urlscan.io logo urlscan.io
SecurityTrails logo

dev.account.forecasting.ai Open in urlscan Pro
13.69.68.8  Public Scan

Go To Rescan Add Verdict Report
URL: https://dev.account.forecasting.ai/
Submission: On May 23 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 8 HTTP transactions. The main IP is 13.69.68.8, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is dev.account.forecasting.ai.
TLS certificate: Issued by GeoTrust RSA CA 2018 on January 7th 2020. Valid for: 6 months.
This is the only time dev.account.forecasting.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 13.69.68.8 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:1b:... 54113 (FASTLY)
8 3
Domain Requested by
6 dev.account.forecasting.ai dev.account.forecasting.ai
1 res.cloudinary.com dev.account.forecasting.ai
1 fonts.googleapis.com dev.account.forecasting.ai
8 3

This site contains no links.

Subject Issuer Validity Valid
dev.account.forecasting.ai
GeoTrust RSA CA 2018		 2020-01-07 -
2020-07-07		 6 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2018-07-01 -
2020-06-22		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://dev.account.forecasting.ai/
Frame ID: 58CE673BD2B0000DDE13726D37101A48
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href="[^"]*materialize(?:\.min)?\.css/i
  • script /materialize(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • html /<link[^>]* href="[^"]*materialize(?:\.min)?\.css/i
  • script /materialize(?:\.min)?\.js/i

Page Statistics

8
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

249 kB
Transfer

819 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
dev.account.forecasting.ai/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dev.account.forecasting.ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.68.8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
89270856e62e015d04e4e04a3c2c4f2f80089599b31133ea24d61b1e5d91055c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; img-src 'self' 'unsafe-inline' https://res.cloudinary.com/; object-src 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Security-Policy default-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; img-src 'self' 'unsafe-inline' https://res.cloudinary.com/; object-src 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options nosniff

Request headers

Host
dev.account.forecasting.ai
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Length
717
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Set-Cookie
.AspNetCore.Session=CfDJ8JBTxfLz8GtNqJMLv65fMzm9uxgR6%2FCuoXq84SvuAAj6sB8vcj%2F3C%2B%2FUG4F%2F2SeNPPeOpS3ialNVOCq9kE9sShp6uijnXTqhQSHpY4qK5OG9eqqHNTSRGcdgSRBWyLGnqRk2Zr%2FIT1%2Bj3OvPVFcirGIjsBH7JNreEIgEHebR4pbm; path=/; samesite=lax; httponly ARRAffinity=26b480284d661e50ffd81073344d02d1c1f01fb60aafe1d6d1a8ed51a47a43fa;Path=/;HttpOnly;Domain=dev.account.forecasting.ai
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; img-src 'self' 'unsafe-inline' https://res.cloudinary.com/; object-src 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Security-Policy
default-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; img-src 'self' 'unsafe-inline' https://res.cloudinary.com/; object-src 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
Referrer-Policy
no-referrer
X-Powered-By
ASP.NET
Date
Sat, 23 May 2020 12:03:36 GMT
icon
fonts.googleapis.com/ 		574 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: dev.account.forecasting.ai
URL: https://dev.account.forecasting.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 23 May 2020 12:03:36 GMT
server
ESF
date
Sat, 23 May 2020 12:03:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 May 2020 12:03:36 GMT
materialize.css
dev.account.forecasting.ai/lib/materialize/css/ 		175 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dev.account.forecasting.ai/lib/materialize/css/materialize.css
Requested by
Host: dev.account.forecasting.ai
URL: https://dev.account.forecasting.ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.68.8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d7710a11746cca787772698d1757655babafa02d52655696f786c81d9409a0c5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 23 May 2020 12:03:36 GMT
Content-Encoding
gzip
ETag
"1d611b23d099a2d"
Last-Modified
Mon, 13 Apr 2020 16:40:28 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Accept-Ranges
bytes
site.css
dev.account.forecasting.ai/css/ 		1 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dev.account.forecasting.ai/css/site.css
Requested by
Host: dev.account.forecasting.ai
URL: https://dev.account.forecasting.ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.68.8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f2547862181e70de5481e2fbe9f4725ffc8946bf3954bc5bd9cad40f7f56bc1c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 23 May 2020 12:03:36 GMT
Content-Encoding
gzip
ETag
"1d611b23bd9fccb"
Last-Modified
Mon, 13 Apr 2020 16:40:26 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
600
FCST_LOGO_RVB_HORIZ.svg
res.cloudinary.com/forecastingai/image/upload/v1578924365/account/ 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/forecastingai/image/upload/v1578924365/account/FCST_LOGO_RVB_HORIZ.svg
Requested by
Host: dev.account.forecasting.ai
URL: https://dev.account.forecasting.ai/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:1b::393 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
3510c96139ae7ae6835ef928a6fc3f3a9f70603a93a0d18dbfb9783366bed2a2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 12:03:36 GMT
content-encoding
gzip
status
200
content-disposition
attachment; filename="FCST_LOGO_RVB_HORIZ.svg"
server-timing
fastly;dur=441;cpu=1;start=2020-05-23T12:03:36.417Z;desc=miss,rtt;dur=5,cloudinary;dur=70;start=2020-05-23T12:03:36.744Z
content-length
5410
last-modified
Mon, 13 Jan 2020 14:06:07 GMT
server
Cloudinary
etag
W/"24f744bd536ee686a17394ef92694d11"
vary
Accept-Encoding
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
jquery.js
dev.account.forecasting.ai/lib/jquery/ 		251 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.account.forecasting.ai/lib/jquery/jquery.js
Requested by
Host: dev.account.forecasting.ai
URL: https://dev.account.forecasting.ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.68.8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0a7f216533d52b6c9a1d969b3cd64b4534c351aa0bbcaf3f3a4ca368369ad1a3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 23 May 2020 12:03:35 GMT
Content-Encoding
gzip
ETag
"1d611b23d08cd27"
Last-Modified
Mon, 13 Apr 2020 16:40:28 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Accept-Ranges
bytes
materialize.js
dev.account.forecasting.ai/lib/materialize/js/ 		374 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.account.forecasting.ai/lib/materialize/js/materialize.js
Requested by
Host: dev.account.forecasting.ai
URL: https://dev.account.forecasting.ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.68.8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c9eae7c039b4b6bed8ee85be2fdb59681073278a8d5338d7a56a078b705d21f5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 23 May 2020 12:03:36 GMT
Content-Encoding
gzip
ETag
"1d611b23d0eff8d"
Last-Modified
Mon, 13 Apr 2020 16:40:28 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Accept-Ranges
bytes
site.js
dev.account.forecasting.ai/js/ 		76 B
498 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.account.forecasting.ai/js/site.js
Requested by
Host: dev.account.forecasting.ai
URL: https://dev.account.forecasting.ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.68.8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5f1f79a32b9c3c897f0a00c481b16565e5e5dc4e5ab3853949789f2d65c54f31

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 23 May 2020 12:03:36 GMT
Content-Encoding
gzip
ETag
"1d611b23bd9f94c"
Last-Modified
Mon, 13 Apr 2020 16:40:26 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
192

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| _get function| _createClass function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| Component function| docHandleKeydown function| docHandleKeyup function| docHandleFocus function| docHandleBlur function| getTime object| $jscomp object| $jscomp$this function| cash object| M object| Waves

2 Cookies

Domain/Path Name / Value
.dev.account.forecasting.ai/ Name: ARRAffinity
Value: 26b480284d661e50ffd81073344d02d1c1f01fb60aafe1d6d1a8ed51a47a43fa
dev.account.forecasting.ai/ Name: .AspNetCore.Session
Value: CfDJ8JBTxfLz8GtNqJMLv65fMzm9uxgR6%2FCuoXq84SvuAAj6sB8vcj%2F3C%2B%2FUG4F%2F2SeNPPeOpS3ialNVOCq9kE9sShp6uijnXTqhQSHpY4qK5OG9eqqHNTSRGcdgSRBWyLGnqRk2Zr%2FIT1%2Bj3OvPVFcirGIjsBH7JNreEIgEHebR4pbm

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; img-src 'self' 'unsafe-inline' https://res.cloudinary.com/; object-src 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Security-Policy default-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; img-src 'self' 'unsafe-inline' https://res.cloudinary.com/; object-src 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options nosniff