node3.bluezone.redfcu.org
Open in
urlscan Pro
67.20.186.19
Public Scan
Effective URL: https://node3.bluezone.redfcu.org/__extraweb__authen?id=ig%2BnAqYETRQ%3D&alias=workplace&resource=%2Fworkplace%2Faccess%2Fhome&rea...
Submission: On April 26 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 22nd 2022. Valid for: a year.
This is the only time node3.bluezone.redfcu.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 20 | 67.20.186.19 67.20.186.19 | 1828 (UNITAS) (UNITAS) | |
4 | 2a00:1450:400... 2a00:1450:4001:827::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:828::2003 | 15169 (GOOGLE) (GOOGLE) | |
22 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
redfcu.org
4 redirects
node3.bluezone.redfcu.org |
778 KB |
4 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119 |
3 KB |
2 |
gstatic.com
fonts.gstatic.com |
28 KB |
22 | 3 |
Domain | Requested by | |
---|---|---|
20 | node3.bluezone.redfcu.org |
4 redirects
node3.bluezone.redfcu.org
|
4 | fonts.googleapis.com |
node3.bluezone.redfcu.org
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
22 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.sonicwall.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
bluezone.redfcu.org DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2022-04-22 - 2023-05-03 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://node3.bluezone.redfcu.org/__extraweb__authen?id=ig%2BnAqYETRQ%3D&alias=workplace&resource=%2Fworkplace%2Faccess%2Fhome&realm=144
Frame ID: 328A57B999159A08179CA95A127A5425
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
Please log inPage URL History Show full URLs
-
https://node3.bluezone.redfcu.org/
HTTP 302
https://node3.bluezone.redfcu.org/workplace/access/home HTTP 302
https://node3.bluezone.redfcu.org/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrog... Page URL
-
https://node3.bluezone.redfcu.org/__extraweb__EPCmicrointerrogatordata?success=https%3A%2F%2Fnode3.bluezone.re...
HTTP 302
https://node3.bluezone.redfcu.org/workplace/access/home HTTP 302
https://node3.bluezone.redfcu.org/__extraweb__authen?id=ig%2BnAqYETRQ%3D&alias=workplace&resource=%2Fworkplace... Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Help
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://node3.bluezone.redfcu.org/
HTTP 302
https://node3.bluezone.redfcu.org/workplace/access/home HTTP 302
https://node3.bluezone.redfcu.org/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3Dhttps%253A%252F%252Fnode3.bluezone.redfcu.org%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace Page URL
-
https://node3.bluezone.redfcu.org/__extraweb__EPCmicrointerrogatordata?success=https%3A%2F%2Fnode3.bluezone.redfcu.org%2Fworkplace%2Faccess%2Fhome&alias=workplace
HTTP 302
https://node3.bluezone.redfcu.org/workplace/access/home HTTP 302
https://node3.bluezone.redfcu.org/__extraweb__authen?id=ig%2BnAqYETRQ%3D&alias=workplace&resource=%2Fworkplace%2Faccess%2Fhome&realm=144 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://node3.bluezone.redfcu.org/ HTTP 302
- https://node3.bluezone.redfcu.org/workplace/access/home HTTP 302
- https://node3.bluezone.redfcu.org/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3Dhttps%253A%252F%252Fnode3.bluezone.redfcu.org%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
__extraweb__EPCmicrointerrogatorpage
node3.bluezone.redfcu.org/ Redirect Chain
|
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.css
node3.bluezone.redfcu.org/__extraweb__/assets/themes/DefaultWorkplaceTheme// |
34 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
node3.bluezone.redfcu.org/__extraweb__/assets/themes/DefaultWorkplaceTheme// |
131 KB 131 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 948 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 634 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
template.js
node3.bluezone.redfcu.org/__extraweb__/ |
9 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sniffer.js
node3.bluezone.redfcu.org/preauthMI/ |
19 KB 19 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microinterrogator.js
node3.bluezone.redfcu.org/preauthMI/ |
2 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background_sky.png
node3.bluezone.redfcu.org/__extraweb__/assets/themes/DefaultWorkplaceTheme// |
167 KB 168 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_leftpanel.svg
node3.bluezone.redfcu.org/__extraweb__/assets/themes/DefaultWorkplaceTheme// |
718 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
av-default-logo.png
node3.bluezone.redfcu.org/__extraweb__/assets/themes/DefaultWorkplaceTheme// |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
__extraweb__authen
node3.bluezone.redfcu.org/ Redirect Chain
|
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.css
node3.bluezone.redfcu.org/__extraweb__/assets/themes/DefaultWorkplaceTheme// |
34 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
node3.bluezone.redfcu.org/__extraweb__/assets/themes/DefaultWorkplaceTheme// |
131 KB 131 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 635 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 634 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
template.js
node3.bluezone.redfcu.org/__extraweb__/ |
9 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background_sky.png
node3.bluezone.redfcu.org/__extraweb__/assets/themes/DefaultWorkplaceTheme// |
167 KB 168 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_leftpanel.svg
node3.bluezone.redfcu.org/__extraweb__/assets/themes/DefaultWorkplaceTheme// |
718 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
av-default-logo.png
node3.bluezone.redfcu.org/__extraweb__/assets/themes/DefaultWorkplaceTheme// |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless boolean| showHelpLink boolean| require_virtual_keyboard function| checkForLogout function| removeCookie function| checkPageType function| killRemediateSession function| killRemediateSessionUsingBeacon function| setRelogin function| readCookie function| ew_unescape_html function| EWTemplate function| clearDefault object| template number| reloginValue4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bluezone.redfcu.org/ | Name: EXTRAWEB_STATE Value: EAABEAAGBAADaWQAEAABBAABAAQABXNzcGYAEAABBQAABAAFaG9zdAAQAAEEAAEA |
|
.bluezone.redfcu.org/ | Name: EXTRAWEB_REFERER Value: %252FpreauthMI%252Fmicrointerrogator.js |
|
node3.bluezone.redfcu.org/ | Name: test Value: true |
|
.bluezone.redfcu.org/ | Name: EPC_MI Value: %26activeX%3A0%26win%3A1%26win32%3A1%26win64%3A1%26x64%3A1%26platform%3AWindows%26winnt%3A1%26win10%3A1%26chrome%3A112%26browser%3ANetscape%26browserVersion%3A112%26jsVersion%3A1.5%26height%3A1200%26width%3A1600%26userAgent%3Amozilla%252F5.0%2520(windows%2520nt%252010.0%253B%2520win64%253B%2520x64)%2520applewebkit%252F537.36%2520(khtml%252C%2520like%2520gecko)%2520chrome%252F112.0.5615.121%2520safari%252F537.36%26userLocale%3Aen-US |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
node3.bluezone.redfcu.org
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
67.20.186.19
29bbe6bc4d28f54dce52ac996a3da277415b5e5a9066aa1b80f5dafa2662061b
31ea2e887b590c396a150d4e5984d8882184d7ace61d8eaea3d3abafc1c4ac64
330c90249e7b12d89d35a3e324dba128f40898fd059377993aecdcf7db6a9686
3431145d933d3486c8ef88044e59271cfcfc3a418fa342f883da7fad98ad2ef6
3ca2c160a099c291e1cc41b9d7aa5f574b5d80b5d0ad54669de94e70e59e65ec
46b33b53d4f6cbbb6da26d936bd553d4fd7b7403b87783ac4508409bd1a0640e
5945b936a3fd3e5991a4d7971a396d5c8573ea9e85b0c9556ad1867ee2a06eb9
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
684c99fc554966a1074843341098f3ab38bfaffc457b35460dc3c1b97d3347ac
74726603380db81e37f78dd5fceddac7bd54dec6dcf08ec4d7d13b1a20c593e2
a1b9252c2f0ce90582dec0abda9ea678661ec6b509f3330919e1c67ce0741b32
fafc247b91c2a8bc0564fa0e3c9497147ceb2af19d6ccf338f35136fcbc3d041
fd334dc163a5740784d036c54f9660fec5eef4a5b5380d5e6387b0391125f941