signage.nixplay.com Open in urlscan Pro
34.210.103.250 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u5524677.ct.sendgrid.net/ls/click?upn=KWD5BaFDj-2FiCx566foD7Uc4MvaiPza3CX1fyNW5orSCx8ueCSqEl-2FhrAkFwP3MWDeyJz-2FcYppA0QC...
Effective URL:
https://signage.nixplay.com/reset-pwd/?token=5c3b3b2038d605bf69f36ce8d18a636aae6e58a4
Submission: On March 23 via manual (March 23rd 2021, 2:14:25 pm UTC) from IN

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 9 HTTP transactions. The main IP is 34.210.103.250, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is signage.nixplay.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 9th 2021. Valid for: a year.

This is the only time signage.nixplay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.121 167.89.115.121	11377 (SENDGRID) (SENDGRID)
5	34.210.103.250 34.210.103.250	16509 (AMAZON-02) (AMAZON-02)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	52.24.63.81 52.24.63.81	16509 (AMAZON-02) (AMAZON-02)
9	4

1 167.89.115.121 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x121.outbound-mail.sendgrid.net

u5524677.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.210.103.250 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-103-250.us-west-2.compute.amazonaws.com

signage.nixplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.24.63.81 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-63-81.us-west-2.compute.amazonaws.com

api.nixplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	nixplay.com signage.nixplay.com api.nixplay.com	274 KB
2	jquery.com code.jquery.com	36 KB
1	sendgrid.net 1 redirects u5524677.ct.sendgrid.net	289 B
0	ip-api.com Failed ip-api.com Failed
9	4

	Domain	Requested by
5	signage.nixplay.com	signage.nixplay.com
2	code.jquery.com	signage.nixplay.com
1	api.nixplay.com	code.jquery.com
1	u5524677.ct.sendgrid.net	1 redirects
0	ip-api.com Failed	code.jquery.com
9	5

This site contains no links.

Subject Issuer	Validity	Valid
*.nixplay.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-09` - `2022-04-08`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://signage.nixplay.com/reset-pwd/?token=5c3b3b2038d605bf69f36ce8d18a636aae6e58a4
Frame ID: A0321F456EE0235685E2C70A46DBD1A6
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://u5524677.ct.sendgrid.net/ls/click?upn=KWD5BaFDj-2FiCx566foD7Uc4MvaiPza3CX1fyNW5orSCx8ueCSqEl-2FhrAkFw... HTTP 302
https://signage.nixplay.com/reset-pwd/?token=5c3b3b2038d605bf69f36ce8d18a636aae6e58a4 Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

9
Requests

89 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

310 kB
Transfer

376 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u5524677.ct.sendgrid.net/ls/click?upn=KWD5BaFDj-2FiCx566foD7Uc4MvaiPza3CX1fyNW5orSCx8ueCSqEl-2FhrAkFwP3MWDeyJz-2FcYppA0QC7lSaHROkOjmrilLAgDAXCp46kYPjg-2BW661-2F1MgJQBopygSPHPRZiYkU_I1wfxe1Fz5rlccpp-2B5kARjAiZ8dEDpEthjJ-2BmMk8Dkkp4W6wpdvdJdn3TgZdfhqH28HBHBKP5hUGKVf-2FJ4cFWC8MFW4g6-2BA8uMIec43UoY-2BLfkajGCcl00771aTZ9cyD2MgvsaHPRlQ05auv4xCQsz9R-2BbOJnuGmBfM6j8XFMmbd8BwVNP8l7CzThSe87XhEKzyYNAQ2xYQyRynbLjY1PEwuqJ9A1LytRzLCR-2F-2FZwV04b8egfTsZ2AIEBSLlV6gW HTTP 302
https://signage.nixplay.com/reset-pwd/?token=5c3b3b2038d605bf69f36ce8d18a636aae6e58a4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response signage.nixplay.com/reset-pwd/ Redirect Chain https://u5524677.ct.sendgrid.net/ls/click?upn=KWD5BaFDj-2FiCx566foD7Uc4MvaiPza3CX1fyNW5orSCx8ueCSqEl-2FhrAkFwP3MWDeyJz-2FcYppA0QC7lSaHROkOjmrilLAgDAXCp46kYPjg-2BW661-2F1MgJQBopygSPHPRZiYkU_I1wfxe1F... https://signage.nixplay.com/reset-pwd/?token=5c3b3b2038d605bf69f36ce8d18a636aae6e58a4	4 KB 2 KB	737ms 181ms	Document text/html	34.210.103.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://signage.nixplay.com/reset-pwd/?token=5c3b3b2038d605bf69f36ce8d18a636aae6e58a4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.210.103.250 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-210-103-250.us-west-2.compute.amazonaws.com Software nginx/1.4.6 (Ubuntu) / Express Resource Hash `a0ea2adaaf2f7e65f677639ce3506017a8ac5224496d5298888c7b958ccb0214` Request headers Host signage.nixplay.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Cache-control no-cache="set-cookie" Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Tue, 23 Mar 2021 14:14:09 GMT Server nginx/1.4.6 (Ubuntu) Set-Cookie AWSELB=C767EDCF084175738A1AB5FD4C0C50698369CD6B0B7E6B02F7815910F4E739020040E188D139C6EAF576C143146BE1A1DF4FA3A1CD19797C38050538703CFE5CBF564252D9;PATH=/ AWSELBCORS=C767EDCF084175738A1AB5FD4C0C50698369CD6B0B7E6B02F7815910F4E739020040E188D139C6EAF576C143146BE1A1DF4FA3A1CD19797C38050538703CFE5CBF564252D9;PATH=/;SECURE;SAMESITE=None X-Powered-By Express Content-Length 1405 Connection keep-alive Redirect headers Server nginx Date Tue, 23 Mar 2021 14:14:08 GMT Content-Type text/html; charset=utf-8 Content-Length 108 Connection keep-alive Location https://signage.nixplay.com/reset-pwd/?token=5c3b3b2038d605bf69f36ce8d18a636aae6e58a4 X-Robots-Tag noindex, nofollow
GET H2	200	jquery-1.12.0.min.js Show response code.jquery.com/	95 KB 33 KB	27ms 9ms	Script application/javascript	2001:4de0:ac18::1:a:3b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.12.0.min.js Requested by Host: signage.nixplay.com URL: https://signage.nixplay.com/reset-pwd/?token=5c3b3b2038d605bf69f36ce8d18a636aae6e58a4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash `5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf` Request headers Referer https://signage.nixplay.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 14:14:09 GMT content-encoding gzip last-modified Fri, 08 Jan 2016 19:57:42 GMT server nginx etag W/"569014b6-17c52" vary Accept-Encoding x-hw 1616508849.dop018.fr8.t,1616508849.cds250.fr8.hc,1616508849.cds284.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 33820
GET H2	200	jquery-migrate-1.2.1.min.js Show response code.jquery.com/	7 KB 3 KB	35ms 17ms	Script application/javascript	2001:4de0:ac18::1:a:3b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-migrate-1.2.1.min.js Requested by Host: signage.nixplay.com URL: https://signage.nixplay.com/reset-pwd/?token=5c3b3b2038d605bf69f36ce8d18a636aae6e58a4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash `1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d` Request headers Referer https://signage.nixplay.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 Mar 2021 14:14:09 GMT content-encoding gzip last-modified Fri, 24 Oct 2014 00:16:08 GMT server nginx etag W/"54499a48-1c1f" vary Accept-Encoding x-hw 1616508849.dop018.fr8.t,1616508849.cds250.fr8.hc,1616508849.cds161.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 3063
GET H/1.1	200 OK	auth.bundle.40d6fe9d.css signage.nixplay.com/	137 KB 137 KB	328ms 327ms	Stylesheet text/css	34.210.103.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://signage.nixplay.com/auth.bundle.40d6fe9d.css Requested by Host: signage.nixplay.com URL: https://signage.nixplay.com/reset-pwd/?token=5c3b3b2038d605bf69f36ce8d18a636aae6e58a4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.210.103.250 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-210-103-250.us-west-2.compute.amazonaws.com Software nginx/1.4.6 (Ubuntu) / Resource Hash `e88151d4c3f945d293540d9bc0d2ec392ad830d737c7e9d4b461aefbbc884702` Request headers Referer https://signage.nixplay.com/reset-pwd/?token=5c3b3b2038d605bf69f36ce8d18a636aae6e58a4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 23 Mar 2021 14:14:09 GMT Last-Modified Thu, 12 Dec 2019 06:54:08 GMT Server nginx/1.4.6 (Ubuntu) ETag "5df1e410-22489" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 140425
GET H/1.1	200 OK	logo-signage.png signage.nixplay.com/images/general/	18 KB 18 KB	662ms 325ms	Image image/png	34.210.103.250 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://signage.nixplay.com/images/general/logo-signage.png Requested by Host: signage.nixplay.com URL: https://signage.nixplay.com/reset-pwd/?token=5c3b3b2038d605bf69f36ce8d18a636aae6e58a4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.210.103.250 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-210-103-250.us-west-2.compute.amazonaws.com Software nginx/1.4.6 (Ubuntu) / Resource Hash `6fccd7cba3b8e0dab1dbc97417859a82ef9b28a9d6a2fcd3034065383776408d` Request headers Referer https://signage.nixplay.com/reset-pwd/?token=5c3b3b2038d605bf69f36ce8d18a636aae6e58a4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 23 Mar 2021 14:14:10 GMT Last-Modified Thu, 12 Dec 2019 06:28:20 GMT Server nginx/1.4.6 (Ubuntu) ETag "5df1de04-465c" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 18012
GET H/1.1	200 OK	auth.bundle.1325a809.js Show response signage.nixplay.com/	60 KB 60 KB	661ms 323ms	Script application/x-javascript	34.210.103.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://signage.nixplay.com/auth.bundle.1325a809.js Requested by Host: signage.nixplay.com URL: https://signage.nixplay.com/reset-pwd/?token=5c3b3b2038d605bf69f36ce8d18a636aae6e58a4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.210.103.250 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-210-103-250.us-west-2.compute.amazonaws.com Software nginx/1.4.6 (Ubuntu) / Resource Hash `188d3561ded624177f040c843b145f6549840404ba8d4e59088cfdd95b4b9a0c` Request headers Referer https://signage.nixplay.com/reset-pwd/?token=5c3b3b2038d605bf69f36ce8d18a636aae6e58a4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 23 Mar 2021 14:14:10 GMT Last-Modified Thu, 12 Dec 2019 06:54:08 GMT Server nginx/1.4.6 (Ubuntu) ETag "5df1e410-eecd" Content-Type application/x-javascript Connection keep-alive Accept-Ranges bytes Content-Length 61133
GET		json ip-api.com/	0 0

GET H/1.1	200 OK	97493d3f11c0a3bd5cbd959f5d19b699.woff2 signage.nixplay.com/	55 KB 56 KB	181ms 179ms	Font application/octet-stream	34.210.103.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://signage.nixplay.com/97493d3f11c0a3bd5cbd959f5d19b699.woff2 Requested by Host: signage.nixplay.com URL: https://signage.nixplay.com/auth.bundle.40d6fe9d.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.210.103.250 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-210-103-250.us-west-2.compute.amazonaws.com Software nginx/1.4.6 (Ubuntu) / Express Resource Hash `aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c` Request headers Origin https://signage.nixplay.com Referer https://signage.nixplay.com/auth.bundle.40d6fe9d.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 23 Mar 2021 14:14:10 GMT Last-Modified Thu, 12 Dec 2019 06:53:10 GMT Server nginx/1.4.6 (Ubuntu) X-Powered-By Express ETag W/"ddcc-3197639186" Content-Type application/octet-stream Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 56780
POST H/1.1	418 UNKNOWN STATUS CODE	/ Show response api.nixplay.com/v2/reset_pwd/validate/	27 B 722 B	759ms 225ms	XHR text/html	52.24.63.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.nixplay.com/v2/reset_pwd/validate/ Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-1.12.0.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.24.63.81 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-24-63-81.us-west-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash `97f89677bf50d9e42d6db4e9abff676c230baff2af5323ef65b95abb56ae35f5` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://signage.nixplay.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Tue, 23 Mar 2021 14:14:11 GMT Server nginx/1.10.3 (Ubuntu) Vary Cookie Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin https://signage.nixplay.com Cache-control no-cache="set-cookie" Access-Control-Allow-Credentials true Connection keep-alive Content-Length 27

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ip-api.com
URL: http://ip-api.com/json?callback=jQuery1120010472182282794362_1616508849741&_=1616508849742

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			signage.nixplay.com/	1969-12-31 23:59:59	Name: AWSELBCORS Value: C767EDCF084175738A1AB5FD4C0C50698369CD6B0B7E6B02F7815910F4E739020040E188D139C6EAF576C143146BE1A1DF4FA3A1CD19797C38050538703CFE5CBF564252D9
			signage.nixplay.com/	1969-12-31 23:59:59	Name: AWSELB Value: C767EDCF084175738A1AB5FD4C0C50698369CD6B0B7E6B02F7815910F4E739020040E188D139C6EAF576C143146BE1A1DF4FA3A1CD19797C38050538703CFE5CBF564252D9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.nixplay.com
code.jquery.com
ip-api.com
signage.nixplay.com
u5524677.ct.sendgrid.net
ip-api.com
167.89.115.121
2001:4de0:ac18::1:a:3b
34.210.103.250
52.24.63.81
188d3561ded624177f040c843b145f6549840404ba8d4e59088cfdd95b4b9a0c
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
6fccd7cba3b8e0dab1dbc97417859a82ef9b28a9d6a2fcd3034065383776408d
97f89677bf50d9e42d6db4e9abff676c230baff2af5323ef65b95abb56ae35f5
a0ea2adaaf2f7e65f677639ce3506017a8ac5224496d5298888c7b958ccb0214
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
e88151d4c3f945d293540d9bc0d2ec392ad830d737c7e9d4b461aefbbc884702

signage.nixplay.com Open in urlscan Pro 34.210.103.250 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

89 %HTTPS

25 %IPv6

4 Domains

5 Subdomains

4 IPs

2 Countries

310 kBTransfer

376 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

signage.nixplay.com Open in urlscan Pro
34.210.103.250 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

310 kB
Transfer

376 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions