![](/screenshots/9791193b-0e61-462c-bc35-8f813f7f03b1.png)
sslvpn.tsh.ssbshoes.com
Open in
urlscan Pro
27.124.84.18
Public Scan
Effective URL: https://sslvpn.tsh.ssbshoes.com/login?redir=%2F
Submission: On July 11 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 31st 2023. Valid for: 3 months.
This is the only time sslvpn.tsh.ssbshoes.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 27.124.84.18 27.124.84.18 | 138089 (GMDP-AS-I...) (GMDP-AS-ID PT.Global Media Data Prima) | |
17 | 2 |
ASN138089 (GMDP-AS-ID PT.Global Media Data Prima, ID)
PTR: subnet.27.124.84.18.mlink.net.id
sslvpn.tsh.ssbshoes.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
ssbshoes.com
sslvpn.tsh.ssbshoes.com |
434 KB |
17 | 1 |
Domain | Requested by | |
---|---|---|
15 | sslvpn.tsh.ssbshoes.com |
sslvpn.tsh.ssbshoes.com
|
17 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
tsh-fg201e.tsh.ssbshoes.com R3 |
2023-05-31 - 2023-08-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://sslvpn.tsh.ssbshoes.com/login?redir=%2F
Frame ID: F7F0C0F78CAD9641C65568DACBDFA386
Requests: 17 HTTP requests in this frame
Screenshot
![](/screenshots/9791193b-0e61-462c-bc35-8f813f7f03b1.png)
Page URL History Show full URLs
- https://sslvpn.tsh.ssbshoes.com/ Page URL
- https://sslvpn.tsh.ssbshoes.com/logout?redir=%2F Page URL
- https://sslvpn.tsh.ssbshoes.com/login?redir=%2F Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://sslvpn.tsh.ssbshoes.com/ Page URL
- https://sslvpn.tsh.ssbshoes.com/logout?redir=%2F Page URL
- https://sslvpn.tsh.ssbshoes.com/login?redir=%2F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
sslvpn.tsh.ssbshoes.com/ |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.js
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.js
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
extend-session
sslvpn.tsh.ssbshoes.com/api/v2/monitor/web-ui/ |
503 B 564 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/ |
90 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logout
sslvpn.tsh.ssbshoes.com/ |
74 B 509 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/ |
90 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
login
sslvpn.tsh.ssbshoes.com/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/ |
90 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
legacy-main.css
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/css/ |
1 MB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
legacy_theme_setup.js
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/js/ |
110 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
forticloud-alt.svg
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/ng/security-fabric/ |
2 KB 1018 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/js/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/lang/ |
1 MB 286 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ftnt-icons.woff
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
lato-regular.woff2
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sslvpn.tsh.ssbshoes.com
- URL
- https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/fonts/ftnt-icons.woff
- Domain
- sslvpn.tsh.ssbshoes.com
- URL
- https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/lato-regular.woff2
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' |
Strict-Transport-Security | max-age=15552000 |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
sslvpn.tsh.ssbshoes.com
sslvpn.tsh.ssbshoes.com
27.124.84.18
300786225a02d73462c464fc088fba4afc0df3eedced5da9d609b6ca01ff6ef9
3ad14469ca236abe702c79afc2af23bc830a4ac272f7f60c9ce6ec471d38ace1
4a949b58faee4564bcf84b15aa746e4eb069dbd0f2cae8869eb041cca447702a
586b3863cb972d13c3f4f7cb0b5536f3c03064e44155d668bc23100bfbfa59ad
920c86eba0d14801a9dc168d5d6accba1197b60a8c110b1a19d43d5721b272fd
a8b43becba5f8370149acbb69fce3b00305a0e67d2baf25f5f305870c2de6de4
da027491d3ee1f189ff4c49c8ef43847fa32778016851ff04bb9c03065127487
eab7640b4a83cef4ee930a8495ce2995820aad1d6aaa6f59f62799655a12e1be