urlscan.io logo urlscan.io
SecurityTrails logo

ndafrancedscastingcompany.castingcrane.com Open in urlscan Pro
34.198.133.228  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ndafrancedscastingcompany.castingcrane.com/
Effective URL: https://ndafrancedscastingcompany.castingcrane.com/
Submission Tags: falconsandbox
Submission: On July 05 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 7 HTTP transactions. The main IP is 34.198.133.228, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ndafrancedscastingcompany.castingcrane.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 17th 2021. Valid for: a year.
This is the only time ndafrancedscastingcompany.castingcrane.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.198.133.228 14618 (AMAZON-AES)
2 151.101.1.194 54113 (FASTLY)
2 143.204.98.78 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 4
Domain Requested by
2 www.google-analytics.com ndafrancedscastingcompany.castingcrane.com
www.google-analytics.com
2 cameratag.com ndafrancedscastingcompany.castingcrane.com
2 castingcrane-herokuapp-com.global.ssl.fastly.net ndafrancedscastingcompany.castingcrane.com
1 ndafrancedscastingcompany.castingcrane.com
7 4

This site contains links to these domains. Also see Links.

Domain
www.castingcrane.com
Subject Issuer Validity Valid
*.castingcrane.com
Sectigo RSA Domain Validation Secure Server CA		 2021-04-17 -
2022-04-18		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.cameratag.com
Amazon		 2020-12-15 -
2022-01-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ndafrancedscastingcompany.castingcrane.com/
Frame ID: B038D927594ECE84E9B195BD9A825B4D
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

7
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

483 kB
Transfer

1720 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
ndafrancedscastingcompany.castingcrane.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ndafrancedscastingcompany.castingcrane.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.133.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-133-228.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
3c09cfa57b0ae2ceab6f42c62daeff24c9668c1d0407c73e3c5eb86fc93e8291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ndafrancedscastingcompany.castingcrane.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Cowboy
Date
Mon, 05 Jul 2021 04:47:18 GMT
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Content-Type
text/html; charset=utf-8
Set-Cookie
_castingcrane_session=YWJaSytFUzJIRWludFFNMVorSUhrOHIwS21xOXl3YW9LYnF0blZFM1cvVTEvN1pFbUhuRHRQWEJhRzJBTGV5aGtkUm12ekQ1eVlKTjM3UmlhVkpkVVAvaG5BR1B1V05Vd3pwZG84a29mMmlvc3l6MWljUUE4VXFta3BDNFdFbXN1TEJ6d25QTVpZWnd2M2diWjFmOEF6SVdqcUdUbUtDMUlZMy9KY2UzYkVVT01DVFZ0RW51ZVJFQVV0SXplcHpvZHhyTzFYRnRGZEJkS0xyd1ZWSkJwQSt5MHpsZEV4eVhxSXJDTHBMZ0JVSzRtU0ZlSndtWWFJQnpIQjNwbVFLai0teUZkMmNHTDNJUElITHAwUWhNcU5XZz09--83a23cd6a043a194a93f2c156c428d2400326222; domain=.castingcrane.com; path=/; secure; HttpOnly
X-Request-Id
2a1dbd6d-3ec2-4eff-b2ff-6a75cb5e4fdc
X-Runtime
0.031076
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked
Via
1.1 vegur
application-40e101de244728ee7ef741c6c3c76f43.css
castingcrane-herokuapp-com.global.ssl.fastly.net/assets/ 		195 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://castingcrane-herokuapp-com.global.ssl.fastly.net/assets/application-40e101de244728ee7ef741c6c3c76f43.css
Requested by
Host: ndafrancedscastingcompany.castingcrane.com
URL: https://ndafrancedscastingcompany.castingcrane.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
89c1daaa1df909f99482ab5e7d9c2549e971d6a98d46abdd210d5db7cead1517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ndafrancedscastingcompany.castingcrane.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Age
961412
X-Cache
HIT
Connection
keep-alive
Content-Length
40127
Via
1.1 vegur, 1.1 varnish
X-Served-By
cache-fra19171-FRA
Last-Modified
Sat, 12 Jun 2021 23:49:29 GMT
Server
Cowboy
X-Timer
S1625460439.499103,VS0,VE3
Date
Mon, 05 Jul 2021 04:47:19 GMT
Vary
Accept-Encoding, Origin
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
X-Cache-Hits
1
public-006561b0e87ed914a384bb942704336c.js
castingcrane-herokuapp-com.global.ssl.fastly.net/assets/ 		467 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://castingcrane-herokuapp-com.global.ssl.fastly.net/assets/public-006561b0e87ed914a384bb942704336c.js
Requested by
Host: ndafrancedscastingcompany.castingcrane.com
URL: https://ndafrancedscastingcompany.castingcrane.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
30f6c8baedd10dced22b86928e4e5b1fa3e0b6744260265c4e522febd0214290
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ndafrancedscastingcompany.castingcrane.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Age
2179320
X-Cache
HIT
Connection
keep-alive
Content-Length
134636
Via
1.1 vegur, 1.1 varnish
X-Served-By
cache-fra19177-FRA
Last-Modified
Sat, 29 May 2021 23:21:25 GMT
Server
Cowboy
X-Timer
S1625460439.498803,VS0,VE3
Date
Mon, 05 Jul 2021 04:47:19 GMT
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
X-Cache-Hits
1
cameratag.min.js
cameratag.com/v14/js/ 		966 KB
280 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cameratag.com/v14/js/cameratag.min.js
Requested by
Host: ndafrancedscastingcompany.castingcrane.com
URL: https://ndafrancedscastingcompany.castingcrane.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-78.fra50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
14d067600af7303bdf8ee2660c7d33b4510a1e51f9bb0a93d9962163ef42ce7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ndafrancedscastingcompany.castingcrane.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Jul 2021 04:47:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA50-C1
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
749a6c03-cdcc-40cf-97db-79ed01b8e0a4
X-Runtime
0.010643
Access-Control-Allow-Origin
*
Server
nginx/1.16.1
X-Frame-Options
SAMEORIGIN
ETag
W/"d079b5360679a19c0cd6dee790d0c276"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/javascript; charset=utf-8
Via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
Cache-Control
max-age=0, private, must-revalidate
Access-Control-Allow-Headers
Cache-Control, Accept, X-Requested-With, X-Prototype-Version
X-Amz-Cf-Id
Rmf73yE6PHqSIc7_KAkpvAU76woOdt6czY2Pd5cS1WhzxD5yfm9vmQ==
cameratag.css
cameratag.com/static/14/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cameratag.com/static/14/cameratag.css
Requested by
Host: ndafrancedscastingcompany.castingcrane.com
URL: https://ndafrancedscastingcompany.castingcrane.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-78.fra50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
02870d8f7ccf1fa4feb73a272b61fa98b491408d18415cc4bc68097510ad6861

Request headers

Referer
https://ndafrancedscastingcompany.castingcrane.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Jul 2021 05:20:19 GMT
Content-Encoding
gzip
Age
84420
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 18 Jun 2021 13:32:18 GMT
Server
nginx/1.16.1
ETag
W/"60cca062-a3f9"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/css
Via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
J8TrTJZrJFMIYe2_pseH-rRVSCAUjqn3FEZfDbC8n_ghtcey9B51Dg==
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ndafrancedscastingcompany.castingcrane.com
URL: https://ndafrancedscastingcompany.castingcrane.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ndafrancedscastingcompany.castingcrane.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
3917
date
Mon, 05 Jul 2021 03:42:02 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Mon, 05 Jul 2021 05:42:02 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1185589936&t=pageview&_s=1&dl=https%3A%2F%2Fndafrancedscastingcompany.castingcrane.com%2F&ul=en-us&de=UTF-8&dt=NDA%20France%20-%20DSCasting%20Company&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABCAAAAC~&jid=1296349572&gjid=74464799&cid=1526842933.1625460440&tid=UA-52561207-1&_gid=1169768237.1625460440&_r=1&_slc=1&z=603311296
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ndafrancedscastingcompany.castingcrane.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Jul 2021 04:47:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ndafrancedscastingcompany.castingcrane.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| jQuery112409912164563740751 object| DirectUpload object| Shared object| SignaturePad object| SubmissionExt object| adapter boolean| CT_verbose_mode object| CT_i18n function| CameraTagPlayer function| CameraTagVideoWall function| CameraTagPhotoCamera function| CameraTagPhoto object| webpackJsonpjwplayer function| jwplayer object| jQuery1113073794338572972 object| CameraTag string| GoogleAnalyticsObject function| _ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.castingcrane.com/ Name: _gid
Value: GA1.2.1169768237.1625460440
.castingcrane.com/ Name: _gat_castingcrane
Value: 1
.castingcrane.com/ Name: _ga
Value: GA1.2.1526842933.1625460440
.castingcrane.com/ Name: _castingcrane_session
Value: YWJaSytFUzJIRWludFFNMVorSUhrOHIwS21xOXl3YW9LYnF0blZFM1cvVTEvN1pFbUhuRHRQWEJhRzJBTGV5aGtkUm12ekQ1eVlKTjM3UmlhVkpkVVAvaG5BR1B1V05Vd3pwZG84a29mMmlvc3l6MWljUUE4VXFta3BDNFdFbXN1TEJ6d25QTVpZWnd2M2diWjFmOEF6SVdqcUdUbUtDMUlZMy9KY2UzYkVVT01DVFZ0RW51ZVJFQVV0SXplcHpvZHhyTzFYRnRGZEJkS0xyd1ZWSkJwQSt5MHpsZEV4eVhxSXJDTHBMZ0JVSzRtU0ZlSndtWWFJQnpIQjNwbVFLai0teUZkMmNHTDNJUElITHAwUWhNcU5XZz09--83a23cd6a043a194a93f2c156c428d2400326222

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block