intranet.bill36524.com Open in urlscan Pro
1.244.115.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-us.mimecast.com/s/o82iCo294QtMvYW3C6UXE9
Effective URL:
https://intranet.bill36524.com/adclick2.do?FG_AD=WTAX01
Submission: On October 23 via manual (October 23rd 2023, 12:59:19 am UTC) from IN — Scanned from US

Summary HTTP 1 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 1 HTTP transactions. The main IP is 1.244.115.172, located in Wonju, Korea, Republic Of and belongs to DUZONBIZON-AS-KR DOUZONEBIZON, KR. The main domain is intranet.bill36524.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on December 28th 2022. Valid for: a year.

This is the only time intranet.bill36524.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	207.211.31.113 207.211.31.113	14135 (NAVISITE-...) (NAVISITE-EAST-2)
1	1.244.115.172 1.244.115.172	55615 (DUZONBIZO...) (DUZONBIZON-AS-KR DOUZONEBIZON)
1	1

2 207.211.31.113 (United States) 2 redirects

ASN14135 (NAVISITE-EAST-2, US)
PTR: service165-us.mimecast.com

protect-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 1.244.115.172 (Wonju, Korea, Republic Of)

ASN55615 (DUZONBIZON-AS-KR DOUZONEBIZON, KR)
PTR: intranet.bill36524.com

intranet.bill36524.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	mimecast.com 2 redirects protect-us.mimecast.com — Cisco Umbrella Rank: 10639	3 KB
1	bill36524.com intranet.bill36524.com	308 B
1	2

	Domain	Requested by
2	protect-us.mimecast.com	2 redirects
1	intranet.bill36524.com
1	2

This site contains no links.

Subject Issuer	Validity	Valid
*.bill36524.com Sectigo RSA Organization Validation Secure Server CA	`2022-12-28` - `2024-01-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://intranet.bill36524.com/adclick2.do?FG_AD=WTAX01
Frame ID: 16D7BB7F2A135856C63A7D3E7E0C63F2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

502 Bad Gateway

Page URL History Show full URLs

https://protect-us.mimecast.com/s/o82iCo294QtMvYW3C6UXE9 HTTP 307
https://protect-us.mimecast.com/r/raKbtIKepPY3azme8NNady8ax7ZoBKacCvq2RtEa-ecOS8lLGTzwkuymbllsehpdopCadBTF_n... HTTP 307
https://intranet.bill36524.com/adclick2.do?FG_AD=WTAX01 Page URL

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-us.mimecast.com/s/o82iCo294QtMvYW3C6UXE9 HTTP 307
https://protect-us.mimecast.com/r/raKbtIKepPY3azme8NNady8ax7ZoBKacCvq2RtEa-ecOS8lLGTzwkuymbllsehpdopCadBTF_n_W454bFjMwSrpXwyOwJmuJCibq7e-SEc0IstENSe-ipSoNDMs2mzeepUGttaggTb7Ess3ydiirhX79rv0RtNCertN4Cm2iNOIb9Nm94pm38E2QIOFCQRr-qrSra1JzBxysyL7uxj7aAzw2mc__z3__mcn4mYyCsqaiSod0u1eGRnmxvIXigjPsRWUwWFai7T_1Yy9LX7zqOJjrKhxTKP8lKsAHDfcukpis9ynxk7HKguKaHanoNKjEJ-DJu4Maa5vFO6XytS9lgaU0gC2e8qxmQzRrZ-ncbMqhIsW0lfaOUDbUMYFj3wvLnmmnMOWx5p_PY_DnP32_ywqOQIvxoWRCXiy8fOqIYfp2TdvY39vQNS8GB2QC4NPQQPnru0wicPCfyyip6oEztuG2ffGaRuWC97MllM3L3gtgwzZrmaYQPnipWu0fW1T6fD_jLOP-iZBU3ENJLCDwRSvuFRTtdusIRbWw08ROL-FPBVtK9uWGfbvXLWjSo-VBAfzwNLnd3QvbHhxMp2NY5RDvBye9SEN3d4f6ezFuaZN_fk2E-9XLXU8lL-2-88QqRtbE2MzAFyQoIZcv54fgPRdaVx5u5IShRAxh62wEGZAQnNgch9mj6mln5Bjkoe61OQt8v4o6lCo6UwPl0rmlR5zTGTPKn0T_SUbg2Le19Q90pJIpvXepShMtQMyYmICgznPKVuz7K-lMrJGCHRPT2IFPYcI_KASuxaJluyW_6jn5_7xrccw7fMmppHblKBtW_msKY6S9Y2qAgR93XXvqpqrZX3HDEzoHEF6MyjwsHdSvLMkIhFKVfInN2nZwF5cvY4mo-a3bxit7STqYySkuIbbA7xQJRRhT5hlkEw9Sig1QuDO9hdewh5tJMFkpFAa9Q9AAUbodWErlgy9bkrnfrW6t5vPrXcKV8n3S8c-83j00D5kKQGVLSli_Ce1-7s-yfmviKGyMyHC8Or1f8HEKhCc8_2brgfyEjOYlu6ueI_6azKLiozXniQNiOx8TI8I-7uPMpRT9PH8y0J8P6E5HqBOzaSEp-Gm-oGeVAV1Bxg6zEBkVwCAuAAqDVHyyykwqNJgMYkP_wG_r2ix3aKPeUKmODonHDZ73iLUIJ8AVC-mlSB-_Zyn5CB5xbbadAfQ8G3lHNYltupKMHtTbayowygEhM9y74X72WoImZqXnNGY_VkEVl80QZWu3cU53X39YhN-yell6aZ5SRycMBQ3au-tbj6vUb3LbgADGzFLazDJYRw0VMJMM0UwWTMQgZbi8lBTXyvsN1zVyb3pWoea-s47i6G9x2c-LeC7wyr1xjMdYIYz2ozUqkwhnu7Fbj5InO3s-0KrmmPE7PJ9IG4SGw6wwfXB6C0D7i76-d1zgIRcTpl3dfvks0JOC9omVi6yae1GBABGtfwAb7DMVBmbGyHq4xp9kIBC0PkFPsNySbt46HmQPkJ7pbpQnAxTyarUJsS3NVNmPGNGIGgwA1_BPvo7f-ilFs9qcmuJqrpsC7eXj2gAexUg7QBKAUVD2TpcobmG0C-a9dzDLXvmBwpWBuyg34SCy_5CB3Snv21eeCqeizOua4xNhE85bUB2ku5wVT1gYe16ZLOfpAzUJJHaEts5KzPGPJNhtJZbMmTxciUWkH_TIkeE2Wca7N3kWb2zdqFXxyrZYWVghfOj2tyC4FOzttGaGqXlPiuT9Rt9aiw05r37UeQBrFOvR2iXueRH_N1eJR-u9IvB1UkH1WxWBITF7LFJiUTlkoAI_39bOGrU81CuspZTe0RsFMzWuMHNHgN94LfZQzeC3FlxT-VwpFU43eA4EZJ4F6KuN3hwfzhGHUNaO_BTWAvQqDQpS4FuppDsCs1RK51IiluRKkWO4h0X5uf-37P35w5Vw71fMOJOGgHWMe7bkI_D-2-MDTb23lF92V--I6sW0JENZL37rfA HTTP 307
https://intranet.bill36524.com/adclick2.do?FG_AD=WTAX01 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	502 Bad Gateway	Primary Request adclick2.do Show response intranet.bill36524.com/ Redirect Chain https://protect-us.mimecast.com/s/o82iCo294QtMvYW3C6UXE9 https://protect-us.mimecast.com/r/raKbtIKepPY3azme8NNady8ax7ZoBKacCvq2RtEa-ecOS8lLGTzwkuymbllsehpdopCadBTF_n_W454bFjMwSrpXwyOwJmuJCibq7e-SEc0IstENSe-ipSoNDMs2mzeepUGttaggTb7Ess3ydiirhX79rv0RtNCertN... https://intranet.bill36524.com/adclick2.do?FG_AD=WTAX01	173 B 308 B	2451ms 242ms	Document text/html	1.244.115.172 DUZONBIZON-AS-KR ...
General Check archive.org Show headers Download Go to Full URL https://intranet.bill36524.com/adclick2.do?FG_AD=WTAX01 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 1.244.115.172 Wonju, Korea, Republic Of, ASN55615 (DUZONBIZON-AS-KR DOUZONEBIZON, KR), Reverse DNS intranet.bill36524.com Software / Resource Hash `bb89ee25940e05c663b885533bc3091a3d49ab5596543b6f4a2897e98e037cfa` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Length 173 Content-Type text/html Date Mon, 23 Oct 2023 00:59:13 GMT Redirect headers Cache-control no-store Connection keep-alive Content-Length 0 Date Mon, 23 Oct 2023 00:59:11 GMT Location https://intranet.bill36524.com/adclick2.do?FG_AD=WTAX01 Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Robots-Tag noindex, nofollow

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://intranet.bill36524.com/adclick2.do?FG_AD=WTAX01 Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

intranet.bill36524.com
protect-us.mimecast.com
1.244.115.172
207.211.31.113
bb89ee25940e05c663b885533bc3091a3d49ab5596543b6f4a2897e98e037cfa

intranet.bill36524.com Open in urlscan Pro 1.244.115.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

1 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

0 kBTransfer

0 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

intranet.bill36524.com Open in urlscan Pro
1.244.115.172 Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

1 HTTP transactions
0 data transactions