redfoxmsp.screenconnect.com
Open in
urlscan Pro
145.40.105.178
Public Scan
Submitted URL: https://www.support.redfoxit.ca/
Effective URL: https://redfoxmsp.screenconnect.com/
Submission: On April 18 via automatic, source certstream-suspicious — Scanned from CA
Effective URL: https://redfoxmsp.screenconnect.com/
Submission: On April 18 via automatic, source certstream-suspicious — Scanned from CA
Summary
This website contacted 3 IPs
in 2 countries
across 2 domains to perform 18 HTTP transactions.
The main IP is 145.40.105.178, located in
Toronto, Canada and
belongs to PACKET, US.
The main domain is redfoxmsp.screenconnect.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on February 2nd 2024. Valid for: a year.
This is the only time redfoxmsp.screenconnect.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on February 2nd 2024. Valid for: a year.
This is the only time redfoxmsp.screenconnect.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 192.185.99.178 192.185.99.178 | 19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING) | |
| 12 | 145.40.105.178 145.40.105.178 | 54825 (PACKET) (PACKET) | |
| 4 | 137.117.86.90 137.117.86.90 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 18 | 3 |
1
192.185.99.178
(United States)
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-99-178.unifiedlayer.com
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-99-178.unifiedlayer.com
| www.support.redfoxit.ca |
12
145.40.105.178
(Toronto, Canada)
ASN54825 (PACKET, US)
PTR: nix792d1ca1
ASN54825 (PACKET, US)
PTR: nix792d1ca1
| redfoxmsp.screenconnect.com |
4
137.117.86.90
(Washington, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| cloud.screenconnect.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 16 |
screenconnect.com
redfoxmsp.screenconnect.com cloud.screenconnect.com — Cisco Umbrella Rank: 40406 |
604 KB |
| 1 |
redfoxit.ca
1 redirects
www.support.redfoxit.ca |
105 B |
| 18 | 2 |
| Domain | Requested by | |
|---|---|---|
| 12 | redfoxmsp.screenconnect.com |
redfoxmsp.screenconnect.com
|
| 4 | cloud.screenconnect.com |
redfoxmsp.screenconnect.com
|
| 1 | www.support.redfoxit.ca | 1 redirects |
| 18 | 3 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.screenconnect.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-02 - 2025-03-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://redfoxmsp.screenconnect.com/
Frame ID: 88AD1D1C66058B3E8D04312562E5CACE
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Red Fox Remote Support SoftwarePage URL History Show full URLs
-
https://www.support.redfoxit.ca/
HTTP 301
https://redfoxmsp.screenconnect.com/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.support.redfoxit.ca/
HTTP 301
https://redfoxmsp.screenconnect.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
redfoxmsp.screenconnect.com/ Redirect Chain
|
47 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Script.ashx
redfoxmsp.screenconnect.com/ |
558 KB 104 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Default.css
redfoxmsp.screenconnect.com/App_Themes/DarkWithRed/ |
466 KB 123 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
instance.js
cloud.screenconnect.com/scripts/ |
5 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Style.css
redfoxmsp.screenconnect.com/App_Extensions/76f13266-6bed-48bc-ba35-5c80e58c68c0/ |
461 B 548 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
GetLiveData
redfoxmsp.screenconnect.com/Services/PageService.ashx/ |
145 B 301 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Default.css
redfoxmsp.screenconnect.com/App_Themes/DarkWithRed/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Default.css
redfoxmsp.screenconnect.com/App_Themes/DarkWithRed/ |
306 KB 306 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ActivityIndicator.gif
redfoxmsp.screenconnect.com/Images/ |
27 KB 27 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Extras.svg
redfoxmsp.screenconnect.com/Images/ |
322 B 422 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ActionCenter.svg
redfoxmsp.screenconnect.com/Images/ |
346 B 435 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Applications.svg
redfoxmsp.screenconnect.com/Images/ |
821 B 886 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
GetMessages
cloud.screenconnect.com/scripts/Service/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
GetMessages
cloud.screenconnect.com/scripts/Service/ |
196 B 348 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
GetScripts
cloud.screenconnect.com/scripts/Service/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
GetScripts
cloud.screenconnect.com/scripts/Service/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FavIcon.axd
redfoxmsp.screenconnect.com/ |
288 B 370 B |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
GetLiveData
redfoxmsp.screenconnect.com/Services/PageService.ashx/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cloud.screenconnect.com
- URL
- https://cloud.screenconnect.com/scripts/Service/GetScripts
- Domain
- redfoxmsp.screenconnect.com
- URL
- https://redfoxmsp.screenconnect.com/Services/PageService.ashx/GetLiveData
Verdicts & Comments Add Verdict or Comment
58 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| setTaggedSessionInfo function| setTaggedSessionID function| getTaggedSessionInfo function| getSessionInfo function| namespace object| SC function| $ function| $$ function| $nbsp function| $a function| $br function| $button function| $dd function| $div function| $dl function| $dt function| $fieldset function| $form function| $h1 function| $h2 function| $h3 function| $h4 function| $hr function| $iframe function| $img function| $input function| $label function| $legend function| $li function| $option function| $p function| $script function| $select function| $span function| $table function| $tbody function| $td function| $textarea function| $th function| $thead function| $tr function| $ul function| $dfn function| $ins function| $pre object| _capabilities boolean| isTouchEnabled object| _taggedSessionInfos boolean| _isTouchEnabled number| _lastNotifyActivityTime object| _liveData object| _lifeCycleEvents function| generateUUID string| scriptUrl function| preRenderHandler object| _scriptParameters string| _lastInjectionID boolean| _hasJoinedDefault0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cloud.screenconnect.com
redfoxmsp.screenconnect.com
www.support.redfoxit.ca
cloud.screenconnect.com
redfoxmsp.screenconnect.com
137.117.86.90
145.40.105.178
192.185.99.178
0fd723521eb721057090a3bce605263b58d3882ff01d42e90f8841aa92c575be
13b349504178e118285c5417a97ca9c7c4882b9765ce5f880d415ed87118df3a
284b97ad0e757e5467447c052357ca7be9b5478b2397908a08d1a7b9e7462d5b
2d7f8a23e601dd01ffe42b4324cc26171c50893f4a1fd7b28eda6d7e3a377803
354f08cfe4e8e3a3fb0cb9760b7a8d8e5ae47f7f7fd5e2b21247f30b633fc5f8
3df21cefa95158f993b5e03ac52d2d42a1b9e8eb0e3f314ed9c440a5fb4b8a12
5bf4f707f250958980d313203989f1fca55b9446f34d667e7256f853d52e494d
7303fb71f1fa7329e5b09d054b03ae970036f65f821720aa6d030fc2a6ad376f
81fce97d96268840367d7f9119333c8bfccf3a633a68006a87240288a085b0b1
87c3476135517a5c69b95600f0ff1025e14c86a980f19b105f6aafac06dc224b
8fce4aad3b04f9b76a08bad9b2459e355bbf16a470486d689fa801b9a30e3061
9d070c98f02f1d6287952256b47f7cd72eda89bda25ef99782325214a042f01a
a1d10f82bc916c7139f3d86a517e9deb9ee17eed5e66d4e6082ec58ac5bbe071
a25b47dade1424e1bca851047d5526bd2970209173efe34cd0d90d29f949f94b
cf378018c1e307f0bc6e1c68dd6266a8b60d637d5321755e0e5c15372c42398b