urlscan.io logo urlscan.io
SecurityTrails logo

resources.digitalshadows.com Open in urlscan Pro
96.45.200.172  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mailer.digitalshadows.com/j8tE0k1NX007T0N3YVt0q00
Effective URL: https://resources.digitalshadows.com/phishing-protection/phishing-protection?mkt_tok=eyJpIjoiTlRrMU16TTBOVGd6TldFNCIsInQiOiJjQ3lPY2Vw...
Submission: On July 24 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 7 domains to perform 10 HTTP transactions. The main IP is 96.45.200.172, located in Toronto, Canada and belongs to BEANFIELD - Beanfield Technologies Inc., CA. The main domain is resources.digitalshadows.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 10th 2018. Valid for: 2 years.
This is the only time resources.digitalshadows.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.17.70.206 13335 (CLOUDFLAR...)
1 96.45.200.172 21949 (BEANFIELD)
10 3
Domain Requested by
1 resources.digitalshadows.com mailer.digitalshadows.com
1 mailer.digitalshadows.com
0 unpkg.com Failed resources.digitalshadows.com
0 stackpath.bootstrapcdn.com Failed resources.digitalshadows.com
0 use.fontawesome.com Failed resources.digitalshadows.com
0 maxcdn.bootstrapcdn.com Failed resources.digitalshadows.com
0 cihost.uberflip.com Failed resources.digitalshadows.com
0 content.cdntwrk.com Failed resources.digitalshadows.com
0 fonts.googleapis.com Failed resources.digitalshadows.com
10 9

This site contains no links.

Subject Issuer Validity Valid
mailer.digitalshadows.com
CloudFlare Inc ECC CA-2		 2019-05-28 -
2020-05-28		 a year crt.sh
resources.digitalshadows.com
Entrust Certification Authority - L1K		 2018-07-10 -
2020-08-22		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://resources.digitalshadows.com/phishing-protection/phishing-protection?mkt_tok=eyJpIjoiTlRrMU16TTBOVGd6TldFNCIsInQiOiJjQ3lPY2VwXC9xRU9aUEgxQWdvMlFBR0M4UGEyYUk4QVNoMXJlTWNRUlM2OTdnQVdVNCtLRHQ5cUdmaGdybmxVNExBeVwvQzRMNGYyWmhBaVJZRVFKd3cxY1FwQ1RzZUxGb2xwTW9xeFprYzA2SitUa3Zud3NSc1pZcHM5YkIzS2M5In0%3D
Frame ID: 5394C683CC592F39333BCEE75E08006F
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://mailer.digitalshadows.com/j8tE0k1NX007T0N3YVt0q00 Page URL
  2. https://resources.digitalshadows.com/phishing-protection/phishing-protection?mkt_tok=eyJpIjoiTlRrMU16TTBOVGd6TldF... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

10
Requests

20 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

3
IPs

2
Countries

1 kB
Transfer

45 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mailer.digitalshadows.com/j8tE0k1NX007T0N3YVt0q00 Page URL
  2. https://resources.digitalshadows.com/phishing-protection/phishing-protection?mkt_tok=eyJpIjoiTlRrMU16TTBOVGd6TldFNCIsInQiOiJjQ3lPY2VwXC9xRU9aUEgxQWdvMlFBR0M4UGEyYUk4QVNoMXJlTWNRUlM2OTdnQVdVNCtLRHQ5cUdmaGdybmxVNExBeVwvQzRMNGYyWmhBaVJZRVFKd3cxY1FwQ1RzZUxGb2xwTW9xeFprYzA2SitUa3Zud3NSc1pZcHM5YkIzS2M5In0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
j8tE0k1NX007T0N3YVt0q00
mailer.digitalshadows.com/ 		607 B
959 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mailer.digitalshadows.com/j8tE0k1NX007T0N3YVt0q00
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.70.206 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e62bbc7d4725da10236ad8cd75c437190b1012444b4e42ba35fee076a002591
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
mailer.digitalshadows.com
:scheme
https
:path
/j8tE0k1NX007T0N3YVt0q00
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status
200
date
Wed, 24 Jul 2019 09:43:00 GMT
content-type
text/html
set-cookie
__cfduid=d8068476fefd48eb70915fb90305b4fd61563961380; expires=Thu, 23-Jul-20 09:43:00 GMT; path=/; domain=.mailer.digitalshadows.com; HttpOnly BIGipServerPOOL-162.13.131.123-go2.wire.com-80=!Jn6CPFUNY0BjJBS9jRdq5/AJjPbVzW9+CiYOa07XdThlNopSaiyGll/dMCTaIIpbd7J90qCFHY5lGaU=; path=/; Httponly; Secure
cache-control
private, no-cache, no-store, max-age=0
x-cnection
close
x-content-type-options
nosniff
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4fb4f284faf063cb-FRA
content-encoding
gzip
Primary Request phishing-protection
resources.digitalshadows.com/phishing-protection/ 		45 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://resources.digitalshadows.com/phishing-protection/phishing-protection?mkt_tok=eyJpIjoiTlRrMU16TTBOVGd6TldFNCIsInQiOiJjQ3lPY2VwXC9xRU9aUEgxQWdvMlFBR0M4UGEyYUk4QVNoMXJlTWNRUlM2OTdnQVdVNCtLRHQ5cUdmaGdybmxVNExBeVwvQzRMNGYyWmhBaVJZRVFKd3cxY1FwQ1RzZUxGb2xwTW9xeFprYzA2SitUa3Zud3NSc1pZcHM5YkIzS2M5In0%3D
Requested by
Host: mailer.digitalshadows.com
URL: https://mailer.digitalshadows.com/j8tE0k1NX007T0N3YVt0q00
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.45.200.172 Toronto, Canada, ASN21949 (BEANFIELD - Beanfield Technologies Inc., CA),
Reverse DNS
96-45-200-172.beanfield.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
resources.digitalshadows.com
:scheme
https
:path
/phishing-protection/phishing-protection?mkt_tok=eyJpIjoiTlRrMU16TTBOVGd6TldFNCIsInQiOiJjQ3lPY2VwXC9xRU9aUEgxQWdvMlFBR0M4UGEyYUk4QVNoMXJlTWNRUlM2OTdnQVdVNCtLRHQ5cUdmaGdybmxVNExBeVwvQzRMNGYyWmhBaVJZRVFKd3cxY1FwQ1RzZUxGb2xwTW9xeFprYzA2SitUa3Zud3NSc1pZcHM5YkIzS2M5In0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://mailer.digitalshadows.com/j8tE0k1NX007T0N3YVt0q00
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer
https://mailer.digitalshadows.com/j8tE0k1NX007T0N3YVt0q00

Response headers

status
200
content-encoding
gzip
content-language
en-US
content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2019 09:43:18 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
referrer-policy
unsafe-url
set-cookie
_MGZ_=e0qml65el9m1ma54s95efgc1j8; path=/; secure; HttpOnly uf_privacy_prefs=1%7C1; expires=Thu, 23-Jul-2020 09:43:18 GMT; Max-Age=31536000; path=/; secure pdf_event=WyJbe1widXVpZFwiOjU3MTY2OTA0NX0sMTU5NTQ5NzM5OF0iLCJhNGU3MzcyN2I0ODJiOGM1OTQyNzVhODYzY2U1YWIzOCJd; expires=Thu, 23-Jul-2020 09:43:18 GMT; Max-Age=31536000; path=/; secure
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
55337
css
fonts.googleapis.com/ 		0
0
hubs.12fe5b028ad78a4bea60.css
content.cdntwrk.com/css/hubs/ 		0
0
style.css
cihost.uberflip.com/digitalshadows/build/ 		0
0
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 		0
0
all.css
use.fontawesome.com/releases/v5.8.1/css/ 		0
0
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		0
0
ionicons.min.css
unpkg.com/ionicons@4.5.10-0/dist/css/ 		0
0
css
fonts.googleapis.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C700
Domain
content.cdntwrk.com
URL
https://content.cdntwrk.com/css/hubs/hubs.12fe5b028ad78a4bea60.css
Domain
cihost.uberflip.com
URL
https://cihost.uberflip.com/digitalshadows/build/style.css
Domain
maxcdn.bootstrapcdn.com
URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Domain
use.fontawesome.com
URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Domain
stackpath.bootstrapcdn.com
URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Domain
unpkg.com
URL
https://unpkg.com/ionicons@4.5.10-0/dist/css/ionicons.min.css
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

2 Cookies

Domain/Path Name / Value
mailer.digitalshadows.com/ Name: BIGipServerPOOL-162.13.131.123-go2.wire.com-80
Value: !Jn6CPFUNY0BjJBS9jRdq5/AJjPbVzW9+CiYOa07XdThlNopSaiyGll/dMCTaIIpbd7J90qCFHY5lGaU=
.mailer.digitalshadows.com/ Name: __cfduid
Value: d8068476fefd48eb70915fb90305b4fd61563961380

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff