urlscan.io logo urlscan.io
SecurityTrails logo

complete-adobe-sign.groupsrsg.com Open in urlscan Pro
79.133.57.107  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://holoholo.org/cgi_bin/redirect.pl?url=http://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3...
Effective URL: https://complete-adobe-sign.groupsrsg.com/?organisation=arvato-systems.ch&dse=cm9sYW5kLnBvbW1lckBhcnZhdG8tc3lzdGVtcy5jaA==
Submission: On April 01 via manual from EE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 79.133.57.107, located in Germany and belongs to DE-FIRSTCOLO firstcolo.net, DE. The main domain is complete-adobe-sign.groupsrsg.com.
TLS certificate: Issued by R3 on April 1st 2024. Valid for: 3 months.
This is the only time complete-adobe-sign.groupsrsg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 216.92.101.66 7859 (PAIR-NETW...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 3 79.133.57.107 44066 (DE-FIRSTC...)
3 2
Apex Domain
Subdomains		 Transfer
3 groupsrsg.com
complete-adobe-sign.groupsrsg.com
f0e69f2d-f4683249.groupsrsg.com Failed
92 KB
1 bestwebdevs.com
leadaction.bestwebdevs.com
609 B
1 holoholo.org
holoholo.org
311 B
3 3
Domain Requested by
3 complete-adobe-sign.groupsrsg.com 1 redirects
1 leadaction.bestwebdevs.com 1 redirects
1 holoholo.org 1 redirects
0 f0e69f2d-f4683249.groupsrsg.com Failed complete-adobe-sign.groupsrsg.com
3 4

This site contains no links.

Subject Issuer Validity Valid
groupsrsg.com
R3		 2024-04-01 -
2024-06-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://complete-adobe-sign.groupsrsg.com/?organisation=arvato-systems.ch&dse=cm9sYW5kLnBvbW1lckBhcnZhdG8tc3lzdGVtcy5jaA==
Frame ID: 103AF71FF4FA0A6B30F3B3C166BD9A34
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://holoholo.org/cgi_bin/redirect.pl?url=http://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2... HTTP 307
    https://holoholo.org/cgi_bin/redirect.pl?url=http://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2... HTTP 307
    http://holoholo.org/cgi_bin/redirect.pl?url=http://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2... HTTP 302
    http://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3-sysk17Fe5BM2sdy9s3Rh HTTP 307
    https://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3-sysk17Fe5BM2sdy9s3Rh HTTP 302
    https://complete-adobe-sign.groupsrsg.com/?organisation=arvato-systems.ch&dse=cm9sYW5kLnBvbW1lckBhcnZhdG8tc3lzdGVtcy5j... Page URL
  2. https://complete-adobe-sign.groupsrsg.com/?organisation=arvato-systems.ch&dse=cm9sYW5kLnBvbW1lckBhcnZhdG8tc3lzdGVtcy5j... HTTP 302
    https://complete-adobe-sign.groupsrsg.com/?organisation=arvato-systems.ch&dse=cm9sYW5kLnBvbW1lckBhcnZhdG8tc3lzdGVtcy5j... Page URL

Page Statistics

3
Requests

67 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

92 kB
Transfer

310 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://holoholo.org/cgi_bin/redirect.pl?url=http://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3-sysk17Fe5BM2sdy9s3Rh HTTP 307
    https://holoholo.org/cgi_bin/redirect.pl?url=http://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3-sysk17Fe5BM2sdy9s3Rh HTTP 307
    http://holoholo.org/cgi_bin/redirect.pl?url=http://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3-sysk17Fe5BM2sdy9s3Rh HTTP 302
    http://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3-sysk17Fe5BM2sdy9s3Rh HTTP 307
    https://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3-sysk17Fe5BM2sdy9s3Rh HTTP 302
    https://complete-adobe-sign.groupsrsg.com/?organisation=arvato-systems.ch&dse=cm9sYW5kLnBvbW1lckBhcnZhdG8tc3lzdGVtcy5jaA== Page URL
  2. https://complete-adobe-sign.groupsrsg.com/?organisation=arvato-systems.ch&dse=cm9sYW5kLnBvbW1lckBhcnZhdG8tc3lzdGVtcy5jaA== HTTP 302
    https://complete-adobe-sign.groupsrsg.com/?organisation=arvato-systems.ch&dse=cm9sYW5kLnBvbW1lckBhcnZhdG8tc3lzdGVtcy5jaA== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://holoholo.org/cgi_bin/redirect.pl?url=http://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3-sysk17Fe5BM2sdy9s3Rh HTTP 307
  • https://holoholo.org/cgi_bin/redirect.pl?url=http://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3-sysk17Fe5BM2sdy9s3Rh HTTP 307
  • http://holoholo.org/cgi_bin/redirect.pl?url=http://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3-sysk17Fe5BM2sdy9s3Rh HTTP 302
  • http://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3-sysk17Fe5BM2sdy9s3Rh HTTP 307
  • https://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3-sysk17Fe5BM2sdy9s3Rh HTTP 302
  • https://complete-adobe-sign.groupsrsg.com/?organisation=arvato-systems.ch&dse=cm9sYW5kLnBvbW1lckBhcnZhdG8tc3lzdGVtcy5jaA==

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
complete-adobe-sign.groupsrsg.com/
Redirect Chain
  • http://holoholo.org/cgi_bin/redirect.pl?url=http://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3-sysk17Fe5BM2sdy9s3Rh
  • https://holoholo.org/cgi_bin/redirect.pl?url=http://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3-sysk17Fe5BM2sdy9s3Rh
  • http://holoholo.org/cgi_bin/redirect.pl?url=http://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3-sysk17Fe5BM2sdy9s3Rh
  • http://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3-sysk17Fe5BM2sdy9s3Rh
  • https://leadaction.bestwebdevs.com/rWO3landdy9pWO3BM2BM2Fe5rx0qarvak17WO3-sysk17Fe5BM2sdy9s3Rh
  • https://complete-adobe-sign.groupsrsg.com/?organisation=arvato-systems.ch&dse=cm9sYW5kLnBvbW1lckBhcnZhdG8tc3lzdGVtcy5jaA==
279 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://complete-adobe-sign.groupsrsg.com/?organisation=arvato-systems.ch&dse=cm9sYW5kLnBvbW1lckBhcnZhdG8tc3lzdGVtcy5jaA==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.57.107 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
619cffd5075354771391e6f2082ac0e8b26f5fbb243e0ef478855927be874662

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 01 Apr 2024 16:17:39 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86d9e3f4c9070e50-AMS
content-type
text/html; charset=UTF-8
date
Mon, 01 Apr 2024 16:17:38 GMT
location
https://complete-adobe-sign.groupsrsg.com/?organisation=arvato-systems.ch&dse=cm9sYW5kLnBvbW1lckBhcnZhdG8tc3lzdGVtcy5jaA==#/common/authorize?document=0.78629873357075-0ff1-0.74498231650562&auth=10.19015705314938-0.53904651270204
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SNrZ9sb0L58U8%2FnC%2Bux9%2B8bLmnNe3Rh05G%2BeQKquqIFcLqE8nJqfErcsT5ArVKW3nFWtpqpOAx8bbvlOqIik7lUiEOFinGMcA32rTPKA9jkUQlmhpCvpOUNHD8ttIRySVp%2F9kZoklOWA%2BKSUBOf6BoNTfr2enfQTCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request /
complete-adobe-sign.groupsrsg.com/
Redirect Chain
  • https://complete-adobe-sign.groupsrsg.com/?organisation=arvato-systems.ch&dse=cm9sYW5kLnBvbW1lckBhcnZhdG8tc3lzdGVtcy5jaA==
  • https://complete-adobe-sign.groupsrsg.com/?organisation=arvato-systems.ch&dse=cm9sYW5kLnBvbW1lckBhcnZhdG8tc3lzdGVtcy5jaA==
31 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://complete-adobe-sign.groupsrsg.com/?organisation=arvato-systems.ch&dse=cm9sYW5kLnBvbW1lckBhcnZhdG8tc3lzdGVtcy5jaA==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.57.107 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://complete-adobe-sign.groupsrsg.com
Referer
https://complete-adobe-sign.groupsrsg.com/?organisation=arvato-systems.ch&dse=cm9sYW5kLnBvbW1lckBhcnZhdG8tc3lzdGVtcy5jaA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
cache-control
no-store, no-cache
content-encoding
gzip
content-length
78964
content-type
text/html; charset=utf-8
date
Mon, 01 Apr 2024 16:17:51 GMT
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://cbddd76d-f4683249.groupsrsg.com/api/report?catId=GW+estsfd+wst"}]}
server
nginx
vary
Accept-Encoding
x-ms-ests-server
2.1.17750.5 - WUS3 ProdSlices
x-ms-request-id
7da855c7-97dc-4968-8602-38b48e902800
x-ms-srs
1.P

Redirect headers

content-type
text/html; charset=utf-8
date
Mon, 01 Apr 2024 16:17:40 GMT
location
https://complete-adobe-sign.groupsrsg.com/?organisation=arvato-systems.ch&dse=cm9sYW5kLnBvbW1lckBhcnZhdG8tc3lzdGVtcy5jaA==
server
nginx
BssoInterrupt_Core_3b4rnVNi70Sso4_c42_ImQ2.js
f0e69f2d-f4683249.groupsrsg.com/shared/1.0/content/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
f0e69f2d-f4683249.groupsrsg.com
URL
https://f0e69f2d-f4683249.groupsrsg.com/shared/1.0/content/js/BssoInterrupt_Core_3b4rnVNi70Sso4_c42_ImQ2.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal

1 Cookies

Domain/Path Name / Value
.groupsrsg.com/ Name: utVeIF
Value: "ZjQ2ODMyNDktZjk2OC00OGYwLTg5ZjktMzllNDE1Nzk0ZjY3OmY5ODk1Y2I1LWMyOTYtNGE5Yi1hNzRiLTk4NDI3MGE0YTAwYg=="

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

complete-adobe-sign.groupsrsg.com
f0e69f2d-f4683249.groupsrsg.com
holoholo.org
leadaction.bestwebdevs.com
f0e69f2d-f4683249.groupsrsg.com
216.92.101.66
2a06:98c1:3121::3
79.133.57.107
619cffd5075354771391e6f2082ac0e8b26f5fbb243e0ef478855927be874662