remote.displaywindows.com
Open in
urlscan Pro
195.166.152.213
Public Scan
Effective URL: https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Submission Tags: @phishunt_io
Submission: On May 25 via api from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 25th 2021. Valid for: a year.
This is the only time remote.displaywindows.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 23 | 195.166.152.213 195.166.152.213 | 6871 (PLUSNET U...) (PLUSNET UK Internet Service Provider) | |
21 | 1 |
ASN6871 (PLUSNET UK Internet Service Provider, GB)
PTR: norecrugeley.plus.com
remote.displaywindows.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
displaywindows.com
2 redirects
remote.displaywindows.com |
142 KB |
21 | 1 |
Domain | Requested by | |
---|---|---|
23 | remote.displaywindows.com |
2 redirects
remote.displaywindows.com
|
21 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.dell.com |
go.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
remote.displaywindows.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-05-25 - 2022-06-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F
Frame ID: E9694FA27C84711497D0964B6D0FC28A
Requests: 21 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://remote.displaywindows.com/ Page URL
-
https://remote.displaywindows.com/Remote/
HTTP 302
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Dell.com
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://remote.displaywindows.com/ Page URL
-
https://remote.displaywindows.com/Remote/
HTTP 302
https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- https://remote.displaywindows.com/Remote/ClearSessionHandler.ashx HTTP 302
- https://remote.displaywindows.com/Remote/logon?ReturnUrl=%2FRemote%2FClearSessionHandler.ashx
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
remote.displaywindows.com/ |
289 B 497 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
logon
remote.displaywindows.com/Remote/ Redirect Chain
|
18 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logon.css
remote.displaywindows.com/Remote/css/ |
7 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logon.css
remote.displaywindows.com/Remote/css/en/ |
7 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logon-s.css
remote.displaywindows.com/Remote/css/ |
2 KB 908 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ramjsfx.menu.css
remote.displaywindows.com/Remote/Javascript/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ramjsfx.fluidlayout.js
remote.displaywindows.com/Remote/javascript/ |
2 KB 955 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebResource.axd
remote.displaywindows.com/Remote/ |
23 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ScriptResource.axd
remote.displaywindows.com/Remote/ |
100 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ScriptResource.axd
remote.displaywindows.com/Remote/ |
39 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ramjsfx.core.js
remote.displaywindows.com/Remote/Javascript/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ramjsfx.js
remote.displaywindows.com/Remote/Javascript/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ramjsfx.watermark.js
remote.displaywindows.com/Remote/Javascript/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ramjsfx.menu.js
remote.displaywindows.com/Remote/Javascript/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ramjsfx.popupwindow.js
remote.displaywindows.com/Remote/Javascript/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ramjsfx.utils.js
remote.displaywindows.com/Remote/Javascript/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ramjsfx.windowspool.js
remote.displaywindows.com/Remote/javascript/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
remote.displaywindows.com/Remote/Customization/Product/ |
57 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebsiteLogo.png
remote.displaywindows.com/Remote/Customization/Partner/ |
609 B 687 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
link16.png
remote.displaywindows.com/Remote/Images/ |
798 B 854 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logon
remote.displaywindows.com/Remote/ Redirect Chain
|
19 KB 7 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
77 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| LogonResources number| fluidLayoutInitializerId object| fluidlayout object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events function| RAMJsFx function| $R number| RANDOM3E7C2B50D64611DDB4810 object| RemoteAccessWindowsPool function| addCanaryToken function| showCover function| updateLayout boolean| smallViewport6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
remote.displaywindows.com/ | Name: suppressSharedFolderReadonlyNotification Value: 0 |
|
remote.displaywindows.com/ | Name: LogonBrowserType Value: DefaultWithoutDetection |
|
remote.displaywindows.com/ | Name: ASP.NET_SessionId Value: h1v2abzaurkjx414jez1ur4i |
|
remote.displaywindows.com/Remote | Name: screenHeight Value: 1200 |
|
remote.displaywindows.com/Remote | Name: screenWidth Value: 1600 |
|
remote.displaywindows.com/Remote | Name: Value: testcookie |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
remote.displaywindows.com
195.166.152.213
00321839a972660a33b51d41ecad852b390c35cd2160d8f7798d404c80376d7b
1446b6ca913549a072d2aa8f3dcc0c76755da058db6327061d365a680e2371b8
15d880351b46323fee9902668ccf9edac8a1d74726866845c52f8c4918b05bc2
2e31bc896090155c93b1b515658bd68b2f1a35a4be127c502142dc9063326c73
354be4c35a07554f9bce53c375e6c33ecc56e5b21f699eef268a489623306054
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
466e525ea245d8dc1e289a3d8206b5e99090a9c28d55d3cb5fccd34f1c3c9109
584a9374d85751ec34c93aaf6a89e9578a3e6a0e10d19dcaa4a2428ebc24e7de
59fcd8e0bf0750bee611bdc0f8ba05878701a26bce5aaf0bc0183a8e6ab6436a
5c824e82e0f54239df36f048165870a3f1758c2e7e9e447127212146b300a526
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
7d37b3962528e956c5e818008da20241626f1928ee8a9c9956650375fadbfe70
7da10a06e20d6a14c38796cadd7cf8fc2f7633b61620f145ddc11afcae0b7e93
8f72313983a2fe41ad2033313f8722e33c20b39b971c4e207d497acee5eb8583
a81419a74a8859961dbc898ab6604e30fa5e2d3587d4d2d5a12b6bbdf8581df8
ccfd39ea2527d9599f0508ef64b53319a8953a7851e5f698c8d8f55dce130d96
f3601f9756431cd20fc214110093faa4c06c402bf5b0a050feccf3b345beb981
f4f4b9be1479369a149a07677bed56293f53ce3e985c61e7f9c29d491f2b49fa
f752190dfaf5e95abd2ca8d462b02f6d496438c43fba8d33cf87cb7aa4a5251e