urlscan.io logo urlscan.io
SecurityTrails logo

dlm.esd.sage.com Open in urlscan Pro
3.131.227.95  Public Scan

Go To Rescan Add Verdict Report
URL: https://dlm.esd.sage.com/d.aspx?_C=5D8CA59828459990
Submission: On June 23 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 3.131.227.95, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is dlm.esd.sage.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on February 21st 2020. Valid for: 2 years.
This is the only time dlm.esd.sage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 3.131.227.95 16509 (AMAZON-02)
1 23.21.224.49 14618 (AMAZON-AES)
5 3
Apex Domain
Subdomains		 Transfer
3 sage.com
dlm.esd.sage.com
107 KB
1 suresby.biz
dlm-esd.suresby.biz
1 ipify.org
api.ipify.org
255 B
5 3
Domain Requested by
3 dlm.esd.sage.com dlm.esd.sage.com
1 dlm-esd.suresby.biz dlm.esd.sage.com
1 api.ipify.org dlm.esd.sage.com
5 3

This site contains links to these domains. Also see Links.

Domain
www.suresby.net
Subject Issuer Validity Valid
*.esd.sage.com
RapidSSL RSA CA 2018		 2020-02-21 -
2022-02-20		 2 years crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2021-01-19 -
2022-02-19		 a year crt.sh
*.suresby.biz
Sectigo RSA Domain Validation Secure Server CA		 2021-02-15 -
2022-03-18		 a year crt.sh

This page contains 1 frames:

Frame: https://dlm-esd.suresby.biz/d.aspx?_BC=5D8CA59828459990&CmpExternalIp=91.207.172.78
Frame ID: C0DFF284638CA7C428326B1FC23D058C
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

108 kB
Transfer

109 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request d.aspx
dlm.esd.sage.com/ 		11 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dlm.esd.sage.com/d.aspx?_C=5D8CA59828459990
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.131.227.95 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-131-227-95.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
8c0dd44a5da080dec5c483080287c260f75012967127599fc13c37837b5b2de4
Security Headers
Name Value
Content-Security-Policy object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
dlm.esd.sage.com
:scheme
https
:path
/d.aspx?_C=5D8CA59828459990
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 18:22:05 GMT
server
x-xss-protection
1; mode=block
x-frame-options
Deny
referrer-policy
no-referrer
feature-policy
accelerometer 'none'; camera 'none'; microphone 'none';
access-control-allow-origin
https://sagedlm.suresby.biz/
content-security-policy
object-src 'none'
strict-transport-security
max-age=31536000; includeSubDomains; preload
expect-ct
enforce, max-age=30000, report-uri="https://1a5d1c78364db5041e8f790593618ca7.report-uri.com/r/d/csp/reportOnly"
jquery.min.js
dlm.esd.sage.com/Js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dlm.esd.sage.com/Js/jquery.min.js
Requested by
Host: dlm.esd.sage.com
URL: https://dlm.esd.sage.com/d.aspx?_C=5D8CA59828459990
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.131.227.95 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-131-227-95.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Content-Security-Policy object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/Js/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dlm.esd.sage.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 18:22:06 GMT
last-modified
Tue, 16 Mar 2021 04:18:06 GMT
server
etag
"1d71a1b5d264e9d"
expect-ct
enforce, max-age=30000, report-uri="https://1a5d1c78364db5041e8f790593618ca7.report-uri.com/r/d/csp/reportOnly"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
https://sagedlm.suresby.biz/
content-security-policy
object-src 'none'
accept-ranges
bytes
content-length
89501
header.jpg
dlm.esd.sage.com/Images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dlm.esd.sage.com/Images/header.jpg
Requested by
Host: dlm.esd.sage.com
URL: https://dlm.esd.sage.com/d.aspx?_C=5D8CA59828459990
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.131.227.95 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-131-227-95.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d2991bb2195a2e6a069f67a2b20ed811187f23a3fbb6401ed0a6be60e92fd997
Security Headers
Name Value
Content-Security-Policy object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/Images/header.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
dlm.esd.sage.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 18:22:06 GMT
last-modified
Tue, 06 Apr 2021 05:49:36 GMT
server
etag
"1d72aa8a01f4564"
expect-ct
enforce, max-age=30000, report-uri="https://1a5d1c78364db5041e8f790593618ca7.report-uri.com/r/d/csp/reportOnly"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
https://sagedlm.suresby.biz/
content-security-policy
object-src 'none'
accept-ranges
bytes
content-length
7524
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bb02204209678b827b64cf3530944a7cba39c09bb9f75a7f59840bbf9c25d79

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpeg
/
api.ipify.org/ 		22 B
255 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: dlm.esd.sage.com
URL: https://dlm.esd.sage.com/d.aspx?_C=5D8CA59828459990
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.224.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-224-49.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
be944860f0e5ac777c6b3c9c85a067c2d75915b2cdc94d3e8e3f9929bf058d03

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Jun 2021 18:22:06 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://dlm.esd.sage.com
Connection
keep-alive
Content-Length
22
d.aspx
dlm-esd.suresby.biz/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://dlm-esd.suresby.biz/d.aspx?_BC=5D8CA59828459990&CmpExternalIp=91.207.172.78
Requested by
Host: dlm.esd.sage.com
URL: https://dlm.esd.sage.com/d.aspx?_C=5D8CA59828459990
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.131.227.95 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-131-227-95.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
dlm-esd.suresby.biz
:scheme
https
:path
/d.aspx?_BC=5D8CA59828459990&CmpExternalIp=91.207.172.78
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 18:22:07 GMT
content-type
application/x-msdownload
server
x-xss-protection
1; mode=block
x-frame-options
Deny
referrer-policy
no-referrer
feature-policy
accelerometer 'none'; camera 'none'; microphone 'none';
content-disposition
attachment;filename=SageEstCommercialKnowledgebase(SQL)2021.exe
access-control-allow-origin
https://sagedlm.suresby.biz/
content-security-policy
object-src 'none'
strict-transport-security
max-age=31536000; includeSubDomains; preload
expect-ct
enforce, max-age=30000, report-uri="https://1a5d1c78364db5041e8f790593618ca7.report-uri.com/r/d/csp/reportOnly"

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery string| pageLink string| extIp function| fnDownloadExe

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options Deny
X-Xss-Protection 1; mode=block