urlscan.io logo urlscan.io
SecurityTrails logo

cascadianb2b.dearportal.com Open in urlscan Pro
20.25.113.39  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cascadianb2b.dearportal.com/
Effective URL: https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
Submission: On September 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 20 HTTP transactions. The main IP is 20.25.113.39, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is cascadianb2b.dearportal.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 30th 2022. Valid for: a year.
This is the only time cascadianb2b.dearportal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13 20.25.113.39 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.240.48.36 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 199.232.136.157 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.72 13414 (TWITTER)
20 7
13    20.25.113.39 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
cascadianb2b.dearportal.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.240.48.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dear.blob.core.windows.net
1    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
platform.twitter.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
Apex Domain
Subdomains		 Transfer
13 dearportal.com
cascadianb2b.dearportal.com
566 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 704
syndication.twitter.com — Cisco Umbrella Rank: 964
133 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
546 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
3 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 windows.net
dear.blob.core.windows.net
126 KB
20 6
Domain Requested by
13 cascadianb2b.dearportal.com 2 redirects cascadianb2b.dearportal.com
2 www.google-analytics.com cascadianb2b.dearportal.com
2 platform.twitter.com cascadianb2b.dearportal.com
platform.twitter.com
2 fonts.googleapis.com cascadianb2b.dearportal.com
1 syndication.twitter.com platform.twitter.com
1 fonts.gstatic.com fonts.googleapis.com
1 dear.blob.core.windows.net cascadianb2b.dearportal.com
20 7

This site contains links to these domains. Also see Links.

Domain
g.page
Subject Issuer Validity Valid
*.dearportal.com
AlphaSSL CA - SHA256 - G2		 2022-05-30 -
2023-07-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2022-09-22 -
2023-09-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
platform.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-21 -
2023-08-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
Frame ID: ADA920ACEEFB1AECBA3763058D05F841
Requests: 18 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fcascadianb2b.dearportal.com
Frame ID: 11F51444DD27894B486E00E74EC07848
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

O3 Water Business Portal - Login

Page URL History Show full URLs

  1. http://cascadianb2b.dearportal.com/ HTTP 302
    https://cascadianb2b.dearportal.com/ HTTP 302
    https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <(?:div|html)[^>]+ng-app=
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

20
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

871 kB
Transfer

2075 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cascadianb2b.dearportal.com/ HTTP 302
    https://cascadianb2b.dearportal.com/ HTTP 302
    https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
cascadianb2b.dearportal.com/Account/
Redirect Chain
  • http://cascadianb2b.dearportal.com/
  • https://cascadianb2b.dearportal.com/
  • https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.25.113.39 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d43b217cfc1546edfd62b5ed401d2513117666a55111e11ab8194b443ece7022
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
5169
content-type
text/html; charset=utf-8
date
Thu, 29 Sep 2022 19:48:41 GMT
vary
Accept-Encoding
x-aspnetmvc-version
5.2
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
private
content-length
0
date
Thu, 29 Sep 2022 19:48:41 GMT
location
https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
x-aspnetmvc-version
5.2
css
fonts.googleapis.com/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|PT+Sans+Narrow|Source+Sans+Pro:200,300,400,600,700,900&subset=all
Requested by
Host: cascadianb2b.dearportal.com
URL: https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d78b78144c9e49fa62341603ab51efed6be0e618ef4343dd0b942b9b2975b53e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cascadianb2b.dearportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Sep 2022 19:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 19:12:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Sep 2022 19:48:42 GMT
css
fonts.googleapis.com/ 		13 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700,900&subset=all
Requested by
Host: cascadianb2b.dearportal.com
URL: https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
19012142d3d038fe81fb35b42175aff2359a1d60f3fff59ccd64a9716c86eef7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cascadianb2b.dearportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Sep 2022 19:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 19:48:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Sep 2022 19:48:42 GMT
bootstrap
cascadianb2b.dearportal.com/Content/ 		177 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cascadianb2b.dearportal.com/Content/bootstrap?v=VQ_3LoOX-inZIALpuL-SO5J_T7zWwDufeFSoatCrsTI1
Requested by
Host: cascadianb2b.dearportal.com
URL: https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.25.113.39 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
76e8e82ddb8311a71cb03de6cfa7b202175e7c409a7cc980a70e8e1c79ef856c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 19:48:41 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 19:48:42 GMT
vary
User-Agent,Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public
content-length
40347
expires
Fri, 29 Sep 2023 19:48:42 GMT
css
cascadianb2b.dearportal.com/Content/ 		204 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cascadianb2b.dearportal.com/Content/css?v=aIBeMxIrJFBtzmxTt5RILiHMcSP4-L--9ZFPa9YHAC81
Requested by
Host: cascadianb2b.dearportal.com
URL: https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.25.113.39 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
82651a5745d3a33ab0c036f3dd5bbbfe4bd8830ba41d5973675351fa4ebc08ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 19:48:41 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 19:48:42 GMT
vary
User-Agent,Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public
content-length
57515
expires
Fri, 29 Sep 2023 19:48:42 GMT
modernizr
cascadianb2b.dearportal.com/bundles/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cascadianb2b.dearportal.com/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1
Requested by
Host: cascadianb2b.dearportal.com
URL: https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.25.113.39 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 19:48:41 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 19:48:42 GMT
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
5292
expires
Fri, 29 Sep 2023 19:48:42 GMT
jquery
cascadianb2b.dearportal.com/bundles/ 		763 KB
302 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cascadianb2b.dearportal.com/bundles/jquery?v=aglkaU7m9HGQQimrPx582pKUnDRyPlR3Mw2YVLW5z5Q1
Requested by
Host: cascadianb2b.dearportal.com
URL: https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.25.113.39 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
08de210a4829a046b792343fde007c639802683d235a443d8b344c842d07b239

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires
Fri, 29 Sep 2023 19:48:42 GMT
date
Thu, 29 Sep 2022 19:48:42 GMT
cache-control
public
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 19:48:42 GMT
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
Styles
cascadianb2b.dearportal.com/Css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cascadianb2b.dearportal.com/Css/Styles?salt=8fb8d96f-8bd1-48e7-80f3-5744d9c68fcd
Requested by
Host: cascadianb2b.dearportal.com
URL: https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.25.113.39 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2f1f0051173c98e4294dc75b2a9da54f3b14a15ca0d8f3a74f28ef17c975fb94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 19:48:41 GMT
content-encoding
gzip
x-aspnetmvc-version
5.2
last-modified
Thu, 29 Sep 2022 19:48:42 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
private, max-age=36000
content-length
2929
expires
Fri, 30 Sep 2022 05:48:42 GMT
beddd9d5-b09d-469d-bd1c-5116be3c48da
dear.blob.core.windows.net/portal/ 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dear.blob.core.windows.net/portal/beddd9d5-b09d-469d-bd1c-5116be3c48da
Requested by
Host: cascadianb2b.dearportal.com
URL: https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.240.48.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ddd990b30ab3ea8fe8960526226f52a17fa881757c442be78499d15f03a78cbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cascadianb2b.dearportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 29 Sep 2022 19:48:42 GMT
Last-Modified
Mon, 19 Oct 2020 20:30:12 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
5jGuJRlC1ZsxMqX233MXuA==
ETag
0x8D8746DC8105483
Content-Type
image/png
x-ms-request-id
f048a874-d01e-00bc-703c-d4b65c000000
x-ms-version
2009-09-19
Content-Length
128137
bootstrap
cascadianb2b.dearportal.com/bundles/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cascadianb2b.dearportal.com/bundles/bootstrap?v=ri343z2BBVAHr5yR5Kbmo-L4cQsPfZw3mwbx6RfOLkY1
Requested by
Host: cascadianb2b.dearportal.com
URL: https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.25.113.39 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
58d2a08f0fe0c96b4999d7a42b5b2ee41f6a4cb844d064c47c2f572023d75c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 19:48:42 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 19:48:42 GMT
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
27403
expires
Fri, 29 Sep 2023 19:48:42 GMT
magiczoom
cascadianb2b.dearportal.com/bundles/ 		99 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cascadianb2b.dearportal.com/bundles/magiczoom?v=EOz0l7Huwy3IavI6VjjZ0ySOOXw9pr9vwZGeKykU4h81
Requested by
Host: cascadianb2b.dearportal.com
URL: https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.25.113.39 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1afd2983a2062674e2a49a0cebde4e6141bec131e5e8815e2e83bb10453411ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 19:48:42 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 19:48:42 GMT
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
47665
expires
Fri, 29 Sep 2023 19:48:42 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|PT+Sans+Narrow|Source+Sans+Pro:200,300,400,600,700,900&subset=all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cascadianb2b.dearportal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 18:50:55 GMT
x-content-type-options
nosniff
age
262667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Sep 2023 18:50:55 GMT
GoogleAnalytics
cascadianb2b.dearportal.com/Home/ 		49 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cascadianb2b.dearportal.com/Home/GoogleAnalytics
Requested by
Host: cascadianb2b.dearportal.com
URL: https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.25.113.39 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 19:48:42 GMT
content-encoding
gzip
x-aspnetmvc-version
5.2
last-modified
Thu, 29 Sep 2022 19:48:42 GMT
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
private, max-age=72000
content-length
24700
expires
Fri, 30 Sep 2022 15:48:42 GMT
fontawesome-webfont.woff2
cascadianb2b.dearportal.com/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cascadianb2b.dearportal.com/fonts/fontawesome-webfont.woff2?v=4.6.1
Requested by
Host: cascadianb2b.dearportal.com
URL: https://cascadianb2b.dearportal.com/Content/bootstrap?v=VQ_3LoOX-inZIALpuL-SO5J_T7zWwDufeFSoatCrsTI1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.25.113.39 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer
https://cascadianb2b.dearportal.com/Content/bootstrap?v=VQ_3LoOX-inZIALpuL-SO5J_T7zWwDufeFSoatCrsTI1
Origin
https://cascadianb2b.dearportal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 19:48:42 GMT
last-modified
Sat, 24 Sep 2022 12:42:26 GMT
accept-ranges
bytes
etag
"5babc51913d0d81:0"
content-length
56780
content-type
application/x-woff
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: cascadianb2b.dearportal.com
URL: https://cascadianb2b.dearportal.com/bundles/bootstrap?v=ri343z2BBVAHr5yR5Kbmo-L4cQsPfZw3mwbx6RfOLkY1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cascadianb2b.dearportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 19:48:42 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 20:05:37 GMT
etag
"f26384f93da6974ed577808dfa1fede5+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
*
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1800
accept-ranges
bytes
tw-cdn
FT
content-length
29223
x-served-by
cache-iad-kiad7000025-IAD, cache-hhn11553-HHN
up.png
cascadianb2b.dearportal.com/img/ 		948 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cascadianb2b.dearportal.com/img/up.png
Requested by
Host: cascadianb2b.dearportal.com
URL: https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.25.113.39 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c2cf900063250bf367617d76b3f2dc076972f1155de89dcab3ad9326a908dea5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cascadianb2b.dearportal.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 19:48:42 GMT
last-modified
Sat, 24 Sep 2022 12:42:26 GMT
accept-ranges
bytes
etag
"bedc81913d0d81:0"
content-length
948
content-type
image/png
collect
www.google-analytics.com/j/ 		2 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=277860006&t=pageview&_s=1&dl=https%3A%2F%2Fcascadianb2b.dearportal.com%2FAccount%2FLogin%3FReturnUrl%3D%252F&ul=en-us&de=UTF-8&dt=O3%20Water%20Business%20Portal%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=839633793&gjid=1514707185&cid=718922767.1664480923&tid=UA-159046327-1&_gid=1755491988.1664480923&_r=1&_slc=1&z=983329583
Requested by
Host: cascadianb2b.dearportal.com
URL: https://cascadianb2b.dearportal.com/Home/GoogleAnalytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cascadianb2b.dearportal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 19:48:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cascadianb2b.dearportal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_iframe.7dae38096d06923d683a2a807172322a.html
platform.twitter.com/widgets/ Frame 11F5 		320 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fcascadianb2b.dearportal.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://cascadianb2b.dearportal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105445
content-type
text/html; charset=utf-8
date
Thu, 29 Sep 2022 19:48:42 GMT
etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
last-modified
Wed, 28 Sep 2022 20:04:27 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-cache
HIT, HIT
x-served-by
cache-iad-kjyo7100135-IAD, cache-hhn11553-HHN
settings
syndication.twitter.com/ Frame 11F5 		770 B
645 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=74151fb77a8135dc9c8179a989935244a99a41af
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fcascadianb2b.dearportal.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
9ee10ccd9a93c142b161a6507a9f23cfcd9e279f6b6ae77f35c2fa5ad1d32deb
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-response-time
107
date
Thu, 29 Sep 2022 19:48:42 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Thu, 29 Sep 2022 19:48:42 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
8e6c4e69658af003
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
ef69f5475ef79993906529441f20d9a798eaacda901d500f2e79131fd9a80695
content-length
323
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=277860006&t=timing&_s=2&dl=https%3A%2F%2Fcascadianb2b.dearportal.com%2FAccount%2FLogin%3FReturnUrl%3D%252F&ul=en-us&de=UTF-8&dt=O3%20Water%20Business%20Portal%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2198&pdt=1&dns=0&rrt=540&srt=229&tcp=0&dit=1525&clt=1525&_gst=1416&_gbt=1559&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=718922767.1664480923&tid=UA-159046327-1&_gid=1755491988.1664480923&z=786091258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cascadianb2b.dearportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 23:08:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74400
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| html5 object| Modernizr object| app string| blockUIMessage object| pageCatalogsList function| DEARRound function| toFixedDown function| initResponsiveTables function| dearBlockUI function| dearUnblockUI function| turnOnAjaxPageBlocking function| getLocaleDateFromJson function| writeCatalogHistory function| initCatalog function| orderReorder function| setOrderAmountAlertMessage function| initOrderList function| initShoppingCartPage function| initTabbedPane function| updateShoppingCartInfoBlock function| showSomethingWrongMessage function| initJssorSlider function| makePositioningInCenter function| changePageTitle function| initLeftMenuClick function| DEARPriceWithTitleFormat function| DEARPriceFormat function| DEARPrice2Format function| DEARCostFormat function| showMessage function| showHtmlMessage function| guid function| initAddressesList function| initResponsiveTdClick function| changeProductListLayout function| getDateString function| footerPositioning function| hideShowPrices function| GoBackWithRefresh function| initCustomMenu function| changeSortingOption function| initOrderListRMA function| productImagesSlider function| initStickyTop function| restoreIndex function| returnCartSubmitUpdate function| returnCartSubmitRequest function| removeFromReturnCart function| addFile function| fileSelected function| removeFile function| copyToAll function| returnQuantityChanged function| getReturnQuantity function| updateReturnRequestButtonState function| prepareDataToReturt function| setQuantity function| applyInputMask function| toggleMobileSearch function| initQBOPaymentGateway function| $ function| jQuery object| angular object| $Jease$ object| $JssorEasing$ object| $JssorSlideshowFormations$ function| $JssorSlideshowRunner$ function| $JssorSlider$ function| $JssorBulletNavigator$ function| $JssorArrowNavigator$ function| $JssorThumbnailNavigator$ function| $JssorCaptionSlideo$ function| moment string| emptyGuid object| multiFilterItems string| GoogleAnalyticsObject function| ga boolean| hidePrice string| currencyCode object| scrolltotop object| Layout object| jQuery112401150838358393691 object| respond function| onClose function| swal function| sweetAlert object| magicJS function| $mjs string| $J_TYPE number| $J_UUID function| jGetSize function| jGetScroll function| jGetFullSize function| jFetch function| jStore function| jDel function| byClass function| byTag function| jAddEvent function| jRemoveEvent function| jCallEvent function| jRaiseEvent function| jClearEvents function| $J_EXT object| MagicZoomPlus object| MagicZoom string| GlobalUrlAddToCart object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __twttrll object| twttr object| __twttr

4 Cookies

Domain/Path Name / Value
cascadianb2b.dearportal.com/ Name: __RequestVerificationToken
Value: _YXEntNwRDtqzTDPLvyA9wY4fxYkS1NA39PKEo6_TlImRatSspFFeSPbWp4ULg_l80G23bO8AX0OSXfVYAlWvhpk3IsyTbsDlnDMbUIEjio1
.dearportal.com/ Name: _ga
Value: GA1.2.718922767.1664480923
.dearportal.com/ Name: _gid
Value: GA1.2.1755491988.1664480923
.dearportal.com/ Name: _gat
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cascadianb2b.dearportal.com
dear.blob.core.windows.net
fonts.googleapis.com
fonts.gstatic.com
platform.twitter.com
syndication.twitter.com
www.google-analytics.com
104.244.42.72
199.232.136.157
20.25.113.39
2a00:1450:4001:827::200e
2a00:1450:4001:82a::200a
2a00:1450:400d:80a::2003
52.240.48.36
08de210a4829a046b792343fde007c639802683d235a443d8b344c842d07b239
19012142d3d038fe81fb35b42175aff2359a1d60f3fff59ccd64a9716c86eef7
1afd2983a2062674e2a49a0cebde4e6141bec131e5e8815e2e83bb10453411ad
2f1f0051173c98e4294dc75b2a9da54f3b14a15ca0d8f3a74f28ef17c975fb94
58d2a08f0fe0c96b4999d7a42b5b2ee41f6a4cb844d064c47c2f572023d75c27
76e8e82ddb8311a71cb03de6cfa7b202175e7c409a7cc980a70e8e1c79ef856c
82651a5745d3a33ab0c036f3dd5bbbfe4bd8830ba41d5973675351fa4ebc08ca
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
9ee10ccd9a93c142b161a6507a9f23cfcd9e279f6b6ae77f35c2fa5ad1d32deb
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
c2cf900063250bf367617d76b3f2dc076972f1155de89dcab3ad9326a908dea5
d43b217cfc1546edfd62b5ed401d2513117666a55111e11ab8194b443ece7022
d78b78144c9e49fa62341603ab51efed6be0e618ef4343dd0b942b9b2975b53e
ddd990b30ab3ea8fe8960526226f52a17fa881757c442be78499d15f03a78cbb