live.ai2f.net Open in urlscan Pro
217.20.35.224 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://update-wb.com/basic.php?k=0d267a30d7b348265d81999a8c342545d79d7269
Effective URL:
http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f
Submission: On September 02 via manual (September 2nd 2019, 12:50:38 pm UTC) from NL

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 217.20.35.224, located in United Kingdom and belongs to TELECITY-LON, GB. The main domain is live.ai2f.net.

This is the only time live.ai2f.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	64.191.166.201 64.191.166.201	13776 (QX-NET-ASN-1) (QX-NET-ASN-1 - QX.Net)
8	217.20.35.224 217.20.35.224	15830 (TELECITY-LON) (TELECITY-LON)
8	1

1 64.191.166.201 (Lexington, United States) 1 redirects

ASN13776 (QX-NET-ASN-1 - QX.Net, US)
PTR: portal.phishingbox.com

update-wb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 217.20.35.224 (United Kingdom)

ASN15830 (TELECITY-LON, GB)

live.ai2f.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	ai2f.net live.ai2f.net	446 KB
1	update-wb.com 1 redirects update-wb.com	618 B
8	2

	Domain	Requested by
8	live.ai2f.net	live.ai2f.net
1	update-wb.com	1 redirects
8	2

This site contains links to these domains. Also see Links.

Domain
www.ashfieldhealthcare.com

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh

This page contains 1 frames:

Primary Page: http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f
Frame ID: 825A824260B4033ABB4FD2EC1E28E2A3
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://update-wb.com/basic.php?k=0d267a30d7b348265d81999a8c342545d79d7269 HTTP 302
http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

8
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

446 kB
Transfer

443 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ashfieldhealthcare.com/
Title: Ashfield

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://update-wb.com/basic.php?k=0d267a30d7b348265d81999a8c342545d79d7269 HTTP 302
http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set Login Show response
live.ai2f.net/MyAshfield/User/
Redirect Chain

https://update-wb.com/basic.php?k=0d267a30d7b348265d81999a8c342545d79d7269
http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f

5 KB
6 KB

103ms
69ms

Document
text/html

217.20.35.224
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL

http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f

Protocol

HTTP/1.1

Server

217.20.35.224 , United Kingdom, ASN15830 (TELECITY-LON, GB),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d3bcc3d1055e09f5c1ae752918b5b3a1e7c5d67375f0b9a5d612838552e51620

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: live.ai2f.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
Set-Cookie: ASP.NET_SessionId=l4oh3ym4zd5ho0bc1tasldnw; path=/; HttpOnly ASP.NET_SessionId=l4oh3ym4zd5ho0bc1tasldnw; path=/; HttpOnly __RequestVerificationToken_L015QXNoZmllbGQ1=5qs7cHcni1rvoMV0UFDPWHlDOXRUhlvsBCf6KInL7DWzbfVbLf22IdASlrJDODNeeSiowwljZqfIuJUz4gGcjc-Hk2uoLtsJgsnDWTW3gn41; path=/; HttpOnly
X-AspNetMvc-Version: 5.1
X-Frame-Options: SAMEORIGIN
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 02 Sep 2019 12:50:21 GMT
Content-Length: 5092

Redirect headers

Date: Mon, 02 Sep 2019 12:50:31 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_auth_gssapi/1.5.1 mod_nss/1.0.14 NSS/3.28.4 mod_wsgi/3.4 Python/2.7.5
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: PHPSESSID=a20c9c55169f8033ebe4b5351b5aa78f; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f
Content-Length: 4
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK AllCss
live.ai2f.net/MyAshfield/Content/css/ 118 KB
118 KB 101ms
87ms Stylesheet
text/css 217.20.35.224
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: http://live.ai2f.net/MyAshfield/Content/css/AllCss?v=fSFsUeSTr7fDjBTZ-yoqvV2_rWyg9_1O0m6x9_zWBss1
Requested by: Host: live.ai2f.net
URL: http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f
Protocol: HTTP/1.1
Security: , ,
Server: 217.20.35.224 , United Kingdom, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 95601b51edcb5077dbec012ab9d866fb3bac99a3be862c2131bcc536a0518a94

Request headers

Referer: http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 02 Sep 2019 12:50:21 GMT
Last-Modified: Mon, 02 Sep 2019 12:50:21 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent
Content-Type: text/css; charset=utf-8
Cache-Control: public
Content-Length: 120422
Expires: Tue, 01 Sep 2020 12:50:21 GMT

GET
H/1.1 200
OK modernizr Show response
live.ai2f.net/MyAshfield/bundles/ 11 KB
11 KB 98ms
84ms Script
text/javascript 217.20.35.224
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: http://live.ai2f.net/MyAshfield/bundles/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1
Requested by: Host: live.ai2f.net
URL: http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f
Protocol: HTTP/1.1
Security: , ,
Server: 217.20.35.224 , United Kingdom, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba

Request headers

Referer: http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 02 Sep 2019 12:50:21 GMT
Last-Modified: Mon, 02 Sep 2019 12:50:21 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Content-Length: 10999
Expires: Tue, 01 Sep 2020 12:50:21 GMT

GET
H/1.1 200
OK ashfield_small.png
live.ai2f.net/MyAshfield/Content/images/ 3 KB
3 KB 49ms
49ms Image
image/png 217.20.35.224
TELECITY-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://live.ai2f.net/MyAshfield/Content/images/ashfield_small.png
Requested by: Host: live.ai2f.net
URL: http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f
Protocol: HTTP/1.1
Security: , ,
Server: 217.20.35.224 , United Kingdom, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 25684e2e91ea1e90247685b9e9a4fe4bb6cdc59ee019bfc85ea055ad651dd288

Request headers

Referer: http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 02 Sep 2019 12:50:21 GMT
Last-Modified: Tue, 05 Feb 2019 10:53:19 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "8884b141bdd41:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3272

GET
H/1.1 200
OK jquery Show response
live.ai2f.net/MyAshfield/bundles/ 94 KB
94 KB 82ms
67ms Script
text/javascript 217.20.35.224
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: http://live.ai2f.net/MyAshfield/bundles/jquery?v=yAQ0DOUySaKzK_L0dsY0EMym8xDXQJAEu2x4B6A-vDM1
Requested by: Host: live.ai2f.net
URL: http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f
Protocol: HTTP/1.1
Security: , ,
Server: 217.20.35.224 , United Kingdom, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7acec13aeb787ae5c11eb1dc79ae0d08c1bb4c0aa1cb0fc278b456b975813c87

Request headers

Referer: http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 02 Sep 2019 12:50:21 GMT
Last-Modified: Mon, 02 Sep 2019 12:50:22 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Content-Length: 95939
Expires: Tue, 01 Sep 2020 12:50:22 GMT

GET
H/1.1 200
OK bootstrap Show response
live.ai2f.net/MyAshfield/bundles/ 32 KB
32 KB 34ms
34ms Script
text/javascript 217.20.35.224
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: http://live.ai2f.net/MyAshfield/bundles/bootstrap?v=3sMMkHOoRNp-NJC3NrZxEw-RErUEY5a8VSP_wl4V4QA1
Requested by: Host: live.ai2f.net
URL: http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f
Protocol: HTTP/1.1
Security: , ,
Server: 217.20.35.224 , United Kingdom, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c71a34cf10379e08b4019ddf78391ba8c39ddd008ffb8f5e7cdc3519752bfb7a

Request headers

Referer: http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 02 Sep 2019 12:50:21 GMT
Last-Modified: Mon, 02 Sep 2019 12:50:22 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Content-Length: 32393
Expires: Tue, 01 Sep 2020 12:50:22 GMT

GET
H/1.1 200
OK JohnSansLitePro.otf
live.ai2f.net/MyAshfield/Content/fonts/ 166 KB
167 KB 38ms
37ms Font
application/x-font-opentype 217.20.35.224
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: http://live.ai2f.net/MyAshfield/Content/fonts/JohnSansLitePro.otf
Requested by: Host: live.ai2f.net
URL: http://live.ai2f.net/MyAshfield/bundles/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1
Protocol: HTTP/1.1
Security: , ,
Server: 217.20.35.224 , United Kingdom, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a233b7b2705c796dc716a27d748c15d66aca2ddc2d76345c48c4435bcca4877

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://live.ai2f.net/MyAshfield/Content/css/AllCss?v=fSFsUeSTr7fDjBTZ-yoqvV2_rWyg9_1O0m6x9_zWBss1
Origin: http://live.ai2f.net

Response headers

Date: Mon, 02 Sep 2019 12:50:21 GMT
Last-Modified: Tue, 05 Feb 2019 10:53:19 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "43bd73141bdd41:0"
Content-Type: application/x-font-opentype
Accept-Ranges: bytes
Content-Length: 170364

GET
H/1.1 200
OK ashfield_splash.jpg
live.ai2f.net/MyAshfield/Content/images/ 15 KB
15 KB 41ms
40ms Image
image/jpeg 217.20.35.224
TELECITY-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://live.ai2f.net/MyAshfield/Content/images/ashfield_splash.jpg
Requested by: Host: live.ai2f.net
URL: http://live.ai2f.net/MyAshfield/User/Login?ReturnUrl=%2fMyAshfield%2f
Protocol: HTTP/1.1
Security: , ,
Server: 217.20.35.224 , United Kingdom, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 151e17d2fa3eb88da176bb3b2382d016d302be65e169752657191292732f55b6

Request headers

Referer: http://live.ai2f.net/MyAshfield/Content/css/AllCss?v=fSFsUeSTr7fDjBTZ-yoqvV2_rWyg9_1O0m6x9_zWBss1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 02 Sep 2019 12:50:21 GMT
Last-Modified: Tue, 05 Feb 2019 10:53:19 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "a69461141bdd41:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 15210

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			live.ai2f.net/	1969-12-31 23:59:59	Name: __RequestVerificationToken_L015QXNoZmllbGQ1 Value: 5qs7cHcni1rvoMV0UFDPWHlDOXRUhlvsBCf6KInL7DWzbfVbLf22IdASlrJDODNeeSiowwljZqfIuJUz4gGcjc-Hk2uoLtsJgsnDWTW3gn41
			live.ai2f.net/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: l4oh3ym4zd5ho0bc1tasldnw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

live.ai2f.net
update-wb.com
217.20.35.224
64.191.166.201
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
151e17d2fa3eb88da176bb3b2382d016d302be65e169752657191292732f55b6
25684e2e91ea1e90247685b9e9a4fe4bb6cdc59ee019bfc85ea055ad651dd288
5a233b7b2705c796dc716a27d748c15d66aca2ddc2d76345c48c4435bcca4877
7acec13aeb787ae5c11eb1dc79ae0d08c1bb4c0aa1cb0fc278b456b975813c87
95601b51edcb5077dbec012ab9d866fb3bac99a3be862c2131bcc536a0518a94
c71a34cf10379e08b4019ddf78391ba8c39ddd008ffb8f5e7cdc3519752bfb7a
d3bcc3d1055e09f5c1ae752918b5b3a1e7c5d67375f0b9a5d612838552e51620

live.ai2f.net Open in urlscan Pro 217.20.35.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

446 kBTransfer

443 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

live.ai2f.net Open in urlscan Pro
217.20.35.224 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

446 kB
Transfer

443 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions