nino12swcwnino12.blob.core.windows.net
Open in
urlscan Pro
52.239.155.100
Public Scan
Effective URL: https://nino12swcwnino12.blob.core.windows.net/owe12/update12.html?sp=r&st=2019-08-23T15:35:36Z&se=2019-08-24T03:35:36Z&spr=https&sv=2018-03-28...
Submission: On August 26 via manual from US
Summary
TLS certificate: Issued by Microsoft IT TLS CA 5 on July 8th 2019. Valid for: 2 years.
This is the only time nino12swcwnino12.blob.core.windows.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 209.134.144.84 209.134.144.84 | 8015 (VISI-AS) (VISI-AS - Vector Internet Services) | |
1 1 | 66.203.65.115 66.203.65.115 | 17113 (AS-TIERP-...) (AS-TIERP-17113 - TierPoint) | |
1 | 52.143.137.150 52.143.137.150 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1b | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 | 185.178.208.144 185.178.208.144 | 57724 (DDOS-GUARD) (DDOS-GUARD) | |
1 | 52.239.155.100 52.239.155.100 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
5 | 6 |
ASN8015 (VISI-AS - Vector Internet Services, Inc., US)
PTR: usssa.links.govdelivery.com
links.ssa.gov |
ASN17113 (AS-TIERP-17113 - TierPoint, LLC, US)
PTR: static-115-65-203-66.axsne.net
www.xpressreg.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
katkot12.azurewebsites.net |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com |
ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
layarshield.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
nino12swcwnino12.blob.core.windows.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
ssa.gov
1 redirects
links.ssa.gov |
2 KB |
1 |
windows.net
nino12swcwnino12.blob.core.windows.net |
906 B |
1 |
layarshield.com
layarshield.com |
416 B |
1 |
jquery.com
code.jquery.com |
32 KB |
1 |
azurewebsites.net
katkot12.azurewebsites.net |
1 KB |
1 |
xpressreg.net
1 redirects
www.xpressreg.net |
3 KB |
5 | 6 |
Domain | Requested by | |
---|---|---|
2 | links.ssa.gov | 1 redirects |
1 | nino12swcwnino12.blob.core.windows.net |
katkot12.azurewebsites.net
|
1 | layarshield.com |
katkot12.azurewebsites.net
|
1 | code.jquery.com |
katkot12.azurewebsites.net
|
1 | katkot12.azurewebsites.net |
links.ssa.gov
|
1 | www.xpressreg.net | 1 redirects |
5 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
links.ssa.gov DigiCert SHA2 Secure Server CA |
2018-06-13 - 2020-07-11 |
2 years | crt.sh |
*.azurewebsites.net DigiCert SHA2 Secure Server CA |
2019-07-22 - 2021-07-22 |
2 years | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
layarshield.com Let's Encrypt Authority X3 |
2019-08-23 - 2019-11-21 |
3 months | crt.sh |
*.blob.core.windows.net Microsoft IT TLS CA 5 |
2019-07-08 - 2021-07-08 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://nino12swcwnino12.blob.core.windows.net/owe12/update12.html?sp=r&st=2019-08-23T15:35:36Z&se=2019-08-24T03:35:36Z&spr=https&sv=2018-03-28&sig=F4gRCXGzjuPiDfbImnLOaHpOX1q23XLQFLa8gu%2BAdX0%3D&sr=b
Frame ID: D297BBB5EF4F8853A68E0B96C6FD43DD
Requests: 6 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://links.ssa.gov/track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTIwMTkwNzI0LjgzOT...
HTTP 302
https://links.ssa.gov/track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTIwMTkwNzI0LjgzOT... Page URL
-
https://www.xpressreg.net/EmailRedirect.asp?rid=111679579&url=https://katkot12.azurewebsites.net/timot...
HTTP 302
https://katkot12.azurewebsites.net/timothy.timmermanwd5c56049564wtimothy.timmerman Page URL
- https://nino12swcwnino12.blob.core.windows.net/owe12/update12.html?sp=r&st=2019-08-23T15:35:36Z&se=2019-08-24T03:35:36Z&spr... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://links.ssa.gov/track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTIwMTkwNzI0LjgzOTQ4MzEmbWVzc2FnZWlkPU1EQi1QUkQtQlVMLTIwMTkwNzI0LjgzOTQ4MzEmZGF0YWJhc2VpZD0xMDAxJnNlcmlhbD0xNjc5MzgxOCZlbWFpbGlkPXNlaXMuYXJlY2h5QHNzYS5nb3YmdXNlcmlkPXNlaXMuYXJlY2h5QHNzYS5nb3YmdGFyZ2V0aWQ9JmZsPSZtdmlkPSZleHRyYT0mJiY=&&&100&&&https://www.XpressReg.Net/EmailRedirect.asp?rid=111679579&url=https://katkot12.azurewebsites.net/timothy.timmermanwd5c56049564wtimothy.timmerman
HTTP 302
https://links.ssa.gov/track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTIwMTkwNzI0LjgzOTQ4MzEmbWVzc2FnZWlkPU1EQi1QUkQtQlVMLTIwMTkwNzI0LjgzOTQ4MzEmZGF0YWJhc2VpZD0xMDAxJnNlcmlhbD0xNjc5MzgxOCZlbWFpbGlkPXNlaXMuYXJlY2h5QHNzYS5nb3YmdXNlcmlkPXNlaXMuYXJlY2h5QHNzYS5nb3YmdGFyZ2V0aWQ9JmZsPSZtdmlkPSZleHRyYT0mJiY=&&&100&&&https://www.XpressReg.Net/EmailRedirect.asp?rid=111679579&url=https://katkot12.azurewebsites.net/timothy.timmermanwd5c56049564wtimothy.timmerman Page URL
-
https://www.xpressreg.net/EmailRedirect.asp?rid=111679579&url=https://katkot12.azurewebsites.net/timothy.timmermanwd5c56049564wtimothy.timmerman
HTTP 302
https://katkot12.azurewebsites.net/timothy.timmermanwd5c56049564wtimothy.timmerman Page URL
- https://nino12swcwnino12.blob.core.windows.net/owe12/update12.html?sp=r&st=2019-08-23T15:35:36Z&se=2019-08-24T03:35:36Z&spr=https&sv=2018-03-28&sig=F4gRCXGzjuPiDfbImnLOaHpOX1q23XLQFLa8gu%2BAdX0%3D&sr=b Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://links.ssa.gov/track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTIwMTkwNzI0LjgzOTQ4MzEmbWVzc2FnZWlkPU1EQi1QUkQtQlVMLTIwMTkwNzI0LjgzOTQ4MzEmZGF0YWJhc2VpZD0xMDAxJnNlcmlhbD0xNjc5MzgxOCZlbWFpbGlkPXNlaXMuYXJlY2h5QHNzYS5nb3YmdXNlcmlkPXNlaXMuYXJlY2h5QHNzYS5nb3YmdGFyZ2V0aWQ9JmZsPSZtdmlkPSZleHRyYT0mJiY=&&&100&&&https://www.XpressReg.Net/EmailRedirect.asp?rid=111679579&url=https://katkot12.azurewebsites.net/timothy.timmermanwd5c56049564wtimothy.timmerman HTTP 302
- https://links.ssa.gov/track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTIwMTkwNzI0LjgzOTQ4MzEmbWVzc2FnZWlkPU1EQi1QUkQtQlVMLTIwMTkwNzI0LjgzOTQ4MzEmZGF0YWJhc2VpZD0xMDAxJnNlcmlhbD0xNjc5MzgxOCZlbWFpbGlkPXNlaXMuYXJlY2h5QHNzYS5nb3YmdXNlcmlkPXNlaXMuYXJlY2h5QHNzYS5nb3YmdGFyZ2V0aWQ9JmZsPSZtdmlkPSZleHRyYT0mJiY=&&&100&&&https://www.XpressReg.Net/EmailRedirect.asp?rid=111679579&url=https://katkot12.azurewebsites.net/timothy.timmermanwd5c56049564wtimothy.timmerman
- https://www.xpressreg.net/EmailRedirect.asp?rid=111679579&url=https://katkot12.azurewebsites.net/timothy.timmermanwd5c56049564wtimothy.timmerman HTTP 302
- https://katkot12.azurewebsites.net/timothy.timmermanwd5c56049564wtimothy.timmerman
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
track
links.ssa.gov/ Redirect Chain
|
442 B 1023 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
timothy.timmermanwd5c56049564wtimothy.timmerman
katkot12.azurewebsites.net/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.9.1.min.js
code.jquery.com/ |
90 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chekeml12.php
layarshield.com//listemails/ |
14 B 416 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
update12.html
nino12swcwnino12.blob.core.windows.net/owe12/ |
544 B 906 B |
Document
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
112 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
katkot12.azurewebsites.net
layarshield.com
links.ssa.gov
nino12swcwnino12.blob.core.windows.net
www.xpressreg.net
185.178.208.144
2001:4de0:ac18::1:a:1b
209.134.144.84
52.143.137.150
52.239.155.100
66.203.65.115
7a9ebfb7c3ecda0476f5c7350a344469673eb940d967b3bf40054fe667570f0a
bfa75529ed09defa0dd905dc69fbc3495330f00664064116b42e472b22774c7e
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
caa6f1864df1f5b08acfc6ac4eebf7bf87e47caf3efadfcf67d43ef7e5d44ef2
d3038c3ae08f5518bbb11d4dfff6841adc0fae7cdf694791e202d504e03c1c1a
f80343d4c8455cc16eed43404a398c0981c3561d6a3b6beae6b23410f9c08297