urlscan.io logo urlscan.io
SecurityTrails logo

ampersandadvisory.adbox.pro Open in urlscan Pro
195.201.189.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ampersandadvisory.adbox.pro/
Effective URL: https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
Submission: On December 05 via manual from MY
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 195.201.189.32, located in Germany and belongs to HETZNER-AS, DE. The main domain is ampersandadvisory.adbox.pro.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 3rd 2019. Valid for: 3 months.
This is the only time ampersandadvisory.adbox.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 4 195.201.189.32 24940 (HETZNER-AS)
5 2600:9000:20e... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:215... 16509 (AMAZON-02)
1 52.216.98.189 16509 (AMAZON-02)
1 151.101.14.110 54113 (FASTLY)
2 162.247.242.21 23467 (NEWRELIC-...)
16 7
4    195.201.189.32 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.32.189.201.195.clients.your-server.de
ampersandadvisory.adbox.pro
5    2600:9000:20eb:ee00:15:2f:cd00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
dxprod-cdn1.adbox.pro
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
apis.google.com
4    2600:9000:2156:aa00:15:2f:cd00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
dxprod-cdn2.adbox.pro
1    52.216.98.189 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
s3.amazonaws.com
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
2    162.247.242.21 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-9.nr-data.net
bam.nr-data.net
Domain Requested by
5 dxprod-cdn1.adbox.pro ampersandadvisory.adbox.pro
4 dxprod-cdn2.adbox.pro ampersandadvisory.adbox.pro
4 ampersandadvisory.adbox.pro 3 redirects
2 bam.nr-data.net js-agent.newrelic.com
2 apis.google.com ampersandadvisory.adbox.pro
apis.google.com
1 js-agent.newrelic.com ampersandadvisory.adbox.pro
1 s3.amazonaws.com ampersandadvisory.adbox.pro
16 7

This site contains no links.

Subject Issuer Validity Valid
*.adbox.pro
Let's Encrypt Authority X3		 2019-12-03 -
2020-03-02		 3 months crt.sh
*.apis.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-02		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
Frame ID: 84824F14EE8DD01B912AC7F442226446
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ampersandadvisory.adbox.pro/ HTTP 302
    https://ampersandadvisory.adbox.pro/ HTTP 302
    https://ampersandadvisory.adbox.pro/LoginRedirect/Index?ReturnUrl=%2f HTTP 302
    https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

1461 kB
Transfer

5125 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ampersandadvisory.adbox.pro/ HTTP 302
    https://ampersandadvisory.adbox.pro/ HTTP 302
    https://ampersandadvisory.adbox.pro/LoginRedirect/Index?ReturnUrl=%2f HTTP 302
    https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
ampersandadvisory.adbox.pro/App/
Redirect Chain
  • http://ampersandadvisory.adbox.pro/
  • https://ampersandadvisory.adbox.pro/
  • https://ampersandadvisory.adbox.pro/LoginRedirect/Index?ReturnUrl=%2f
  • https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.189.32 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.32.189.201.195.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET ARR/3.0 ASP.NET
Resource Hash
4efb2e176edbc363e9e0a580674156c3d9fcf075a696d6049fa460e996d7254d

Request headers

:method
GET
:authority
ampersandadvisory.adbox.pro
:scheme
https
:path
/App/Login?returnUrl=%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
cookie
AppVersion-=201608161704050959
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=0jv20hcwt0nait4j4zlsi1y5; path=/; HttpOnly
access-control-allow-origin
*
x-aspnetmvc-version
4.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET ARR/3.0 ASP.NET
date
Thu, 05 Dec 2019 03:47:01 GMT
content-length
5644

Redirect headers

status
302
cache-control
private
content-type
text/html; charset=utf-8
location
/App/Login?returnUrl=%2F
server
Microsoft-IIS/10.0
set-cookie
AppVersion-=201608161704050959; path=/
access-control-allow-origin
*
x-aspnetmvc-version
4.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET ARR/3.0 ASP.NET
date
Thu, 05 Dec 2019 03:47:01 GMT
content-length
15169
LoginCss
dxprod-cdn1.adbox.pro/Content/Css/ 		466 KB
93 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dxprod-cdn1.adbox.pro/Content/Css/LoginCss?v=lUulQ4LZcpLDivle9tvvNKPHcFob_IbyzVXXsFK20GU1
Requested by
Host: ampersandadvisory.adbox.pro
URL: https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:ee00:15:2f:cd00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
d6f91a973374ea0517c6cfec53141519bf8b71ed57ff37c27837372ab4fb6d63

Request headers

Referer
https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 Nov 2019 13:13:26 GMT
content-encoding
gzip
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA2-C1
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
x-cache
Hit from cloudfront
status
200
content-length
94631
via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified
Sat, 23 Nov 2019 13:13:27 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public
x-amz-cf-id
lWyYAhlg_aq3-ygff5f8mHVkvqsGpiBIqg_btfc0uM2_cVVy3iXMBQ==
expires
Sun, 22 Nov 2020 13:13:27 GMT
api:client.js
apis.google.com/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api:client.js
Requested by
Host: ampersandadvisory.adbox.pro
URL: https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
2d49a8f645e969d7e519568a80b91d91374e19fbdd2938321bf9a69a85b9c101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Dec 2019 03:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-xkptiaIIh/btB0qJzKKK/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"bdf1e18cd51df33f09bbdd1504daf378"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Thu, 05 Dec 2019 03:47:02 GMT
chunk-vendors.0d4528cd.css
dxprod-cdn1.adbox.pro/dist/css/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dxprod-cdn1.adbox.pro/dist/css/chunk-vendors.0d4528cd.css
Requested by
Host: ampersandadvisory.adbox.pro
URL: https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:ee00:15:2f:cd00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
4a2da9ccd40267e32219a1c7a0d1dea41d120967e13321ce0d4bb80a40a546c3

Request headers

Referer
https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 07:26:34 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
x-cache
Hit from cloudfront
status
200
content-length
8114
via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified
Wed, 04 Dec 2019 04:08:20 GMT
server
Microsoft-IIS/10.0
etag
"0928b7658aad51:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
TkUdz0AZmWr9OKHmjP3aHgfM2uDIUaQP_-0rvCzLi9ANmtKzXYWSAg==
chunk-common.bed4ffef.css
dxprod-cdn1.adbox.pro/dist/css/ 		297 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dxprod-cdn1.adbox.pro/dist/css/chunk-common.bed4ffef.css
Requested by
Host: ampersandadvisory.adbox.pro
URL: https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:ee00:15:2f:cd00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
5c39f04242775474a8960d1a550c4deb50e5cea5e10f57db92223cd7c4adbcef

Request headers

Referer
https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Dec 2019 03:33:14 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
x-cache
Hit from cloudfront
status
200
content-length
41984
via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified
Wed, 04 Dec 2019 17:55:10 GMT
server
Microsoft-IIS/10.0
etag
"0d368f8cbaad51:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
1_TLRBO5aSI4QHBOvjz58PnfLdbz5-t_pwe1extKEgivilGkm4bJwg==
Login.e2081ea8.css
dxprod-cdn1.adbox.pro/dist/css/ 		595 B
901 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dxprod-cdn1.adbox.pro/dist/css/Login.e2081ea8.css
Requested by
Host: ampersandadvisory.adbox.pro
URL: https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:ee00:15:2f:cd00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
828123e6fd87a125bb9142a9f96a6e0cde9bef01aec046a7643dfe76214da324

Request headers

Referer
https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 07:26:34 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
x-cache
Hit from cloudfront
status
200
content-length
478
via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified
Wed, 04 Dec 2019 04:08:20 GMT
server
Microsoft-IIS/10.0
etag
"0928b7658aad51:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
6SZZfUNfr0XTRxH55sjWDdYbwuwKX1nniCfEKmXuYAsjy33tQS67eA==
LoginJs
dxprod-cdn2.adbox.pro/Content/ 		261 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxprod-cdn2.adbox.pro/Content/LoginJs?v=mWKxns6uGMY0E4zU8_2UXYk_XgiKEEbSN3ut3sgOB881
Requested by
Host: ampersandadvisory.adbox.pro
URL: https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:aa00:15:2f:cd00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
fff26bdf7d27ea4740d8446adfe0a4f63b100e3cc836812026c2fdc849bc9b0c

Request headers

Referer
https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 Nov 2019 13:13:28 GMT
content-encoding
gzip
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA50-C1
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
x-cache
Hit from cloudfront
status
200
content-length
109780
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
last-modified
Sat, 23 Nov 2019 13:13:28 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
x-amz-cf-id
LVehAdYybofjVp7-ujUVwYa5p-BksQ1ZVTPfZEHrYTkirv8XEUZc9g==
expires
Sun, 22 Nov 2020 13:13:28 GMT
chunk-vendors.e8bf2cf5.js
dxprod-cdn2.adbox.pro/dist/js/ 		3 MB
982 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxprod-cdn2.adbox.pro/dist/js/chunk-vendors.e8bf2cf5.js
Requested by
Host: ampersandadvisory.adbox.pro
URL: https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:aa00:15:2f:cd00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
f5e082b5801b97d865a7e5296519bcaca63b9208f6aea3959fe04715ee45a40f

Request headers

Referer
https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Dec 2019 03:33:14 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
x-cache
Hit from cloudfront
status
200
content-length
1003866
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
last-modified
Wed, 04 Dec 2019 17:55:10 GMT
server
Microsoft-IIS/10.0
etag
"0d368f8cbaad51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
7GBhVGvU-7Jl6ZC6f37TmiZZGG-O5rS0KgyNqvMK1IVZS-BnPbkLMQ==
chunk-common.b3520e6b.js
dxprod-cdn2.adbox.pro/dist/js/ 		92 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxprod-cdn2.adbox.pro/dist/js/chunk-common.b3520e6b.js
Requested by
Host: ampersandadvisory.adbox.pro
URL: https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:aa00:15:2f:cd00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
2bca7b7ed9ff63514c1f3c4abcc7d327ef86ced9a0986f2679824de673d693d4

Request headers

Referer
https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Dec 2019 03:33:14 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
x-cache
Hit from cloudfront
status
200
content-length
21566
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
last-modified
Wed, 04 Dec 2019 17:55:10 GMT
server
Microsoft-IIS/10.0
etag
"0d368f8cbaad51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
77ugkMCYDgRpb58lzWcI_Pw_EIn3G-qoYvmcQ9CAsUtk1DLyPUbAng==
Login.9dd9c818.js
dxprod-cdn2.adbox.pro/dist/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxprod-cdn2.adbox.pro/dist/js/Login.9dd9c818.js
Requested by
Host: ampersandadvisory.adbox.pro
URL: https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:aa00:15:2f:cd00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
0b0e1dcb5cd76a9640d407ff3c25cf4aee0953e8c00b9ea57e10128e076f1128

Request headers

Referer
https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Dec 2019 03:33:14 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
x-cache
Hit from cloudfront
status
200
content-length
5189
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
last-modified
Wed, 04 Dec 2019 17:55:10 GMT
server
Microsoft-IIS/10.0
etag
"0d368f8cbaad51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
ghkR3g3zGWG3ocZvt3yoYKTmfSWD5FN_kOODKXWjNs4o_77UXiZOGg==
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/ 		287 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api:client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
66a0b2283ca6af83098411b1427182d52615727bc51d7feba1bceab69aa2b72d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 Nov 2019 01:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Nov 2019 22:37:32 GMT
server
sffe
age
1391102
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
101118
x-xss-protection
0
expires
Wed, 18 Nov 2020 01:22:00 GMT
61320be7-bfc7-4af3-b38a-39d760602bff_Deltax_Scaled.png
s3.amazonaws.com/deltax.production/AllFiles/Uploads/Logos/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/deltax.production/AllFiles/Uploads/Logos/61320be7-bfc7-4af3-b38a-39d760602bff_Deltax_Scaled.png
Requested by
Host: ampersandadvisory.adbox.pro
URL: https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.98.189 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc48cf4122f432ea4610aaf1474fbfbb73820cc7050c28e463b6a7dad44116d9

Request headers

Referer
https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 05 Dec 2019 03:47:03 GMT
Last-Modified
Wed, 22 May 2019 06:51:56 GMT
Server
AmazonS3
x-amz-request-id
8202B4A32FF04F19
ETag
"0c3c052f162f235bce1a9ecf0782fcae"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
10191
x-amz-id-2
5s2mlGp0zuHrgsiB5qJeSes3r1SYJczk3mv/XcRaEg8lhIbol79VhZHqpNTVPgLJV24pB9dUdxk=
fontawesome-webfont.woff
dxprod-cdn1.adbox.pro/Content/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dxprod-cdn1.adbox.pro/Content/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: ampersandadvisory.adbox.pro
URL: https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:ee00:15:2f:cd00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
e3870de89716b72cb61a4bba0e17c75783b361cdaba35ea96961c3070bd8ca18

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://dxprod-cdn1.adbox.pro/Content/Css/LoginCss?v=lUulQ4LZcpLDivle9tvvNKPHcFob_IbyzVXXsFK20GU1
Origin
https://ampersandadvisory.adbox.pro

Response headers

date
Sat, 23 Nov 2019 13:13:30 GMT
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
last-modified
Mon, 29 Jul 2019 10:58:28 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
FRA2-C1
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
etag
"0622e8dfc45d51:0"
x-cache
Hit from cloudfront
content-type
application/x-font-woff
status
200
accept-ranges
bytes
access-control-allow-origin
*
content-length
71508
x-amz-cf-id
OSfur5_oy417UmsQAp21y194MPn2mTqrPujD8bnzuhS-XIl3dt6N5g==
nr-1153.min.js
js-agent.newrelic.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1153.min.js
Requested by
Host: ampersandadvisory.adbox.pro
URL: https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0f4eb8ed7fc767a6dc7512f7597e4d34e4259e797c7c2ee224d7a97d14ecd23

Request headers

Referer
https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Dec 2019 03:47:02 GMT
content-encoding
gzip
x-amz-request-id
FFF93ED5F88A1822
x-cache
HIT
status
200
content-length
10041
x-amz-id-2
cTbmD7KheDnvH20xCq8BJ9Iq4Y9OXIhqhMfhON513gk+dbSmvVt2yVtjnFtyar3DfNOTYN9O34Q=
x-served-by
cache-fra19130-FRA
last-modified
Fri, 08 Nov 2019 16:26:28 GMT
server
AmazonS3
x-timer
S1575517623.694896,VS0,VE0
etag
"d3b942e7c79a167d59ed590feee5e193"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2496
1de636890c
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/1de636890c?a=149141183&v=1153.61ee9ba&to=NlVWMUYACxIDB0ZfVw8feTN3TikOBQ1cdVcPREYKWA0AE00tXFJdGQ%3D%3D&rst=781&ref=https://ampersandadvisory.adbox.pro/App/Login&ap=12&be=188&fe=772&dc=404&perf=%7B%22timing%22:%7B%22of%22:1575517621921,%22n%22:0,%22f%22:162,%22dn%22:162,%22dne%22:162,%22c%22:162,%22ce%22:162,%22rq%22:162,%22rp%22:182,%22rpe%22:183,%22dl%22:184,%22di%22:404,%22ds%22:404,%22de%22:408,%22dc%22:772,%22l%22:772,%22le%22:773%7D,%22navigation%22:%7B%7D%7D&fp=310&fcp=415&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1153.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
1de636890c
bam.nr-data.net/events/1/ 		24 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/1de636890c?a=149141183&v=1153.61ee9ba&to=NlVWMUYACxIDB0ZfVw8feTN3TikOBQ1cdVcPREYKWA0AE00tXFJdGQ%3D%3D&rst=10781&ref=https://ampersandadvisory.adbox.pro/App/Login
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1153.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://ampersandadvisory.adbox.pro/App/Login?returnUrl=%2F
Origin
https://ampersandadvisory.adbox.pro
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://ampersandadvisory.adbox.pro
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require object| gapi object| ___jsl function| setup_sidebar_menu function| sidebar_menu_item_expand function| sidebar_menu_item_collapse function| sidebar_menu_close_items_siblings function| setup_horizontal_menu function| stickFooterToBottom function| ps_update function| ps_init function| ps_destroy function| cbr_replace function| cbr_recheck function| attrDefault function| callback_test function| date function| resizable function| get_current_breakpoint function| is function| isxs function| ismdxl function| trigger_resizable function| rtl function| show_loading_bar function| hide_loading_bar number| sm_duration number| sm_transition_delay object| _gsScope object| public_vars function| $ function| jQuery object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup object| deltax object| gadgets object| osapi object| shindig object| googleapis object| oauth2 object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ object| webpackJsonp object| __core-js_shared__ object| core function| NL object| openedWindows object| activeRenewals object| renewStates object| callbackMappedToRenewStates object| promiseMappedToRenewStates object| msal object| Login

2 Cookies

Domain/Path Name / Value
ampersandadvisory.adbox.pro/ Name: ASP.NET_SessionId
Value: 0jv20hcwt0nait4j4zlsi1y5
ampersandadvisory.adbox.pro/ Name: AppVersion-
Value: 201608161704050959

1 Console Messages

Source Level URL
Text
console-api error URL: https://dxprod-cdn2.adbox.pro/dist/js/chunk-vendors.e8bf2cf5.js(Line 100)
Message:
[g-signin-button] params.client_id must be specified.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampersandadvisory.adbox.pro
apis.google.com
bam.nr-data.net
dxprod-cdn1.adbox.pro
dxprod-cdn2.adbox.pro
js-agent.newrelic.com
s3.amazonaws.com
151.101.14.110
162.247.242.21
195.201.189.32
2600:9000:20eb:ee00:15:2f:cd00:93a1
2600:9000:2156:aa00:15:2f:cd00:93a1
2a00:1450:4001:800::200e
52.216.98.189
0b0e1dcb5cd76a9640d407ff3c25cf4aee0953e8c00b9ea57e10128e076f1128
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
2bca7b7ed9ff63514c1f3c4abcc7d327ef86ced9a0986f2679824de673d693d4
2d49a8f645e969d7e519568a80b91d91374e19fbdd2938321bf9a69a85b9c101
4a2da9ccd40267e32219a1c7a0d1dea41d120967e13321ce0d4bb80a40a546c3
4efb2e176edbc363e9e0a580674156c3d9fcf075a696d6049fa460e996d7254d
5c39f04242775474a8960d1a550c4deb50e5cea5e10f57db92223cd7c4adbcef
66a0b2283ca6af83098411b1427182d52615727bc51d7feba1bceab69aa2b72d
828123e6fd87a125bb9142a9f96a6e0cde9bef01aec046a7643dfe76214da324
c0f4eb8ed7fc767a6dc7512f7597e4d34e4259e797c7c2ee224d7a97d14ecd23
d6f91a973374ea0517c6cfec53141519bf8b71ed57ff37c27837372ab4fb6d63
dc48cf4122f432ea4610aaf1474fbfbb73820cc7050c28e463b6a7dad44116d9
e3870de89716b72cb61a4bba0e17c75783b361cdaba35ea96961c3070bd8ca18
f5e082b5801b97d865a7e5296519bcaca63b9208f6aea3959fe04715ee45a40f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fff26bdf7d27ea4740d8446adfe0a4f63b100e3cc836812026c2fdc849bc9b0c