login-dev.fixnetwork.com Open in urlscan Pro
40.89.19.0 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login-dev.fixnetwork.com/Abp/ApplicationLocalizationScript?cultureName=de-DE
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On April 16 via api (April 16th 2024, 9:18:58 am UTC) from IT — Scanned from CA

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 40.89.19.0, located in Québec, Canada and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login-dev.fixnetwork.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 3rd 2023. Valid for: a year.

This is the only time login-dev.fixnetwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 3	40.89.19.0 40.89.19.0		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	1

3 40.89.19.0 (Québec, Canada) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login-dev.fixnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	fixnetwork.com 1 redirects login-dev.fixnetwork.com	325 KB
2	1

	Domain	Requested by
3	login-dev.fixnetwork.com	1 redirects
2	1

This site contains no links.

Subject Issuer	Validity	Valid
*.fixnetwork.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-03` - `2024-12-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login-dev.fixnetwork.com/Abp/ApplicationLocalizationScript?cultureName=de-DE
Frame ID: 43968B3936E030B39F8271DA2CB4A45F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

325 kB
Transfer

324 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://login-dev.fixnetwork.com/favicon.ico HTTP 302
https://login-dev.fixnetwork.com/Error?httpStatusCode=404

2 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request ApplicationLocalizationScript Show response
login-dev.fixnetwork.com/Abp/ 314 KB
314 KB 595ms
134ms Document
application/javascript 40.89.19.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login-dev.fixnetwork.com/Abp/ApplicationLocalizationScript?cultureName=de-DE

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.89.19.0 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

79db3eff7f4eae6df5861a54d3792e65c21f5efff90f5bb5afc979ce4a060d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Content-Length: 321693
Content-Type: application/javascript
Date: Tue, 16 Apr 2024 09:18:51 GMT
Request-Context: appId=cid-v1:766eabb3-bb25-4689-be2f-d4dec305ba75
Server: Kestrel
X-Content-Type-Options: nosniff
X-Correlation-Id: bbf690cd72444496906bd16f64c294bb
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1

404
Not Found

Error
login-dev.fixnetwork.com/
Redirect Chain

https://login-dev.fixnetwork.com/favicon.ico
https://login-dev.fixnetwork.com/Error?httpStatusCode=404

10 KB
11 KB

110ms
109ms

Other
text/html

40.89.19.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login-dev.fixnetwork.com/Error?httpStatusCode=404

Protocol

HTTP/1.1

Server

40.89.19.0 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

57ce9f7e5dd26d217c88a2f6e751bd8a2864cc29742284f5ccf1354f5d3f07c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://login-dev.fixnetwork.com/Abp/ApplicationLocalizationScript?cultureName=de-DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Apr 2024 09:18:52 GMT
X-Correlation-Id: 70b9ae0ead664c0d95f2007ade90799b
X-Content-Type-Options: nosniff
Server: Kestrel
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:766eabb3-bb25-4689-be2f-d4dec305ba75

Redirect headers

Date: Tue, 16 Apr 2024 09:18:52 GMT
X-Correlation-Id: 287dc37fbf8a40dfb6907cfa60a5bf00
X-Content-Type-Options: nosniff
Server: Kestrel
X-Frame-Options: SAMEORIGIN
Location: /Error?httpStatusCode=404
Content-Length: 0
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:766eabb3-bb25-4689-be2f-d4dec305ba75

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			login-dev.fixnetwork.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.nl7XYPGSVsc Value: CfDJ8K4upIlvm5tAnrBjd5kmQEXuhztCBoeuoB27Ssfzaz4PTRQdUhw_uUcyf1ilATIiMdNTw4rpzrqUjYgOy-kOfUQ3QlISz1iSre2sptxYKPDEPmd-SlGuh9SBzoEClsw0EY5iC9oCeL1Gwnt0njsmDsY
			login-dev.fixnetwork.com/	1970-01-21 05:30:19	Name: XSRF-TOKEN Value: CfDJ8K4upIlvm5tAnrBjd5kmQEXTa3LRNUlhAYPHEU3RFgSYS-4S5cu4h2f8lmr5JlDT_vgidaaN5eLLxWPIu8f1gF3UlNMkuYreXBnEuQKN4QkV0954uOlUeDkdFSYUrbQ0U8mU_-Aj2AEre_iYuSR5KCQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://login-dev.fixnetwork.com/Error?httpStatusCode=404 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login-dev.fixnetwork.com
40.89.19.0
57ce9f7e5dd26d217c88a2f6e751bd8a2864cc29742284f5ccf1354f5d3f07c1
79db3eff7f4eae6df5861a54d3792e65c21f5efff90f5bb5afc979ce4a060d50

login-dev.fixnetwork.com Open in urlscan Pro 40.89.19.0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

2 Requests

50 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

325 kBTransfer

324 kBSize

2 Cookies

0 Outgoing links

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

login-dev.fixnetwork.com Open in urlscan Pro
40.89.19.0 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

50 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

325 kB
Transfer

324 kB
Size

2
Cookies

2 HTTP transactions
0 data transactions