:18:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 30 Jul 2024 16:31:22 GMT
server: Microsoft-IIS/10.0
etag: "1dae29de9b921d4"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 182484

GET
H2 200 favicon.ico
auth.lithium.demo.blackrainbow.cloud/ 1 KB
1 KB 447ms
446ms Other
image/x-icon 20.119.128.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.lithium.demo.blackrainbow.cloud/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.119.128.9 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

28ee0ff4a68605630de934e444aa6a7560dbd01dc2e271921b2a7fb47facf9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://auth.lithium.demo.blackrainbow.cloud/Home/PageNotFound
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 15 Sep 2024 04:18:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 30 Jul 2024 16:31:22 GMT
server: Microsoft-IIS/10.0
etag: "1dae29de9bbed7e"
x-powered-by: ASP.NET
content-type: image/x-icon
accept-ranges: bytes
content-length: 1150

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.auth.lithium.demo.blackrainbow.cloud/	1969-12-31 23:59:59	Name: ARRAffinity Value: fe902be0bc72900fb371efb0140e0e2507e560103f60612cf370880dc3e398d5
			.auth.lithium.demo.blackrainbow.cloud/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: fe902be0bc72900fb371efb0140e0e2507e560103f60612cf370880dc3e398d5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.lithium.demo.blackrainbow.cloud
20.119.128.9
06bfc40584d17a0d14436f137749b865482d6ed02f7e66ae17da8173a0045963
0ae0e04aef69668b33c8b8e2a86574c958c65df777a0b056926e343ae737c16c
28ee0ff4a68605630de934e444aa6a7560dbd01dc2e271921b2a7fb47facf9f1
40c13e1e4679d898f0d501ad37132569ceae76a97bc38a775f55a3fb878a613c
7b4b8755d13a6119817806a7f9c8540f02ae4cc7c1b78494c3f6dda227da470f
b18396e713b243f9113534922681f3aeea9c5026c440a4afb7202e1c8adc574c
b45204c2e7186f74a05250d27acb6e93bc32b33496b86d6b4ad54f6ea8a6bb08
c7681f1cc61215ab0eaf6fb93ef9800fc9c88c7f7a354933631b718f0906eb2b
db83ff2ea216a54058a2272011e454213335fb709250a858e38e9678bbd69a47

auth.lithium.demo.blackrainbow.cloud Open in urlscan Pro 20.119.128.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

230 kBTransfer

307 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

auth.lithium.demo.blackrainbow.cloud Open in urlscan Pro
20.119.128.9 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

230 kB
Transfer

307 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions