cloud.defensx.com
Open in
urlscan Pro
2606:4700:10::6816:699
Public Scan
Submitted URL: http://worker-west-eu-01.defensx.com/
Effective URL: https://cloud.defensx.com/endpoints/login?q=eyJpbnN0YW5jZSI6ImRjMzMxMWVkLTNlMTMtNGJkYy04NTQ5LWU2ZmQyM2M2YmZhNSIsInR5cGUiOi...
Submission: On February 04 via api from TR — Scanned from DE
Effective URL: https://cloud.defensx.com/endpoints/login?q=eyJpbnN0YW5jZSI6ImRjMzMxMWVkLTNlMTMtNGJkYy04NTQ5LWU2ZmQyM2M2YmZhNSIsInR5cGUiOi...
Submission: On February 04 via api from TR — Scanned from DE
Summary
This website contacted 3 IPs
in 1 countries
across 1 domains to perform 17 HTTP transactions.
The main IP is 2606:4700:10::6816:699, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is cloud.defensx.com.
The Cisco Umbrella rank of the primary domain is 422911.
TLS certificate: Issued by GTS CA 1P5 on December 16th 2023. Valid for: 3 months.
This is the only time cloud.defensx.com was scanned on urlscan.io!
TLS certificate: Issued by GTS CA 1P5 on December 16th 2023. Valid for: 3 months.
This is the only time cloud.defensx.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 10 | 2606:4700:10:... 2606:4700:10::6816:799 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 8 | 2606:4700:10:... 2606:4700:10::6816:699 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 17 | 3 |
10
2606:4700:10::6816:799
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| worker-west-eu-01.defensx.com | |
| assets.cloud.defensx.com |
8
2606:4700:10::6816:699
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| worker-west-eu-01.defensx.com | |
| cloud.defensx.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 18 |
defensx.com
2 redirects
worker-west-eu-01.defensx.com cloud.defensx.com — Cisco Umbrella Rank: 422911 assets.cloud.defensx.com |
300 KB |
| 17 | 1 |
| Domain | Requested by | |
|---|---|---|
| 9 | assets.cloud.defensx.com |
worker-west-eu-01.defensx.com
assets.cloud.defensx.com |
| 7 | worker-west-eu-01.defensx.com |
2 redirects
worker-west-eu-01.defensx.com
|
| 2 | cloud.defensx.com |
worker-west-eu-01.defensx.com
cloud.defensx.com |
| 17 | 3 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| defensx.com GTS CA 1P5 |
2023-12-16 - 2024-03-15 |
3 months | crt.sh |
| assets.cloud.defensx.com Cloudflare Inc ECC CA-3 |
2023-09-28 - 2024-09-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://cloud.defensx.com/endpoints/login?q=eyJpbnN0YW5jZSI6ImRjMzMxMWVkLTNlMTMtNGJkYy04NTQ5LWU2ZmQyM2M2YmZhNSIsInR5cGUiOiJjeWNsb3BzIiwicmVkaXJlY3QiOiJodHRwczovL3dvcmtlci13ZXN0LWV1LTAxLmRlZmVuc3guY29tLyIsImdldF9yZXNwb25zZV9pbl91cmkiOnRydWV9
Frame ID: D52AA0DCA5D8190B478267E2755836D7
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
DefensX LoginPage URL History Show full URLs
-
http://worker-west-eu-01.defensx.com/
HTTP 308
https://worker-west-eu-01.defensx.com/ Page URL
-
https://worker-west-eu-01.defensx.com/endpoints/login?q=eyJpbnN0YW5jZSI6ImRjMzMxMWVkLTNlMTMtNGJkYy04NTQ5LWU2ZmQyM2...
HTTP 301
https://cloud.defensx.com/endpoints/login?q=eyJpbnN0YW5jZSI6ImRjMzMxMWVkLTNlMTMtNGJkYy04NTQ5LWU2ZmQyM2... Page URL
Detected technologies
Ruby on Rails
(Web Frameworks)
Expand
Overall confidence: 75%
Detected patterns
Detected patterns
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://worker-west-eu-01.defensx.com/
HTTP 308
https://worker-west-eu-01.defensx.com/ Page URL
-
https://worker-west-eu-01.defensx.com/endpoints/login?q=eyJpbnN0YW5jZSI6ImRjMzMxMWVkLTNlMTMtNGJkYy04NTQ5LWU2ZmQyM2M2YmZhNSIsInR5cGUiOiJjeWNsb3BzIiwicmVkaXJlY3QiOiJodHRwczovL3dvcmtlci13ZXN0LWV1LTAxLmRlZmVuc3guY29tLyIsImdldF9yZXNwb25zZV9pbl91cmkiOnRydWV9
HTTP 301
https://cloud.defensx.com/endpoints/login?q=eyJpbnN0YW5jZSI6ImRjMzMxMWVkLTNlMTMtNGJkYy04NTQ5LWU2ZmQyM2M2YmZhNSIsInR5cGUiOiJjeWNsb3BzIiwicmVkaXJlY3QiOiJodHRwczovL3dvcmtlci13ZXN0LWV1LTAxLmRlZmVuc3guY29tLyIsImdldF9yZXNwb25zZV9pbl91cmkiOnRydWV9 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://worker-west-eu-01.defensx.com/ HTTP 308
- https://worker-west-eu-01.defensx.com/
17 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
worker-west-eu-01.defensx.com/ Redirect Chain
|
2 KB 803 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.e1d3f8010a04a57e7bab.css
worker-west-eu-01.defensx.com/static/ |
29 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.fcaaac92eb8f6e470c16.bundle.js
worker-west-eu-01.defensx.com/static/ |
223 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
normal.woff2
worker-west-eu-01.defensx.com/cf-fonts/s/titillium-web/5.0.18/latin/400/ |
12 KB 12 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5fab9bf6cf477b234966154b86b2e18b.png
worker-west-eu-01.defensx.com/static/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
login
cloud.defensx.com/endpoints/ Redirect Chain
|
26 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
application-0fe3146a75f792e003518e581af58a6d45e43e28308b7eebf9a01cc17f8b2f1c.css
assets.cloud.defensx.com/assets/ |
276 KB 56 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
es-module-shims.min-4ca9b3dd5e434131e3bb4b0c1d7dff3bfd4035672a5086deec6f73979a49be73.js
assets.cloud.defensx.com/assets/ |
35 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
devise-d0279dd5b7d192e83363a8ad8fe300cc79fe90b5221d8f1c8440c5a45580279c.js
assets.cloud.defensx.com/assets/ |
5 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo_vertical-a7974b5389150c6e15957a36d62a06e01b1532043efcfa4c5f5dfa4fd303e390.png
assets.cloud.defensx.com/assets/ |
32 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
azure-e0c193d210885935ffb4b5949cdd29ca4dee5953d9af1b20eeb43c3fc0c441bc.png
assets.cloud.defensx.com/assets/ |
199 B 309 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
google-98c3ed794a9446f4f6661969f2b85fcc954920833c9652073a40105ee1488f97.svg
assets.cloud.defensx.com/assets/ |
712 B 524 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sso-2d2fa4ced3d45b661ba8533d604a353a0f58790f567a89c94dd5ca510469aba8.svg
assets.cloud.defensx.com/assets/ |
1 KB 760 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
defensx-icon-75efbd0080914dc98c2ebb2d42a8675c5634d920a421644741c1d9754070adcf.png
assets.cloud.defensx.com/assets/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
normal.woff2
cloud.defensx.com/cf-fonts/v/inter/5.0.16/latin/wght/ |
46 KB 46 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
2bd6b5cf-6557-48b7-a33f-398173583a3e
https://cloud.defensx.com/ |
20 B 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
turbo.min-dfd93b3092d1d0ff56557294538d069bdbb28977d3987cb39bc0dd892f32fc57.js
assets.cloud.defensx.com/assets/ |
86 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| importShim object| Turbo2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| cloud.defensx.com/ | Name: state Value: uEUtCKAWd5FRThSEbrzTU%2BEKkDdixEHPQNmgxs3t8siw29NO%2BL89YNxzslYdtpY3lhErIJCwGqApRy1Pyg%2BgPipUjK8u0%2FolPJIXS0cX7bQqKfjWCkRS4H09pUwQO7TqbHip9p4p9jHJhtaPIqb7skfV5Ng%2FEAQNQKHcMoQbyY7wQHah1WmMEt4rYteqeL38%2FMxOCntvW18o9fWW6y0yGbfOzWDHzxX%2BDoPBrho4tQxBPmXb3tz4ttEQzHy%2BvU8MNmQuNPmOm1psIZB%2Fz%2FfZdbqX5iuVUOOL6hAUcf4sUd%2FMRYDxBkowxlhR%2Fwqh5wKIafVnU2X43mOHu%2BT0lsncUmPRAww7Kt63a3XbT5WR8culFhZ2XWJiAaydkceo309D199aRXLuPNJS2uRvncYV%2FNj2rAQpoVQ73Q%3D%3D--L0AT%2FxHjfOczKUz8--llEZFBHkmmIeRC2GeS08yw%3D%3D |
|
| cloud.defensx.com/ | Name: _session_id Value: lN%2FNDpvXpy7pFJkFcy9B8h8AN4J4lp8FiWfzIoX357Lp%2F66QvbrYwC7cOIwbJTuhbJIyA2qy2%2FA1L3MEu62QwZEgb55%2BwlxMEE2XY0uuufJ56uvcpGZbYeqSzFzhhv1yeg14CzTduz4xnz8asfWmNHNsYa4Z78wm45S0nG9LTQ%2BXaA2oPwoNqqYxYz5eZY206d8fwK0pEsS7DdkwWQ5azRCA7kM6iAfp6S%2BnfLuFCtZPKXCWvxal%2Fwh98ROQMayAfIA1X6s7j9x2pAkC1yClyCDU3lfZI%2BSCg954DbiJdTE%2BA0l2xyfvZej8SS%2FgyRRLmLOemYMA%2Bb3uR12bNbktAGrFUAwZmu4UfowuGxubnuTOpR%2FmU9u%2FlF4TnBlxcVcMd3F6zoOAvtYXnY20zvxF91na87TYrAIE3khYjXcw%2FqzY0fJFxHej7te7YD33DrNffQ5xA7r0QO7A2KBme8ACzolZjRY%2FIeJdKsEF4eI2gcuFN9YtFVhHUzqGmHhXQ5rKC6LaUcgDw9FjJcf8XyTP41e9jIgeKZQqunRRYbcipOs7G6OgcHaGX2Y6pzAdO7%2BZXy%2F4BgfWdYb%2B5hbi07yAKUayOyGp72D%2Bt9RKm8ZmOyuV%2B2J%2F05DSWZj%2FheL6mXYjT0KCn4zCxDCgzpMpSR6MkJUTfrJunfs%2BOAafuuYaWws5QIaBm73Bke4wb%2Bsxml7NwF2AMdAoCDsl7dnx5vDnG46aHcbN4K5btRob1xNaV8Tuhj7me6%2F%2BDX8Ktq9YRkrF0cIPvEUbWWk%2B2RN%2FluOGDo2r4HDLg6nl6UUft30GwBKNaDToY%2Bnp0uNaWjw2--O1GaZnw3PkTDtGf5--7RD0eXulyr72SDRf9IEEBw%3D%3D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=15724800; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.cloud.defensx.com
cloud.defensx.com
worker-west-eu-01.defensx.com
2606:4700:10::6816:699
2606:4700:10::6816:799
01c8b3d4f0bbec5ce30a8417db7a9cb249771937ee708f1b13d2febaebd97236
023ff7a9c266a8cd144be33831f7829baf2949593c30c8008557ac419f2c8333
06ab6618f887603b00882264731f1cf82a3c3a5b11f5c4a939b0c48be4cbf8e6
128dc1be468788a8007174414fe6c1d65201ba51bad21b96d57af71e6871e7a8
2a92c36cebd09b7bce8ee2b5f15ef05e1fe81782e12b8f2ed60bafb4a013940b
35c70399a5f85d626cea20040ca6693a73f5ae3fa7232a938049184a3a1aa044
3b8f93d2c0b15ca135499a28d2308a4849d2bfa79beda040d8038e8a9dc65330
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
5d29d1b10a6da0e25ff1bba88b0701b5c05c6544969ed31aac4eae3ed3bd075d
7b4090bb105d1c67a5fa34211bf500d18725157527bad9d31214b715bd319de8
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
9811fb8dff535d4d3e1f9d03854cc60edb3ba979654fe67f42e3907bc6478717
9fd7f9c3e70086d5cbde40c580fe45249668ba30424af2bc2b590426d0aa99f4
bb4a0457449b13a3e636a4451b6ea053d91c2bc0a539afba8de11eb951188396
c86dc9e5181123a4c670b29887b791206fbd68e908ffd30b2780a5670d73db53
d8814fc511fae80fb5fb5bd930746a8711f98799c2406c99b292b17280a10c19
e5b2bdb51ba80c4fa653ed559b8386c48938e530e8c3b97f5a2febe97d17ce17