encryption.exchangedefender.com
Open in
urlscan Pro
65.99.255.91
Public Scan
Submitted URL: https://encryption.exchangedefender.com/manage.php?token=03HF10xq029327&username=alice.ma-tse@erickson.com
Effective URL: https://encryption.exchangedefender.com/?reason=encrypt-email&message_id=03HF10xq029327&sender=dsilva@nvna.org
Submission: On April 20 via manual from US
Effective URL: https://encryption.exchangedefender.com/?reason=encrypt-email&message_id=03HF10xq029327&sender=dsilva@nvna.org
Submission: On April 20 via manual from US
Summary
This website contacted 3 IPs
in 2 countries
across 3 domains to perform 30 HTTP transactions.
The main IP is 65.99.255.91, located in
United States and
belongs to AS-TIERP-36024, US.
The main domain is encryption.exchangedefender.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 5th 2020. Valid for: 2 years.
This is the only time encryption.exchangedefender.com was scanned on urlscan.io!
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 5th 2020. Valid for: 2 years.
This is the only time encryption.exchangedefender.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 28 | 65.99.255.91 65.99.255.91 | 36024 (AS-TIERP-...) (AS-TIERP-36024) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:806::200a | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:821::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 30 | 3 |
28
65.99.255.91
(United States)
ASN36024 (AS-TIERP-36024, US)
PTR: encryption.exchangedefender.com
ASN36024 (AS-TIERP-36024, US)
PTR: encryption.exchangedefender.com
| encryption.exchangedefender.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 28 |
exchangedefender.com
1 redirects
encryption.exchangedefender.com |
1 MB |
| 2 |
gstatic.com
fonts.gstatic.com |
18 KB |
| 1 |
googleapis.com
fonts.googleapis.com |
850 B |
| 30 | 3 |
| Domain | Requested by | |
|---|---|---|
| 28 | encryption.exchangedefender.com |
1 redirects
encryption.exchangedefender.com
|
| 2 | fonts.gstatic.com |
encryption.exchangedefender.com
|
| 1 | fonts.googleapis.com |
encryption.exchangedefender.com
|
| 30 | 3 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.exchangedefender.com Go Daddy Secure Certificate Authority - G2 |
2020-01-05 - 2022-03-05 |
2 years | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://encryption.exchangedefender.com/?reason=encrypt-email&message_id=03HF10xq029327&sender=dsilva@nvna.org
Frame ID: 4A84A0457596D20532380ECBB52681A8
Requests: 30 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://encryption.exchangedefender.com/manage.php?token=03HF10xq029327&username=alice.ma-tse@erickson.com
HTTP 302
https://encryption.exchangedefender.com/?reason=encrypt-email&message_id=03HF10xq029327&sender=dsilva@nvna.org Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.php(?:$|\?)/i
- headers server /php\/?([\d.]+)?/i
CentOS
(Operating Systems)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /CentOS/i
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
OpenSSL
(Web Server Extensions)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://encryption.exchangedefender.com/manage.php?token=03HF10xq029327&username=alice.ma-tse@erickson.com
HTTP 302
https://encryption.exchangedefender.com/?reason=encrypt-email&message_id=03HF10xq029327&sender=dsilva@nvna.org Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
encryption.exchangedefender.com/ Redirect Chain
|
12 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
10 KB 850 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
font-awesome.min.css
encryption.exchangedefender.com/assets/global/plugins/font-awesome/css/ |
26 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
simple-line-icons.min.css
encryption.exchangedefender.com/assets/global/plugins/simple-line-icons/ |
9 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.css
encryption.exchangedefender.com/assets/global/plugins/bootstrap/css/ |
115 KB 116 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap-switch.min.css
encryption.exchangedefender.com/assets/global/plugins/bootstrap-switch/css/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ladda-themeless.min.css
encryption.exchangedefender.com/assets/global/plugins/ladda/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
select2.min.css
encryption.exchangedefender.com/assets/global/plugins/select2/css/ |
15 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
select2-bootstrap.min.css
encryption.exchangedefender.com/assets/global/plugins/select2/css/ |
15 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
components-md.min.css
encryption.exchangedefender.com/assets/global/css/ |
613 KB 613 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
plugins-md.min.css
encryption.exchangedefender.com/assets/global/css/ |
42 KB 42 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login-2.min.css
encryption.exchangedefender.com/assets/pages/css/ |
3 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
custom.css
encryption.exchangedefender.com/assets/layouts/layout/css/ |
884 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.png
encryption.exchangedefender.com/images/ |
50 KB 50 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
encryption.exchangedefender.com/assets/global/plugins/ |
95 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.js
encryption.exchangedefender.com/assets/global/plugins/bootstrap/js/ |
36 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js.cookie.min.js
encryption.exchangedefender.com/assets/global/plugins/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.slimscroll.min.js
encryption.exchangedefender.com/assets/global/plugins/jquery-slimscroll/ |
5 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.blockui.min.js
encryption.exchangedefender.com/assets/global/plugins/ |
9 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap-switch.min.js
encryption.exchangedefender.com/assets/global/plugins/bootstrap-switch/js/ |
15 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
spin.min.js
encryption.exchangedefender.com/assets/global/plugins/ladda/ |
4 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ladda.min.js
encryption.exchangedefender.com/assets/global/plugins/ladda/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.validate.min.js
encryption.exchangedefender.com/assets/global/plugins/jquery-validation/js/ |
21 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
additional-methods.min.js
encryption.exchangedefender.com/assets/global/plugins/jquery-validation/js/ |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
select2.full.min.js
encryption.exchangedefender.com/assets/global/plugins/select2/js/ |
73 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.min.js
encryption.exchangedefender.com/assets/global/scripts/ |
15 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login.js
encryption.exchangedefender.com/assets/pages/scripts/ |
8 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
remove-icon-small.png
encryption.exchangedefender.com/assets/global/img/ |
193 B 708 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| jQuery112401077479973590656 function| Cookies function| Spinner object| Ladda object| App object| Login1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| encryption.exchangedefender.com/ | Name: PHPSESSID Value: ejoqea0sgbtk4vojc2o6njtstn |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
encryption.exchangedefender.com
fonts.googleapis.com
fonts.gstatic.com
2a00:1450:4001:806::200a
2a00:1450:4001:821::2003
65.99.255.91
0f1c504d0fae8584de0668e60ba000d124129b8555decd8c35e18e90e2d39d1e
149b8bc61889897fb9420b347362582c8c89e62d28e1c720e8343ace08ad0986
15eeab0be27290f42d792634296412da4d828278435376c66b5ee17557f4f8fa
1dfb3fabea1fd9877a18fa9b695a4a37042d35d0279e67ebebe8fc6f1d5761db
2b9a658314baccfef5f3b1d279571f0c1dbe62e6f71735828dd7606e426ba798
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
36e42118ea5b90d8a7b68b35d3898e0a9364b89a96c2fb5c3ac90ace16e6d5c3
4b681a7b7a54a5f692028e2556dfc29a0e43c6e08f3e773f3daf7e3f02742bc3
4e322dae5c80d26305f47e0556c5fe983325a076c14c005ebe0367b9da4b5305
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55a35139b5178f81e92ad8d4c1154bdc5262ad1664e5db97df914ad0cc246a83
5980a64ca5f0b3fe488fbaa41ff1e164ecbf9d0584a8ad335f26a6c8fedd409f
5c06b6329970d1560039f39c4935a041d96fcf0f877b47951d8ece559a1b4dc6
6e13ca9248b431e3be16a43100185e8e3a3311001154d73c30ddbcce1a4d5d94
76cb792be8531f76cea566cedae3bdf7eb26833f0480f86184eaca5c240a85d5
7d97491a3d294629a353bacd88442498b5f4609aef01afbed6277da906b8ed7f
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
979996fe3051aa528bcec943c55c8131477a7be4e8da97f7aeab175e987a445b
aba2ffa69c27d3a6aec73bbe235ad8144bf02c75f77ca4e4414a098d56c3be21
b009172f00c548007f4b4f4908e591be7a0e9e11980eef55a8c9db08a0213332
b7c5671c199df9e6bba7a2f4aea76afc96a3fe716611968a79c2091a06b7f20b
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
ca64e3f676b38f06ed0eba111776f2bc8ad352b672c0819ec5b9072c342bd35d
e1ed1e8914e4eb8b509ccf619a7b4dc428399ee294e4c406feeb8267b5a07d77
e542599c155cfa3ddbea82bf3d1b21c3cceea4e67a7fc43370e2aeb7ad843fbe
f1d2154ad019224eaf66b73fc05b3118d16cd0b5623f811ac0048345d73ebc2c
f9c3ade2208030dfd5977ee07fe1ba3fe0d7649bc98f415c73c86af7c5556210