urlscan.io logo urlscan.io
SecurityTrails logo

monitoring-ops-notifications.us1.int.backgroundcheck.com Open in urlscan Pro
108.138.128.99  Public Scan

Go To Rescan Add Verdict Report
URL: https://monitoring-ops-notifications.us1.int.backgroundcheck.com/
Submission Tags: phishingrod
Submission: On September 19 via api from DE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 108.138.128.99, located in United States and belongs to AMAZON-02, US. The main domain is monitoring-ops-notifications.us1.int.backgroundcheck.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 20th 2023. Valid for: a year.
This is the only time monitoring-ops-notifications.us1.int.backgroundcheck.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 108.138.128.99 16509 (AMAZON-02)
2 2

This site contains links to these domains. Also see Links.

Domain
github.com
Subject Issuer Validity Valid
monitoring-ops-notifications.us1.int.backgroundcheck.com
Amazon RSA 2048 M03		 2023-10-20 -
2024-11-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://monitoring-ops-notifications.us1.int.backgroundcheck.com/
Frame ID: 55754AC72C184A7804C9D99F26667163
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

We've got some trouble | 401 - Unauthorized

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

4 kB
Transfer

4 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://monitoring-ops-notifications.us1.int.backgroundcheck.com/favicon.ico HTTP 302
  • https://login.microsoftonline.com/9864e03f-6a48-4ed4-9b87-d3d0afb56740/oauth2/v2.0/authorize?response_type=code&response_mode=query&scope=openid&client_id=9d7ef555-f9cc-4570-85a8-65ffd73e946d&redirect_uri=https%3A%2F%2Fmonitoring-ops-notifications.us1.int.backgroundcheck.com&nonce=a3b26eb4625cf94ac1d8141579898003ca61ab0def981f177487bcb0061b483f&state=%2Ffavicon.ico

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
monitoring-ops-notifications.us1.int.backgroundcheck.com/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monitoring-ops-notifications.us1.int.backgroundcheck.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-99.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
0231f9b3c95174f69438ab80894efbf765b9803093225f81c5eface0184ef0e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length
3856
date
Thu, 19 Sep 2024 10:14:39 GMT
server
CloudFront
via
1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
x-amz-cf-id
awC347KKhTiuyfSCc5PjKCP0fHVnM9pGsXdHbEbkqC1o2AhwgHHQWg==
x-amz-cf-pop
JFK50-P4
x-cache
LambdaGeneratedResponse from cloudfront
authorize
login.microsoftonline.com/9864e03f-6a48-4ed4-9b87-d3d0afb56740/oauth2/v2.0/
Redirect Chain
  • https://monitoring-ops-notifications.us1.int.backgroundcheck.com/favicon.ico
  • https://login.microsoftonline.com/9864e03f-6a48-4ed4-9b87-d3d0afb56740/oauth2/v2.0/authorize?response_type=code&response_mode=query&scope=openid&client_id=9d7ef555-f9cc-4570-85a8-65ffd73e946d&redir...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.microsoftonline.com
URL
https://login.microsoftonline.com/9864e03f-6a48-4ed4-9b87-d3d0afb56740/oauth2/v2.0/authorize?response_type=code&response_mode=query&scope=openid&client_id=9d7ef555-f9cc-4570-85a8-65ffd73e946d&redirect_uri=https%3A%2F%2Fmonitoring-ops-notifications.us1.int.backgroundcheck.com&nonce=a3b26eb4625cf94ac1d8141579898003ca61ab0def981f177487bcb0061b483f&state=%2Ffavicon.ico

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Domain/Path Name / Value
monitoring-ops-notifications.us1.int.backgroundcheck.com/ Name: NONCE
Value: af96525255ab61102bd525770467cceab3356b45029e3b298cd9eb850ad307f1
login.microsoftonline.com/ Name: buid
Value: 0.AX0AP-BkmEhq1E6bh9PQr7VnQFX1fp3M-XBFhahl_9c-lG21AAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMY2cB2yvMflvGa8TQpAdJH-tsrjr3v0ereyL15xDk9nuMfcYCnasNjSk2K_MR1D6EQygNBmsoy64zVyVTFKEnC-fzdjfR8pArA_y6cifz2yJUgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYNQzpRGEjAQtMET6UFxGA7WdVT7CmlslWSzpZNSxebWLv6UJN6eAUFF4BHw6g5da6_rAOdEnOVQ4qD_a8x-7ACM1oPF4AT0k1OL0q6QF0ZPg2qAW6VYcm8GKN62XpUdjb8iZpnVbQ41QKFYq4GwjuFru5uVEhFVLNv7SKAe3DLfogAA
.login.microsoftonline.com/ Name: esctx-pZmSVOJedo4
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYqD7gV6obeGg_E8D8JD8UiO2auNJvWa0l4jkjfunaZFF2DMYmmKLnZp-lFNuvIoXqCCLbcJPlH3n4H4leieVBOom5Y6kWz9eS39pJ_2dlgTy5-DIyD51mW2JTAaKAhc8t2BWev3FkIO8A7v-ssswjESAA
login.microsoftonline.com/ Name: fpc
Value: AiUndwWk811GqexbZbcVLesdAm-cAQAAAI7wfd4OAAAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd

1 Console Messages

Source Level URL
Text
network error URL: https://monitoring-ops-notifications.us1.int.backgroundcheck.com/
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.microsoftonline.com
monitoring-ops-notifications.us1.int.backgroundcheck.com
login.microsoftonline.com
108.138.128.99
0231f9b3c95174f69438ab80894efbf765b9803093225f81c5eface0184ef0e2