api.windowsandmoremo.net
Open in
urlscan Pro
104.130.255.68
Public Scan
Submission Tags: @phishunt_io
Submission: On October 13 via api from ES
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on October 13th 2020. Valid for: 3 months.
This is the only time api.windowsandmoremo.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 104.130.255.68 104.130.255.68 | 33070 (RMH-14) (RMH-14) | |
1 | 2600:9000:206... 2600:9000:206e:9c00:6:9a19:88c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.35.104.193 52.35.104.193 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 99.86.243.125 99.86.243.125 | 16509 (AMAZON-02) (AMAZON-02) | |
9 | 4 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-104-193.us-west-2.compute.amazonaws.com
d969058f-f8d8-414e-be92-302ab38f6f5c.rlets.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-125.vie50.r.cloudfront.net
capture-api.reachlocalservices.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
windowsandmoremo.net
api.windowsandmoremo.net |
77 KB |
2 |
reachlocalservices.com
capture-api.reachlocalservices.com |
558 B |
2 |
rlets.com
cdn.rlets.com d969058f-f8d8-414e-be92-302ab38f6f5c.rlets.com |
41 KB |
9 | 3 |
Domain | Requested by | |
---|---|---|
5 | api.windowsandmoremo.net |
api.windowsandmoremo.net
|
2 | capture-api.reachlocalservices.com |
cdn.rlets.com
|
1 | d969058f-f8d8-414e-be92-302ab38f6f5c.rlets.com |
cdn.rlets.com
|
1 | cdn.rlets.com |
api.windowsandmoremo.net
|
9 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
asp.net |
go.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
windowsandmoremo.net Let's Encrypt Authority X3 |
2020-10-13 - 2021-01-11 |
3 months | crt.sh |
*.rlets.com DigiCert SHA2 High Assurance Server CA |
2018-01-26 - 2021-02-03 |
3 years | crt.sh |
*.reachlocalservices.com DigiCert SHA2 High Assurance Server CA |
2018-01-26 - 2021-02-03 |
3 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://api.windowsandmoremo.net/
Frame ID: 37997079F2D963619B9CA80E35582C19
Requests: 7 HTTP requests in this frame
Frame:
https://d969058f-f8d8-414e-be92-302ab38f6f5c.rlets.com/static/storage.html
Frame ID: 3E3873E5FE33561A84D6A2AAC6B91FAB
Requests: 1 HTTP requests in this frame
4 Outgoing links
These are links going to different origins than the main page.
Title: Learn more »
Search URL Search Domain Scan URL
Title: Learn more »
Search URL Search Domain Scan URL
Title: Learn more »
Search URL Search Domain Scan URL
Title: Learn more »
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
api.windowsandmoremo.net/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
api.windowsandmoremo.net/Content/ |
94 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr
api.windowsandmoremo.net/bundles/ |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8d8414ebe92302ab38f6f5c.js
cdn.rlets.com/capture_configs/d96/905/8ff/ |
160 KB 41 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery
api.windowsandmoremo.net/bundles/ |
91 KB 38 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap
api.windowsandmoremo.net/bundles/ |
30 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
storage.html
d969058f-f8d8-414e-be92-302ab38f6f5c.rlets.com/static/ Frame 3E38 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
originCountry
capture-api.reachlocalservices.com/ Frame |
0 0 |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
originCountry
capture-api.reachlocalservices.com/ |
35 B 558 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| html5 object| Modernizr object| sb function| $ function| jQuery object| jQuery110204135835789069229 object| respond object| rl_widget_cfg object| RLCAP0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15768000 |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.windowsandmoremo.net
capture-api.reachlocalservices.com
cdn.rlets.com
d969058f-f8d8-414e-be92-302ab38f6f5c.rlets.com
104.130.255.68
2600:9000:206e:9c00:6:9a19:88c0:93a1
52.35.104.193
99.86.243.125
0c477768d9d0fad3f16c9a5a43644a5d0b8556181940a8646c7901e6dc2a8279
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
8e36a92b48ce8c4a823f7703ae2b1d91a96baf49a3c5c20fa0441df4c20bb3ec
914336db63e0e5bb51fa6da4bbc529524001a0383eae998ed9b17e7f238a260b
94c532c2c67a1bb5554b7c98f28deb335637142185691552e70d6a6b8f5efcf8
a32fffbebb870e3c36bd33442cdf9aee35566e32f8722e5a2a459937078265f3
cac8be18e7729bea46129ec8f1758bf47d1cce1ec48f92731d339e7afb0ee88a