urlscan.io logo urlscan.io
SecurityTrails logo

secure.shiftwise.net Open in urlscan Pro
45.60.14.254  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure.shiftwise.net/esp/login/login.aspx
Submission Tags: falconsandbox
Submission: On February 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 6 HTTP transactions. The main IP is 45.60.14.254, located in United States and belongs to INCAPSULA, US. The main domain is secure.shiftwise.net. The Cisco Umbrella rank of the primary domain is 782385.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q1 on February 25th 2023. Valid for: 6 months.
This is the only time secure.shiftwise.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 45.60.14.254 19551 (INCAPSULA)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 4
Apex Domain
Subdomains		 Transfer
4 shiftwise.net
secure.shiftwise.net — Cisco Umbrella Rank: 782385
25 KB
1 gstatic.com
fonts.gstatic.com
38 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
6 3
Domain Requested by
4 secure.shiftwise.net secure.shiftwise.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com secure.shiftwise.net
6 3

This site contains no links.

Subject Issuer Validity Valid
imperva.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-02-25 -
2023-08-24		 6 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://secure.shiftwise.net/esp/login/login.aspx
Frame ID: 9AE030D4ECE277C7695AAAFDA99B594A
Requests: 3 HTTP requests in this frame

Frame: https://secure.shiftwise.net/_Incapsula_Resource?CWUDNSAI=23&xinfo=14-70005901-0%200NNN%20RT%281677493569050%2023%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U24&incident_id=189000390103766025-341294881789774286&edet=16&cinfo=04000000&rpinfo=0&mth=GET
Frame ID: 574D08C094DAF373347336B3B5D5AD5B
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

6
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

64 kB
Transfer

204 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.aspx
secure.shiftwise.net/esp/login/ 		861 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.shiftwise.net/esp/login/login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.254 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
07a6407e45e1d1a49fc2bee3da2af3b90ceb3f32d21a683a51aa301d827ee4cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
861
content-type
text/html
x-iinfo
14-70005901-0 0NNN RT(1677493569050 23) q(0 -1 -1 0) r(0 -1) B16(4,314,0) U24
_Incapsula_Resource
secure.shiftwise.net/ 		145 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.shiftwise.net/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3
Requested by
Host: secure.shiftwise.net
URL: https://secure.shiftwise.net/esp/login/login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.254 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
822daea5727a939d37d507598c9f6472a338960b3b788443f44cf29a8bd0448f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.shiftwise.net/esp/login/login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
20924
content-type
application/javascript
_Incapsula_Resource
secure.shiftwise.net/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.shiftwise.net/_Incapsula_Resource?SWKMTFSR=1&e=0.3855050880352344
Requested by
Host: secure.shiftwise.net
URL: https://secure.shiftwise.net/esp/login/login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.254 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.shiftwise.net/esp/login/login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
_Incapsula_Resource
secure.shiftwise.net/ Frame 574D 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.shiftwise.net/_Incapsula_Resource?CWUDNSAI=23&xinfo=14-70005901-0%200NNN%20RT%281677493569050%2023%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U24&incident_id=189000390103766025-341294881789774286&edet=16&cinfo=04000000&rpinfo=0&mth=GET
Requested by
Host: secure.shiftwise.net
URL: https://secure.shiftwise.net/esp/login/login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.254 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
93f7acde8b4cd8de38da334b1ef64ad4e58f49df45a8508eadc0f1e46275b1b9

Request headers

Referer
https://secure.shiftwise.net/esp/login/login.aspx
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-length
3747
content-type
text/html
x-robots-tag
noindex
css2
fonts.googleapis.com/ Frame 574D 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700&display=swap
Requested by
Host: secure.shiftwise.net
URL: https://secure.shiftwise.net/_Incapsula_Resource?CWUDNSAI=23&xinfo=14-70005901-0%200NNN%20RT%281677493569050%2023%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U24&incident_id=189000390103766025-341294881789774286&edet=16&cinfo=04000000&rpinfo=0&mth=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6308a060ce27ea2c61de54a2259b0f504bd2d5ab1ed16e224e1c4efc783e8be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.shiftwise.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 10:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 09:44:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 10:26:10 GMT
truncated
/ Frame 574D 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fefd82032600b1979cc5f02c1786044b8d91109a5d5c52051f05356ae41861fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ Frame 574D 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.shiftwise.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 09:17:36 GMT
x-content-type-options
nosniff
age
349714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 09:17:36 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

3 Cookies

Domain/Path Name / Value
.shiftwise.net/ Name: visid_incap_1995175
Value: AgPwRfAYSzKpI86YtNjSuEGF/GMAAAAAQUIPAAAAAAA42bq5BS5cyRTbqb948h1c
.shiftwise.net/ Name: incap_ses_189_1995175
Value: gGLtX7gQoFIJlIt62nafAkGF/GMAAAAA5Le6xgdnOT7nzzk1yjykOQ==
secure.shiftwise.net/ Name: ___utmvc
Value: qzFocyTQ21OxeV5XtmRv9WwtVTok0kAoNAVnHrYwX9Xn30gThZPBQDzHFH8RJM8M09IRzPd/m/KKQ4Hqvsc/Gt1e4jHn+MiXvwe7Ttpmgfx1hwS43uM0qvUZlk9IDG0mNvzlfKXVqUdsp83cyPM2/TEBfqKwsjjNi9jiaro9mj+7CEu3VPW6w6MTrm/bqOfSmo3IAulhpWUMu23vBbDbadFhtFBImmQPj6uj1oWLqay5E2b14hfWGQCrRgUePuw+Fb+GEtDSV2q8nwPmSfhekK6acmwmQlnm5gdJPiYDpJ+Y7QAkj8TF5r0e5xPZvbcSUGN7GZ5tFXTQPMNhuFeXBRXAThREoQ8C3g5BT+oHKsHrjc5CnhkzzwFdzLEgcUVVavf0HAs8EmGzUDp4W57GZRD2V3dkIq5eBokzp6/vhHk8NpcIOy3BSxNX8jV2plmwtrkMOts/ZYQZo62o/lAB30kQFGu7q57v124T9Wa/ZBgsFNDn8JMwl3Jl7/rHYMzg1J8JfGYx1CemYO0SllCyTyZRpWyQ/1gxUKbZ2qkAbZK5H2zoVUPdkq+wNfjwAXOWG/gvtOS2U+0LzVBeO0Ce82reG3ALwIeaAWUZXltzkGSnkuVocM0wX0pLZoRJEGXUBUetisZtulwTuXPUR4jhTwuS6qZoS/pzjWzQmLUhXkAu2hGOtHA8vLPZwvClgoPiqDGrxPbQgQwqcyXM+9rpDVXbqAn4CBdXj8YzbmHPT0NVOwgx0z2ZoS5fRO5Zb0Unz38fpXDrSENs8Co5LEleutMOF6ndW1y7lKP0zdPKOGwPpI+o5SbYmv6yVgbhjSX6kNPQEwtE4Z9ZGqpOG2KaHE/xZZFYMLSNtgRtAqTKIGEMuBG5lYhQkWVTL3yZirCMQO/wnWiEzwNHsHN2SKJWNtpC0dM20Pob/4G+1Zmo3zX5/Ca5slXfd7y40aIEjRPGe99zvULh502+qOxmIIv0TK6ryQ/EMDBbAL2UQQebQNn63y65Yc7GMjorqcfhPLiyydPBjKpRHXlNH1qf76uADPd0nUkr75jEemx+zmdbmUR8GxR5MLYvfibEOefal5SdLACS3+qyyShTP7rxpi58xGTy62Ej3TU/9RPT+Wfg0aLsJ9TQcUtHwVjoiWeHBBuII+jsxbsBch9/Vi2CFT+7FElrsAiEHgeEvXQ20hsAJ7PmNls/X51Z86/zaaMhUX5il8DzVJFS2X9J6TnBIpzv8okKouPnh7ZHA20+Yc9SmdQ9Fn78gO7BLiI66TsZkZIc8JcTdc8GFRPrRLz1ZtUSNIH0o7HZhSYtsCEZFXqApOkLWPCTDg63WT9ytuYOsRk/4yDMQfv3xMFmwAOYyTRjMKuVNtvAoLOhC2EsFX3CeETnTqR41S+Rw4fU707/p6WPhepnqIeV62J+RgWssEOuLtS/mYN4lxj7x1jPqRtp8AYa3KYsbL9uwZCuQ3QzlXGY9k4RYQg4hLKxWddo1RcvGznvcqBfE1wEMBS7iZKx9qNnUH8D5Pv1FlCihFvavCpSMofTJM+4+JLEV6RmQ96PtDekRr56JtkTnG38bP5VBJZE54QtoAks6pETxRgmcIWETKby9BD+2Q/ord8BBREuwrvmpQtQt4+dNMdha34x7tE43wYsc4odj9wK7gpiSz05kqsRicKExvWaX29MiaitKEOzE1qkZF9Xdx9lteIEiH+7r6Eu1nI/kOWhQgsr+o5qGaCK8/6OE8QwU55H0U9kse+l+FzAKz8v4opjGGImEirtriFB6hIQhnHA5rPeW3F/d9esk8Y4W/jdhI0j/guBifTbzn02ALYCoP16fAxEF8xTqWtF9K7kLQcOErvslSlTQoJF2ZSgNzqfSlyKHKZ6B6YdFFZeFnc4bONBGzORHe+A7xFJYajJ6uqDKcXZbT7nAX9u6kky2/TA8PPRVEpvihR5RHizmlyjG2JoR35XzFycKrA9575GQeP4/KhkHeCvJ0QfidKQ8pDxW7FtTzoAut81zl4I4vMcpTDiH74eMTIMR2b7sv3pT/SE/vsjRICLIf/Q6Dp6IRjLygXWunZNqIRuPzE3wDXNEuCZNbE46sqJeDSy5+vV696jrrDsqsJL/Mzdv7v1NjPHXisJfgBRpQ3oZv0KrWwoa6285TsZztdzgZFoNKuT01IZMQvESGPzHN0Bxo+x7croSk2HVQoiCYsiFlYlehPnazG1pEQXl1zmDNZOcFlV3refVd9HXBMYOwaB3sL74JvpeZoVVC44DnbiMxSblkPag0RGJNgD9FjG6Bo5jB/zEYAAgtvlWaGx9lStJATCxuYHe8/6lIfqy/llu21a1y/o8wjB/6A2/ai1Vp9RCmIo9C0EYwCqOCgVOFOdIK9ZjxV25c47vBGpmtAutuE4q6pb8oquHjGbCfBB+VSbP1sIB8+8CPxhuo1DR2RIdGInXriIcbx5LNUrh3ZaWJXREZBaAT8Mn3UBR6NatkuYTpmUw4tMabvrmsLrJB9XZZuiiLzze8uTulP2RvxDqzVnONLHWkyH/hpRPsvrWD2HVayw8enuAGS9VfQpQK4bHgLfREXrbu7/GzSuOz+HX8gNM9eAIzsY1fRjsfngstbzrajHoWZ4sLU0W9hzdJG0pjSJ8L0Auc/3CEjYM7jSalJf9JRR7URxnoJii6DZ97iUuDaTN2oQn/XRktUPLGRpZ2VzdD0xODM5Nzcscz03YmEwOTg4Mzk4OGM3ODZmOGM4Y2EwN2M3ZmEyNjU4MDZmN2I5YzZjYTk5ZTZlYTA5YzlhOWQ4N2FmODI4MTdjOTQ2YzhlOWI4YTg5NzA3Ng==

1 Console Messages

Source Level URL
Text
network error URL: https://secure.shiftwise.net/esp/login/login.aspx
Message:
Failed to load resource: the server responded with a status of 403 ()