login.session.secure.auth.cspucs.com
Open in
urlscan Pro
188.166.42.231
Public Scan
Effective URL: https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth670873eb83b60c886393773450dda98b3a/?d3b...
Submission: On February 04 via manual from IN
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 1st 2020. Valid for: 3 months.
This is the only time login.session.secure.auth.cspucs.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 24 | 188.166.42.231 188.166.42.231 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
2 | 152.199.19.160 152.199.19.160 | 15133 (EDGECAST) (EDGECAST) | |
2 | 2606:4700:20:... 2606:4700:20::681a:92c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
24 | 3 |
ASN14061 (DIGITALOCEAN-ASN, US)
PTR: bizcloud-clarke.powertce.com
id.djlt-intl.com | |
login.session.secure.auth.cspucs.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
cspucs.com
3 redirects
login.session.secure.auth.cspucs.com |
745 KB |
2 |
ipapi.co
ipapi.co |
676 B |
2 |
aspnetcdn.com
ajax.aspnetcdn.com |
173 KB |
2 |
djlt-intl.com
1 redirects
id.djlt-intl.com |
2 KB |
24 | 4 |
Domain | Requested by | |
---|---|---|
22 | login.session.secure.auth.cspucs.com |
3 redirects
id.djlt-intl.com
login.session.secure.auth.cspucs.com |
2 | ipapi.co |
ajax.aspnetcdn.com
|
2 | ajax.aspnetcdn.com |
id.djlt-intl.com
login.session.secure.auth.cspucs.com |
2 | id.djlt-intl.com | 1 redirects |
24 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
id.djlt-intl.com cPanel, Inc. Certification Authority |
2020-02-01 - 2020-05-01 |
3 months | crt.sh |
*.vo.msecnd.net Microsoft IT TLS CA 2 |
2018-03-30 - 2020-03-30 |
2 years | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-11-13 - 2020-10-09 |
a year | crt.sh |
login.session.secure.auth.cspucs.com cPanel, Inc. Certification Authority |
2020-02-01 - 2020-05-01 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth670873eb83b60c886393773450dda98b3a/?d3b9d9cfc8e7f5b9a26cd45c246e70773836383532393238363636353531303334393238373235333638303139353530353836343631373931363235343632353633383935373237313733=3836383532393238363636353531303334393238373235333638303139353530353836343631373931363235343632353633383935373237313733&3836383532393238363636353531303334393238373235333638303139353530353836343631373931363235343632353633383935373237313733=3836383532393238363636353531303334393238373235333638303139353530353836343631373931363235343632353633383935373237313733&email=416c6578616e6472612e4a656c6c6966664077656c6c73666172676f2e636f6d&forfront=forfront
Frame ID: 9F985CC6530000F64C17C9ADB04903CE
Requests: 24 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://id.djlt-intl.com//?pzone=416c6578616e6472612e4a656c6c6966664077656c6c73666172676f2e636f6d Page URL
-
https://id.djlt-intl.com//?jrFTWXsa8210219132=jrFTWXsa8210219132-cfc10f&pzone=416c6578616e6472612e4a6...
HTTP 302
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/?08SuhOt1oTlgYAQxvV7smqfWBnXPyRw45dKzpejCcNL6k9DF... HTTP 302
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?newsid=YzVmNGI0NGY1Mjk2Y2VjNjgyMDQ2NzQ... Page URL
-
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?sJZtGhmB8210219132=sJZtGhmB8210219132-...
HTTP 302
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth670873eb83b60c88639... HTTP 301
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth670873eb83b60c88639... Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://id.djlt-intl.com//?pzone=416c6578616e6472612e4a656c6c6966664077656c6c73666172676f2e636f6d Page URL
-
https://id.djlt-intl.com//?jrFTWXsa8210219132=jrFTWXsa8210219132-cfc10f&pzone=416c6578616e6472612e4a656c6c6966664077656c6c73666172676f2e636f6d&
HTTP 302
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/?08SuhOt1oTlgYAQxvV7smqfWBnXPyRw45dKzpejCcNL6k9DFEbMJ2GIariH3UZ=5AwT2D9cjB7q4Naplhb1K0ikoePmFtsVMUXGruyZ3LgOzdx8nHS6IQWRfJEYCv&email=416c6578616e6472612e4a656c6c6966664077656c6c73666172676f2e636f6d&aG7SfzgwuVsyECeN6M3lqKQiI90pJBLnYUPbvkjc8mAxRdZ1DHrFhtT5W4oO2X=QbkjHPKu7ltzNdgVaSYDxCAIG6TfheJmBiEnU0cvsyW2pO1oFrMX4Z9w3R58qL& HTTP 302
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?newsid=YzVmNGI0NGY1Mjk2Y2VjNjgyMDQ2NzQ5YzU5MGZhZGU=.YzVmNGI0NGY1Mjk2Y2VjNjgyMDQ2NzQ5YzU5MGZhZGU=.YzVmNGI0NGY1Mjk2Y2VjNjgyMDQ2NzQ5YzU5MGZhZGU=&email=416c6578616e6472612e4a656c6c6966664077656c6c73666172676f2e636f6d&loginpage=YzVmNGI0NGY1Mjk2Y2VjNjgyMDQ2NzQ5YzU5MGZhZGU=YzVmNGI0NGY1Mjk2Y2VjNjgyMDQ2NzQ5YzU5MGZhZGU=&reff=YzVmNGI0NGY1Mjk2Y2VjNjgyMDQ2NzQ5YzU5MGZhZGU=YzVmNGI0NGY1Mjk2Y2VjNjgyMDQ2NzQ5YzU5MGZhZGU= Page URL
-
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?sJZtGhmB8210219132=sJZtGhmB8210219132-c41e8a&email=416c6578616e6472612e4a656c6c6966664077656c6c73666172676f2e636f6d
HTTP 302
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth670873eb83b60c886393773450dda98b3a?d3b9d9cfc8e7f5b9a26cd45c246e70773836383532393238363636353531303334393238373235333638303139353530353836343631373931363235343632353633383935373237313733=3836383532393238363636353531303334393238373235333638303139353530353836343631373931363235343632353633383935373237313733&3836383532393238363636353531303334393238373235333638303139353530353836343631373931363235343632353633383935373237313733=3836383532393238363636353531303334393238373235333638303139353530353836343631373931363235343632353633383935373237313733&email=416c6578616e6472612e4a656c6c6966664077656c6c73666172676f2e636f6d&forfront=forfront HTTP 301
https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth670873eb83b60c886393773450dda98b3a/?d3b9d9cfc8e7f5b9a26cd45c246e70773836383532393238363636353531303334393238373235333638303139353530353836343631373931363235343632353633383935373237313733=3836383532393238363636353531303334393238373235333638303139353530353836343631373931363235343632353633383935373237313733&3836383532393238363636353531303334393238373235333638303139353530353836343631373931363235343632353633383935373237313733=3836383532393238363636353531303334393238373235333638303139353530353836343631373931363235343632353633383935373237313733&email=416c6578616e6472612e4a656c6c6966664077656c6c73666172676f2e636f6d&forfront=forfront Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://id.djlt-intl.com//?jrFTWXsa8210219132=jrFTWXsa8210219132-cfc10f&pzone=416c6578616e6472612e4a656c6c6966664077656c6c73666172676f2e636f6d& HTTP 302
- https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/?08SuhOt1oTlgYAQxvV7smqfWBnXPyRw45dKzpejCcNL6k9DFEbMJ2GIariH3UZ=5AwT2D9cjB7q4Naplhb1K0ikoePmFtsVMUXGruyZ3LgOzdx8nHS6IQWRfJEYCv&email=416c6578616e6472612e4a656c6c6966664077656c6c73666172676f2e636f6d&aG7SfzgwuVsyECeN6M3lqKQiI90pJBLnYUPbvkjc8mAxRdZ1DHrFhtT5W4oO2X=QbkjHPKu7ltzNdgVaSYDxCAIG6TfheJmBiEnU0cvsyW2pO1oFrMX4Z9w3R58qL& HTTP 302
- https://login.session.secure.auth.cspucs.com/.login.session.secure.auth/inline.php?newsid=YzVmNGI0NGY1Mjk2Y2VjNjgyMDQ2NzQ5YzU5MGZhZGU=.YzVmNGI0NGY1Mjk2Y2VjNjgyMDQ2NzQ5YzU5MGZhZGU=.YzVmNGI0NGY1Mjk2Y2VjNjgyMDQ2NzQ5YzU5MGZhZGU=&email=416c6578616e6472612e4a656c6c6966664077656c6c73666172676f2e636f6d&loginpage=YzVmNGI0NGY1Mjk2Y2VjNjgyMDQ2NzQ5YzU5MGZhZGU=YzVmNGI0NGY1Mjk2Y2VjNjgyMDQ2NzQ5YzU5MGZhZGU=&reff=YzVmNGI0NGY1Mjk2Y2VjNjgyMDQ2NzQ5YzU5MGZhZGU=YzVmNGI0NGY1Mjk2Y2VjNjgyMDQ2NzQ5YzU5MGZhZGU=
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
id.djlt-intl.com// |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/ |
86 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ipapi.co/org/ |
19 B 411 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inline.php
login.session.secure.auth.cspucs.com/.login.session.secure.auth/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/ |
86 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ipapi.co/org/ |
19 B 265 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
login.session.secure.auth.cspucs.com/.login.session.secure.auth/secure.owaweb.login.mail.oauth670873eb83b60c886393773450dda98b3a/ Redirect Chain
|
14 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rdx.css
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/ |
397 KB 397 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/ |
35 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citrix-fonts.css
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.css
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in_progress.gif
login.session.secure.auth.cspucs.com/vpn/js/rdx/core/images/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
new.outlook.web.png
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/image/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.png
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/image/ |
265 KB 265 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citrixsans_regular.woff
login.session.secure.auth.cspucs.com/vpn/js/rdx/core/css/fonts/citrix_sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header_gradient.png
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oie_10214410XSsRriIV.png
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/image/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citrixsans_semibold.woff
login.session.secure.auth.cspucs.com/vpn/js/rdx/core/css/fonts/citrix_sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citrixsans_regular.ttf
login.session.secure.auth.cspucs.com/vpn/js/rdx/core/css/fonts/citrix_sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citrixsans_semibold.ttf
login.session.secure.auth.cspucs.com/vpn/js/rdx/core/css/fonts/citrix_sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citrixsans_regular.woff
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/fonts/citrix_sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citrixsans_semibold.woff
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/fonts/citrix_sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citrixsans_regular.ttf
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/fonts/citrix_sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citrixsans_semibold.ttf
login.session.secure.auth.cspucs.com/.login.session.secure.auth/src/css/fonts/citrix_sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.aspnetcdn.com
id.djlt-intl.com
ipapi.co
login.session.secure.auth.cspucs.com
152.199.19.160
188.166.42.231
2606:4700:20::681a:92c
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
13fc4b7a465f3458acaa898b644fca2092fc73ab128a166644ebe56f49debf2a
1614b958b010ac7f43ddd0252c599b9140fb998bf4586a8ef9f04bb015dd3015
27a844eb767c3627787e795f39be4fc62e2ba7a2dad56f10604ab87c4ef948d7
49d1f943baf6cd0fddaaff171fad27b11189a368c3dc32ec435b49271906a319
81b81a3d9da083b718981da2f3a661b065be4618d6a14c04457bbcb5b73b4e47
86e7d27908a1e8f073270209229f4f71d57020f7a3b38327665abcfa99681448
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dd27635d09c1176381ae00c210a5e412e00d1bf277cd5e3487a877a43be2cea0
f512b1c7b49a4d1af362ebd101a2051a6648a7a369a24c52534f38bbc63e1d83
f7353a7f38c4a6b3bdb235dd7d40343415a586fdae7be96d0203d7345a0f528c
feeda96e5bf1b1f1c836ca77fdfb0e27d17d7dbc16b6cf02ebca8580cccaca1f