autodiscover.basehavoc.inmidia.site Open in urlscan Pro
162.214.93.244  Public Scan

Submitted URL: http://autodiscover.basehavoc.inmidia.site/
Effective URL: https://autodiscover.basehavoc.inmidia.site/login
Submission: On December 12 via api from US — Scanned from US

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 162.214.93.244, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is autodiscover.basehavoc.inmidia.site.
TLS certificate: Issued by R3 on November 28th 2022. Valid for: 3 months.
This is the only time autodiscover.basehavoc.inmidia.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 162.214.93.244 46606 (UNIFIEDLA...)
5 1
Apex Domain
Subdomains
Transfer
7 inmidia.site
autodiscover.basehavoc.inmidia.site
659 KB
5 1
Domain Requested by
7 autodiscover.basehavoc.inmidia.site 2 redirects autodiscover.basehavoc.inmidia.site
5 1

This site contains links to these domains. Also see Links.

Domain
signage.inmidia.site
inmidia.site
Subject Issuer Validity Valid
inmidia.site
R3
2022-11-28 -
2023-02-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://autodiscover.basehavoc.inmidia.site/login
Frame ID: 821FD6D69A1607FC4F17303D5D6EF338
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

QUADRO

Page URL History Show full URLs

  1. http://autodiscover.basehavoc.inmidia.site/ HTTP 301
    https://autodiscover.basehavoc.inmidia.site/ HTTP 302
    https://autodiscover.basehavoc.inmidia.site/login Page URL

Page Statistics

5
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

658 kB
Transfer

2997 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://autodiscover.basehavoc.inmidia.site/ HTTP 301
    https://autodiscover.basehavoc.inmidia.site/ HTTP 302
    https://autodiscover.basehavoc.inmidia.site/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
autodiscover.basehavoc.inmidia.site/
Redirect Chain
  • http://autodiscover.basehavoc.inmidia.site/
  • https://autodiscover.basehavoc.inmidia.site/
  • https://autodiscover.basehavoc.inmidia.site/login
5 KB
2 KB
Document
General
Full URL
https://autodiscover.basehavoc.inmidia.site/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.214.93.244 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-7062154.inmidia.site
Software
nginx /
Resource Hash
b1ec4b3c45fb811990d74b3361443e765f16fa47657a1b6798d42124a33c7ac9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 15:20:01 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
*
content-length
0
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 15:20:00 GMT
location
/login
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block
style.bundle.min.js
autodiscover.basehavoc.inmidia.site/dist/
457 KB
79 KB
Script
General
Full URL
https://autodiscover.basehavoc.inmidia.site/dist/style.bundle.min.js?v=3.3.0&rev=aec4d4e8acebd8ac3e66c3e8b3ccbd745d935360
Requested by
Host: autodiscover.basehavoc.inmidia.site
URL: https://autodiscover.basehavoc.inmidia.site/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.214.93.244 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-7062154.inmidia.site
Software
nginx /
Resource Hash
5c1fe40f4b37af3eba38f967764e5c072d75ea3916037ba4b8ac82c984db14f8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://autodiscover.basehavoc.inmidia.site/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 15:20:02 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 08 Nov 2022 15:43:01 GMT
server
nginx
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"72210-5ecf7651c8b40"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
override.css
autodiscover.basehavoc.inmidia.site/theme/default/css/
765 B
793 B
Stylesheet
General
Full URL
https://autodiscover.basehavoc.inmidia.site/theme/default/css/override.css?3.3.0
Requested by
Host: autodiscover.basehavoc.inmidia.site
URL: https://autodiscover.basehavoc.inmidia.site/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.214.93.244 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-7062154.inmidia.site
Software
nginx /
Resource Hash
8026f0d029a436d722401ea56832516744a0d3438212366953aabc3ba17cce70
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://autodiscover.basehavoc.inmidia.site/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 15:20:02 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 08 Nov 2022 15:29:00 GMT
server
nginx
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"2fd-5ecf732fbe700"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
x-xss-protection
1; mode=block
quadrologo.png
autodiscover.basehavoc.inmidia.site/theme/custom/QUADROTheme/img/
10 KB
11 KB
Image
General
Full URL
https://autodiscover.basehavoc.inmidia.site/theme/custom/QUADROTheme/img/quadrologo.png
Requested by
Host: autodiscover.basehavoc.inmidia.site
URL: https://autodiscover.basehavoc.inmidia.site/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.214.93.244 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-7062154.inmidia.site
Software
nginx /
Resource Hash
07febbf7c3fbf7817e2c4770238fe64455221e8c1563c08832fd1b3a30a2152c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://autodiscover.basehavoc.inmidia.site/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 15:20:02 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 21 Jun 2022 21:33:40 GMT
server
nginx
referrer-policy
no-referrer-when-downgrade
etag
"29ea-5e1fbf9610488"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
10730
x-xss-protection
1; mode=block
vendor.bundle.min.js
autodiscover.basehavoc.inmidia.site/dist/
2 MB
566 KB
Script
General
Full URL
https://autodiscover.basehavoc.inmidia.site/dist/vendor.bundle.min.js?v=3.3.0&rev=aec4d4e8acebd8ac3e66c3e8b3ccbd745d935360
Requested by
Host: autodiscover.basehavoc.inmidia.site
URL: https://autodiscover.basehavoc.inmidia.site/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.214.93.244 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-7062154.inmidia.site
Software
nginx /
Resource Hash
79126c2eb533bf513bd42f7417a6905d02e7e7d3726b39a6b37a928ce76f9be7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://autodiscover.basehavoc.inmidia.site/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 15:20:02 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 08 Nov 2022 15:43:01 GMT
server
nginx
content-encoding
br
referrer-policy
no-referrer-when-downgrade
etag
W/"2774a5-5ecf7651c8b40"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| bootbox function| moment function| _ object| toastr object| Handlebars object| $c object| Colors function| Color function| Chart object| L object| gju object| leafletPip function| SearchIndex function| Bloodhound function| Masonry

1 Cookies

Domain/Path Name / Value
autodiscover.basehavoc.inmidia.site/ Name: PHPSESSID
Value: ti6kvhnvf24q6hp1kin50ss1i9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block