duanemorrisglobalaccess.sfrethcrons.com
Open in
urlscan Pro
20.187.113.106
Public Scan
Effective URL: https://duanemorrisglobalaccess.sfrethcrons.com/?id=com.microsoft.outlook.msn.android.systematic.facebook.music.baracuda.proofpoint
Submission: On May 01 via manual from CA — Scanned from CA
Summary
TLS certificate: Issued by R3 on April 28th 2023. Valid for: 3 months.
This is the only time duanemorrisglobalaccess.sfrethcrons.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 45.60.121.134 45.60.121.134 | 19551 (INCAPSULA) (INCAPSULA) | |
1 | 20.187.113.106 20.187.113.106 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
6 | 3 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
duanemorrisglobalaccess.sfrethcrons.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
tremblant.ca
1 redirects
www.tremblant.ca — Cisco Umbrella Rank: 529833 |
30 KB |
1 |
sfrethcrons.com
duanemorrisglobalaccess.sfrethcrons.com |
|
6 | 2 |
Domain | Requested by | |
---|---|---|
5 | www.tremblant.ca |
1 redirects
www.tremblant.ca
|
1 | duanemorrisglobalaccess.sfrethcrons.com |
www.tremblant.ca
|
6 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.tremblant.ca DigiCert TLS RSA SHA256 2020 CA1 |
2022-10-21 - 2023-11-17 |
a year | crt.sh |
duanemorrisglobalaccess.sfrethcrons.com R3 |
2023-04-28 - 2023-07-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://duanemorrisglobalaccess.sfrethcrons.com/?id=com.microsoft.outlook.msn.android.systematic.facebook.music.baracuda.proofpoint
Frame ID: 2CF76FF28605FA0231DEDC8746476093
Requests: 6 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www.tremblant.ca/Shared/LanguageSwitcher/ChangeCulture?culture=en&url=https://%E2%93%93uanemo... Page URL
-
https://www.tremblant.ca/Shared/LanguageSwitcher/ChangeCulture?culture=en&url=https://%E2%93%93uanemo...
HTTP 302
https://duanemorrisglobalaccess.sfrethcrons.com/?id=com.microsoft.outlook.msn.android.systematic.facebook.music.baracuda.pro... Page URL
Detected technologies
Imperva (Security) ExpandDetected patterns
- /_Incapsula_Resource
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.tremblant.ca/Shared/LanguageSwitcher/ChangeCulture?culture=en&url=https://%E2%93%93uanemo%E2%93%A1risglo%E2%93%91alac%E2%93%92ess.sf%E2%93%A1eth%E2%93%92rons.com%3Fid%3Dcom.microsoft.outlook.msn.android.systematic.facebook.music.baracuda.proofpoint Page URL
-
https://www.tremblant.ca/Shared/LanguageSwitcher/ChangeCulture?culture=en&url=https://%E2%93%93uanemo%E2%93%A1risglo%E2%93%91alac%E2%93%92ess.sf%E2%93%A1eth%E2%93%92rons.com%3Fid%3Dcom.microsoft.outlook.msn.android.systematic.facebook.music.baracuda.proofpoint
HTTP 302
https://duanemorrisglobalaccess.sfrethcrons.com/?id=com.microsoft.outlook.msn.android.systematic.facebook.music.baracuda.proofpoint Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
ChangeCulture
www.tremblant.ca/Shared/LanguageSwitcher/ |
212 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.tremblant.ca/ |
196 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.tremblant.ca/ |
29 B 58 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
duanemorrisglobalaccess.sfrethcrons.com/ Redirect Chain
|
180 B 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.tremblant.ca/ |
1 B 37 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
_Incapsula_Resource
www.tremblant.ca/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.tremblant.ca
- URL
- https://www.tremblant.ca/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A1%2Cc%3A45%2Cr%3A2255)
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.tremblant.ca/ | Name: visid_incap_877920 Value: PHi8oH5ZTymYtNcRvaMyBbe7T2QAAAAAQUIPAAAAAACIH+tmZCg3oYhBkoaFW0m4 |
|
.tremblant.ca/ | Name: incap_ses_358_877920 Value: CwN7ScCo/zFnYZpBGOD3BLe7T2QAAAAAv1GRSgR0losGFUJ5r6Ktqw== |
|
www.tremblant.ca/ | Name: tremblant#lang Value: en |
|
.tremblant.ca/ | Name: sessionId Value: f708436d-04bb-475b-95cc-ff8d1c06ece7 |
|
.tremblant.ca/ | Name: nlbi_877920 Value: KBmEYBKgvRXq11GLofr4YgAAAACFmC1ALAHzjNRpPEIZvAjt |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
duanemorrisglobalaccess.sfrethcrons.com
www.tremblant.ca
www.tremblant.ca
20.187.113.106
45.60.121.134
b6cba2c5a970600c6a6d3bced5b7a44f382f53a2c3802abd6aaee1a32153d9e8
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d