dialin.opendoorwindows.com
Open in
urlscan Pro
104.234.237.146
Public Scan
Submission Tags: @phishunt_io
Submission: On March 16 via api from ES
Summary
TLS certificate: Issued by R3 on March 15th 2021. Valid for: 3 months.
This is the only time dialin.opendoorwindows.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 104.234.237.146 104.234.237.146 | 30407 (VELCOM) (VELCOM) | |
11 | 1 |
ASN30407 (VELCOM, CA)
PTR: 104-234-237-146.securepppoe.ca
dialin.opendoorwindows.com | |
heclyncfe06.hecint.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
hecint.com
heclyncfe06.hecint.com |
63 KB |
1 |
opendoorwindows.com
dialin.opendoorwindows.com |
1 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
10 | heclyncfe06.hecint.com |
dialin.opendoorwindows.com
heclyncfe06.hecint.com |
1 | dialin.opendoorwindows.com | |
11 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
dialin.opendoorwindows.com R3 |
2021-03-15 - 2021-06-13 |
3 months | crt.sh |
heclyncfe06.hecint.com R3 |
2021-03-15 - 2021-06-13 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://dialin.opendoorwindows.com/
Frame ID: 73081AACB4B0FCAE28AD2B38E76156A7
Requests: 1 HTTP requests in this frame
Frame:
https://heclyncfe06.hecint.com/Dialin/Conference.aspx
Frame ID: 1E685F56BCF74F8AE35F954AACA929BF
Requests: 10 HTTP requests in this frame
Screenshot
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
dialin.opendoorwindows.com/ |
992 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Conference.aspx
heclyncfe06.hecint.com/Dialin/ Frame 1E68 |
19 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PSTN_info_styles.en-US.css
heclyncfe06.hecint.com/dialin/client/ Frame 1E68 |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Resource.js
heclyncfe06.hecint.com/dialin/client/ Frame 1E68 |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Utilities.js
heclyncfe06.hecint.com/dialin/client/ Frame 1E68 |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebTicketManager.js
heclyncfe06.hecint.com/dialin/client/ Frame 1E68 |
74 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dialinform.js
heclyncfe06.hecint.com/dialin/client/ Frame 1E68 |
90 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
heclyncfe06.hecint.com/dialin/client/ Frame 1E68 |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
warningIcon.gif
heclyncfe06.hecint.com/dialin/client/ Frame 1E68 |
295 B 663 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mex
heclyncfe06.hecint.com/webticket/webticketservice.svc/ Frame 1E68 |
14 KB 3 KB |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DialinResource.aspx
heclyncfe06.hecint.com/dialin/client/ Frame 1E68 |
8 KB 4 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| ConferenceProxyOnLoad0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dialin.opendoorwindows.com
heclyncfe06.hecint.com
104.234.237.146
13aef3f0a16589664476a9435cb21b037e2bc5962e3814a3f8358058492cb4a4
165b0ea05c30c6f15824e579e14e1a64a87a4c1442b6af57cb2e9533e3d16d84
1c703c2c044d5301aa0a0785b43817cca82fad30bb2ce6db61fc5388183aee7f
22066a402b8e95d00247a8a99a246b6d93afa632241186da9ad13dcade6386ff
287deaf8da322885718c95b32062e5e7ecde9771eabefa8fe4f3cb5d6905321c
337df9f4da9649132e17d4efd51093e1ec875af0640ea3e006ed0afae9e7b8bf
64c0058ad3c494820189968dfc5ad3b6647e6e5cf321598bce8bb721153464a0
7ab59ff900a48390e724e3361c8992f4a2f53e22fe90a7a3a6b5205bb0c9e592
8e70a52634320708911b9c0f1ca8a57d6b9f5a310c7eb49ba72f27baa56e3a1b
d470b182343069cdc43b8a71da3771fab03bcbc4ab75dba1e52c550f280f260d
ed54f630e36d51e5a9a54a5db0badaea034f0cb925f189cd9c5184249f63b63c