urlscan.io logo urlscan.io
SecurityTrails logo

api.apply.vanguard-university.org.qa.two-ocean.dev Open in urlscan Pro
20.84.11.78  Public Scan

Go To Rescan Add Verdict Report
URL: https://api.apply.vanguard-university.org.qa.two-ocean.dev/
Submission Tags: @phishunt_io
Submission: On April 25 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 20.84.11.78, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is api.apply.vanguard-university.org.qa.two-ocean.dev.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 25th 2022. Valid for: a year.
This is the only time api.apply.vanguard-university.org.qa.two-ocean.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 20.84.11.78 8075 (MICROSOFT...)
6 2
Domain Requested by
2 api.apply.vanguard-university.org.qa.two-ocean.dev api.apply.vanguard-university.org.qa.two-ocean.dev
0 tags.tiqcdn.com Failed api.apply.vanguard-university.org.qa.two-ocean.dev
0 apiuat.two-ocean.org Failed api.apply.vanguard-university.org.qa.two-ocean.dev
6 3

This site contains no links.

Subject Issuer Validity Valid
api.apply.vanguard-university.org.qa.two-ocean.dev
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-25 -
2023-04-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://api.apply.vanguard-university.org.qa.two-ocean.dev/
Frame ID: B9B617EACF7BE9BC4473548CA4A4009C
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

6
Requests

33 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

17 kB
Transfer

16 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
api.apply.vanguard-university.org.qa.two-ocean.dev/ 		16 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.apply.vanguard-university.org.qa.two-ocean.dev/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.84.11.78 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
67737cc6f55a50c464b9b202f8f385ebe54354e5270809b025b0a0d47ce723f9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-store
Connection
keep-alive
Content-Language
de-DE
Content-Length
16363
Content-Security-Policy
default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
Content-Type
text/html
Date
Mon, 25 Apr 2022 21:32:12 GMT
Feature-Policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
Last-Modified
Thu, 01 Jan 1970 00:00:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
index.js
api.apply.vanguard-university.org.qa.two-ocean.dev/src/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://api.apply.vanguard-university.org.qa.two-ocean.dev/src/index.js
Requested by
Host: api.apply.vanguard-university.org.qa.two-ocean.dev
URL: https://api.apply.vanguard-university.org.qa.two-ocean.dev/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.84.11.78 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.apply.vanguard-university.org.qa.two-ocean.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 21:32:12 GMT
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Security-Policy
default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/json
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Feature-Policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-XSS-Protection
1; mode=block
Expires
0
main.js
apiuat.two-ocean.org/js/ 		0
0
intlTelInput.css
apiuat.two-ocean.org/css/ 		0
0
utag.js
tags.tiqcdn.com/utag/rvaed/sandbox/qa/ 		0
0
intlTelInput.js
apiuat.two-ocean.org/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
apiuat.two-ocean.org
URL
https://apiuat.two-ocean.org/js/main.js?v=1650922331808
Domain
apiuat.two-ocean.org
URL
https://apiuat.two-ocean.org/css/intlTelInput.css
Domain
tags.tiqcdn.com
URL
https://tags.tiqcdn.com/utag/rvaed/sandbox/qa/utag.js
Domain
apiuat.two-ocean.org
URL
https://apiuat.two-ocean.org/js/intlTelInput.js?v=1650922331810

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| utag_data

0 Cookies

9 Console Messages

Source Level URL
Text
javascript warning URL: https://api.apply.vanguard-university.org.qa.two-ocean.dev/(Line 69)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://apiuat.two-ocean.org/js/main.js?v=1650922331808, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://api.apply.vanguard-university.org.qa.two-ocean.dev/(Line 69)
Message:
Refused to load the script 'https://apiuat.two-ocean.org/js/main.js?v=1650922331808' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
javascript warning URL: https://api.apply.vanguard-university.org.qa.two-ocean.dev/(Line 69)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://apiuat.two-ocean.org/js/main.js?v=1650922331808, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://api.apply.vanguard-university.org.qa.two-ocean.dev/(Line 74)
Message:
Refused to load the stylesheet 'https://apiuat.two-ocean.org/css/intlTelInput.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://api.apply.vanguard-university.org.qa.two-ocean.dev/(Line 450)
Message:
Refused to load the script 'https://tags.tiqcdn.com/utag/rvaed/sandbox/qa/utag.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
javascript warning URL: https://api.apply.vanguard-university.org.qa.two-ocean.dev/(Line 452)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://apiuat.two-ocean.org/js/intlTelInput.js?v=1650922331810, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://api.apply.vanguard-university.org.qa.two-ocean.dev/(Line 452)
Message:
Refused to load the script 'https://apiuat.two-ocean.org/js/intlTelInput.js?v=1650922331810' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
javascript warning URL: https://api.apply.vanguard-university.org.qa.two-ocean.dev/(Line 452)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://apiuat.two-ocean.org/js/intlTelInput.js?v=1650922331810, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://api.apply.vanguard-university.org.qa.two-ocean.dev/src/index.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.apply.vanguard-university.org.qa.two-ocean.dev
apiuat.two-ocean.org
tags.tiqcdn.com
apiuat.two-ocean.org
tags.tiqcdn.com
20.84.11.78
67737cc6f55a50c464b9b202f8f385ebe54354e5270809b025b0a0d47ce723f9