covid.sectech.com.au
Open in
urlscan Pro
54.79.143.232
Public Scan
Submission: On October 26 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on October 26th 2020. Valid for: 3 months.
This is the only time covid.sectech.com.au was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 54.79.143.232 54.79.143.232 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 13.107.6.194 13.107.6.194 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2 |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-79-143-232.ap-southeast-2.compute.amazonaws.com
covid.sectech.com.au |
Apex Domain Subdomains |
Transfer | |
---|---|---|
1 |
office.com
forms.office.com |
|
1 |
sectech.com.au
covid.sectech.com.au |
467 B |
2 | 2 |
Domain | Requested by | |
---|---|---|
1 | forms.office.com |
covid.sectech.com.au
|
1 | covid.sectech.com.au | |
2 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
covid.sectech.com.au Let's Encrypt Authority X3 |
2020-10-26 - 2021-01-24 |
3 months | crt.sh |
forms.office.com GlobalSign Organization Validation CA - SHA256 - G3 |
2020-02-19 - 2022-02-19 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://covid.sectech.com.au/
Frame ID: F6C46AC425F07B843B933570458309E7
Requests: 1 HTTP requests in this frame
Frame:
https://forms.office.com/Pages/ResponsePage.aspx?id=0gVaiyTJRkWX4iIoJFPW--_SRyfuBhBBhbNnHUrwnOJUOTlaRlhINE44RUdDNDBFRkgwTk45SjU3Ny4u
Frame ID: E12099212026C408F8045959B34B2DAA
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
2 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
covid.sectech.com.au/ |
305 B 467 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ResponsePage.aspx
forms.office.com/Pages/ Frame E120 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.forms.office.com/ | Name: AADNonce.forms Value: 22d539c6-0596-41b4-b51d-9f988bba4f57.637392871469439313 |
|
forms.office.com/ | Name: MSFPC Value: GUID=839059324a8e4efbb5132247cd920f61&HASH=8390&LV=202010&V=4&LU=1603690347487 |
|
forms.office.com/ | Name: __RequestVerificationToken Value: mVVkDCKPjzQwnzVCd5k_b6B5MCS3P7vBvNYW1HcyVrIIMrHhgMED_PRPTJGGOG7DMlGnq1mYeKdHHPU3TJb03w6yhAJiRNDejrdtUeVURHc1 |
|
forms.office.com/ | Name: DcLcid Value: ui=1033&data=1033 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
covid.sectech.com.au
forms.office.com
13.107.6.194
54.79.143.232
cf5829622a989772b7c2e056b4a750df132d0c4117c9148a5cbc8d7a67bf5e18