safeavenue-na.f-secure.com
Open in
urlscan Pro
52.44.189.108
Public Scan
Effective URL: https://safeavenue-na.f-secure.com/iframe/-installers/frontier_sa/?download_id=9a49384b917141a8ab68b58a9daa7aab&referrer=email&tena...
Submission: On October 26 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert Baltimore TLS RSA SHA256 202... on November 9th 2021. Valid for: a year.
This is the only time safeavenue-na.f-secure.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 13.111.45.168 13.111.45.168 | 22606 (EXACT-7) (EXACT-7) | |
1 1 | 34.240.129.228 34.240.129.228 | 16509 (AMAZON-02) (AMAZON-02) | |
12 | 52.44.189.108 52.44.189.108 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 34.246.92.243 34.246.92.243 | 16509 (AMAZON-02) (AMAZON-02) | |
14 | 2 |
ASN22606 (EXACT-7, US)
PTR: click.email.f-secure.com
click.email.f-secure.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-129-228.eu-west-1.compute.amazonaws.com
operatorportal.f-secure.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-189-108.compute-1.amazonaws.com
safeavenue-na.f-secure.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-92-243.eu-west-1.compute.amazonaws.com
event.ds.fsapi.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
f-secure.com
2 redirects
click.email.f-secure.com operatorportal.f-secure.com safeavenue-na.f-secure.com |
872 KB |
2 |
fsapi.com
event.ds.fsapi.com |
146 B |
14 | 2 |
Domain | Requested by | |
---|---|---|
12 | safeavenue-na.f-secure.com |
safeavenue-na.f-secure.com
|
2 | event.ds.fsapi.com |
safeavenue-na.f-secure.com
|
1 | operatorportal.f-secure.com | 1 redirects |
1 | click.email.f-secure.com | 1 redirects |
14 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.f-secure.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.safeavenue.f-secure.com DigiCert Baltimore TLS RSA SHA256 2020 CA1 |
2021-11-09 - 2022-11-08 |
a year | crt.sh |
pete.ds.fsapi.com Amazon |
2022-07-08 - 2023-08-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://safeavenue-na.f-secure.com/iframe/-installers/frontier_sa/?download_id=9a49384b917141a8ab68b58a9daa7aab&referrer=email&tenant=53784005&uuid=c4bec990-ce78-4330-9833-995a722e58dd
Frame ID: 318D1BA771045221CB1A710E83C02EF0
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Secure by FrontierPage URL History Show full URLs
-
https://click.email.f-secure.com/?qs=f9357501f3789c3e2c2920794235fec3b819102d9b6ca900df9932d5179e1fd606c884e3...
HTTP 302
https://operatorportal.f-secure.com/api/downloadProduct?id=b574a164746e4197b42ff4533d748088 HTTP 303
https://safeavenue-na.f-secure.com/iframe/-installers/frontier_sa/?download_id=9a49384b917141a8ab68b58a9daa7aab... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Bedingungen
Search URL Search Domain Scan URL
Title: Datenschutz
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.email.f-secure.com/?qs=f9357501f3789c3e2c2920794235fec3b819102d9b6ca900df9932d5179e1fd606c884e39704c7b40b63533cedd1dd5b8f65ef2f23f213d9
HTTP 302
https://operatorportal.f-secure.com/api/downloadProduct?id=b574a164746e4197b42ff4533d748088 HTTP 303
https://safeavenue-na.f-secure.com/iframe/-installers/frontier_sa/?download_id=9a49384b917141a8ab68b58a9daa7aab&referrer=email&tenant=53784005&uuid=c4bec990-ce78-4330-9833-995a722e58dd Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
safeavenue-na.f-secure.com/iframe/-installers/frontier_sa/ Redirect Chain
|
14 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
merged.css
safeavenue-na.f-secure.com/iframe/-v3/202210141007/g/css/ |
130 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
merged02.css
safeavenue-na.f-secure.com/iframe/-v3/202210141007/g/css/ |
90 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
merged03.css
safeavenue-na.f-secure.com/iframe/-v3/202210141007/g/css/ |
187 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
merged04.css
safeavenue-na.f-secure.com/iframe/-v3/202210141007/g/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
operator_download_page.css
safeavenue-na.f-secure.com/iframe/-v3/000000000000/o/frontier_sa/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lib.js
safeavenue-na.f-secure.com/iframe/-v3/202210141007/g/js/merged/ |
1 MB 445 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
safeavenue-na.f-secure.com/iframe/-v3/202210141007/g/js/merged/ |
771 KB 195 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
text.json
safeavenue-na.f-secure.com/iframe/-v3/000000000000/o/frontier_sa/ |
103 KB 104 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
operator_logo
safeavenue-na.f-secure.com/iframe/-v3/000000000000/o/frontier_sa/img/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
by_fsecure.png
safeavenue-na.f-secure.com/iframe/-/static/v3/images/ |
885 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sa-icon-font.woff
safeavenue-na.f-secure.com/iframe/-v3/202210141007/g/icon/font/ |
33 KB 33 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1
event.ds.fsapi.com/pete/event/ |
54 B 146 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
1
event.ds.fsapi.com/pete/event/ |
0 0 |
Preflight
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| baseNs object| peteImpl function| XRegExp function| _ function| $ function| jQuery object| FS_PETE object| angular function| Hammer function| moment object| commonui function| iFrameResize object| intlTelInputUtils object| html5 object| Modernizr object| sessionConfig boolean| hideIdProtectionTab object| safe8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
safeavenue-na.f-secure.com/iframe/-installers/frontier_sa | Name: csrftoken Value: Vmp5TUdxFTHD3gVWT3gneOOGB7sLgIJwCPrqu9mgYtYyCM9msdS3J3i6NQhbTVht |
|
safeavenue-na.f-secure.com/iframe/-installers/frontier_sa | Name: sessionid Value: 9t5i0y708pg2xs0s5q11ihkl0mf5g9t1 |
|
safeavenue-na.f-secure.com/iframe/-installers/frontier_sa | Name: csrftoken__ssdup Value: Vmp5TUdxFTHD3gVWT3gneOOGB7sLgIJwCPrqu9mgYtYyCM9msdS3J3i6NQhbTVht |
|
safeavenue-na.f-secure.com/iframe/-installers/frontier_sa | Name: sessionid__ssdup Value: 9t5i0y708pg2xs0s5q11ihkl0mf5g9t1 |
|
safeavenue-na.f-secure.com/iframe/error | Name: sessionid Value: i1sbzx6gfrfwg5ciedh1rv40ag7gahlx |
|
safeavenue-na.f-secure.com/iframe/error | Name: sessionid__ssdup Value: i1sbzx6gfrfwg5ciedh1rv40ag7gahlx |
|
operatorportal.f-secure.com/ | Name: JSESSIONID Value: 4a41d9219b94d4ec4d56aefc5dd1 |
|
operatorportal.f-secure.com/ | Name: OPLB Value: my.op-app02b |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
click.email.f-secure.com
event.ds.fsapi.com
operatorportal.f-secure.com
safeavenue-na.f-secure.com
13.111.45.168
34.240.129.228
34.246.92.243
52.44.189.108
007dff6d574b6f0e61f18192cce05988d78ba96b56709f1dd569423a2dcf550a
10d380c2024a74218da3afd622d9b5e8c6a8bf1db56a7da106f50e8d80469f03
30f6ed57c4186409cc61435bb5d64f0730d2edbdf6d6d3644587fe7632e63c61
3da04cdb9a58d197ab5f7984bc00dc07044c3cd719eb7ac7ae8e4daae898a416
69b2423d45982cdd124370cfc3c76d36c0e04fee47015daf15afb6850aebc676
88c7c8baa1fb9e68a082bf5d4ce2b28e94afc5f1fff62e56f670db526b27b7c4
9f1050ff89ffcfde0893d871b9073bd247c4da23b0a121370f8518b48a8252d4
ae6c8a196f0ca11878c976988961bc35f539e52cc095867b9ddfc8bc8d6fee33
c73d5aa6b03420825a068be2c3a777277f11422e8a6fac88beaf215eb3ff68c6
c938157df6de74961e905a59949e9718e739ddcb5814d49a3965827ff9b83990
d05ea70463e11c3ab2896601b14bd5654ed402e68a9763394a3e0dfde1c31ce0
e1f763af7210adae8959f197498b411ccf29fddaaf5e4acb4f9c549a7724f0c0
f3a7a42feac005e1c46256ff9d8a45f19b83207ae3372c301f5a2aef3037ae52