viewer.nanolearning.com Open in urlscan Pro
2620:1ec:bdf::45 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xot-aora.com/info/Index?v=5023657&u=26746133&k=AeHkF4KMts9l2qRp&p=go&m=0&i=2
Effective URL:
https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0
Submission: On June 19 via manual (June 19th 2023, 11:03:47 am UTC) from FI — Scanned from FI

Summary HTTP 14 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2620:1ec:bdf::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is viewer.nanolearning.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on May 11th 2023. Valid for: 6 months.

This is the only time viewer.nanolearning.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.97.160.56 23.97.160.56	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	52.239.140.202 52.239.140.202	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
14	3

1 23.97.160.56 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: waws-prod-am2-007.cloudapp.net

xot-aora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

viewer.nanolearning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.239.140.202 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

flightplan.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	windows.net flightplan.blob.core.windows.net	418 KB
7	nanolearning.com viewer.nanolearning.com	927 KB
1	xot-aora.com 1 redirects xot-aora.com	620 B
14	3

	Domain	Requested by
7	flightplan.blob.core.windows.net
7	viewer.nanolearning.com	viewer.nanolearning.com
1	xot-aora.com	1 redirects
14	3

This site contains links to these domains. Also see Links.

Domain
www.nordea.com
www.evilandbadwebsite.com
ninaa.oneadr.net

Subject Issuer	Validity	Valid
viewer.nanolearning.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-05-11` - `2023-11-11`	6 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-25` - `2024-03-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0
Frame ID: 2563C5E68187C53F7920061F22E57A28
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Summer’s just around the corner!

Page URL History Show full URLs

https://xot-aora.com/info/Index?v=5023657&u=26746133&k=AeHkF4KMts9l2qRp&p=go&m=0&i=2 HTTP 302
https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0 Page URL

Page Statistics

14
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1345 kB
Transfer

1342 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nordea.com/
Title: https://www.nordea.com

Search URL Search Domain Scan URL

URL: http://www.evilandbadwebsite.com/
Title: https://www.nordea.com

Search URL Search Domain Scan URL

URL: https://ninaa.oneadr.net/portal/internalportal/appmanager/nordeaportal/desktop/Content/web/s-193969/w/1471910?language=en&linkCount=1
Title: Cyber Security Operations Centre (CSOC)

Search URL Search Domain Scan URL

URL: https://ninaa.oneadr.net/portal/internalportal/appmanager/nordeaportal/desktop/Content/web/s-111185/w/938853?language=en
Title: How to report phishing and suspicious emails

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xot-aora.com/info/Index?v=5023657&u=26746133&k=AeHkF4KMts9l2qRp&p=go&m=0&i=2 HTTP 302
https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 26746133 Show response viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/ Redirect Chain https://xot-aora.com/info/Index?v=5023657&u=26746133&k=AeHkF4KMts9l2qRp&p=go&m=0&i=2 https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0	3 KB 3 KB	344ms 150ms	Document text/html	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `c537970569d6c7bf81adb99726bce13d618973022b05707b494247469c003a6f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers accept-ranges bytes content-length 2630 content-type text/html date Mon, 19 Jun 2023 11:03:39 GMT etag "1d99fc1a337f646" last-modified Thu, 15 Jun 2023 19:43:20 GMT request-context appId=cid-v1:1bf75d5f-8f0b-4470-8d58-d4c8b6dbc277 x-azure-ref 20230619T110339Z-em60d5pmt94b5d341xk5c9srxn00000000m0000000005fuh x-cache CONFIG_NOCACHE Redirect headers Content-Length 0 Date Mon, 19 Jun 2023 11:03:39 GMT Location https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0 Request-Context appId=cid-v1:ed2361cf-676c-4168-aeb2-a01439382cf9 Server Microsoft-IIS/10.0 Strict-Transport-Security max-age=2592000 X-Powered-By ASP.NET
GET H2	200	index-a149e6bc.js Show response viewer.nanolearning.com/assets/	627 KB 628 KB	148ms 147ms	Script text/javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://viewer.nanolearning.com/assets/index-a149e6bc.js Requested by Host: viewer.nanolearning.com URL: https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `2ce35f21b8d6ccc1449988a49bdf963d6c3578e63790f9d6a8076818c88e4d7b` Request headers Referer https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0 Origin https://viewer.nanolearning.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Mon, 19 Jun 2023 11:03:39 GMT last-modified Thu, 15 Jun 2023 19:43:20 GMT etag "1d99fc1a33e3075" x-azure-ref 20230619T110339Z-em60d5pmt94b5d341xk5c9srxn00000000m0000000005fvw x-cache CONFIG_NOCACHE content-type text/javascript accept-ranges bytes content-length 642165 request-context appId=cid-v1:1bf75d5f-8f0b-4470-8d58-d4c8b6dbc277
GET H2	200	index-2fea3a8c.css viewer.nanolearning.com/assets/	213 KB 214 KB	214ms 213ms	Stylesheet text/css	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://viewer.nanolearning.com/assets/index-2fea3a8c.css Requested by Host: viewer.nanolearning.com URL: https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `2fea3a8c27c2ee997f95db5af2c4f80e5586e57ab5ecac3e3816232dd5c59ffc` Request headers accept-language fi-FI,fi;q=0.9 Referer https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Mon, 19 Jun 2023 11:03:40 GMT last-modified Thu, 15 Jun 2023 19:43:20 GMT etag "1d99fc1a334a940" x-azure-ref 20230619T110339Z-em60d5pmt94b5d341xk5c9srxn00000000m0000000005fvx x-cache CONFIG_NOCACHE content-type text/css accept-ranges bytes content-length 218432 request-context appId=cid-v1:1bf75d5f-8f0b-4470-8d58-d4c8b6dbc277
POST H2	200	AuthorizeDistributionUser Show response viewer.nanolearning.com/api/token/	568 B 772 B	113ms 113ms	XHR application/json	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://viewer.nanolearning.com/api/token/AuthorizeDistributionUser Requested by Host: viewer.nanolearning.com URL: https://viewer.nanolearning.com/assets/index-a149e6bc.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `d8e26908b774a93180932c078bf5626b7286cbd27851b0abff068129a9c9ddbc` Request headers Accept application/json, text/plain, / Referer https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0 accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Content-Type application/json Response headers request-context appId=cid-v1:1bf75d5f-8f0b-4470-8d58-d4c8b6dbc277 date Mon, 19 Jun 2023 11:03:40 GMT x-azure-ref 20230619T110340Z-em60d5pmt94b5d341xk5c9srxn00000000m0000000005g0b x-cache CONFIG_NOCACHE content-type application/json; charset=utf-8
GET DATA	200 OK	truncated /	2 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e48b63a15fa0e750f3eb5dd272852897b40631fa3447a6a9a9f1fecc423b0ad2` Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	lesson Show response viewer.nanolearning.com/api/	14 KB 14 KB	95ms 95ms	XHR application/json	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://viewer.nanolearning.com/api/lesson?forceInvitation=false Requested by Host: viewer.nanolearning.com URL: https://viewer.nanolearning.com/assets/index-a149e6bc.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `e711020b0d1a70dd093c2c864f4d6699cec53ba18108707f73e40c8c20f95a12` Request headers Accept application/json, text/plain, / Referer https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0 accept-language fi-FI,fi;q=0.9 Authorization Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJlMTEzYTBmYS1hNjdmLTRhNTgtOGFhYi1kYzY1ZWQ4ZGI4NDciLCJEaXN0cmlidXRpb25Vc2VySWQiOiIyNjc0NjEzMyIsIkRpc3RyaWJ1dGlvbkFjdGl2aXR5SWQiOiI1MDIzNjU3IiwiQWN0aXZpdHlJZCI6IjM3MDk3NTkiLCJEaXN0cmlidXRpb25JZCI6IjcxMjg4MCIsIlVzZXJJZCI6IjM2Nzc0MjYiLCJleHAiOjE2ODcxODM0MjAsImlzcyI6Imh0dHBzOi8vdmlld2VyLmF6dXJld2Vic2l0ZXMubmV0LyIsImF1ZCI6Imh0dHBzOi8vdmlld2VyLmF6dXJld2Vic2l0ZXMubmV0LyJ9.t6fsXD5RDdEoHmgnuXFkspC2kwO37OkIaeWGTPG3VPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers request-context appId=cid-v1:1bf75d5f-8f0b-4470-8d58-d4c8b6dbc277 date Mon, 19 Jun 2023 11:03:40 GMT x-azure-ref 20230619T110340Z-em60d5pmt94b5d341xk5c9srxn00000000m0000000005g12 x-cache CONFIG_NOCACHE content-type application/json; charset=utf-8
POST H2	200	progress Show response viewer.nanolearning.com/api/	31 B 235 B	89ms 89ms	XHR application/json	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://viewer.nanolearning.com/api/progress Requested by Host: viewer.nanolearning.com URL: https://viewer.nanolearning.com/assets/index-a149e6bc.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `b61aa7c20991b97abc11f54201c955728d428a79d89901970e4521bf20443bf1` Request headers Accept application/json, text/plain, / Referer https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0 accept-language fi-FI,fi;q=0.9 Authorization Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJlMTEzYTBmYS1hNjdmLTRhNTgtOGFhYi1kYzY1ZWQ4ZGI4NDciLCJEaXN0cmlidXRpb25Vc2VySWQiOiIyNjc0NjEzMyIsIkRpc3RyaWJ1dGlvbkFjdGl2aXR5SWQiOiI1MDIzNjU3IiwiQWN0aXZpdHlJZCI6IjM3MDk3NTkiLCJEaXN0cmlidXRpb25JZCI6IjcxMjg4MCIsIlVzZXJJZCI6IjM2Nzc0MjYiLCJleHAiOjE2ODcxODM0MjAsImlzcyI6Imh0dHBzOi8vdmlld2VyLmF6dXJld2Vic2l0ZXMubmV0LyIsImF1ZCI6Imh0dHBzOi8vdmlld2VyLmF6dXJld2Vic2l0ZXMubmV0LyJ9.t6fsXD5RDdEoHmgnuXFkspC2kwO37OkIaeWGTPG3VPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Content-Type application/json Response headers request-context appId=cid-v1:1bf75d5f-8f0b-4470-8d58-d4c8b6dbc277 date Mon, 19 Jun 2023 11:03:40 GMT x-azure-ref 20230619T110340Z-em60d5pmt94b5d341xk5c9srxn00000000m0000000005g1r x-cache CONFIG_NOCACHE content-type application/json; charset=utf-8
GET H2	200	TranslationData Show response viewer.nanolearning.com/api/LanguageTexts/	67 KB 67 KB	89ms 89ms	XHR application/json	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://viewer.nanolearning.com/api/LanguageTexts/TranslationData?parts=Common,Directives,LessonViewer&lang=en-US Requested by Host: viewer.nanolearning.com URL: https://viewer.nanolearning.com/assets/index-a149e6bc.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `baf3d9faae40bbfe501d645c9ae5b630663fc51e866574a43232f6bda5630aae` Request headers Accept application/json, text/plain, / Referer https://viewer.nanolearning.com/lesson/AeHkF4KMts9l2qRp/5023657/26746133?mode=0 accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers request-context appId=cid-v1:1bf75d5f-8f0b-4470-8d58-d4c8b6dbc277 date Mon, 19 Jun 2023 11:03:40 GMT x-azure-ref 20230619T110340Z-em60d5pmt94b5d341xk5c9srxn00000000m0000000005g2d x-cache CONFIG_NOCACHE content-type application/json; charset=utf-8
GET H/1.1	200 OK	Powerpoint_16_9-1064686706_small.jpg flightplan.blob.core.windows.net/images/NpTFLvM9ktKmA9cm/	279 KB 279 KB	290ms 91ms	Image image/jpeg	52.239.140.202 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://flightplan.blob.core.windows.net/images/NpTFLvM9ktKmA9cm/Powerpoint_16_9-1064686706_small.jpg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.140.202 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `c62a20cc7b25fe5e7c8bf9638423793ad015dcdbd1191dd337d84c38868f50c3` Request headers accept-language fi-FI,fi;q=0.9 Referer https://viewer.nanolearning.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 19 Jun 2023 11:03:40 GMT Last-Modified Tue, 05 Apr 2022 14:41:48 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 5v6A97VdIMRvam9nbiw9Sg== ETag 0x8DA17126A5FEB01 Content-Type image/jpeg x-ms-request-id 80d0f034-901e-0085-489d-a268ac000000 x-ms-version 2009-09-19 Content-Length 285670
GET H/1.1	200 OK	ghXsfp8RifEFLPrf.png flightplan.blob.core.windows.net/processedimages/VshgZc3kCuY8ghv7/	4 KB 5 KB	228ms 59ms	Image image/png	52.239.140.202 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://flightplan.blob.core.windows.net/processedimages/VshgZc3kCuY8ghv7/ghXsfp8RifEFLPrf.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.140.202 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `232e720fe3ed590bdc48803bf88d959a18878ad73339bd79ef0bc425068186b3` Request headers accept-language fi-FI,fi;q=0.9 Referer https://viewer.nanolearning.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 19 Jun 2023 11:03:41 GMT Last-Modified Fri, 31 Mar 2023 10:46:59 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 Kixi22vm8TKe0esGf7MUuw== ETag 0x8DB31D5414280DE Content-Type image/png x-ms-request-id 4834acbe-f01e-003a-349d-a25f09000000 x-ms-version 2009-09-19 Content-Length 4470
GET H/1.1	200 OK	Picture3.png flightplan.blob.core.windows.net/processedimages/OSqvskPFQOK9Rj4u/	15 KB 16 KB	232ms 62ms	Image image/png	52.239.140.202 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://flightplan.blob.core.windows.net/processedimages/OSqvskPFQOK9Rj4u/Picture3.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.140.202 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `d71fbbaaebd7ce24ae59f4740ff8d51fb57811accb991071937fc0e913e67356` Request headers accept-language fi-FI,fi;q=0.9 Referer https://viewer.nanolearning.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 19 Jun 2023 11:03:40 GMT Last-Modified Fri, 09 Jun 2023 07:46:26 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 CW8/XUa0piz2dYb4UHRr2Q== ETag 0x8DB68BDA0E9B03E Content-Type image/png x-ms-request-id dc77717b-d01e-0002-2f9d-a2fbc9000000 x-ms-version 2009-09-19 Content-Length 15810
GET H/1.1	200 OK	Spear%20phishing_2_380x380%20copy.jpg flightplan.blob.core.windows.net/processedimages/8enbI9mxeDGivsB3/	28 KB 29 KB	238ms 61ms	Image image/jpeg	52.239.140.202 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://flightplan.blob.core.windows.net/processedimages/8enbI9mxeDGivsB3/Spear%20phishing_2_380x380%20copy.jpg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.140.202 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `2a48b2f2b1876b7dbf436a1136c9a1fa1330fd9b6786f979fa762ed8e2d6409d` Request headers accept-language fi-FI,fi;q=0.9 Referer https://viewer.nanolearning.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 19 Jun 2023 11:03:41 GMT Last-Modified Fri, 09 Jun 2023 08:09:06 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 i19W/js6Ttte5FeRB6DmIA== ETag 0x8DB68C0CBCCB156 Content-Type image/jpeg x-ms-request-id ec09ace6-401e-005d-339d-a24ff5000000 x-ms-version 2009-09-19 Content-Length 28909
GET H/1.1	200 OK	Be%20a%20star%20in%20the%20age%20of%20covid_380x380.jpg flightplan.blob.core.windows.net/processedimages/NaVgvDLfybhGDzLe/	36 KB 37 KB	242ms 64ms	Image image/jpeg	52.239.140.202 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://flightplan.blob.core.windows.net/processedimages/NaVgvDLfybhGDzLe/Be%20a%20star%20in%20the%20age%20of%20covid_380x380.jpg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.140.202 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `11bda471bd3ea9697a87ffcc893b134c8590abda0611c7f9b53818ea0126870a` Request headers accept-language fi-FI,fi;q=0.9 Referer https://viewer.nanolearning.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 19 Jun 2023 11:03:41 GMT Last-Modified Fri, 09 Jun 2023 08:09:06 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 ezKlbBa+wUVwGRJ5l2IoXw== ETag 0x8DB68C0CBF8789B Content-Type image/jpeg x-ms-request-id 6ffd4447-501e-0051-5b9d-a2d8fd000000 x-ms-version 2009-09-19 Content-Length 37228
GET H/1.1	200 OK	Man%20working%20on%20laptop%20crop_3000x3000.jpeg flightplan.blob.core.windows.net/processedimages/fgClk4pVpg7xfenE/	31 KB 31 KB	243ms 62ms	Image image/jpeg	52.239.140.202 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://flightplan.blob.core.windows.net/processedimages/fgClk4pVpg7xfenE/Man%20working%20on%20laptop%20crop_3000x3000.jpeg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.140.202 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `c07940cc1c2a64ed2652e4b8188c880c896e40629e00411a92fda5f09d2dab6f` Request headers accept-language fi-FI,fi;q=0.9 Referer https://viewer.nanolearning.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 19 Jun 2023 11:03:40 GMT Last-Modified Fri, 09 Jun 2023 08:09:06 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 /IczzuVqIgE9kZWen7jmlw== ETag 0x8DB68C0CBEEDC75 Content-Type image/jpeg x-ms-request-id 77a0924a-201e-0064-209d-a2b4e9000000 x-ms-version 2009-09-19 Content-Length 31831
GET H/1.1	200 OK	Picture1.jpg flightplan.blob.core.windows.net/processedimages/APIySkOBDLuvNPQM/	21 KB 21 KB	58ms 58ms	Image image/jpeg	52.239.140.202 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://flightplan.blob.core.windows.net/processedimages/APIySkOBDLuvNPQM/Picture1.jpg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.140.202 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `34d2d008d86a77120dccfc64f307e0d35f2f4a9a11cc1445d88d2425587f5c58` Request headers accept-language fi-FI,fi;q=0.9 Referer https://viewer.nanolearning.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 19 Jun 2023 11:03:41 GMT Last-Modified Thu, 08 Jun 2023 14:27:28 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 2t4SyhV5xHp+MvygwcZQfA== ETag 0x8DB682C7CFD308B Content-Type image/jpeg x-ms-request-id 4834acd2-f01e-003a-479d-a25f09000000 x-ms-version 2009-09-19 Content-Length 21377

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.xot-aora.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: e184c86064b1aecc57e68fe3a74ba70cc50d1d0c99c50780cbe0290f77b8cdeb
			.xot-aora.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: e184c86064b1aecc57e68fe3a74ba70cc50d1d0c99c50780cbe0290f77b8cdeb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

flightplan.blob.core.windows.net
viewer.nanolearning.com
xot-aora.com
23.97.160.56
2620:1ec:bdf::45
52.239.140.202
11bda471bd3ea9697a87ffcc893b134c8590abda0611c7f9b53818ea0126870a
232e720fe3ed590bdc48803bf88d959a18878ad73339bd79ef0bc425068186b3
2a48b2f2b1876b7dbf436a1136c9a1fa1330fd9b6786f979fa762ed8e2d6409d
2ce35f21b8d6ccc1449988a49bdf963d6c3578e63790f9d6a8076818c88e4d7b
2fea3a8c27c2ee997f95db5af2c4f80e5586e57ab5ecac3e3816232dd5c59ffc
34d2d008d86a77120dccfc64f307e0d35f2f4a9a11cc1445d88d2425587f5c58
b61aa7c20991b97abc11f54201c955728d428a79d89901970e4521bf20443bf1
baf3d9faae40bbfe501d645c9ae5b630663fc51e866574a43232f6bda5630aae
c07940cc1c2a64ed2652e4b8188c880c896e40629e00411a92fda5f09d2dab6f
c537970569d6c7bf81adb99726bce13d618973022b05707b494247469c003a6f
c62a20cc7b25fe5e7c8bf9638423793ad015dcdbd1191dd337d84c38868f50c3
d71fbbaaebd7ce24ae59f4740ff8d51fb57811accb991071937fc0e913e67356
d8e26908b774a93180932c078bf5626b7286cbd27851b0abff068129a9c9ddbc
e48b63a15fa0e750f3eb5dd272852897b40631fa3447a6a9a9f1fecc423b0ad2
e711020b0d1a70dd093c2c864f4d6699cec53ba18108707f73e40c8c20f95a12

viewer.nanolearning.com Open in urlscan Pro 2620:1ec:bdf::45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

1345 kBTransfer

1342 kBSize

2 Cookies

4 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

2 Cookies

Indicators

viewer.nanolearning.com Open in urlscan Pro
2620:1ec:bdf::45 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1345 kB
Transfer

1342 kB
Size

2
Cookies

14 HTTP transactions
1 data transactions