clients.celticcapital.com
Open in
urlscan Pro
173.197.126.234
Public Scan
Effective URL: https://clients.celticcapital.com/nvngw/
Submission: On October 02 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 24th 2019. Valid for: a year.
This is the only time clients.celticcapital.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 14 | 173.197.126.234 173.197.126.234 | 20001 (TWC-20001...) (TWC-20001-PACWEST) | |
12 | 1 |
ASN20001 (TWC-20001-PACWEST, US)
PTR: rrcs-173-197-126-234.west.biz.rr.com
clients.celticcapital.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
celticcapital.com
2 redirects
clients.celticcapital.com |
160 KB |
12 | 1 |
Domain | Requested by | |
---|---|---|
14 | clients.celticcapital.com |
2 redirects
clients.celticcapital.com
|
12 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
clients.celticcapital.com DigiCert SHA2 Secure Server CA |
2019-09-24 - 2020-10-14 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://clients.celticcapital.com/nvngw/
Frame ID: BDC4EA61EA940EFEC7043A7863CDA419
Requests: 7 HTTP requests in this frame
Frame:
https://clients.celticcapital.com/nvngw/loadjs.aspx
Frame ID: 7BB3FFA65D4ACBF5F42A53117390972E
Requests: 2 HTTP requests in this frame
Frame:
https://clients.celticcapital.com/nvngw/Prelogin.aspx
Frame ID: C1C4E32CF50BBF4F0AAE4B4A597E4791
Requests: 3 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://clients.celticcapital.com/
HTTP 301
https://clients.celticcapital.com/nvngw HTTP 302
https://clients.celticcapital.com/nvngw/ Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://clients.celticcapital.com/
HTTP 301
https://clients.celticcapital.com/nvngw HTTP 302
https://clients.celticcapital.com/nvngw/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
clients.celticcapital.com/nvngw/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Site.css
clients.celticcapital.com/nvngw/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prototype.js
clients.celticcapital.com/nvngw/script/ |
167 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Default.js
clients.celticcapital.com/nvngw/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_left.gif
clients.celticcapital.com/nvngw/image/ |
3 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_right.gif
clients.celticcapital.com/nvngw/image/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dn.png
clients.celticcapital.com/nvngw/image/ |
321 B 480 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loadjs.aspx
clients.celticcapital.com/nvngw/ Frame 7BB3 |
336 B 608 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.aspx
clients.celticcapital.com/nvngw/nvn/ Frame 7BB3 |
141 KB 42 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
Prelogin.aspx
clients.celticcapital.com/nvngw/ Frame C1C4 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Site.css
clients.celticcapital.com/nvngw/ Frame C1C4 |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prototype.js
clients.celticcapital.com/nvngw/script/ Frame C1C4 |
167 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
49 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| Prototype object| Abstract object| Try object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Ajax function| $ object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position function| $$ undefined| Sizzle function| Selector function| resizeBody function| reposUserDiv function| showHideUserDiv function| hideUserDiv undefined| toUserDiv function| setUserDivTO function| delUserDivTO function| logoff function| logoffpwd object| Cookie function| timeout function| clear function| logon function| initUser undefined| mbLogin function| OnUnload undefined| mSsnTimeout undefined| miSsnTimeout function| SetiSsn number| mtmrTimer function| ResetiSsn string| sessionTimeout0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
clients.celticcapital.com
173.197.126.234
033fb1e85c73545c5193f6a40a39e9212d44c8afb27cad1ebbdfc92cd5e3c605
3201fb30e4091790df982faea1e31b11c3c1a9f282e7bc53109b65214a361126
6165e16fb9f8c369618b82fc49aa2051501697bcc0fd433312cb794a7210af45
63b7563c7396548ed74e9ead9e90e3388a4d32bf01470653092a875b09a9ea84
68c1416ff8084265a6cdfdb1277d53565ba5075d42ea1bb519b235e5ea0e2579
6a32a7d989bc7eb26ac028340be045a0dd581524b6a085f3c140e6740fcad9d0
6e74d5e6d689d7d1df4475ab05063a6ed2f95a222809fea3aae19d687c0256ae
9ed9461b412ae7cbaad74823d4a266808009f69f15c336b084dcee38ad0f9807
bbf50526b4d2f03cac54c853586397d27f611591407dd224b75fe5fd706eaea3
e1e2b61e05e4486c531fdf008c13c14cd139068137b324a6dad4496f3f326065