urlscan.io logo urlscan.io
SecurityTrails logo

account-entry1.aleaglomaforest.com Open in urlscan Pro
81.17.57.52  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://jobswipe.app.link/DailyEmail?jobHash=EDCDCE192BE8F7F822FD8C2FF4043290&%24fallback_url=https%3A%2F%2Flineworkarchit...
Effective URL: https://account-entry1.aleaglomaforest.com/?username=rick.stoddard@encora.com
Submission Tags: falconsandbox
Submission: On June 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 81.17.57.52, located in United Kingdom and belongs to LEASEWEB-UK-LON-11, GB. The main domain is account-entry1.aleaglomaforest.com.
TLS certificate: Issued by R3 on June 27th 2023. Valid for: 3 months.
This is the only time account-entry1.aleaglomaforest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:205... 16509 (AMAZON-02)
1 148.251.213.218 24940 (HETZNER-AS)
4 81.17.57.52 205544 (LEASEWEB-...)
7 3
Domain Requested by
3 account-entry1.aleaglomaforest.com account-entry1.aleaglomaforest.com
0301035a-9acad0e7.aleaglomaforest.com
1 0301035a-9acad0e7.aleaglomaforest.com account-entry1.aleaglomaforest.com
1 lineworkarchitects.com
1 jobswipe.app.link 1 redirects
7 4

This site contains no links.

Subject Issuer Validity Valid
lineworkarchitects.com
R3		 2023-05-07 -
2023-08-05		 3 months crt.sh
aleaglomaforest.com
R3		 2023-06-27 -
2023-09-25		 3 months crt.sh

This page contains 1 frames:

Frame: https://account-entry1.aleaglomaforest.com/?username=rick.stoddard@encora.com&sso_reload=true
Frame ID: 645AC12B60A0C5ABD20B2C018ECFE904
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://account-entry1.aleaglomaforest.com/?username=rick.stoddard@encora.com Page URL
  2. https://account-entry1.aleaglomaforest.com/?username=rick.stoddard@encora.com Page URL

Page Statistics

7
Requests

71 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

211 kB
Transfer

541 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://account-entry1.aleaglomaforest.com/?username=rick.stoddard@encora.com Page URL
  2. https://account-entry1.aleaglomaforest.com/?username=rick.stoddard@encora.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://jobswipe.app.link/DailyEmail?jobHash=EDCDCE192BE8F7F822FD8C2FF4043290&%24fallback_url=https%3A%2F%2Flineworkarchitects.com%2Fowa%2Faa%2Frick.stoddard%40encora.com HTTP 307
  • https://lineworkarchitects.com/owa/aa/rick.stoddard@encora.com?jobHash=EDCDCE192BE8F7F822FD8C2FF4043290&_branch_match_id=1202989438986641067&_branch_referrer=H4sIAAAAAAAAAxWM0QrCIBhGn8Yu3fontAUjaiq9Rfxzhqabosbo7XPwcW7OxzGlxHxtmk%2BY826jphgj9XZzDUfrf2KtvFX5xGxGwSc%2BifMAD9HLi%2BwBJO8nkJK1rIOhPRFgb%2FR%2BRuVe3%2BRHc9RJdycg62pW7yE5TMrYolXJVIW1irBjJR5IVjmaS1gWTAthrd5USHj8%2FiIJxRmqAAAA

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
rick.stoddard@encora.com
lineworkarchitects.com/owa/aa/
Redirect Chain
  • https://jobswipe.app.link/DailyEmail?jobHash=EDCDCE192BE8F7F822FD8C2FF4043290&%24fallback_url=https%3A%2F%2Flineworkarchitects.com%2Fowa%2Faa%2Frick.stoddard%40encora.com
  • https://lineworkarchitects.com/owa/aa/rick.stoddard@encora.com?jobHash=EDCDCE192BE8F7F822FD8C2FF4043290&_branch_match_id=1202989438986641067&_branch_referrer=H4sIAAAAAAAAAxWM0QrCIBhGn8Yu3fontAUjaiq...
0
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lineworkarchitects.com/owa/aa/rick.stoddard@encora.com?jobHash=EDCDCE192BE8F7F822FD8C2FF4043290&_branch_match_id=1202989438986641067&_branch_referrer=H4sIAAAAAAAAAxWM0QrCIBhGn8Yu3fontAUjaiq9Rfxzhqabosbo7XPwcW7OxzGlxHxtmk%2BY826jphgj9XZzDUfrf2KtvFX5xGxGwSc%2BifMAD9HLi%2BwBJO8nkJK1rIOhPRFgb%2FR%2BRuVe3%2BRHc9RJdycg62pW7yE5TMrYolXJVIW1irBjJR5IVjmaS1gWTAthrd5USHj8%2FiIJxRmqAAAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.213.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
meroserver.merohosting.com
Software
LiteSpeed /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
public, max-age=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 15:40:59 GMT
expires
Sat, 29 Jul 2023 15:40:59 GMT
refresh
0;url=https://account-entry1.aleaglomaforest.com/?username=rick.stoddard@encora.com
server
LiteSpeed
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
date
Thu, 29 Jun 2023 15:40:59 GMT
last-modified
Thu, 29 Jun 2023 15:40:59 GMT
location
https://lineworkarchitects.com/owa/aa/rick.stoddard@encora.com?jobHash=EDCDCE192BE8F7F822FD8C2FF4043290&_branch_match_id=1202989438986641067&_branch_referrer=H4sIAAAAAAAAAxWM0QrCIBhGn8Yu3fontAUjaiq9Rfxzhqabosbo7XPwcW7OxzGlxHxtmk%2BY826jphgj9XZzDUfrf2KtvFX5xGxGwSc%2BifMAD9HLi%2BwBJO8nkJK1rIOhPRFgb%2FR%2BRuVe3%2BRHc9RJdycg62pW7yE5TMrYolXJVIW1irBjJR5IVjmaS1gWTAthrd5USHj8%2FiIJxRmqAAAA
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-id
b9Qnu6qKLSH8AGmKvOlVB3E_GdaA5WAyZHXgg_F-DKXO6znfHIu7fA==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
/
account-entry1.aleaglomaforest.com/ 		216 KB
88 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account-entry1.aleaglomaforest.com/?username=rick.stoddard@encora.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.57.52 , United Kingdom, ASN205544 (LEASEWEB-UK-LON-11, GB),
Reverse DNS
uknetltd.uk
Software
nginx /
Resource Hash
febc8368e5c639461db387617242acdbdf7b42e94bb3cf2887ea90cfad0f3372
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lineworkarchitects.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 29 Jun 2023 15:41:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
account-entry1.aleaglomaforest.com/ 		148 B
314 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://account-entry1.aleaglomaforest.com/?username=rick.stoddard@encora.com
Requested by
Host: account-entry1.aleaglomaforest.com
URL: https://account-entry1.aleaglomaforest.com/?username=rick.stoddard@encora.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.57.52 , United Kingdom, ASN205544 (LEASEWEB-UK-LON-11, GB),
Reverse DNS
uknetltd.uk
Software
nginx /
Resource Hash
2a454f966d4d419d7983a0eccac065b8dda2e09e7e4617b6020660e0dddb8a60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 29 Jun 2023 15:41:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
application/json
Primary Request /
account-entry1.aleaglomaforest.com/ 		190 KB
74 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account-entry1.aleaglomaforest.com/?username=rick.stoddard@encora.com
Requested by
Host: account-entry1.aleaglomaforest.com
URL: https://account-entry1.aleaglomaforest.com/?username=rick.stoddard@encora.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.57.52 , United Kingdom, ASN205544 (LEASEWEB-UK-LON-11, GB),
Reverse DNS
uknetltd.uk
Software
nginx /
Resource Hash
389eaf5efbbaba7e387b1f3f7b73e6a9ea515f9f190288adf42595333f36f43c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://account-entry1.aleaglomaforest.com/?username=rick.stoddard@encora.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
cache-control
no-store, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 29 Jun 2023 15:41:03 GMT
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://ff569b49-9acad0e7.aleaglomaforest.com/api/report?catId=GW+estsfd+chi"}]}
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Accept-Encoding
x-ms-ests-server
2.1.15723.3 - NCUS ProdSlices
x-ms-request-id
900c657c-8ca5-40ac-a5df-77ede8781d00
BssoInterrupt_Core_TslNr0xtu1lnBhfEmx5v_A2.js
0301035a-9acad0e7.aleaglomaforest.com/shared/1.0/content/js/ 		135 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0301035a-9acad0e7.aleaglomaforest.com/shared/1.0/content/js/BssoInterrupt_Core_TslNr0xtu1lnBhfEmx5v_A2.js
Requested by
Host: account-entry1.aleaglomaforest.com
URL: https://account-entry1.aleaglomaforest.com/?username=rick.stoddard@encora.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.57.52 , United Kingdom, ASN205544 (LEASEWEB-UK-LON-11, GB),
Reverse DNS
uknetltd.uk
Software
nginx /
Resource Hash
e0bf5c3cb8e46d93b24c79c4e9dc9023ab7f270f0f0581d2092563ff814d4728
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://account-entry1.aleaglomaforest.com/
Origin
https://account-entry1.aleaglomaforest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Jun 2023 15:41:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 21:12:05 GMT
server
nginx
vary
Accept-Encoding
x-azure-ref
0D6adZAAAAADuDGpglnlzQ63BL0J0wOGhQU1TMDRFREdFMTkwNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
61f3abea-c01e-0077-6a1b-a9147d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
reportbssotelemetry
account-entry1.aleaglomaforest.com/common/instrumentation/ 		0
0
/
account-entry1.aleaglomaforest.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
account-entry1.aleaglomaforest.com
URL
https://account-entry1.aleaglomaforest.com/common/instrumentation/reportbssotelemetry?hpgid=6&hpgact=2101&client-request-id=0914d390-5a87-4057-b351-85ae6e3f9df8&hpgrequestid=900c657c-8ca5-40ac-a5df-77ede8781d00
Domain
account-entry1.aleaglomaforest.com
URL
https://account-entry1.aleaglomaforest.com/?username=rick.stoddard@encora.com&sso_reload=true

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData

2 Cookies

Domain/Path Name / Value
.app.link/ Name: _s
Value: eK3NEXOI8UGxOpM%2FgkIfjujkJ9GYJ5AYMIk5HA9dBe18uLiQp5pEHFXTSr%2F%2FA4NO
.aleaglomaforest.com/ Name: i1Wi1c
Value: OWFjYWQwZTctMTQ3MC00Y2Y2LTkyZjgtNzYyOWYwYjc1ZWU1OjgyMGUyZmJhLTExMzgtNDFlZi1iYTU3LTk5MzE2MDU2NDI1Yw==

1 Console Messages

Source Level URL
Text
network error URL: https://account-entry1.aleaglomaforest.com/?username=rick.stoddard@encora.com(Line 61)
Message:
WebSocket connection to 'wss://account-entry1.aleaglomaforest.com/websocket/hook/?i1Wi1c=OWFjYWQwZTcxNDcwNGNmNjkyZjg3NjI5ZjBiNzVlZTU=' failed: Error during WebSocket handshake: Unexpected response code: 503

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block