secure.prod.hsmso.net Open in urlscan Pro
172.81.14.46 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.prod.hsmso.net/hsmso.net/login.aspx
Submission: On September 21 via manual (September 21st 2023, 11:17:31 am UTC) from IN — Scanned from DE

Summary HTTP 10 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 172.81.14.46, located in United States and belongs to HEALTHAXIS-AS, US. The main domain is secure.prod.hsmso.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 25th 2023. Valid for: a year.

This is the only time secure.prod.hsmso.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	172.81.14.46 172.81.14.46	399298 (HEALTHAXI...) (HEALTHAXIS-AS)
1	45.60.198.209 45.60.198.209	19551 (INCAPSULA) (INCAPSULA)
10	3

8 172.81.14.46 (United States)

ASN399298 (HEALTHAXIS-AS, US)

secure.prod.hsmso.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.198.209 (United States)

ASN19551 (INCAPSULA, US)

www.thawte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	hsmso.net secure.prod.hsmso.net	141 KB
1	thawte.com www.thawte.com — Cisco Umbrella Rank: 434385 siteseal.thawte.com Failed
10	2

	Domain	Requested by
8	secure.prod.hsmso.net	secure.prod.hsmso.net
1	www.thawte.com	secure.prod.hsmso.net
0	siteseal.thawte.com Failed	secure.prod.hsmso.net
10	3

This site contains links to these domains. Also see Links.

Domain
medi-calrx.dhcs.ca.gov
www.medi-calrx.dhcs.ca.gov

Subject Issuer	Validity	Valid
secure.prod.hsmso.net Go Daddy Secure Certificate Authority - G2	`2023-02-25` - `2024-03-28`	a year	crt.sh
digicert.com DigiCert SHA2 Extended Validation Server CA	`2022-12-11` - `2023-12-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://secure.prod.hsmso.net/hsmso.net/login.aspx
Frame ID: CB60E7F2C23EDC24B172D703F2357BFB
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

90 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

141 kB
Transfer

214 kB
Size

1
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://medi-calrx.dhcs.ca.gov/cms/medicalrx/static-assets/documents/provider/forms-and-information/Covered_Personal_Blood_Pressure_Monitoring_Devices_and_Cuffs.xls
Title: Covered Personal Blood Pressure Monitoring Devices and Blood Pressure Cuffs

Search URL Search Domain Scan URL

URL: https://www.medi-calrx.dhcs.ca.gov/cms/medicalrx/static-assets/documents/provider/forms-and-information/List_of_Covered_Enteral_Nutrition_Products_v0.1_.xlsx
Title: Covered Enteral Nutrition Products

Search URL Search Domain Scan URL

URL: https://www.medi-calrx.dhcs.ca.gov/cms/medicalrx/static-assets/documents/provider/forms-and-information/Covered_Diabetic_Test_Strips_and_Lancets.xlsx
Title: Covered Diabetic Test Strips and Lancets

Search URL Search Domain Scan URL

URL: https://www.medi-calrx.dhcs.ca.gov/cms/medicalrx/static-assets/documents/provider/forms-and-information/Covered_Disposable_Insulin_Delivery_Devices.xls
Title: Covered Disposable Insulin Delivery Devices

Search URL Search Domain Scan URL

URL: https://www.medi-calrx.dhcs.ca.gov/cms/medicalrx/static-assets/documents/provider/forms-and-information/Covered_Self-Monitoring_Blood_Glucose_Systems_Glucometers_Control_Solutions_and_Lancing_Devices.xlsx
Title: Covered Self-Monitoring Blood Glucose Systems (Glucometers), Control Solutions, and Lancing Devices

Search URL Search Domain Scan URL

URL: https://www.medi-calrx.dhcs.ca.gov/cms/medicalrx/static-assets/documents/provider/forms-and-information/Covered_Therapeutic_Continuous_Glucose_Monitoring_CGM_Systems.xlsx
Title: Covered Therapeutic Continuous Glucose Monitoring (CGM) Systems

Search URL Search Domain Scan URL

URL: https://www.medi-calrx.dhcs.ca.gov/cms/medicalrx/static-assets/documents/provider/forms-and-information/Covered_Pen_Needles.xlsx
Title: Covered Pen Needles

Search URL Search Domain Scan URL

URL: https://www.medi-calrx.dhcs.ca.gov/cms/medicalrx/static-assets/documents/provider/forms-and-information/Covered_Sterile_Syringes_with_Needles.xlsx
Title: Covered Sterile Syringes with Needles

Search URL Search Domain Scan URL

URL: https://www.medi-calrx.dhcs.ca.gov/cms/medicalrx/static-assets/documents/provider/forms-and-information/Covered_Medical_Supplies_Product_Descriptions_and_Billing_Information.xlsx
Title: Covered Medical Supplies Product Descriptions and Billing Information

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login.aspx Show response secure.prod.hsmso.net/hsmso.net/	26 KB 9 KB	1174ms 142ms	Document text/html	172.81.14.46 HEALTHAXIS-AS
General Check archive.org Show headers Download Go to Full URL https://secure.prod.hsmso.net/hsmso.net/login.aspx Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 172.81.14.46 , United States, ASN399298 (HEALTHAXIS-AS, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash `6c727343086faaa7d4d3be6e6964d032858933ecb13dcec38c1ebd00ca49484b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control private Content-Encoding gzip Content-Length 8648 Content-Type text/html; charset=utf-8 Date Thu, 21 Sep 2023 11:17:25 GMT Server Microsoft-IIS/8.5 Vary Accept-Encoding X-AspNet-Version 4.0.30319 X-UA-Compatible IE=6, 7, 9
GET H/1.1	200 OK	HSMSO.css secure.prod.hsmso.net/hsmso.net/Scripts/	2 KB 1 KB	145ms 143ms	Stylesheet text/css	172.81.14.46 HEALTHAXIS-AS
General Check archive.org Show headers Download Go to Full URL https://secure.prod.hsmso.net/hsmso.net/Scripts/HSMSO.css Requested by Host: secure.prod.hsmso.net URL: https://secure.prod.hsmso.net/hsmso.net/login.aspx Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 172.81.14.46 , United States, ASN399298 (HEALTHAXIS-AS, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash `0b8a0731813535b791a65a7d6fe9c25ae242d5da497ccd66c59974e07bb7e68c` Request headers accept-language de-DE,de;q=0.9 Referer https://secure.prod.hsmso.net/hsmso.net/login.aspx User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Thu, 21 Sep 2023 11:17:25 GMT Content-Encoding gzip Last-Modified Tue, 09 Apr 2019 23:16:16 GMT Server Microsoft-IIS/8.5 ETag "0e01c3b2aefd41:0" Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 873 X-UA-Compatible IE=6, 7, 9
GET H/1.1	200 OK	JQuery-1.11.1.min.js Show response secure.prod.hsmso.net/hsmso.net/Scripts/	94 KB 42 KB	408ms 407ms	Script application/javascript	172.81.14.46 HEALTHAXIS-AS
General Check archive.org Show headers Download Go to Full URL https://secure.prod.hsmso.net/hsmso.net/Scripts/JQuery-1.11.1.min.js Requested by Host: secure.prod.hsmso.net URL: https://secure.prod.hsmso.net/hsmso.net/login.aspx Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 172.81.14.46 , United States, ASN399298 (HEALTHAXIS-AS, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash `540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441` Request headers accept-language de-DE,de;q=0.9 Referer https://secure.prod.hsmso.net/hsmso.net/login.aspx User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Thu, 21 Sep 2023 11:17:25 GMT Content-Encoding gzip Last-Modified Fri, 21 Apr 2017 00:24:38 GMT Server Microsoft-IIS/8.5 ETag "02716a935bad21:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 42761 X-UA-Compatible IE=6, 7, 9
GET H2	404	certdetails.js www.thawte.com/html/	0 0	536ms 502ms	Script text/html	45.60.198.209 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www.thawte.com/html/certdetails.js Requested by Host: secure.prod.hsmso.net URL: https://secure.prod.hsmso.net/hsmso.net/login.aspx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.198.209 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://secure.prod.hsmso.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers
GET H/1.1	200 OK	styles.css secure.prod.hsmso.net/hsmso.net/	6 KB 2 KB	406ms 258ms	Stylesheet text/css	172.81.14.46 HEALTHAXIS-AS
General Check archive.org Show headers Download Go to Full URL https://secure.prod.hsmso.net/hsmso.net/styles.css Requested by Host: secure.prod.hsmso.net URL: https://secure.prod.hsmso.net/hsmso.net/login.aspx Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 172.81.14.46 , United States, ASN399298 (HEALTHAXIS-AS, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash `45397554677d1f815d8c4784931962c5b7dc200f4d706baf71a1e5f8cccfc8aa` Request headers accept-language de-DE,de;q=0.9 Referer https://secure.prod.hsmso.net/hsmso.net/login.aspx User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Thu, 21 Sep 2023 11:17:25 GMT Content-Encoding gzip Last-Modified Thu, 03 Nov 2022 19:54:34 GMT Server Microsoft-IIS/8.5 ETag "0396c18beefd81:0" Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 1506 X-UA-Compatible IE=6, 7, 9
GET H/1.1	200 OK	logos.gif secure.prod.hsmso.net/hsmso.net/images/	3 KB 3 KB	142ms 142ms	Image image/gif	172.81.14.46 HEALTHAXIS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://secure.prod.hsmso.net/hsmso.net/images/logos.gif Requested by Host: secure.prod.hsmso.net URL: https://secure.prod.hsmso.net/hsmso.net/login.aspx Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 172.81.14.46 , United States, ASN399298 (HEALTHAXIS-AS, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash `546c29a590f20f5be2886a70bba6a63f0385136d4042de70a0048eea91294305` Request headers accept-language de-DE,de;q=0.9 Referer https://secure.prod.hsmso.net/hsmso.net/login.aspx User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Thu, 21 Sep 2023 11:17:26 GMT Last-Modified Fri, 21 Apr 2017 00:24:34 GMT Server Microsoft-IIS/8.5 ETag "0cdb3a635bad21:0" Content-Type image/gif Accept-Ranges bytes Content-Length 3139 X-UA-Compatible IE=6, 7, 9
GET H/1.1	200 OK	top_corner.gif secure.prod.hsmso.net/hsmso.net/images/	1022 B 1 KB	142ms 142ms	Image image/gif	172.81.14.46 HEALTHAXIS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://secure.prod.hsmso.net/hsmso.net/images/top_corner.gif Requested by Host: secure.prod.hsmso.net URL: https://secure.prod.hsmso.net/hsmso.net/login.aspx Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 172.81.14.46 , United States, ASN399298 (HEALTHAXIS-AS, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash `1853ca13f794b0f20c8fb3d0d01a13cda372f2b8c7d8b57d5a83c51da851ec3a` Request headers accept-language de-DE,de;q=0.9 Referer https://secure.prod.hsmso.net/hsmso.net/login.aspx User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Thu, 21 Sep 2023 11:17:26 GMT Last-Modified Fri, 21 Apr 2017 00:24:36 GMT Server Microsoft-IIS/8.5 ETag "0fae4a735bad21:0" Content-Type image/gif Accept-Ranges bytes Content-Length 1022 X-UA-Compatible IE=6, 7, 9
GET H/1.1	200 OK	spacer.gif secure.prod.hsmso.net/hsmso.net/images/	43 B 294 B	141ms 141ms	Image image/gif	172.81.14.46 HEALTHAXIS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://secure.prod.hsmso.net/hsmso.net/images/spacer.gif Requested by Host: secure.prod.hsmso.net URL: https://secure.prod.hsmso.net/hsmso.net/login.aspx Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 172.81.14.46 , United States, ASN399298 (HEALTHAXIS-AS, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash `2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363` Request headers accept-language de-DE,de;q=0.9 Referer https://secure.prod.hsmso.net/hsmso.net/login.aspx User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Thu, 21 Sep 2023 11:17:26 GMT Last-Modified Fri, 21 Apr 2017 00:24:34 GMT Server Microsoft-IIS/8.5 ETag "0cdb3a635bad21:0" Content-Type image/gif Accept-Ranges bytes Content-Length 43 X-UA-Compatible IE=6, 7, 9
GET H/1.1	200 OK	logol.gif secure.prod.hsmso.net/hsmso.net/images/	82 KB 83 KB	256ms 142ms	Image image/gif	172.81.14.46 HEALTHAXIS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://secure.prod.hsmso.net/hsmso.net/images/logol.gif Requested by Host: secure.prod.hsmso.net URL: https://secure.prod.hsmso.net/hsmso.net/login.aspx Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 172.81.14.46 , United States, ASN399298 (HEALTHAXIS-AS, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash `cb96c047b532d77f0880949e06ea7c4e756afae05df02f749a49e99e7bc2c63b` Request headers accept-language de-DE,de;q=0.9 Referer https://secure.prod.hsmso.net/hsmso.net/login.aspx User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Thu, 21 Sep 2023 11:17:26 GMT Last-Modified Fri, 21 Apr 2017 00:24:34 GMT Server Microsoft-IIS/8.5 ETag "0cdb3a635bad21:0" Content-Type image/gif Accept-Ranges bytes Content-Length 84444 X-UA-Compatible IE=6, 7, 9
GET		thawte_seal_generator.exe siteseal.thawte.com/cgi/server/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: siteseal.thawte.com
URL: https://siteseal.thawte.com/cgi/server/thawte_seal_generator.exe

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			secure.prod.hsmso.net/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: hcroa2ycu04mbidcccnh41pb

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.thawte.com/html/certdetails.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://siteseal.thawte.com/cgi/server/thawte_seal_generator.exe Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

secure.prod.hsmso.net
siteseal.thawte.com
www.thawte.com
siteseal.thawte.com
172.81.14.46
45.60.198.209
0b8a0731813535b791a65a7d6fe9c25ae242d5da497ccd66c59974e07bb7e68c
1853ca13f794b0f20c8fb3d0d01a13cda372f2b8c7d8b57d5a83c51da851ec3a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
45397554677d1f815d8c4784931962c5b7dc200f4d706baf71a1e5f8cccfc8aa
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
546c29a590f20f5be2886a70bba6a63f0385136d4042de70a0048eea91294305
6c727343086faaa7d4d3be6e6964d032858933ecb13dcec38c1ebd00ca49484b
cb96c047b532d77f0880949e06ea7c4e756afae05df02f749a49e99e7bc2c63b

secure.prod.hsmso.net Open in urlscan Pro 172.81.14.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

90 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

1 Countries

141 kBTransfer

214 kBSize

1 Cookies

9 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

secure.prod.hsmso.net Open in urlscan Pro
172.81.14.46 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

141 kB
Transfer

214 kB
Size

1
Cookies

10 HTTP transactions
0 data transactions