lowes.socenigroup.com

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 107.170.29.62, located in New York, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is lowes.socenigroup.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on January 10th 2020. Valid for: a year.

This is the only time lowes.socenigroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	107.170.29.62 107.170.29.62	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
7	4

5 107.170.29.62 (New York, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

lowes.socenigroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	socenigroup.com 2 redirects lowes.socenigroup.com	35 KB
2	gstatic.com fonts.gstatic.com	30 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119 ajax.googleapis.com — Cisco Umbrella Rank: 607	34 KB
7	3

	Domain	Requested by
5	lowes.socenigroup.com	2 redirects lowes.socenigroup.com
2	fonts.gstatic.com	fonts.googleapis.com
1	ajax.googleapis.com	lowes.socenigroup.com
1	fonts.googleapis.com	lowes.socenigroup.com
7	4

This site contains no links.

Subject Issuer	Validity	Valid
*.socenigroup.com AlphaSSL CA - SHA256 - G2	`2020-01-10` - `2021-01-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://lowes.socenigroup.com/logon.php
Frame ID: 9E058659A4CEEC8525D999196A6732CD
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sample Employee Awareness Center - Logon

Page URL History Show full URLs

http://lowes.socenigroup.com/ HTTP 301
https://lowes.socenigroup.com/ HTTP 302
https://lowes.socenigroup.com/logon.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

57 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

99 kB
Transfer

161 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lowes.socenigroup.com/ HTTP 301
https://lowes.socenigroup.com/ HTTP 302
https://lowes.socenigroup.com/logon.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request logon.php Show response
lowes.socenigroup.com/
Redirect Chain

http://lowes.socenigroup.com/
https://lowes.socenigroup.com/
https://lowes.socenigroup.com/logon.php

2 KB
1 KB

116ms
116ms

Document
text/html

107.170.29.62
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://lowes.socenigroup.com/logon.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.29.62 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 6665ab4ce45481238559705675735819a9c71caf17ca8f0102b431093f04e5b3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 17 Apr 2023 16:13:22 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.16.1
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Mon, 17 Apr 2023 16:13:22 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: logon.php
Pragma: no-cache
Server: nginx/1.16.1
Transfer-Encoding: chunked

GET
H/1.1 200
OK lowes_awareness.css
lowes.socenigroup.com/ 9 KB
10 KB 107ms
107ms Stylesheet
text/css 107.170.29.62
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://lowes.socenigroup.com/lowes_awareness.css
Requested by: Host: lowes.socenigroup.com
URL: https://lowes.socenigroup.com/logon.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.29.62 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 78027c56e55bb1542ccd41462db8e56711588983737b7357a978a4fc48384ecc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowes.socenigroup.com/logon.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 16:13:22 GMT
Last-Modified: Mon, 10 Sep 2018 07:58:44 GMT
Server: nginx/1.16.1
ETag: "5b962434-25a1"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9633

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 89ms
34ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700|Abel|EB+Garamond

Requested by

Host: lowes.socenigroup.com
URL: https://lowes.socenigroup.com/logon.php

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74cd7365537f3376f4c11ef5cb43dcb6b43718649ce077cc7cf557428961e25a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowes.socenigroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Apr 2023 16:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 16:13:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Apr 2023 16:13:22 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 74ms
22ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: lowes.socenigroup.com
URL: https://lowes.socenigroup.com/logon.php

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowes.socenigroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 12:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Apr 2024 12:17:21 GMT

GET
H/1.1 200
OK lowes_masthead.png
lowes.socenigroup.com/images/ 24 KB
24 KB 108ms
108ms Image
image/png 107.170.29.62
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lowes.socenigroup.com/images/lowes_masthead.png
Requested by: Host: lowes.socenigroup.com
URL: https://lowes.socenigroup.com/lowes_awareness.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.29.62 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a6edd559a168cad7eb6eb3cc93e2f314928869c8edd663a39e43340479f6c5e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowes.socenigroup.com/lowes_awareness.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 16:13:22 GMT
Last-Modified: Sat, 25 Aug 2018 07:04:20 GMT
Server: nginx/1.16.1
ETag: "5b80ff74-5e69"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24169

GET
H2 200 MwQ5bhbm2POE2V9BPQ.woff2
fonts.gstatic.com/s/abel/v18/ 9 KB
10 KB 75ms
21ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Abel|EB+Garamond

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bea498aed7cc1366e8b966e467b98219c803107d728eab8a6c4c9b045def699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lowes.socenigroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:35:50 GMT
x-content-type-options: nosniff
age: 535052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9588
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:29:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 11:35:50 GMT

GET
H2 200 SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2
fonts.gstatic.com/s/ebgaramond/v26/ 20 KB
20 KB 76ms
25ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v26/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Abel|EB+Garamond

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

142d7e873b9d8d550b53e6e55bac7a11ed1f2c0aa5e2d49966cde5ce3c00faec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lowes.socenigroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:37:31 GMT
x-content-type-options: nosniff
age: 534951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20512
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:16:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 11:37:31 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lowes.socenigroup.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: la1aiojrv6jof02c1fb6ebect7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
lowes.socenigroup.com
107.170.29.62
2a00:1450:4001:80e::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200a
142d7e873b9d8d550b53e6e55bac7a11ed1f2c0aa5e2d49966cde5ce3c00faec
6665ab4ce45481238559705675735819a9c71caf17ca8f0102b431093f04e5b3
74cd7365537f3376f4c11ef5cb43dcb6b43718649ce077cc7cf557428961e25a
78027c56e55bb1542ccd41462db8e56711588983737b7357a978a4fc48384ecc
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8bea498aed7cc1366e8b966e467b98219c803107d728eab8a6c4c9b045def699
a6edd559a168cad7eb6eb3cc93e2f314928869c8edd663a39e43340479f6c5e1

lowes.socenigroup.com Open in urlscan Pro 107.170.29.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

57 %HTTPS

75 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

99 kBTransfer

161 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

Indicators

lowes.socenigroup.com Open in urlscan Pro
107.170.29.62 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

57 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

99 kB
Transfer

161 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions