app.petrasecurity.com Open in urlscan Pro
3.147.121.175 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app.petrasecurity.com/
Submission: On December 17 via automatic, source certstream-suspicious (December 17th 2024, 5:11:51 pm UTC) — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 11 HTTP transactions. The main IP is 3.147.121.175, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is app.petrasecurity.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 14th 2024. Valid for: a year.

This is the only time app.petrasecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	3.147.121.175 3.147.121.175	16509 (AMAZON-02) (AMAZON-02)
4	44.236.66.9 44.236.66.9	16509 (AMAZON-02) (AMAZON-02)
11	2

7 3.147.121.175 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-147-121-175.us-east-2.compute.amazonaws.com

app.petrasecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.236.66.9 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-66-9.us-west-2.compute.amazonaws.com

api.stytch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	petrasecurity.com app.petrasecurity.com	747 KB
4	stytch.com api.stytch.com — Cisco Umbrella Rank: 57476	3 KB
11	2

	Domain	Requested by
7	app.petrasecurity.com	app.petrasecurity.com
4	api.stytch.com	app.petrasecurity.com
11	2

This site contains no links.

Subject Issuer	Validity	Valid
app.petrasecurity.com Amazon RSA 2048 M02	`2024-11-14` - `2025-12-13`	a year	crt.sh
api.stytch.com Amazon RSA 2048 M03	`2024-03-27` - `2025-04-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://app.petrasecurity.com/
Frame ID: 6F7233C34184976A8A00752B2ED1CA63
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Petra

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

751 kB
Transfer

3031 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
app.petrasecurity.com/ 498 B
809 B 651ms
130ms Document
text/html 3.147.121.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.petrasecurity.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.147.121.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-147-121-175.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 5e7493def5edfe10a8d4e5a56e1c08b37e6942f9381298c1b625664134dfa9f3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Disposition: inline; filename="index.html"
Content-Length: 498
Content-Type: text/html; charset=utf-8
Date: Tue, 17 Dec 2024 17:11:39 GMT
ETag: "5cf5a86f8618eb972178fddeba11bc25dc07fe26"
Keep-Alive: timeout=5
Vary: Accept-Encoding

GET
H/1.1 200
OK index-05362b80.js Show response
app.petrasecurity.com/assets/ 2 MB
662 KB 136ms
134ms Script
application/javascript 3.147.121.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.petrasecurity.com/assets/index-05362b80.js
Requested by: Host: app.petrasecurity.com
URL: https://app.petrasecurity.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.147.121.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-147-121-175.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 473caeb0b56e60a477f4b22d085a3b7b0665c594329708b2c60c1e53e5417951

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://app.petrasecurity.com
Referer: https://app.petrasecurity.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: "5b07262a54fd24694792c3846a51597b2e0826d9"
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Date: Tue, 17 Dec 2024 17:11:39 GMT
Content-Disposition: inline; filename="index-05362b80.js"
Content-Type: application/javascript; charset=utf-8
Vary: Accept-Encoding

GET
H/1.1 200
OK index-9163b28f.css
app.petrasecurity.com/assets/ 134 KB
20 KB 376ms
129ms Stylesheet
text/css 3.147.121.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.petrasecurity.com/assets/index-9163b28f.css
Requested by: Host: app.petrasecurity.com
URL: https://app.petrasecurity.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.147.121.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-147-121-175.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 9163b28f5b0be0bfb4b75f3f826d3e1a432cde15dcf683efe372d494a8fe32d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.petrasecurity.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: "9cbc60e86b07a92b4c25d45486a98e4bc43644ce"
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Date: Tue, 17 Dec 2024 17:11:40 GMT
Content-Disposition: inline; filename="index-9163b28f.css"
Content-Type: text/css; charset=utf-8
Vary: Accept-Encoding

OPTIONS
H2 200 public-token-live-3d5d8c85-86eb-4f1d-ac93-f498c1c5e364
api.stytch.com/sdk/v1/projects/bootstrap/ 0
0 582ms
181ms Preflight 44.236.66.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.stytch.com/sdk/v1/projects/bootstrap/public-token-live-3d5d8c85-86eb-4f1d-ac93-f498c1c5e364
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.66.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-66-9.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-sdk-client,x-sdk-parent-host
Access-Control-Request-Method: GET
Origin: https://app.petrasecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,X-SDK-Parent-Host,X-SDK-Client
access-control-allow-methods: GET,HEAD,POST,PUT,PATCH,DELETE
access-control-allow-origin: https://app.petrasecurity.com
access-control-max-age: 7200
content-length: 0
date: Tue, 17 Dec 2024 17:11:44 GMT

GET
H2 200 public-token-live-3d5d8c85-86eb-4f1d-ac93-f498c1c5e364 Show response
api.stytch.com/sdk/v1/projects/bootstrap/ 3 KB
3 KB 542ms
542ms Fetch
application/json 44.236.66.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stytch.com/sdk/v1/projects/bootstrap/public-token-live-3d5d8c85-86eb-4f1d-ac93-f498c1c5e364

Requested by

Host: app.petrasecurity.com
URL: https://app.petrasecurity.com/assets/index-05362b80.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.66.9 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-66-9.us-west-2.compute.amazonaws.com

Software

Resource Hash

1dd55fc58327eb23cfdba8fbcf349c3da50f0c96ae84edde610c3e92e32b54ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-SDK-Client: eyJldmVudF9pZCI6ImV2ZW50LWlkLWQ1NzVhMWVjLTBlYWQtNGI4YS1iNDg0LTYwN2VhMTg2NWIxMyIsImFwcF9zZXNzaW9uX2lkIjoiYXBwLXNlc3Npb24taWQtMjI4OGU3ZmQtZjYyYS00MDAxLWJiZTAtZGY4ZGM1ODZiYWMxIiwicGVyc2lzdGVudF9pZCI6InBlcnNpc3RlbnQtaWQtZDdjNmY1MTItMmZmMS00Y2FhLTg4OWMtMGFjZTZiYzcyNTA0IiwiY2xpZW50X3NlbnRfYXQiOiIyMDI0LTEyLTE3VDE3OjExOjQ0LjQxNVoiLCJ0aW1lem9uZSI6IkV1cm9wZS9CZXJsaW4iLCJhcHAiOnsiaWRlbnRpZmllciI6ImFwcC5wZXRyYXNlY3VyaXR5LmNvbSJ9LCJzZGsiOnsiaWRlbnRpZmllciI6IlN0eXRjaC5qcyBKYXZhc2NyaXB0IFNESyIsInZlcnNpb24iOiI1LjkuNCJ9fQ==
Authorization: Basic cHVibGljLXRva2VuLWxpdmUtM2Q1ZDhjODUtODZlYi00ZjFkLWFjOTMtZjQ5OGMxYzVlMzY0OnB1YmxpYy10b2tlbi1saXZlLTNkNWQ4Yzg1LTg2ZWItNGYxZC1hYzkzLWY0OThjMWM1ZTM2NA==
Referer: https://app.petrasecurity.com/
X-SDK-Parent-Host: https://app.petrasecurity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 7200
content-security-policy: default-src 'none'
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,POST,PUT,PATCH,DELETE
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
access-control-allow-origin: https://app.petrasecurity.com
date: Tue, 17 Dec 2024 17:11:45 GMT
content-type: application/json
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,X-SDK-Parent-Host,X-SDK-Client

GET
H/1.1 200
OK bg_login-0ff8b355.png
app.petrasecurity.com/assets/ 544 KB
0 249ms
249ms Image
image/png 3.147.121.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.petrasecurity.com/assets/bg_login-0ff8b355.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.147.121.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-147-121-175.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.petrasecurity.com/authenticate

Response headers

ETag: "ecad009b0cd2f932108cf94409ba4015bea6adc3"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1277171
Keep-Alive: timeout=5
Date: Tue, 17 Dec 2024 17:11:44 GMT
Content-Disposition: inline; filename="bg_login-0ff8b355.png"
Content-Type: image/png

GET
H/1.1 200
OK AeonikPro-Regular-51c91f54.woff2
app.petrasecurity.com/assets/ 56 KB
57 KB 249ms
247ms Font
font/woff2 3.147.121.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.petrasecurity.com/assets/AeonikPro-Regular-51c91f54.woff2
Requested by: Host: app.petrasecurity.com
URL: https://app.petrasecurity.com/assets/index-9163b28f.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.147.121.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-147-121-175.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 51c91f54310ecfb8669f2a0cedc08c84f69b9360b42036a19e28f43262cb6191

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://app.petrasecurity.com
Referer: https://app.petrasecurity.com/assets/index-9163b28f.css

Response headers

ETag: "a3b8def30c24c8a98dae0f6a6fe0488113fb53bd"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57624
Keep-Alive: timeout=5
Date: Tue, 17 Dec 2024 17:11:44 GMT
Content-Disposition: inline; filename="AeonikPro-Regular-51c91f54.woff2"
Content-Type: font/woff2

GET
H/1.1 200
OK favicon.ico
app.petrasecurity.com/ 34 KB
7 KB 382ms
136ms Other
image/x-icon 3.147.121.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.petrasecurity.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.147.121.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-147-121-175.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 7508144a7496266eda75de634a1c0e925984ae0f38c65777c31e0fe267c7d673

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.petrasecurity.com/authenticate

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: "2be4af4b5f62843f11ce907ea29cce3922547dad"
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Date: Tue, 17 Dec 2024 17:11:45 GMT
Content-Disposition: inline; filename="favicon.ico"
Content-Type: image/x-icon
Vary: Accept-Encoding

GET
H/1.1 200
OK favicon.ico
app.petrasecurity.com/ 34 KB
113 B 493ms
123ms Other
image/x-icon 3.147.121.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.petrasecurity.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.147.121.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-147-121-175.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 7508144a7496266eda75de634a1c0e925984ae0f38c65777c31e0fe267c7d673

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.petrasecurity.com/authenticate

Response headers

Accept-Ranges: bytes
Content-Encoding: gzip
Date: Tue, 17 Dec 2024 17:11:45 GMT
ETag: "2be4af4b5f62843f11ce907ea29cce3922547dad"
Content-Disposition: inline; filename="favicon.ico"
Content-Type: image/x-icon
Vary: Accept-Encoding

OPTIONS
H2 200 events
api.stytch.com/sdk/v1/ 0
0 367ms
366ms Preflight 44.236.66.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.stytch.com/sdk/v1/events
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.66.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-66-9.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app.petrasecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,X-SDK-Parent-Host,X-SDK-Client
access-control-allow-methods: GET,HEAD,POST,PUT,PATCH,DELETE
access-control-allow-origin: https://app.petrasecurity.com
access-control-max-age: 7200
content-length: 0
date: Tue, 17 Dec 2024 17:11:45 GMT

POST
H2 204 events
api.stytch.com/sdk/v1/ 0
0 191ms
188ms Fetch 44.236.66.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.stytch.com/sdk/v1/events
Requested by: Host: app.petrasecurity.com
URL: https://app.petrasecurity.com/assets/index-05362b80.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.66.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-66-9.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://app.petrasecurity.com/

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Requested-With,X-SDK-Parent-Host,X-SDK-Client
access-control-max-age: 7200
access-control-allow-origin: https://app.petrasecurity.com
date: Tue, 17 Dec 2024 17:11:45 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,POST,PUT,PATCH,DELETE

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| 2f1acc6c3a606b082e5eef5e54414ffb

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	error	URL: https://app.petrasecurity.com/ Message: Custom state pseudo classes have been changed from ":--webkit-search-cancel-button" to ":state(webkit-search-cancel-button)". See more here: https://github.com/w3c/csswg-drafts/issues/4805

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.stytch.com
app.petrasecurity.com
3.147.121.175
44.236.66.9
1dd55fc58327eb23cfdba8fbcf349c3da50f0c96ae84edde610c3e92e32b54ab
473caeb0b56e60a477f4b22d085a3b7b0665c594329708b2c60c1e53e5417951
51c91f54310ecfb8669f2a0cedc08c84f69b9360b42036a19e28f43262cb6191
5e7493def5edfe10a8d4e5a56e1c08b37e6942f9381298c1b625664134dfa9f3
7508144a7496266eda75de634a1c0e925984ae0f38c65777c31e0fe267c7d673
9163b28f5b0be0bfb4b75f3f826d3e1a432cde15dcf683efe372d494a8fe32d6

app.petrasecurity.com Open in urlscan Pro 3.147.121.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

751 kBTransfer

3031 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

app.petrasecurity.com Open in urlscan Pro
3.147.121.175 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

751 kB
Transfer

3031 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions