billing.condoroccia.com

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 7 HTTP transactions. The main IP is 18.213.19.234, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is billing.condoroccia.com.
TLS certificate: Issued by R3 on May 1st 2022. Valid for: 3 months.

This is the only time billing.condoroccia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	18.213.19.234 18.213.19.234	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a02:26f0:350... 2a02:26f0:3500:58d::2c1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:595::e59	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	162.247.242.31 162.247.242.31	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
7	4

4 18.213.19.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-19-234.compute-1.amazonaws.com

billing.condoroccia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:58d::2c1a (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

go.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:595::e59 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

download.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.31 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: service.newrelic.co.uk

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	condoroccia.com billing.condoroccia.com	277 KB
2	microsoft.com 1 redirects go.microsoft.com — Cisco Umbrella Rank: 254 download.microsoft.com — Cisco Umbrella Rank: 8519	88 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 595	322 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 352	14 KB
7	4

	Domain	Requested by
4	billing.condoroccia.com	billing.condoroccia.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	billing.condoroccia.com
1	download.microsoft.com	billing.condoroccia.com
1	go.microsoft.com	1 redirects
7	5

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com

Subject Issuer	Validity	Valid
billing.condoroccia.com R3	`2022-05-01` - `2022-07-30`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://billing.condoroccia.com/
Frame ID: 258B900E2DD032421C8478D5EFB857BB
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Condo Roccia Koptiw - Web Apps

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

Page Statistics

7
Requests

86 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

380 kB
Transfer

402 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://go.microsoft.com/fwlink/?LinkID=149156&v=5.0.61118.0

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://go.microsoft.com/fwlink/?LinkId=161376 HTTP 302
https://download.microsoft.com/download/5/1/6/5165823D-1D79-4871-8AC2-42DDDB94A5C2/PNGs/SLMedallion_DEU.png

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response billing.condoroccia.com/	14 KB 14 KB	294ms 96ms	Document text/html	18.213.19.234 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://billing.condoroccia.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.213.19.234 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-19-234.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `a8518595fa8c98bc2f02b1eec4f1d0a36e4a033e9ecb323e9f742601dbda2e8f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private content-length 14330 content-type text/html; charset=utf-8 date Sun, 01 May 2022 20:23:06 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET x-server JUR-WINWEB08
GET H2	200	SplashScreen.js Show response billing.condoroccia.com/	498 B 600 B	94ms 94ms	Script application/javascript	18.213.19.234 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://billing.condoroccia.com/SplashScreen.js Requested by Host: billing.condoroccia.com URL: https://billing.condoroccia.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.213.19.234 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-19-234.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `e81a80d26aaa9c0a1758ef172700632e2801f49780a0b40a8af9be070e8dc4f5` Request headers accept-language de-DE,de;q=0.9 Referer https://billing.condoroccia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sun, 01 May 2022 20:23:06 GMT last-modified Wed, 23 Mar 2016 17:56:34 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "5c4af0562d85d11:0" content-type application/javascript x-server JUR-WINWEB08 accept-ranges bytes content-length 498
GET H2	200	Silverlight.js Show response billing.condoroccia.com/	8 KB 8 KB	95ms 94ms	Script application/javascript	18.213.19.234 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://billing.condoroccia.com/Silverlight.js Requested by Host: billing.condoroccia.com URL: https://billing.condoroccia.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.213.19.234 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-19-234.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `ff4b8f068a7d5965fb215120968be883b69333b9dbd62c4149f441b872b381ad` Request headers accept-language de-DE,de;q=0.9 Referer https://billing.condoroccia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sun, 01 May 2022 20:23:06 GMT last-modified Wed, 23 Mar 2016 17:56:34 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "5c4af0562d85d11:0" content-type application/javascript x-server JUR-WINWEB08 accept-ranges bytes content-length 7680
GET H2	200	CRKLogo.png billing.condoroccia.com/Images/	255 KB 255 KB	95ms 95ms	Image image/png	18.213.19.234 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://billing.condoroccia.com/Images/CRKLogo.png Requested by Host: billing.condoroccia.com URL: https://billing.condoroccia.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.213.19.234 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-19-234.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `a4791dd3f7b8f4c6fb0600199cd21d4cb8440f1b5073e3a11de51a7dcce5a930` Request headers accept-language de-DE,de;q=0.9 Referer https://billing.condoroccia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sun, 01 May 2022 20:23:06 GMT last-modified Wed, 23 Mar 2016 17:56:34 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "fbe8ed562d85d11:0" content-type image/png x-server JUR-WINWEB08 accept-ranges bytes content-length 261020
GET H/1.1	200 OK	SLMedallion_DEU.png download.microsoft.com/download/5/1/6/5165823D-1D79-4871-8AC2-42DDDB94A5C2/PNGs/ Redirect Chain https://go.microsoft.com/fwlink/?LinkId=161376 https://download.microsoft.com/download/5/1/6/5165823D-1D79-4871-8AC2-42DDDB94A5C2/PNGs/SLMedallion_DEU.png	87 KB 88 KB	151ms 7ms	Image application/octet-stream	2a02:26f0:3500:595::e59 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://download.microsoft.com/download/5/1/6/5165823D-1D79-4871-8AC2-42DDDB94A5C2/PNGs/SLMedallion_DEU.png Requested by Host: billing.condoroccia.com URL: https://billing.condoroccia.com/ Protocol HTTP/1.1 Server 2a02:26f0:3500:595::e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `1194909147db98b498d955bfd13e96cfb43bab3ab98d862a6900cf7d2f8b390a` Request headers accept-language de-DE,de;q=0.9 Referer https://billing.condoroccia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Sun, 01 May 2022 20:23:07 GMT Last-Modified Sat, 13 Oct 2018 16:25:36 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 331rEukYRVyAUWdCKDRPZw== ETag "0x8D631288195914A" Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 89307 Redirect headers Pragma no-cache Date Sun, 01 May 2022 20:23:06 GMT Server Kestrel Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Response-Cache-Status True Location https://download.microsoft.com/download/5/1/6/5165823D-1D79-4871-8AC2-42DDDB94A5C2/PNGs/SLMedallion_DEU.png Expires Sun, 01 May 2022 20:23:06 GMT Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 0 Request-Context appId=cid-v1:b47e5e27-bf85-45ba-a97c-0377ce0e5779
GET H2	200	nr-1216.min.js Show response js-agent.newrelic.com/	38 KB 14 KB	29ms 12ms	Script application/javascript	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-1216.min.js Requested by Host: billing.condoroccia.com URL: https://billing.condoroccia.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash `6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708` Request headers accept-language de-DE,de;q=0.9 Referer https://billing.condoroccia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id mHHzJIqOizHibcYt0xqAszRr0gQRiNYy content-encoding gzip etag "9f533d8cd24b2c5e3b4dc886ecbd43e8" x-amz-request-id TG0A5SDZJ767Q1E7 x-cache HIT cross-origin-resource-policy cross-origin content-length 14391 x-amz-id-2 +SM8u7osfmExQLZWh68JZqQBrUjeaPn+iRiHCVB3IwlHIvvcrTZhMwzKZMUT8BlC+T+K2o8ok2g= x-served-by cache-hhn4067-HHN last-modified Thu, 14 Apr 2022 16:45:57 GMT server AmazonS3 x-timer S1651436587.200020,VS0,VE0 date Sun, 01 May 2022 20:23:07 GMT vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 5167
GET H/1.1	200 OK	04a4ce77ac Show response bam.nr-data.net/1/	57 B 322 B	432ms 107ms	Script text/javascript	162.247.242.31 NEWRELIC-AS-1
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/04a4ce77ac?a=147131289&v=1216.487a282&to=b1EDZUpQV0JVV0FQVlYbIGJoHlpDGkNQW1hIRBIfS0VYQ0AaVEpJQA%3D%3D&rst=825&ck=1&ref=https://billing.condoroccia.com/&be=319&fe=790&dc=429&perf=%7B%22timing%22:%7B%22of%22:1651436586385,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:94,%22ce%22:198,%22rq%22:199,%22rp%22:295,%22rpe%22:295,%22dl%22:298,%22di%22:429,%22ds%22:429,%22de%22:429,%22dc%22:789,%22l%22:789,%22le%22:790%7D,%22navigation%22:%7B%7D%7D&fp=447&fcp=447&jsonp=NREUM.setToken Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-1216.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.247.242.31 , United States, ASN23467 (NEWRELIC-AS-1, US), Reverse DNS service.newrelic.co.uk Software / Resource Hash `d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1` Request headers accept-language de-DE,de;q=0.9 Referer https://billing.condoroccia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Cross-Origin-Resource-Policy cross-origin Content-Type text/javascript;charset=iso-8859-1 Content-Length 57 Expires Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: ac4628f7f758267f

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://billing.condoroccia.com/ Message: Mixed Content: The page at 'https://billing.condoroccia.com/' was loaded over HTTPS, but requested an insecure element 'http://go.microsoft.com/fwlink/?LinkId=161376'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://billing.condoroccia.com/(Line 87) Message: Mixed Content: The page at 'https://billing.condoroccia.com/' was loaded over HTTPS, but requested an insecure element 'http://go.microsoft.com/fwlink/?LinkId=161376'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
billing.condoroccia.com
download.microsoft.com
go.microsoft.com
js-agent.newrelic.com
151.101.66.137
162.247.242.31
18.213.19.234
2a02:26f0:3500:58d::2c1a
2a02:26f0:3500:595::e59
1194909147db98b498d955bfd13e96cfb43bab3ab98d862a6900cf7d2f8b390a
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
a4791dd3f7b8f4c6fb0600199cd21d4cb8440f1b5073e3a11de51a7dcce5a930
a8518595fa8c98bc2f02b1eec4f1d0a36e4a033e9ecb323e9f742601dbda2e8f
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
e81a80d26aaa9c0a1758ef172700632e2801f49780a0b40a8af9be070e8dc4f5
ff4b8f068a7d5965fb215120968be883b69333b9dbd62c4149f441b872b381ad

billing.condoroccia.com Open in urlscan Pro 18.213.19.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

7 Requests

86 %HTTPS

40 %IPv6

4 Domains

5 Subdomains

4 IPs

2 Countries

380 kBTransfer

402 kBSize

1 Cookies

1 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

billing.condoroccia.com Open in urlscan Pro
18.213.19.234 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

380 kB
Transfer

402 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions