kaia.customers.roomait.com Open in urlscan Pro
89.58.16.145 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kaia.customers.roomait.com/
Submission: On April 20 via automatic, source certstream-suspicious (April 20th 2023, 4:00:12 pm UTC) — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 89.58.16.145, located in Germany and belongs to NETCUP-AS netcup GmbH, DE. The main domain is kaia.customers.roomait.com.
TLS certificate: Issued by R3 on April 20th 2023. Valid for: 3 months.

This is the only time kaia.customers.roomait.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	89.58.16.145 89.58.16.145	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
9	185.255.137.142 185.255.137.142	207499 (ARCWARE E...) (ARCWARE Erdenreich Datentechnik GmbH)
5	185.255.137.143 185.255.137.143	207499 (ARCWARE E...) (ARCWARE Erdenreich Datentechnik GmbH)
15	3

1 89.58.16.145 (Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: v2202211187344207545.megasrv.de

kaia.customers.roomait.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.255.137.142 (Germany)

ASN207499 (ARCWARE Erdenreich Datentechnik GmbH, DE)

share.arcware.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.255.137.143 (Germany)

ASN207499 (ARCWARE Erdenreich Datentechnik GmbH, DE)

auth.ragnarok.arcware.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	arcware.cloud share.arcware.cloud auth.ragnarok.arcware.cloud	8 MB
1	roomait.com kaia.customers.roomait.com	346 B
15	2

	Domain	Requested by
9	share.arcware.cloud	kaia.customers.roomait.com share.arcware.cloud
5	auth.ragnarok.arcware.cloud	share.arcware.cloud auth.ragnarok.arcware.cloud
1	kaia.customers.roomait.com
15	3

This site contains no links.

Subject Issuer	Validity	Valid
kaia.customers.roomait.com R3	`2023-04-20` - `2023-07-19`	3 months	crt.sh
*.ragnarok.arcware.cloud R3	`2023-02-22` - `2023-05-23`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://kaia.customers.roomait.com/
Frame ID: 570BC8A171C7523896757CDF05D7CD7B
Requests: 1 HTTP requests in this frame

Frame: https://share.arcware.cloud/share-7c0ae676-2628-4ef5-8201-de655abf029c
Frame ID: 6A60D33EB3D5490086929A6F24549578
Requests: 10 HTTP requests in this frame

Frame: https://auth.ragnarok.arcware.cloud/auth/realms/Arcware/protocol/openid-connect/3p-cookies/step2.html
Frame ID: 99062E088981595232079927805E5949
Requests: 2 HTTP requests in this frame

Frame: https://auth.ragnarok.arcware.cloud/auth/realms/Arcware/protocol/openid-connect/login-status-iframe.html
Frame ID: E3FD01D92E74D9F29448DC77099C9D31
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kaia - Roomait

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

7842 kB
Transfer

7893 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
kaia.customers.roomait.com/ 522 B
346 B 82ms
20ms Document
text/html 89.58.16.145
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kaia.customers.roomait.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.58.16.145 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS: v2202211187344207545.megasrv.de
Software: /
Resource Hash: d39a3e345b3566dcf0209fda3ec47b9cb332a0b16f02ec4bc0198bc51c07d4b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Thu, 20 Apr 2023 16:00:07 GMT
last-modified: Thu, 20 Apr 2023 15:56:23 GMT

GET
H2 200 share-7c0ae676-2628-4ef5-8201-de655abf029c Show response
share.arcware.cloud/ Frame 6A60 717 B
1 KB 90ms
24ms Document
text/html 185.255.137.142
ARCWARE Erdenreic...

General

Check archive.org

Show headers Download Go to

Full URL

https://share.arcware.cloud/share-7c0ae676-2628-4ef5-8201-de655abf029c

Requested by

Host: kaia.customers.roomait.com
URL: https://kaia.customers.roomait.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.255.137.142 , Germany, ASN207499 (ARCWARE Erdenreich Datentechnik GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

2e68941d4531aab0f7349813bbbddd3eb80cb06c114832e6a2187683203d0fa2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=15724800; includeSubDomains max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kaia.customers.roomait.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 717
content-security-policy: block-all-mixed-content
content-type: text/html
date: Thu, 20 Apr 2023 16:00:07 GMT
etag: "a3e2a641525ac733466a7d26115d69cb"
last-modified: Thu, 20 Apr 2023 07:29:05 GMT
server: nginx
strict-transport-security: max-age=15724800; includeSubDomains max-age=31536000; includeSubDomains; preload
vary: Origin Accept-Encoding
x-amz-request-id: 1757AFEA7409E35D
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 styles.00dd434bbd22bad1.css
share.arcware.cloud/ Frame 6A60 47 B
431 B 56ms
55ms Stylesheet
text/css 185.255.137.142
ARCWARE Erdenreic...

General

Check archive.org

Show headers Download Go to

Full URL

https://share.arcware.cloud/styles.00dd434bbd22bad1.css

Requested by

Host: share.arcware.cloud
URL: https://share.arcware.cloud/share-7c0ae676-2628-4ef5-8201-de655abf029c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.255.137.142 , Germany, ASN207499 (ARCWARE Erdenreich Datentechnik GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

ce589cbe7771226b71dc8272c129903fe3155fa4e5581a9df666ae7f5e27c3bc

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.arcware.cloud/share-7c0ae676-2628-4ef5-8201-de655abf029c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:00:07 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 07:29:05 GMT
server: nginx
x-amz-request-id: 1757AFEA76D1288F
etag: "d0d20ee77149bafb78b885a7182e8569"
vary: Origin, Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 47
x-xss-protection: 1; mode=block

GET
H2 200 main.a1e003e19b8cdc82.css
share.arcware.cloud/ Frame 6A60 7 KB
7 KB 29ms
29ms Stylesheet
text/css 185.255.137.142
ARCWARE Erdenreic...

General

Check archive.org

Show headers Download Go to

Full URL

https://share.arcware.cloud/main.a1e003e19b8cdc82.css

Requested by

Host: share.arcware.cloud
URL: https://share.arcware.cloud/share-7c0ae676-2628-4ef5-8201-de655abf029c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.255.137.142 , Germany, ASN207499 (ARCWARE Erdenreich Datentechnik GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

cf8016186e151a2a75674927c03179bfc3af7ef43f0613676777e1c0e84d244a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.arcware.cloud/share-7c0ae676-2628-4ef5-8201-de655abf029c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:00:07 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 07:29:05 GMT
server: nginx
x-amz-request-id: 1757AFEA76B22E83
etag: "be7b0f4f0c3409891b5e64fbbfaa2f01"
vary: Origin, Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 6824
x-xss-protection: 1; mode=block

GET
H2 200 runtime.1f6d7bbcee291959.js Show response
share.arcware.cloud/ Frame 6A60 2 KB
3 KB 56ms
56ms Script
application/javascript 185.255.137.142
ARCWARE Erdenreic...

General

Check archive.org

Show headers Download Go to

Full URL

https://share.arcware.cloud/runtime.1f6d7bbcee291959.js

Requested by

Host: share.arcware.cloud
URL: https://share.arcware.cloud/share-7c0ae676-2628-4ef5-8201-de655abf029c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.255.137.142 , Germany, ASN207499 (ARCWARE Erdenreich Datentechnik GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

bba2e152a899724024dc9beeb6efe0d4e31446cc5b79ae60cc53dea15e26c109

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://share.arcware.cloud/share-7c0ae676-2628-4ef5-8201-de655abf029c
Origin: https://share.arcware.cloud
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:00:07 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
x-amz-request-id: 1757AFEA76CC533C
content-length: 2083
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Apr 2023 07:29:05 GMT
server: nginx
etag: "8fa7724464f618a17ecbf735cd4dda84"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://share.arcware.cloud
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 polyfills.d05e4aee277baa6b.js Show response
share.arcware.cloud/ Frame 6A60 101 KB
102 KB 42ms
42ms Script
application/javascript 185.255.137.142
ARCWARE Erdenreic...

General

Check archive.org

Show headers Download Go to

Full URL

https://share.arcware.cloud/polyfills.d05e4aee277baa6b.js

Requested by

Host: share.arcware.cloud
URL: https://share.arcware.cloud/share-7c0ae676-2628-4ef5-8201-de655abf029c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.255.137.142 , Germany, ASN207499 (ARCWARE Erdenreich Datentechnik GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

7bef1ca396a6fa64a83a50e89d9fad06883cde52b4005fad7b43c0ab2b26bbea

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://share.arcware.cloud/share-7c0ae676-2628-4ef5-8201-de655abf029c
Origin: https://share.arcware.cloud
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:00:07 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
x-amz-request-id: 1757AFEA76A3152A
content-length: 103185
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Apr 2023 07:29:05 GMT
server: nginx
etag: "84ae69d92dc2dfce6823409818467467"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://share.arcware.cloud
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 styles.8c35ca719f5f6d30.js Show response
share.arcware.cloud/ Frame 6A60 114 B
780 B 59ms
59ms Script
application/javascript 185.255.137.142
ARCWARE Erdenreic...

General

Check archive.org

Show headers Download Go to

Full URL

https://share.arcware.cloud/styles.8c35ca719f5f6d30.js

Requested by

Host: share.arcware.cloud
URL: https://share.arcware.cloud/share-7c0ae676-2628-4ef5-8201-de655abf029c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.255.137.142 , Germany, ASN207499 (ARCWARE Erdenreich Datentechnik GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

b2b0189a40ae25714d7b6a777b18f136ecfd295c5382c0b122f45deddb6a6507

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://share.arcware.cloud/share-7c0ae676-2628-4ef5-8201-de655abf029c
Origin: https://share.arcware.cloud
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:00:07 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
x-amz-request-id: 1757AFEA76E77180
content-length: 114
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Apr 2023 07:29:05 GMT
server: nginx
etag: "d9538665f03c6111c87df78484404988"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://share.arcware.cloud
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 main.02b58176250d194e.js Show response
share.arcware.cloud/ Frame 6A60 7 MB
8 MB 73ms
73ms Script
application/javascript 185.255.137.142
ARCWARE Erdenreic...

General

Check archive.org

Show headers Download Go to

Full URL

https://share.arcware.cloud/main.02b58176250d194e.js

Requested by

Host: share.arcware.cloud
URL: https://share.arcware.cloud/share-7c0ae676-2628-4ef5-8201-de655abf029c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.255.137.142 , Germany, ASN207499 (ARCWARE Erdenreich Datentechnik GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

f723d879d5bce1ca9340ce487b605402d88b60737be7e6e65420bd3bdf4de29a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://share.arcware.cloud/share-7c0ae676-2628-4ef5-8201-de655abf029c
Origin: https://share.arcware.cloud
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:00:07 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
x-amz-request-id: 1757AFEA7703B1E5
content-length: 7860807
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Apr 2023 07:29:05 GMT
server: nginx
etag: "1a6b6ed8045a1baee6b377bd572061c3"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://share.arcware.cloud
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
access-control-allow-credentials: true
accept-ranges: bytes

GET
H/1.1 200
OK keycloak.js Show response
auth.ragnarok.arcware.cloud/auth/js/ Frame 6A60 84 KB
18 KB 104ms
35ms Script
text/javascript 185.255.137.143
ARCWARE Erdenreic...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.ragnarok.arcware.cloud/auth/js/keycloak.js

Requested by

Host: share.arcware.cloud
URL: https://share.arcware.cloud/main.02b58176250d194e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.255.137.143 , Germany, ASN207499 (ARCWARE Erdenreich Datentechnik GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

050715687edc1e6932c4e92c9866fa8962a6d6fe766d668ad60ee01f07abb8be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.arcware.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 16:00:08 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
Server: nginx
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, must-revalidate, no-transform, no-store
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK step1.html Show response
auth.ragnarok.arcware.cloud/auth/realms/Arcware/protocol/openid-connect/3p-cookies/ Frame 9906 955 B
1 KB 20ms
20ms Document
text/html 185.255.137.143
ARCWARE Erdenreic...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.ragnarok.arcware.cloud/auth/realms/Arcware/protocol/openid-connect/3p-cookies/step1.html

Requested by

Host: share.arcware.cloud
URL: https://share.arcware.cloud/main.02b58176250d194e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.255.137.143 , Germany, ASN207499 (ARCWARE Erdenreich Datentechnik GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

8e08d6c979c3b89f8735ddec57645eea1633c985de66818d1c9d7a2478bcbd32

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://share.arcware.cloud/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate, no-transform, no-store
Connection: keep-alive
Content-Length: 955
Content-Security-Policy: frame-src 'self'; object-src 'none';
Content-Type: text/html;charset=utf-8
Date: Thu, 20 Apr 2023 16:00:08 GMT
P3P: CP="This is not a P3P policy!"
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK step2.html Show response
auth.ragnarok.arcware.cloud/auth/realms/Arcware/protocol/openid-connect/3p-cookies/ Frame 9906 1 KB
2 KB 19ms
19ms Document
text/html 185.255.137.143
ARCWARE Erdenreic...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.ragnarok.arcware.cloud/auth/realms/Arcware/protocol/openid-connect/3p-cookies/step2.html

Requested by

Host: auth.ragnarok.arcware.cloud
URL: https://auth.ragnarok.arcware.cloud/auth/realms/Arcware/protocol/openid-connect/3p-cookies/step1.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.255.137.143 , Germany, ASN207499 (ARCWARE Erdenreich Datentechnik GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

20ae6a4a7d0d0a5cf52120dea92dcfc64fe95a1aa230399bbbeef27d2e5fe074

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate, no-transform, no-store
Connection: keep-alive
Content-Length: 1142
Content-Security-Policy: frame-src 'self'; object-src 'none';
Content-Type: text/html;charset=utf-8
Date: Thu, 20 Apr 2023 16:00:08 GMT
P3P: CP="This is not a P3P policy!"
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK login-status-iframe.html Show response
auth.ragnarok.arcware.cloud/auth/realms/Arcware/protocol/openid-connect/ Frame E3FD 4 KB
4 KB 22ms
22ms Document
text/html 185.255.137.143
ARCWARE Erdenreic...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.ragnarok.arcware.cloud/auth/realms/Arcware/protocol/openid-connect/login-status-iframe.html

Requested by

Host: share.arcware.cloud
URL: https://share.arcware.cloud/main.02b58176250d194e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.255.137.143 , Germany, ASN207499 (ARCWARE Erdenreich Datentechnik GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

266d2b010bdabdffb13c399965ef815be87b29204ce092d702f20f3b00c22f9b

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://share.arcware.cloud/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate, no-transform, no-store
Connection: keep-alive
Content-Length: 3713
Content-Security-Policy: frame-src 'self'; object-src 'none';
Content-Type: text/html;charset=utf-8
Date: Thu, 20 Apr 2023 16:00:08 GMT
P3P: CP="This is not a P3P policy!"
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content init Show response
auth.ragnarok.arcware.cloud/auth/realms/Arcware/protocol/openid-connect/login-status-iframe.html/ Frame E3FD 0
336 B 22ms
22ms XHR
text/plain 185.255.137.143
ARCWARE Erdenreic...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.ragnarok.arcware.cloud/auth/realms/Arcware/protocol/openid-connect/login-status-iframe.html/init?client_id=interactive-video&origin=https%3A%2F%2Fshare.arcware.cloud

Requested by

Host: auth.ragnarok.arcware.cloud
URL: https://auth.ragnarok.arcware.cloud/auth/realms/Arcware/protocol/openid-connect/login-status-iframe.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.255.137.143 , Germany, ASN207499 (ARCWARE Erdenreich Datentechnik GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 16:00:08 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Server: nginx
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 roboto-latin-400-normal.b009a76ad6afe4ebd301.woff2
share.arcware.cloud/ Frame 6A60 15 KB
16 KB 26ms
25ms Font
font/woff2 185.255.137.142
ARCWARE Erdenreic...

General

Check archive.org

Show headers Download Go to

Full URL

https://share.arcware.cloud/roboto-latin-400-normal.b009a76ad6afe4ebd301.woff2

Requested by

Host: share.arcware.cloud
URL: https://share.arcware.cloud/main.a1e003e19b8cdc82.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.255.137.142 , Germany, ASN207499 (ARCWARE Erdenreich Datentechnik GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://share.arcware.cloud/main.a1e003e19b8cdc82.css
Origin: https://share.arcware.cloud
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:00:08 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
x-amz-request-id: 1757AFEABCA7ED94
content-length: 15744
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Apr 2023 07:29:05 GMT
server: nginx
etag: "15d9f621c3bd1599f0169dcf0bd5e63e"
vary: Origin, Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://share.arcware.cloud
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 exit-full-screen-white.ff4e6eef5ad881318c15651607e37eb8.svg
share.arcware.cloud/ Frame 6A60 562 B
952 B 25ms
24ms Image
image/svg+xml 185.255.137.142
ARCWARE Erdenreic...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.arcware.cloud/exit-full-screen-white.ff4e6eef5ad881318c15651607e37eb8.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.255.137.142 , Germany, ASN207499 (ARCWARE Erdenreich Datentechnik GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

3a93cc72171367364e32f25181bce46a211026cf0e622ae854fec6bdcf1f5a62

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.arcware.cloud/share-7c0ae676-2628-4ef5-8201-de655abf029c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:00:12 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 07:29:05 GMT
server: nginx
x-amz-request-id: 1757AFEBA145EAC9
etag: "7d65225cf8ef5f021939074764b67f9f"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 562
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			auth.ragnarok.arcware.cloud/auth/realms/Arcware/protocol/openid-connect/3p-cookies	1970-01-20 11:13:26	Name: KEYCLOAK_3P_COOKIE_SAMESITE Value: supported

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.ragnarok.arcware.cloud
kaia.customers.roomait.com
share.arcware.cloud
185.255.137.142
185.255.137.143
89.58.16.145
050715687edc1e6932c4e92c9866fa8962a6d6fe766d668ad60ee01f07abb8be
20ae6a4a7d0d0a5cf52120dea92dcfc64fe95a1aa230399bbbeef27d2e5fe074
266d2b010bdabdffb13c399965ef815be87b29204ce092d702f20f3b00c22f9b
2e68941d4531aab0f7349813bbbddd3eb80cb06c114832e6a2187683203d0fa2
3a93cc72171367364e32f25181bce46a211026cf0e622ae854fec6bdcf1f5a62
7bef1ca396a6fa64a83a50e89d9fad06883cde52b4005fad7b43c0ab2b26bbea
8e08d6c979c3b89f8735ddec57645eea1633c985de66818d1c9d7a2478bcbd32
b2b0189a40ae25714d7b6a777b18f136ecfd295c5382c0b122f45deddb6a6507
bba2e152a899724024dc9beeb6efe0d4e31446cc5b79ae60cc53dea15e26c109
ce589cbe7771226b71dc8272c129903fe3155fa4e5581a9df666ae7f5e27c3bc
cf8016186e151a2a75674927c03179bfc3af7ef43f0613676777e1c0e84d244a
d39a3e345b3566dcf0209fda3ec47b9cb332a0b16f02ec4bc0198bc51c07d4b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f723d879d5bce1ca9340ce487b605402d88b60737be7e6e65420bd3bdf4de29a

kaia.customers.roomait.com Open in urlscan Pro 89.58.16.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

1 Countries

7842 kBTransfer

7893 kBSize

1 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

kaia.customers.roomait.com Open in urlscan Pro
89.58.16.145 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

7842 kB
Transfer

7893 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions