thinkhr-qa.employeeconfidential.com
Open in
urlscan Pro
40.113.236.45
Public Scan
Effective URL: https://thinkhr-qa.employeeconfidential.com/Service/Report
Submission: On July 22 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on July 22nd 2024. Valid for: 6 months.
This is the only time thinkhr-qa.employeeconfidential.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 9 | 40.113.236.45 40.113.236.45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a04:4e42:400... 2a04:4e42:400::649 | 54113 (FASTLY) (FASTLY) | |
1 | 13.89.172.5 13.89.172.5 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
10 | 3 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
thinkhr-qa.employeeconfidential.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mineral.employeeconfidential.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
employeeconfidential.com
1 redirects
thinkhr-qa.employeeconfidential.com mineral.employeeconfidential.com |
332 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211 |
7 KB |
10 | 2 |
Domain | Requested by | |
---|---|---|
9 | thinkhr-qa.employeeconfidential.com |
1 redirects
thinkhr-qa.employeeconfidential.com
|
1 | mineral.employeeconfidential.com |
thinkhr-qa.employeeconfidential.com
|
1 | code.jquery.com |
thinkhr-qa.employeeconfidential.com
|
10 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
trustmineral.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
thinkhr-qa.employeeconfidential.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2024-07-22 - 2025-01-22 |
6 months | crt.sh |
*.jquery.com Sectigo ECC Domain Validation Secure Server CA |
2024-06-25 - 2025-06-25 |
a year | crt.sh |
mineral.employeeconfidential.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2024-07-22 - 2025-01-22 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://thinkhr-qa.employeeconfidential.com/Service/Report
Frame ID: 70409070B76AB3F1A48D773C5C2F5B89
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Anonymous ReportingPage URL History Show full URLs
-
https://thinkhr-qa.employeeconfidential.com/
HTTP 302
https://thinkhr-qa.employeeconfidential.com/Service/Report Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://thinkhr-qa.employeeconfidential.com/
HTTP 302
https://thinkhr-qa.employeeconfidential.com/Service/Report Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Report
thinkhr-qa.employeeconfidential.com/Service/ Redirect Chain
|
8 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layoutEcComStyles
thinkhr-qa.employeeconfidential.com/bundles/ |
45 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.css
code.jquery.com/ui/1.11.4/themes/smoothness/ |
29 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layoutEcComScripts
thinkhr-qa.employeeconfidential.com/bundles/ |
339 KB 130 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mineral.png
mineral.employeeconfidential.com/Content/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LatoLatin-Regular.woff2
thinkhr-qa.employeeconfidential.com/Content/fonts/Lato2OFLWeb/LatoLatin/fonts/ |
43 KB 43 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LatoLatin-Light.woff2
thinkhr-qa.employeeconfidential.com/Content/fonts/Lato2OFLWeb/LatoLatin/fonts/ |
42 KB 43 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LatoLatin-Semibold.woff2
thinkhr-qa.employeeconfidential.com/Content/fonts/Lato2OFLWeb/LatoLatin/fonts/ |
43 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LatoLatin-Heavy.woff2
thinkhr-qa.employeeconfidential.com/Content/fonts/Lato2OFLWeb/LatoLatin/fonts/ |
43 KB 43 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
thinkhr-qa.employeeconfidential.com/ |
5 KB 6 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| TakeCompany string| userAgent function| $ function| jQuery3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.thinkhr-qa.employeeconfidential.com/ | Name: ARRAffinity Value: e755ddc0beb98810dae9321c505a66ef31bd20a41a89b5798ce19ec1b59006db |
|
.thinkhr-qa.employeeconfidential.com/ | Name: ARRAffinitySameSite Value: e755ddc0beb98810dae9321c505a66ef31bd20a41a89b5798ce19ec1b59006db |
|
thinkhr-qa.employeeconfidential.com/ | Name: __RequestVerificationToken Value: 2sCotltKUlFVf_2hVYFMEn5rKg77wbduG-zA-0mAH7Xlz2xFCUuwJ44Vy4tY_xYG2O45w9hAtlQB77LCnI7V38KFChJ5fb9P0m3tCqBeD4I1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
mineral.employeeconfidential.com
thinkhr-qa.employeeconfidential.com
13.89.172.5
2a04:4e42:400::649
40.113.236.45
267eef3001852f3fb5fa919e9ecaf8885ed9232e08dfa9b6e3a8547ebfd47907
2ddfb14c6174d1c826dc338898827a0eebeff269cbe8380e88c942441ed51421
44132a9e4e3efaca604dfd3cc360267dfe44d6ca30c13253a32fd61b3222b61c
8964f1fe20bd22829aa12283e7e59515e7fc658348810e00c55a4c6c1c368628
9d32d24e40a515a6902493398b815c08c24d0a97df5c451588be6b70d7eb7067
a79d86bc4d1231a3697ccfc389c99ac4cf157b58e2732e7450ee80525abe0f39
cfb9ff81a6169950e2403b038b0945f54d4b1addb421ad10ad1cbed7ef5f24a5
d49a5da26515d0eea4b731f61dd4301072b6eec3d0f9f1d441ff7c204b5cddf1
ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0
e7f20acf99d6377102667d2c890598d84aa2a16df257ac87d324f0abdf467c2b