![](/screenshots/f8d8f89e-a5d2-4b47-895d-ad799a432cc9.png)
nwt9-t131-l500-xploit.8.netwars.sans.org
Open in
urlscan Pro
52.13.27.0
Public Scan
Submission: On May 31 via manual from DE — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on May 2nd 2024. Valid for: a year.
This is the only time nwt9-t131-l500-xploit.8.netwars.sans.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 52.13.27.0 52.13.27.0 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 1 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-13-27-0.us-west-2.compute.amazonaws.com
nwt9-t131-l500-xploit.8.netwars.sans.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
sans.org
nwt9-t131-l500-xploit.8.netwars.sans.org |
408 KB |
6 | 1 |
Domain | Requested by | |
---|---|---|
6 | nwt9-t131-l500-xploit.8.netwars.sans.org |
nwt9-t131-l500-xploit.8.netwars.sans.org
|
6 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.8.netwars.sans.org Amazon RSA 2048 M02 |
2024-05-02 - 2025-05-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://nwt9-t131-l500-xploit.8.netwars.sans.org/interview_upload.html?appid=t5o8t59m1k18v4l0
Frame ID: 0C6F38836FDA2ED692B53E7833555390
Requests: 6 HTTP requests in this frame
Screenshot
![](/screenshots/f8d8f89e-a5d2-4b47-895d-ad799a432cc9.png)
Detected technologies
![](/vendor/wappa/icons/Materialize CSS.png)
Detected patterns
- <link[^>]* href="[^"]*materialize(?:\.min)?\.css
- materialize(?:\.min)?\.js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
interview_upload.html
nwt9-t131-l500-xploit.8.netwars.sans.org/ |
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
materialize.min.css
nwt9-t131-l500-xploit.8.netwars.sans.org/css/ |
139 KB 139 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MaterialIcons.css
nwt9-t131-l500-xploit.8.netwars.sans.org/css/ |
428 B 959 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
nwt9-t131-l500-xploit.8.netwars.sans.org/js/ |
86 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
materialize.min.js
nwt9-t131-l500-xploit.8.netwars.sans.org/js/ |
177 KB 178 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
nwt9-t131-l500-xploit.8.netwars.sans.org/ |
232 B 647 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| _get function| _createClass function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| Component function| docHandleKeydown function| docHandleKeyup function| docHandleFocus function| docHandleBlur function| getTime object| $jscomp object| $jscomp$this function| cash object| M object| Waves string| message2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
nwt9-t131-l500-xploit.8.netwars.sans.org/ | Name: AWSALB Value: QckRTUkZU54OzLadujV18S3Rzigqqq3aAno2LtGQTw5Wb+RpLcqIVmhAhsKlUkO/35Z9NmS7PrAafk8RtxfdnXayC93kScWcIdU8fZQFADy09bo0+kfMCKOA4iX3 |
|
nwt9-t131-l500-xploit.8.netwars.sans.org/ | Name: AWSALBCORS Value: QckRTUkZU54OzLadujV18S3Rzigqqq3aAno2LtGQTw5Wb+RpLcqIVmhAhsKlUkO/35Z9NmS7PrAafk8RtxfdnXayC93kScWcIdU8fZQFADy09bo0+kfMCKOA4iX3 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
nwt9-t131-l500-xploit.8.netwars.sans.org
52.13.27.0
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
33a6e0489b7638c6d6cd305d0bd3fb557707aed9d53f5c59a0ec0f156d950149
53f7070cc4c81c278c72f7a106fd71434e766cf49b26d6ee8b0e1003d7132b3d
9177a352dcbf8875ebb2e22e682760d47faa4d77398add153dd7084e7568c5bc
a79886dddf308bb17703ec4fcf204f34479848c4a969da386e1723be8c240677
a8c297caa5943ec7a51af98e30aca060f195e1d0103cffbb4e379981ad28593c