jewelsmile.net - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 5 HTTP transactions. The main IP is 157.112.182.184, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is jewelsmile.net.
TLS certificate: Issued by R3 on March 26th 2023. Valid for: 3 months.

This is the only time jewelsmile.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	58.64.216.18 58.64.216.18	17444 (HKBNESL-A...) (HKBNESL-AS-AP HKBN Enterprise Solutions Limited)
1	157.112.182.184 157.112.182.184	131965 (XSERVER X...) (XSERVER Xserver Inc.)
2	54.226.127.248 54.226.127.248	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223c:bc00:f:d06e:ff00:93a1	16509 (AMAZON-02) (AMAZON-02)
5	3

1 58.64.216.18 (Hong Kong) 1 redirects

ASN17444 (HKBNESL-AS-AP HKBN Enterprise Solutions Limited, HK)

www.c21.hk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.112.182.184 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)

jewelsmile.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.226.127.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-127-248.compute-1.amazonaws.com

sso-login.vanderbilt.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:bc00:f:d06e:ff00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.vanderbilt.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	vanderbilt.edu sso-login.vanderbilt.edu cdn.vanderbilt.edu — Cisco Umbrella Rank: 212508	543 KB
1	jewelsmile.net jewelsmile.net	2 KB
1	c21.hk 1 redirects www.c21.hk	376 B
5	3

	Domain	Requested by
2	cdn.vanderbilt.edu	sso-login.vanderbilt.edu
2	sso-login.vanderbilt.edu	jewelsmile.net sso-login.vanderbilt.edu
1	jewelsmile.net
1	www.c21.hk	1 redirects
5	4

This site contains links to these domains. Also see Links.

Domain
vanderbi.lt

Subject Issuer	Validity	Valid
www.jewelsmile.net R3	`2023-03-26` - `2023-06-24`	3 months	crt.sh
*.vanderbilt.edu Amazon RSA 2048 M01	`2023-02-21` - `2023-06-22`	4 months	crt.sh
cdn.vanderbilt.edu Amazon RSA 2048 M02	`2023-04-05` - `2024-05-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://jewelsmile.net/wp/vanderbilt.edu/
Frame ID: A0CBFF841F93A1D0A08CD0667FEE6429
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign On

Page URL History Show full URLs

https://www.c21.hk/home/eng?url=https://jewelsmile.net/wp/vanderbilt.edu/ HTTP 302
https://jewelsmile.net/wp/vanderbilt.edu/ Page URL

Page Statistics

5
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

545 kB
Transfer

547 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://vanderbi.lt/primaryemail
Title: Find my primary email address

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.c21.hk/home/eng?url=https://jewelsmile.net/wp/vanderbilt.edu/ HTTP 302
https://jewelsmile.net/wp/vanderbilt.edu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
jewelsmile.net/wp/vanderbilt.edu/
Redirect Chain

https://www.c21.hk/home/eng?url=https://jewelsmile.net/wp/vanderbilt.edu/
https://jewelsmile.net/wp/vanderbilt.edu/

7 KB
2 KB

1594ms
255ms

Document
text/html

157.112.182.184
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://jewelsmile.net/wp/vanderbilt.edu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.112.182.184 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 05fad45264d9f6b27c5ac41ab074861754eae0afa74f53fd331c97aa6254a595

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Fri, 14 Apr 2023 13:27:35 GMT
etag: W/"1a3c-5f93f45a12d80"
last-modified: Thu, 13 Apr 2023 22:30:30 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

Cache-Control: private
Content-Length: 158
Content-Type: text/html; charset=utf-8
Date: Fri, 14 Apr 2023 13:27:23 GMT
Location: https://jewelsmile.net/wp/vanderbilt.edu/
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

GET
H2 200 main.css
sso-login.vanderbilt.edu/assets/css/ 172 KB
172 KB 540ms
199ms Stylesheet
text/css 54.226.127.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-login.vanderbilt.edu/assets/css/main.css

Requested by

Host: jewelsmile.net
URL: https://jewelsmile.net/wp/vanderbilt.edu/

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.226.127.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-127-248.compute-1.amazonaws.com

Software

/

Resource Hash

425b412bbb1631d0d07daf8ae6016350e0eb704016053103adb8ad4d6db5d1b7

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' .vanderbilt.edu ; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' http://localhost:55097 .app.vanderbilt.edu ;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jewelsmile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:27:36 GMT
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' *.vanderbilt.edu ; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' http://localhost:55097 *.app.vanderbilt.edu ;
referrer-policy: origin
last-modified: Tue, 21 Feb 2023 14:13:22 GMT
cache-control: max-age=0, must-revalidate
content-length: 175737
content-type: text/css

GET
H2 200 ping-cornelius.jpg
cdn.vanderbilt.edu/vu-www4/login/ 313 KB
314 KB 238ms
13ms Image
image/jpeg 2600:9000:223c:bc00:f:d06e:ff00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vanderbilt.edu/vu-www4/login/ping-cornelius.jpg
Requested by: Host: sso-login.vanderbilt.edu
URL: https://sso-login.vanderbilt.edu/assets/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:bc00:f:d06e:ff00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27b1d985353f05971bc8a5a87862fb6029a36bd05c475416820a6c0a95fe859d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso-login.vanderbilt.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: Ul2acQBK8PthZHgsHXuVAaH3eIlJ.ylv
date: Fri, 14 Apr 2023 06:22:28 GMT
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
age: 25510
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
content-length: 320887
last-modified: Tue, 22 Mar 2022 16:27:40 GMT
server: AmazonS3
etag: "2e9e3c538a1896af4547b90199f594b3"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: PV57EMPa_iXlChWS3pgP_oAtX2v2vWWJ7sKxdKcLWYahzGICDiYgyQ==

GET
H2 200 vanderbilt-logo-white.png
cdn.vanderbilt.edu/vu-www4/images/ 42 KB
43 KB 261ms
36ms Image
image/png 2600:9000:223c:bc00:f:d06e:ff00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vanderbilt.edu/vu-www4/images/vanderbilt-logo-white.png
Requested by: Host: sso-login.vanderbilt.edu
URL: https://sso-login.vanderbilt.edu/assets/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:bc00:f:d06e:ff00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e91b3a7d70a5e0913ba7fc2792dd512cf9ee7f24fe730d82be23914ef5cb8a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso-login.vanderbilt.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: wVHPr5CqPmUmPd0mfmmaFIeBWDbtgwmd
date: Fri, 14 Apr 2023 06:22:28 GMT
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
age: 25510
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43333
last-modified: Tue, 22 Mar 2022 20:31:29 GMT
server: AmazonS3
etag: "06e30ebdc42d8095c8e2e410154b0ff2"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: y8rdrwBjpsIEW2bdhtNIid-Kve0pAUcMeyEVt362oUxKKcVQtk51bg==

GET
H2 200 powered-by-ping-identity.svg
sso-login.vanderbilt.edu/assets/images/ 13 KB
13 KB 102ms
102ms Image
image/svg+xml 54.226.127.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso-login.vanderbilt.edu/assets/images/powered-by-ping-identity.svg

Requested by

Host: sso-login.vanderbilt.edu
URL: https://sso-login.vanderbilt.edu/assets/css/main.css

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.226.127.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-127-248.compute-1.amazonaws.com

Software

/

Resource Hash

2f26240300ee305559a12a3b92f36ba1ef6c64dbe62d6f593836e33219bf4b94

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' .vanderbilt.edu ; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' http://localhost:55097 .app.vanderbilt.edu ;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso-login.vanderbilt.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:27:36 GMT
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' *.vanderbilt.edu ; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' http://localhost:55097 *.app.vanderbilt.edu ;
referrer-policy: origin
last-modified: Tue, 21 Feb 2023 14:13:22 GMT
cache-control: max-age=0, must-revalidate
content-length: 13110
content-type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.c21.hk/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ayvfe4lfbulaic0x3lmqlvti
			sso-login.vanderbilt.edu/	1970-01-20 11:14:43	Name: AWSALBCORS Value: 91omAoHsesrF6rtaN8ZXtzRBZDfFbHeWjXbkBhMwiWITUkViJZcuUSmcTjarF82fLM25/wlkSB7jqW45aNkwLagiSMKQvrHLjWcu4PVLJ5QvUrAd5S4EzUx1S5ew

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.vanderbilt.edu
jewelsmile.net
sso-login.vanderbilt.edu
www.c21.hk
157.112.182.184
2600:9000:223c:bc00:f:d06e:ff00:93a1
54.226.127.248
58.64.216.18
05fad45264d9f6b27c5ac41ab074861754eae0afa74f53fd331c97aa6254a595
27b1d985353f05971bc8a5a87862fb6029a36bd05c475416820a6c0a95fe859d
2f26240300ee305559a12a3b92f36ba1ef6c64dbe62d6f593836e33219bf4b94
425b412bbb1631d0d07daf8ae6016350e0eb704016053103adb8ad4d6db5d1b7
e91b3a7d70a5e0913ba7fc2792dd512cf9ee7f24fe730d82be23914ef5cb8a84

jewelsmile.net Open in urlscan Pro 157.112.182.184 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

5 Requests

100 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

3 IPs

3 Countries

545 kBTransfer

547 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

2 Cookies

Indicators

jewelsmile.net Open in urlscan Pro
157.112.182.184 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

545 kB
Transfer

547 kB
Size

2
Cookies

5 HTTP transactions
0 data transactions