win2k12-server1.wnitron.unitron-group.net
Open in
urlscan Pro
2a02:f6c:7e6:1:192:168:0:12
Public Scan
Submission Tags: phishingrod
Submission: On July 30 via api from DE — Scanned from NL
Summary
TLS certificate: Issued by R10 on July 30th 2024. Valid for: 3 months.
This is the only time win2k12-server1.wnitron.unitron-group.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 2a02:f6c:7e6:... 2a02:f6c:7e6:1:192:168:0:12 | 15435 (KABELFOON...) (KABELFOON DELTA Fiber Nederland) | |
1 | 185.85.17.54 185.85.17.54 | 51468 (ONECOM) (ONECOM) | |
3 | 2 |
ASN15435 (KABELFOON DELTA Fiber Nederland, NL)
win2k12-server1.wnitron.unitron-group.net |
ASN51468 (ONECOM, DK)
PTR: vps-248227-4199.hosted.at.hostnet.nl
www.unitron.nl |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
unitron-group.net
win2k12-server1.wnitron.unitron-group.net |
2 KB |
1 |
unitron.nl
www.unitron.nl |
|
3 | 2 |
Domain | Requested by | |
---|---|---|
2 | win2k12-server1.wnitron.unitron-group.net | |
1 | www.unitron.nl |
win2k12-server1.wnitron.unitron-group.net
|
3 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.unitron-group.net R10 |
2024-07-30 - 2024-10-28 |
3 months | crt.sh |
unitron.nl R11 |
2024-06-21 - 2024-09-19 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://win2k12-server1.wnitron.unitron-group.net/
Frame ID: 8B65B58D3130D14F927C7E3FCA2AC5AB
Requests: 2 HTTP requests in this frame
Frame:
https://www.unitron.nl/
Frame ID: 0F58A5FB793291D7CF7C335203822767
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
win2k12-server1.wnitron.unitron-group.net/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.unitron.nl/ Frame 0F58 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
win2k12-server1.wnitron.unitron-group.net/ |
1 KB 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 06 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.myfonts.net/ | Name: __cf_bm Value: 60NnlOcZ_vpBW.mvvp4mcsCYAVJS0edR6RuU9tpv0Lc-1722331240-1.0.1.1-hYipMdD_5qYUJ7xUCzk.xeoSlID9PqV5xbDu.Z3mCd_Q7CwsNTYx6qceDD5bKPJ9jLcVQF0QwtwrJ11QBz1QDQ |
|
.linkedin.com/ | Name: bcookie Value: "v=2&b136c1c8-5858-407f-8115-490a61ca4811" |
|
.linkedin.com/ | Name: li_gc Value: MTswOzE3MjIzMzEyNDA7MjswMjGz/jb6s2rr1EyAAZeJvJkMMdVPvQaqGR+IwFiCFSjbQg== |
|
.linkedin.com/ | Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=3314:u=1:x=1:i=1722331240:t=1722417640:v=2:sig=AQFf__EFDxudvDKodwwfw4TnHU4UA0nI" |
|
.vimeo.com/ | Name: __cf_bm Value: QXTuxwzSONKXPldNeEmAobOdWvYxs78Um4pLZcgl6Q0-1722331241-1.0.1.1-DKk.9BYEmsJxx98J_6jz1I6L2lYfzR9hli6OdEQ443OVWwO1PcYIEYARZi3tPAcA |
|
.vimeo.com/ | Name: _cfuvid Value: ZLzZYquJ2rzo1kgY7cRs7XRow11ojVCldPm40qCtefg-1722331241106-0.0.1.1-604800000 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
win2k12-server1.wnitron.unitron-group.net
www.unitron.nl
185.85.17.54
2a02:f6c:7e6:1:192:168:0:12
6ac3ad6b171f42d0af17ac92c580c3c5c644b71a0855e241c604003c5892ddd5
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f