viewer.nanolearning.com
Open in
urlscan Pro
2620:1ec:bdf::45
Public Scan
Effective URL: https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0
Submission: On June 19 via manual from FI — Scanned from FI
Summary
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on May 11th 2023. Valid for: 6 months.
This is the only time viewer.nanolearning.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 23.97.160.56 23.97.160.56 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
7 | 2620:1ec:bdf::45 2620:1ec:bdf::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
7 | 52.239.140.202 52.239.140.202 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
14 | 3 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: waws-prod-am2-007.cloudapp.net
xot-aora.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
viewer.nanolearning.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
flightplan.blob.core.windows.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
windows.net
flightplan.blob.core.windows.net |
418 KB |
7 |
nanolearning.com
viewer.nanolearning.com |
927 KB |
1 |
xot-aora.com
1 redirects
xot-aora.com |
620 B |
14 | 3 |
Domain | Requested by | |
---|---|---|
7 | flightplan.blob.core.windows.net | |
7 | viewer.nanolearning.com |
viewer.nanolearning.com
|
1 | xot-aora.com | 1 redirects |
14 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.nordea.com |
www.evilandbadwebsite.com |
ninaa.oneadr.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
viewer.nanolearning.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2023-05-11 - 2023-11-11 |
6 months | crt.sh |
*.blob.core.windows.net Microsoft RSA TLS CA 02 |
2023-03-25 - 2024-03-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0
Frame ID: 2563C5E68187C53F7920061F22E57A28
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Summer’s just around the corner!Page URL History Show full URLs
-
https://xot-aora.com/info/Index?v=5023657&u=26746133&k=AeHkF4KMts9l2qRp&p=go&m=0&i=2
HTTP 302
https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0 Page URL
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: https://www.nordea.com
Search URL Search Domain Scan URL
Title: https://www.nordea.com
Search URL Search Domain Scan URL
Title: Cyber Security Operations Centre (CSOC)
Search URL Search Domain Scan URL
Title: How to report phishing and suspicious emails
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://xot-aora.com/info/Index?v=5023657&u=26746133&k=AeHkF4KMts9l2qRp&p=go&m=0&i=2
HTTP 302
https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
26746133
viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/ Redirect Chain
|
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-a149e6bc.js
viewer.nanolearning.com/assets/ |
627 KB 628 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-2fea3a8c.css
viewer.nanolearning.com/assets/ |
213 KB 214 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
AuthorizeDistributionUser
viewer.nanolearning.com/api/token/ |
568 B 772 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lesson
viewer.nanolearning.com/api/ |
14 KB 14 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
progress
viewer.nanolearning.com/api/ |
31 B 235 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TranslationData
viewer.nanolearning.com/api/LanguageTexts/ |
67 KB 67 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Powerpoint_16_9-1064686706_small.jpg
flightplan.blob.core.windows.net/images/NpTFLvM9ktKmA9cm/ |
279 KB 279 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ghXsfp8RifEFLPrf.png
flightplan.blob.core.windows.net/processedimages/VshgZc3kCuY8ghv7/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Picture3.png
flightplan.blob.core.windows.net/processedimages/OSqvskPFQOK9Rj4u/ |
15 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Spear%20phishing_2_380x380%20copy.jpg
flightplan.blob.core.windows.net/processedimages/8enbI9mxeDGivsB3/ |
28 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Be%20a%20star%20in%20the%20age%20of%20covid_380x380.jpg
flightplan.blob.core.windows.net/processedimages/NaVgvDLfybhGDzLe/ |
36 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Man%20working%20on%20laptop%20crop_3000x3000.jpeg
flightplan.blob.core.windows.net/processedimages/fgClk4pVpg7xfenE/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Picture1.jpg
flightplan.blob.core.windows.net/processedimages/APIySkOBDLuvNPQM/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend object| __VUE_INSTANCE_SETTERS__ boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ object| FontAwesomeConfig object| ___FONT_AWESOME___ object| fp_utils object| state object| fp_easings boolean| __VUE__ object| fullpage_api boolean| fullpage_extensions2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.xot-aora.com/ | Name: ARRAffinity Value: e184c86064b1aecc57e68fe3a74ba70cc50d1d0c99c50780cbe0290f77b8cdeb |
|
.xot-aora.com/ | Name: ARRAffinitySameSite Value: e184c86064b1aecc57e68fe3a74ba70cc50d1d0c99c50780cbe0290f77b8cdeb |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
flightplan.blob.core.windows.net
viewer.nanolearning.com
xot-aora.com
23.97.160.56
2620:1ec:bdf::45
52.239.140.202
11bda471bd3ea9697a87ffcc893b134c8590abda0611c7f9b53818ea0126870a
232e720fe3ed590bdc48803bf88d959a18878ad73339bd79ef0bc425068186b3
2a48b2f2b1876b7dbf436a1136c9a1fa1330fd9b6786f979fa762ed8e2d6409d
2ce35f21b8d6ccc1449988a49bdf963d6c3578e63790f9d6a8076818c88e4d7b
2fea3a8c27c2ee997f95db5af2c4f80e5586e57ab5ecac3e3816232dd5c59ffc
34d2d008d86a77120dccfc64f307e0d35f2f4a9a11cc1445d88d2425587f5c58
b61aa7c20991b97abc11f54201c955728d428a79d89901970e4521bf20443bf1
baf3d9faae40bbfe501d645c9ae5b630663fc51e866574a43232f6bda5630aae
c07940cc1c2a64ed2652e4b8188c880c896e40629e00411a92fda5f09d2dab6f
c537970569d6c7bf81adb99726bce13d618973022b05707b494247469c003a6f
c62a20cc7b25fe5e7c8bf9638423793ad015dcdbd1191dd337d84c38868f50c3
d71fbbaaebd7ce24ae59f4740ff8d51fb57811accb991071937fc0e913e67356
d8e26908b774a93180932c078bf5626b7286cbd27851b0abff068129a9c9ddbc
e48b63a15fa0e750f3eb5dd272852897b40631fa3447a6a9a9f1fecc423b0ad2
e711020b0d1a70dd093c2c864f4d6699cec53ba18108707f73e40c8c20f95a12