teamsite.citrin.co Open in urlscan Pro
199.34.228.76 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://teamsite.citrin.co/apps/member/login
Submission Tags: @phishunt_io
Submission: On August 24 via api (August 24th 2021, 11:40:37 am UTC) from DE

Summary HTTP 15 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 199.34.228.76, located in United States and belongs to WEEBLY, US. The main domain is teamsite.citrin.co.
TLS certificate: Issued by R3 on August 24th 2021. Valid for: 3 months.

This is the only time teamsite.citrin.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2	199.34.228.76 199.34.228.76		27647 (WEEBLY) (WEEBLY)
11	2a04:4e42:3::302 2a04:4e42:3::302		54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:831::200a		15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a		15169 (GOOGLE) (GOOGLE)
15	4

2 199.34.228.76 (United States)

ASN27647 (WEEBLY, US)
PTR: pages-custom-28.weebly.com

teamsite.citrin.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a04:4e42:3::302 (United States)

ASN54113 (FASTLY, US)

cdn2.editmysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	editmysite.com cdn2.editmysite.com	682 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	83 KB
2	citrin.co teamsite.citrin.co	4 KB
15	3

	Domain	Requested by
11	cdn2.editmysite.com	teamsite.citrin.co cdn2.editmysite.com
2	teamsite.citrin.co	teamsite.citrin.co
1	ajax.googleapis.com	teamsite.citrin.co
1	fonts.googleapis.com	teamsite.citrin.co
15	4

This site contains no links.

Subject Issuer	Validity	Valid
teamsite.citrin.co R3	`2021-08-24` - `2021-11-22`	3 months	crt.sh
*.editmysite.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://teamsite.citrin.co/apps/member/login
Frame ID: 56EE28B11AE4F3F5E514D6FAC9456E95
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In

Detected technologies

Weebly (CMS) Expand

Overall confidence: 100%
Detected patterns

script /cdn\d+\.editmysite\.com/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /cdn\d+\.editmysite\.com/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /cdn\d+\.editmysite\.com/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

15
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

769 kB
Transfer

2869 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set login Show response
teamsite.citrin.co/apps/member/ 11 KB
3 KB 606ms
250ms Document
text/html 199.34.228.76
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://teamsite.citrin.co/apps/member/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.76 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-28.weebly.com
Software: Apache /
Resource Hash: dba4ec024ab448743289d2c1f9cf86f9f5109c0afa1a3a2bcd06f9f54cc05acc

Request headers

Host: teamsite.citrin.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 24 Aug 2021 11:39:54 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: site_session=6124da8aed6d04.29449421; path=/ language=en; expires=Tue, 07-Sep-2021 11:39:54 GMT; Max-Age=1209600; path=/ cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%7D; expires=Fri, 22-Aug-2031 11:39:55 GMT; Max-Age=315360000; path=/
Cache-Control: private
ETag: W/"c74fe95f6b5e571cf80546e55cd6e9c2-gzip"
Content-Encoding: gzip
X-Host: pages9.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 2560
Keep-Alive: timeout=10, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Cookie set gdprscript.js Show response
teamsite.citrin.co/gdpr/ 227 B
627 B 221ms
220ms Script
application/javascript 199.34.228.76
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://teamsite.citrin.co/gdpr/gdprscript.js?buildTime=1629222648
Requested by: Host: teamsite.citrin.co
URL: https://teamsite.citrin.co/apps/member/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.76 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-28.weebly.com
Software: Apache /
Resource Hash: 6cc73aa4822bdc024366ba999d93b6a62c18b3ef40814f8f253dfc557075c22b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: teamsite.citrin.co
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://teamsite.citrin.co/apps/member/login
Cookie: site_session=6124da8aed6d04.29449421; language=en; cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%7D
Connection: keep-alive
Referer: https://teamsite.citrin.co/apps/member/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 24 Aug 2021 11:39:55 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Content-Type: application/javascript
Set-Cookie: language=en; expires=Tue, 07-Sep-2021 11:39:55 GMT; Max-Age=1209600; path=/
Cache-Control: private
X-Host: pages6.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=68
Content-Length: 227
X-UA-Compatible: IE=edge,chrome=1

GET
H2 200 modernizr.js Show response
cdn2.editmysite.com/js/vendor/ 11 KB
5 KB 36ms
17ms Script
application/x-javascript 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/vendor/modernizr.js
Requested by: Host: teamsite.citrin.co
URL: https://teamsite.citrin.co/apps/member/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d87cb7ca225d3be63f4e09d3736054449761c3daff1e35b92655c7152e00c277

Request headers

Referer: https://teamsite.citrin.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 11:39:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 1047138
x-cache: HIT, HIT
x-cache-hits: 3, 1
content-encoding: gzip
content-length: 4368
x-served-by: cache-sjc10064-SJC, cache-fra19156-FRA
last-modified: Wed, 11 Aug 2021 21:11:39 GMT
server: nginx
x-timer: S1629805195.123326,VS0,VE1
etag: W/"61143d0b-2c3d"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 26 Aug 2021 08:47:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
951 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,300,400,700

Requested by

Host: teamsite.citrin.co
URL: https://teamsite.citrin.co/apps/member/login

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c2bb8eaabd73f4d54bfe1082ce8606dd5e63ec9da3fe3cd8fdb9feace59f504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://teamsite.citrin.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 10:17:09 GMT
server: ESF
date: Tue, 24 Aug 2021 11:39:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 24 Aug 2021 11:39:55 GMT

GET
H2 200 sites.css
cdn2.editmysite.com/css/ 210 KB
29 KB 24ms
6ms Stylesheet
text/css 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/sites.css?buildTime=1629222648
Requested by: Host: teamsite.citrin.co
URL: https://teamsite.citrin.co/apps/member/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d0510d4ca7d7a21836fa8d835b738f49a5f8de52127a6e667ecb58d86553c2f

Request headers

Referer: https://teamsite.citrin.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 11:39:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 582540
x-cache: HIT, HIT
x-cache-hits: 1, 4663
content-encoding: gzip
content-length: 29809
x-served-by: cache-sjc10037-SJC, cache-fra19156-FRA
last-modified: Tue, 17 Aug 2021 17:38:57 GMT
server: nginx
x-timer: S1629805195.122964,VS0,VE0
etag: W/"611bf431-3481e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Tue, 31 Aug 2021 17:50:54 GMT

GET
H2 200 site_membership.css
cdn2.editmysite.com/css/ 72 KB
11 KB 34ms
16ms Stylesheet
text/css 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/site_membership.css?buildTime=1629222648
Requested by: Host: teamsite.citrin.co
URL: https://teamsite.citrin.co/apps/member/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c17c7d0f0f366981384b289f9e3460e3b8ba3d7775986783473f5ba12fe831a

Request headers

Referer: https://teamsite.citrin.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 11:39:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 582539
x-cache: HIT, HIT
x-cache-hits: 1, 707
content-encoding: gzip
content-length: 10785
x-served-by: cache-sjc10061-SJC, cache-fra19156-FRA
last-modified: Tue, 17 Aug 2021 17:38:57 GMT
server: nginx
x-timer: S1629805195.123342,VS0,VE0
etag: W/"611bf431-12199"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Tue, 31 Aug 2021 17:50:55 GMT

GET
H2 200 utl.js Show response
cdn2.editmysite.com/js/lang/en/ 2 MB
354 KB 25ms
7ms Script
application/x-javascript 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/lang/en/utl.js?buildTime=1629222648&
Requested by: Host: teamsite.citrin.co
URL: https://teamsite.citrin.co/apps/member/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7898e102c87adc4d729f61cdaf1f397b62f9847c023f827c23e983e950decfb0

Request headers

Referer: https://teamsite.citrin.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 11:39:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 188822
x-cache: HIT, HIT
x-cache-hits: 1, 4
content-encoding: gzip
content-length: 361717
x-served-by: cache-sjc10051-SJC, cache-fra19156-FRA
last-modified: Tue, 17 Aug 2021 20:32:38 GMT
server: nginx
x-timer: S1629805195.123308,VS0,VE0
etag: W/"611c1ce6-1d112d"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sun, 05 Sep 2021 07:12:53 GMT

GET
H2 200 stl.js Show response
cdn2.editmysite.com/js/lang/en/ 169 KB
30 KB 25ms
7ms Script
application/x-javascript 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1629222648&
Requested by: Host: teamsite.citrin.co
URL: https://teamsite.citrin.co/apps/member/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ad715e74a761040299f114bc3cbb0614529b2a3ce339ad6ea9b738ff140657b5

Request headers

Referer: https://teamsite.citrin.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 11:39:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 582541
x-cache: HIT, HIT
x-cache-hits: 2, 3849
content-encoding: gzip
content-length: 30794
x-served-by: cache-sjc10041-SJC, cache-fra19156-FRA
last-modified: Tue, 17 Aug 2021 17:38:57 GMT
server: nginx
x-timer: S1629805195.123294,VS0,VE0
etag: W/"611bf431-2a2eb"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Tue, 31 Aug 2021 17:50:53 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
83 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: teamsite.citrin.co
URL: https://teamsite.citrin.co/apps/member/login

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://teamsite.citrin.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 03:57:13 GMT
x-content-type-options: nosniff
age: 114162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84380
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 03:57:13 GMT

GET
H2 200 main-membership-static.js Show response
cdn2.editmysite.com/js/site/published/ 266 KB
76 KB 35ms
18ms Script
application/x-javascript 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/published/main-membership-static.js?buildTime=1629222648
Requested by: Host: teamsite.citrin.co
URL: https://teamsite.citrin.co/apps/member/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a88d51ab36b111551a27b101324f059184e5621e48c5fe28d60be819df43a5

Request headers

Referer: https://teamsite.citrin.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 11:39:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 582539
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-encoding: gzip
content-length: 77663
x-served-by: cache-sjc10052-SJC, cache-fra19156-FRA
last-modified: Tue, 17 Aug 2021 17:38:57 GMT
server: nginx
x-timer: S1629805195.123281,VS0,VE1
etag: W/"611bf431-42808"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Tue, 31 Aug 2021 17:50:55 GMT

GET
H2 404 main.js
cdn2.editmysite.com/js/site/published/ 0
0 181ms
164ms Script
text/html 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/published/main.js?buildTime=1629222648
Requested by: Host: teamsite.citrin.co
URL: https://teamsite.citrin.co/apps/member/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://teamsite.citrin.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 404 main.js
cdn2.editmysite.com/js/site/published/ 0
0 185ms
185ms Script
text/html 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/published/main.js?buildTime=1629222648
Requested by: Host: teamsite.citrin.co
URL: https://teamsite.citrin.co/apps/member/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://teamsite.citrin.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 267447_4_0.woff
cdn2.editmysite.com/fonts/Proxima-Light/ 81 KB
82 KB 21ms
6ms Font
application/font-woff 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/Proxima-Light/267447_4_0.woff?123597
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/sites.css?buildTime=1629222648
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e1fc6b6ed76b920de3c74bf0905d090d2e5a54c0687d06a5d4042641af0ae78c

Request headers

Origin: https://teamsite.citrin.co
Referer: https://cdn2.editmysite.com/css/sites.css?buildTime=1629222648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 11:39:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 1047483
x-cache: HIT, HIT
x-cache-hits: 1, 415
content-length: 83404
x-served-by: cache-sjc10038-SJC, cache-fra19149-FRA
last-modified: Wed, 11 Aug 2021 21:11:38 GMT
server: nginx
x-timer: S1629805196.607675,VS0,VE0
etag: "61143d0a-145cc"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 26 Aug 2021 08:41:51 GMT

GET
H2 200 267447_5_0.woff
cdn2.editmysite.com/fonts/Proxima-Semibold/ 70 KB
70 KB 27ms
13ms Font
application/font-woff 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/Proxima-Semibold/267447_5_0.woff?123597
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/sites.css?buildTime=1629222648
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ca45009d6ecf2b1af9e6a361f751131853f07c3ef3e4a37235fd679ece4bf60d

Request headers

Origin: https://teamsite.citrin.co
Referer: https://cdn2.editmysite.com/css/sites.css?buildTime=1629222648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 11:39:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 508265
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-length: 71730
x-served-by: cache-sjc10064-SJC, cache-fra19149-FRA
last-modified: Tue, 17 Aug 2021 20:32:37 GMT
server: nginx
x-timer: S1629805196.607666,VS0,VE1
etag: "611c1ce5-11832"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 01 Sep 2021 14:28:50 GMT

GET
H2 200 wicons.woff
cdn2.editmysite.com/fonts/wIcons/ 25 KB
25 KB 16ms
13ms Font
application/font-woff 2a04:4e42:3::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/wIcons/wicons.woff?buildTime=1629222648
Requested by: Host: teamsite.citrin.co
URL: https://teamsite.citrin.co/apps/member/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ec6c81393ec600190c1c1cfbdb25416413d7cdf8f6a5bc7f26da34608fd8310

Request headers

Origin: https://teamsite.citrin.co
Referer: https://teamsite.citrin.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 11:39:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 189118
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-length: 25604
x-served-by: cache-sjc10020-SJC, cache-fra19149-FRA
last-modified: Tue, 17 Aug 2021 20:32:37 GMT
server: nginx
x-timer: S1629805196.607660,VS0,VE1
etag: "611c1ce5-6404"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sun, 05 Sep 2021 07:07:56 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| html5 object| Modernizr string| STATIC_BASE string| ASSETS_BASE object| Weebly object| _W function| $ function| jQuery function| _ string| RECAPTCHA_PUBLIC_KEY string| INVISIBLE_RECAPTCHA_PUBLIC_KEY object| Mustache object| jsonrpc object| scope function| initMembershipModels object| initEvt

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn2.editmysite.com
fonts.googleapis.com
teamsite.citrin.co
199.34.228.76
2a00:1450:4001:82f::200a
2a00:1450:4001:831::200a
2a04:4e42:3::302
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
36a88d51ab36b111551a27b101324f059184e5621e48c5fe28d60be819df43a5
5c2bb8eaabd73f4d54bfe1082ce8606dd5e63ec9da3fe3cd8fdb9feace59f504
6cc73aa4822bdc024366ba999d93b6a62c18b3ef40814f8f253dfc557075c22b
7898e102c87adc4d729f61cdaf1f397b62f9847c023f827c23e983e950decfb0
7c17c7d0f0f366981384b289f9e3460e3b8ba3d7775986783473f5ba12fe831a
7d0510d4ca7d7a21836fa8d835b738f49a5f8de52127a6e667ecb58d86553c2f
8ec6c81393ec600190c1c1cfbdb25416413d7cdf8f6a5bc7f26da34608fd8310
ad715e74a761040299f114bc3cbb0614529b2a3ce339ad6ea9b738ff140657b5
ca45009d6ecf2b1af9e6a361f751131853f07c3ef3e4a37235fd679ece4bf60d
d87cb7ca225d3be63f4e09d3736054449761c3daff1e35b92655c7152e00c277
dba4ec024ab448743289d2c1f9cf86f9f5109c0afa1a3a2bcd06f9f54cc05acc
e1fc6b6ed76b920de3c74bf0905d090d2e5a54c0687d06a5d4042641af0ae78c