client.canacct.com
Open in
urlscan Pro
3.223.148.225
Public Scan
Effective URL: https://client.canacct.com/auth/?f=login&success=/client
Submission: On September 07 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Kubernetes Ingress Controller Fake Ce... on September 6th 2021. Valid for: a year.
This is the only time client.canacct.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Live information
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 3.223.148.225 3.223.148.225 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
11 | 3 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-148-225.compute-1.amazonaws.com
client.canacct.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
canacct.com
1 redirects
client.canacct.com |
24 KB |
1 |
googleapis.com
ajax.googleapis.com |
33 KB |
0 |
cloudfront.net
Failed
dojq4kt8ws9iq.cloudfront.net Failed |
|
11 | 3 |
Domain | Requested by | |
---|---|---|
8 | client.canacct.com |
1 redirects
client.canacct.com
|
1 | ajax.googleapis.com |
client.canacct.com
|
0 | dojq4kt8ws9iq.cloudfront.net Failed |
client.canacct.com
|
11 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
canacct.nimbusweb.me |
Subject Issuer | Validity | Valid | |
---|---|---|---|
Kubernetes Ingress Controller Fake Certificate Kubernetes Ingress Controller Fake Certificate |
2021-09-06 - 2022-09-06 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-08-16 - 2021-11-08 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://client.canacct.com/auth/?f=login&success=/client
Frame ID: C68815DD81D4E5A1DECBE1985AB79C11
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Organization domain setup informationPage URL History Show full URLs
-
https://client.canacct.com/
HTTP 302
https://client.canacct.com/client Page URL
- https://client.canacct.com/auth/?f=login&success=/client Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: canacct.nimbusweb.me
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://client.canacct.com/
HTTP 302
https://client.canacct.com/client Page URL
- https://client.canacct.com/auth/?f=login&success=/client Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://client.canacct.com/ HTTP 302
- https://client.canacct.com/client
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
client
client.canacct.com/ Redirect Chain
|
970 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.c2792f22739867645cb2.css
dojq4kt8ws9iq.cloudfront.net/static/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
nimbus-chunk-editor.6ccdaf3f38520ae70e68.js
dojq4kt8ws9iq.cloudfront.net/static/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
nimbus-app.c2792f22739867645cb2.js
dojq4kt8ws9iq.cloudfront.net/static/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
client.canacct.com/auth/ |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flex.css
client.canacct.com/auth/style/ |
22 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
client.canacct.com/auth/style/ |
49 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
forms_nimbus.css
client.canacct.com/auth/style/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
query.css
client.canacct.com/auth/style/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.0/ |
91 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sourcebuster.min.js
client.canacct.com/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- dojq4kt8ws9iq.cloudfront.net
- URL
- https://dojq4kt8ws9iq.cloudfront.net/static/css/app.c2792f22739867645cb2.css
- Domain
- dojq4kt8ws9iq.cloudfront.net
- URL
- https://dojq4kt8ws9iq.cloudfront.net/static/assets/nimbus-chunk-editor.6ccdaf3f38520ae70e68.js
- Domain
- dojq4kt8ws9iq.cloudfront.net
- URL
- https://dojq4kt8ws9iq.cloudfront.net/static/assets/nimbus-app.c2792f22739867645cb2.js
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| gSetup object| sbjs8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.client.canacct.com/ | Name: sbjs_session Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fclient.canacct.com%2Fauth%2F%3Ff%3Dlogin%26success%3D%2Fclient |
|
.client.canacct.com/ | Name: sbjs_udata Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F92.0.4515.159%20Safari%2F537.36 |
|
.client.canacct.com/ | Name: sbjs_current Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29 |
|
.client.canacct.com/ | Name: sbjs_first Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29 |
|
.client.canacct.com/ | Name: sbjs_first_add Value: fd%3D2021-09-07%2000%3A12%3A25%7C%7C%7Cep%3Dhttps%3A%2F%2Fclient.canacct.com%2Fauth%2F%3Ff%3Dlogin%26success%3D%2Fclient%7C%7C%7Crf%3Dhttps%3A%2F%2Fclient.canacct.com%2Fclient |
|
.client.canacct.com/ | Name: sbjs_current_add Value: fd%3D2021-09-07%2000%3A12%3A25%7C%7C%7Cep%3Dhttps%3A%2F%2Fclient.canacct.com%2Fauth%2F%3Ff%3Dlogin%26success%3D%2Fclient%7C%7C%7Crf%3Dhttps%3A%2F%2Fclient.canacct.com%2Fclient |
|
.client.canacct.com/ | Name: sbjs_migrations Value: 1418474375998%3D1 |
|
.client.canacct.com/ | Name: eversessionid Value: 2s3dgGqLJVxANeQ1yTbeFqMOx8SgQIIL |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15724800; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
client.canacct.com
dojq4kt8ws9iq.cloudfront.net
dojq4kt8ws9iq.cloudfront.net
2a00:1450:4001:830::200a
3.223.148.225
1e80de36726582824df3f9a7eb6ecdfe9827fc5a7c69f597b1502ebc13950ecd
205ae86553c01b6b960c8e26098ff97b2e8849b48af2b24c144da0bbe71887cc
877b04e81be95afeb1a1c60f2f226bfffeeb36675e377212c956b3a1cc2634c4
994b9011acda5fbe7166a62c13abe4f6892341efa3884455c7bcbedece57eefc
c81d6152772bd38d6b6d99b9393e86814cb1a8fd0e4aab4e45a442640f1f59c6
d7e382ebd21ada3052b2a542823a480d6429175d69a41a1c86df939da0854386
eec4d0715e9fffd3683df1b8dda42758ed9be7df9fc2a2c95e446dac41fb5041
f92e46eca23a967a27a39efcee9de38f04ea2b118b373afadccc6e56db700bc8