penstripe.bluemantis-staging.com Open in urlscan Pro
185.181.116.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://penstripe.bluemantis-staging.com/
Effective URL:
https://penstripe.bluemantis-staging.com/login
Submission: On February 15 via automatic, source certstream-suspicious (February 15th 2020, 1:22:00 pm UTC)

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 14 HTTP transactions. The main IP is 185.181.116.115, located in United Kingdom and belongs to GYRON ====, GB. The main domain is penstripe.bluemantis-staging.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 31st 2020. Valid for: 3 months.

This is the only time penstripe.bluemantis-staging.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	185.181.116.115 185.181.116.115	29017 (GYRON ====) (GYRON ====)
2	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6814:a16e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	4

10 185.181.116.115 (United Kingdom) 1 redirects

ASN29017 (GYRON ====, GB)
PTR: ds1.bluemantis.com

penstripe.bluemantis-staging.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:a16e (United States)

ASN13335 (CLOUDFLARENET, US)

call.chatra.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
chat.chatra.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	bluemantis-staging.com 1 redirects penstripe.bluemantis-staging.com	2 MB
2	chatra.io call.chatra.io chat.chatra.io	9 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	cloudflare.com cdnjs.cloudflare.com	1 KB
14	4

	Domain	Requested by
10	penstripe.bluemantis-staging.com	1 redirects penstripe.bluemantis-staging.com
2	fonts.googleapis.com	penstripe.bluemantis-staging.com
1	chat.chatra.io	call.chatra.io
1	call.chatra.io	penstripe.bluemantis-staging.com
1	cdnjs.cloudflare.com	penstripe.bluemantis-staging.com
14	5

This site contains no links.

Subject Issuer	Validity	Valid
penstripe.bluemantis-staging.com Let's Encrypt Authority X3	`2020-01-31` - `2020-04-30`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-12` - `2020-10-09`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://penstripe.bluemantis-staging.com/login
Frame ID: B8B78B4173649A54D1CBF99791EFBB3E
Requests: 13 HTTP requests in this frame

Frame: https://chat.chatra.io/
Frame ID: E45E53ADB6871DC40F3E770AC1338AA5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://penstripe.bluemantis-staging.com/ HTTP 302
https://penstripe.bluemantis-staging.com/login Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

14
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

2037 kB
Transfer

2064 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://penstripe.bluemantis-staging.com/ HTTP 302
https://penstripe.bluemantis-staging.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
penstripe.bluemantis-staging.com/
Redirect Chain

https://penstripe.bluemantis-staging.com/
https://penstripe.bluemantis-staging.com/login

6 KB
6 KB

160ms
159ms

Document
text/html

185.181.116.115
GYRON ====

General

Check archive.org

Show headers Download Go to

Full URL: https://penstripe.bluemantis-staging.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.181.116.115 , United Kingdom, ASN29017 (GYRON ====, GB),
Reverse DNS: ds1.bluemantis.com
Software: Apache / PHP/7.2.27
Resource Hash: c37557c0c4b6d859e593d74ecf310cd4f3fab4ac3d3e740208d975183c2da0ad

Request headers

:method: GET
:authority: penstripe.bluemantis-staging.com
:scheme: https
:path: /login
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: XSRF-TOKEN=eyJpdiI6ImhabFJHaEhaTzlnbzkrSThtWVJ2Snc9PSIsInZhbHVlIjoiMEVJVks2T2FVc3JUV2xnQWdDS2FaZEl0TFwvMWNPQURGRmFyd284bGJrSGRCWmdhYmpvN1E5QVArcld0SXl2ZFAiLCJtYWMiOiJkYTQ1NDg1MzgwM2U2ZWM3MDcyNjUxNzg3MGQyOTk0MDZhZGNmNTU4Yjg0YzZhYzQ2NmRmNjEzMzk1OTU3MDAwIn0%3D; mypenstripe_session=eyJpdiI6ImZ5REFhN0t1K0lUSzJBSXJFNHFzZEE9PSIsInZhbHVlIjoiejhxY2Q4UWo2WFlOUjhld0h3RlBwcmFaUnAza0I0YTREbjdcL2dXZVJYZkV6M01CUlRzUGpQeHp2YlhHcXQwYXciLCJtYWMiOiJhNGJkMDE0ZTM3NGFkZmViMDcxMDYwMDdhMTViZWQ0YThkZGFlYzUzNmUyNjc2NTNmZjYyZjIwMWI5YzgyMmVjIn0%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Sat, 15 Feb 2020 13:21:44 GMT
server: Apache
x-powered-by: PHP/7.2.27
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IlFHSVFcL2E1TGt6Q3NTNXlKVkROdUt3PT0iLCJ2YWx1ZSI6IlRLNXJ4b0NHd3gyWEtEaXdURnc0QUVJV2txZnI0bTVuMlVUWWJWQUFrUEtIYlBHa216aThxclQ5NVVaYlFjV0ciLCJtYWMiOiJjNjZmZjJiYzNlZWUwM2M5ZDAxZTY3NTE2MWFjNWJkYWZhN2U4YTA1ZmZjZTFjY2E4YTVmNzQzN2VjNTA3ZGQwIn0%3D; expires=Sat, 15-Feb-2020 15:21:44 GMT; Max-Age=7200; path=/ mypenstripe_session=eyJpdiI6IlZKK3RRSHRQTkxOYXF3MUJEb09zZ1E9PSIsInZhbHVlIjoiMFl3RklCVEFoYzl2bENjZUFFOERNZzZmbVZzUjNTUEc1RHJEemdSd0ZwZWJVT2R6QXdYV2J3Z2xpcUVjeitPdCIsIm1hYyI6IjEyZjQ4YTVjYzM4OWUyMDUzN2M4NDIxNTNkZTk5OTA0N2Y0NTY0MzU0MDM5MTA1NWIzYjkyMDdhZDcyODc0NzkifQ%3D%3D; expires=Sat, 15-Feb-2020 15:21:44 GMT; Max-Age=7200; path=/; httponly
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8

Redirect headers

status: 302
date: Sat, 15 Feb 2020 13:21:44 GMT
server: Apache
x-powered-by: PHP/7.2.27
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImhabFJHaEhaTzlnbzkrSThtWVJ2Snc9PSIsInZhbHVlIjoiMEVJVks2T2FVc3JUV2xnQWdDS2FaZEl0TFwvMWNPQURGRmFyd284bGJrSGRCWmdhYmpvN1E5QVArcld0SXl2ZFAiLCJtYWMiOiJkYTQ1NDg1MzgwM2U2ZWM3MDcyNjUxNzg3MGQyOTk0MDZhZGNmNTU4Yjg0YzZhYzQ2NmRmNjEzMzk1OTU3MDAwIn0%3D; expires=Sat, 15-Feb-2020 15:21:44 GMT; Max-Age=7200; path=/ mypenstripe_session=eyJpdiI6ImZ5REFhN0t1K0lUSzJBSXJFNHFzZEE9PSIsInZhbHVlIjoiejhxY2Q4UWo2WFlOUjhld0h3RlBwcmFaUnAza0I0YTREbjdcL2dXZVJYZkV6M01CUlRzUGpQeHp2YlhHcXQwYXciLCJtYWMiOiJhNGJkMDE0ZTM3NGFkZmViMDcxMDYwMDdhMTViZWQ0YThkZGFlYzUzNmUyNjc2NTNmZjYyZjIwMWI5YzgyMmVjIn0%3D; expires=Sat, 15-Feb-2020 15:21:44 GMT; Max-Age=7200; path=/; httponly
location: https://penstripe.bluemantis-staging.com/login
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8

GET
H2 200 icon
fonts.googleapis.com/ 574 B
468 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: penstripe.bluemantis-staging.com
URL: https://penstripe.bluemantis-staging.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://penstripe.bluemantis-staging.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Feb 2020 13:21:44 GMT
server: ESF
date: Sat, 15 Feb 2020 13:21:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Feb 2020 13:21:44 GMT

GET
H2 200 html5shiv.min.js Show response
cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/ 3 KB
1 KB 14ms
13ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv.min.js

Requested by

Host: penstripe.bluemantis-staging.com
URL: https://penstripe.bluemantis-staging.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc9cbf19b48bae0d28f72e59e67d6ec34ab1644087ec2e8e42954180d1586b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://penstripe.bluemantis-staging.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 13:21:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 9267128
cf-ray: 5657962c9efa323c-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:20:42 GMT
server: cloudflare
etag: W/"5afd496a-aaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 04 Feb 2021 13:21:44 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 plugins.css
penstripe.bluemantis-staging.com/css/ 388 KB
391 KB 88ms
87ms Stylesheet
text/css 185.181.116.115
GYRON ====

General

Check archive.org

Show headers Download Go to

Full URL: https://penstripe.bluemantis-staging.com/css/plugins.css?v=77078
Requested by: Host: penstripe.bluemantis-staging.com
URL: https://penstripe.bluemantis-staging.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.181.116.115 , United Kingdom, ASN29017 (GYRON ====, GB),
Reverse DNS: ds1.bluemantis.com
Software: Apache /
Resource Hash: de52f2620a5894e619518b7669bd6a11b8fbf618014112855e4d03925b6033d3

Request headers

Referer: https://penstripe.bluemantis-staging.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 15 Feb 2020 13:21:44 GMT
last-modified: Mon, 06 Jan 2020 13:33:34 GMT
server: Apache
status: 200
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 397569

GET
H2 200 app.css
penstripe.bluemantis-staging.com/css/ 2 MB
2 MB 104ms
102ms Stylesheet
text/css 185.181.116.115
GYRON ====

General

Check archive.org

Show headers Download Go to

Full URL: https://penstripe.bluemantis-staging.com/css/app.css?v=77078
Requested by: Host: penstripe.bluemantis-staging.com
URL: https://penstripe.bluemantis-staging.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.181.116.115 , United Kingdom, ASN29017 (GYRON ====, GB),
Reverse DNS: ds1.bluemantis.com
Software: Apache /
Resource Hash: f850e0373b60d9668ff95488449377d23bc49dff77a534022ea2f1bf022fefff

Request headers

Referer: https://penstripe.bluemantis-staging.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 15 Feb 2020 13:21:44 GMT
last-modified: Thu, 23 Jan 2020 09:19:58 GMT
server: Apache
status: 200
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1588237

GET
H2 200 logo.svg
penstripe.bluemantis-staging.com/assets/img/logo/ 5 KB
5 KB 89ms
88ms Image
image/svg+xml 185.181.116.115
GYRON ====

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://penstripe.bluemantis-staging.com/assets/img/logo/logo.svg
Requested by: Host: penstripe.bluemantis-staging.com
URL: https://penstripe.bluemantis-staging.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.181.116.115 , United Kingdom, ASN29017 (GYRON ====, GB),
Reverse DNS: ds1.bluemantis.com
Software: Apache /
Resource Hash: 49815c464a5f8ff59591dc4ca37fff4326ffd5d919bfef994f46a8bfe6f00417

Request headers

Referer: https://penstripe.bluemantis-staging.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 13:21:44 GMT
last-modified: Mon, 06 Jan 2020 13:33:57 GMT
server: Apache
status: 200
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 4746

GET
H2 200 front.js Show response
penstripe.bluemantis-staging.com/js/ 436 B
508 B 89ms
88ms Script
application/javascript 185.181.116.115
GYRON ====

General

Check archive.org

Show headers Download Go to

Full URL: https://penstripe.bluemantis-staging.com/js/front.js?v=77078
Requested by: Host: penstripe.bluemantis-staging.com
URL: https://penstripe.bluemantis-staging.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.181.116.115 , United Kingdom, ASN29017 (GYRON ====, GB),
Reverse DNS: ds1.bluemantis.com
Software: Apache /
Resource Hash: 98724c21636b15a21b1d96deff1b0ceba7fc32cbc2e6178412003fdfc4cd75b9

Request headers

Referer: https://penstripe.bluemantis-staging.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 13:21:44 GMT
last-modified: Mon, 06 Jan 2020 13:33:42 GMT
server: Apache
status: 200
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 436

GET
H2 200 css
fonts.googleapis.com/ 10 KB
850 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700

Requested by

Host: penstripe.bluemantis-staging.com
URL: https://penstripe.bluemantis-staging.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c06b6329970d1560039f39c4935a041d96fcf0f877b47951d8ece559a1b4dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://penstripe.bluemantis-staging.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Feb 2020 13:21:44 GMT
server: ESF
date: Sat, 15 Feb 2020 13:21:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Feb 2020 13:21:44 GMT

GET
H2 200 chatra.js Show response
call.chatra.io/ 35 KB
9 KB 54ms
19ms Script
application/x-javascript 2606:4700:10::6814:a16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://call.chatra.io/chatra.js
Requested by: Host: penstripe.bluemantis-staging.com
URL: https://penstripe.bluemantis-staging.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:a16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94d46798fda6e3bac261d0893148242daf391b8bdd575eec2a6e9b146cd53ede

Request headers

Referer: https://penstripe.bluemantis-staging.com/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 13:21:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Feb 2020 09:31:06 GMT
server: cloudflare
age: 257
etag: W/"8aab-17033967f90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1800
cf-ray: 5657962efd843233-FRA
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 stripe.png
penstripe.bluemantis-staging.com/images/ 76 B
138 B 88ms
87ms Image
image/png 185.181.116.115
GYRON ====

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://penstripe.bluemantis-staging.com/images/stripe.png
Requested by: Host: penstripe.bluemantis-staging.com
URL: https://penstripe.bluemantis-staging.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.181.116.115 , United Kingdom, ASN29017 (GYRON ====, GB),
Reverse DNS: ds1.bluemantis.com
Software: Apache /
Resource Hash: 659bf179d60c2a50d248319b284c8117ea5d5c51718c4b72dc690e1c99c5d0ae

Request headers

Referer: https://penstripe.bluemantis-staging.com/css/app.css?v=77078
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 13:21:44 GMT
last-modified: Mon, 06 Jan 2020 13:33:41 GMT
server: Apache
status: 200
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 76

GET
H2 200 Eagle-Book.woff
penstripe.bluemantis-staging.com/css/fonts/ 17 KB
18 KB 86ms
86ms Font
font/woff 185.181.116.115
GYRON ====

General

Check archive.org

Show headers Download Go to

Full URL: https://penstripe.bluemantis-staging.com/css/fonts/Eagle-Book.woff
Requested by: Host: penstripe.bluemantis-staging.com
URL: https://penstripe.bluemantis-staging.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.181.116.115 , United Kingdom, ASN29017 (GYRON ====, GB),
Reverse DNS: ds1.bluemantis.com
Software: Apache /
Resource Hash: dc9e9a57de0d3d30fc8dbde57d626e2505a85410705c087365eb4683ac169581

Request headers

Referer: https://penstripe.bluemantis-staging.com/css/app.css?v=77078
Origin: https://penstripe.bluemantis-staging.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 13:21:44 GMT
last-modified: Mon, 06 Jan 2020 13:33:49 GMT
server: Apache
status: 200
content-type: font/woff
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 17908

GET
H2 200 Icon-Fonts.ttf
penstripe.bluemantis-staging.com/css/fonts/ 30 KB
30 KB 89ms
88ms Font
font/ttf 185.181.116.115
GYRON ====

General

Check archive.org

Show headers Download Go to

Full URL: https://penstripe.bluemantis-staging.com/css/fonts/Icon-Fonts.ttf
Requested by: Host: penstripe.bluemantis-staging.com
URL: https://penstripe.bluemantis-staging.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.181.116.115 , United Kingdom, ASN29017 (GYRON ====, GB),
Reverse DNS: ds1.bluemantis.com
Software: Apache /
Resource Hash: aa4a211abfa20ef9cc1d60a183308dd5abb960aa92431716886356cf3ff522bc

Request headers

Referer: https://penstripe.bluemantis-staging.com/css/app.css?v=77078
Origin: https://penstripe.bluemantis-staging.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 13:21:44 GMT
last-modified: Mon, 06 Jan 2020 13:33:50 GMT
server: Apache
status: 200
content-type: font/ttf
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 31064

GET
H2 200 Eagle-Light.woff
penstripe.bluemantis-staging.com/css/fonts/ 19 KB
19 KB 86ms
86ms Font
font/woff 185.181.116.115
GYRON ====

General

Check archive.org

Show headers Download Go to

Full URL: https://penstripe.bluemantis-staging.com/css/fonts/Eagle-Light.woff
Requested by: Host: penstripe.bluemantis-staging.com
URL: https://penstripe.bluemantis-staging.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.181.116.115 , United Kingdom, ASN29017 (GYRON ====, GB),
Reverse DNS: ds1.bluemantis.com
Software: Apache /
Resource Hash: 5e90a5f95f7eea67990d0495951dd66c8df80ff8c906db7f0aa56c6f27f8867b

Request headers

Referer: https://penstripe.bluemantis-staging.com/css/app.css?v=77078
Origin: https://penstripe.bluemantis-staging.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 13:21:44 GMT
last-modified: Mon, 06 Jan 2020 13:33:49 GMT
server: Apache
status: 200
content-type: font/woff
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 18968

GET
H2 200 /
chat.chatra.io/ Frame E45E 0
0 35ms
15ms Document
text/html 2606:4700:10::6814:a16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatra.io/

Requested by

Host: call.chatra.io
URL: https://call.chatra.io/chatra.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:a16e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; script-src 'self' https://static.chatra.io; child-src 'none'; img-src https://static.chatra.io 'self' ucarecdn.com data: blob: https://uc.chatra.io; connect-src 'self' data: https://upload.uploadcare.com https://upload.uc.chatra.io ws://chat.chatra.io/ wss://chat.chatra.io/; style-src 'self' 'unsafe-inline' https://static.chatra.io; media-src data:; block-all-mixed-content; frame-src 'none'

Strict-Transport-Security

max-age=31536000

Request headers

:method: GET
:authority: chat.chatra.io
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://penstripe.bluemantis-staging.com/login
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://penstripe.bluemantis-staging.com/login

Response headers

status: 200
date: Sat, 15 Feb 2020 13:21:44 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dae8173fa4b5b35632cbc9c186e2fc5a91581772904; expires=Mon, 16-Mar-20 13:21:44 GMT; path=/; domain=.chatra.io; HttpOnly; SameSite=Lax
content-security-policy: default-src 'self'; script-src 'self' https://static.chatra.io; child-src 'none'; img-src https://static.chatra.io 'self' ucarecdn.com data: blob: https://uc.chatra.io; connect-src 'self' data: https://upload.uploadcare.com https://upload.uc.chatra.io ws://chat.chatra.io/ wss://chat.chatra.io/; style-src 'self' 'unsafe-inline' https://static.chatra.io; media-src data:; block-all-mixed-content; frame-src 'none'
strict-transport-security: max-age=31536000
cache-control: public, max-age=300, s-maxage=300
etag: W/"appV5695.6706.19544"
vary: Accept-Encoding
cf-cache-status: HIT
age: 257
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
cf-ray: 5657962f4e2d3233-FRA
content-encoding: br

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
chat.chatra.io/	1970-01-22 22:58:52	Name: dBe8NpMos8NEdYY7R.penstripe.bluemantis-staging.com.browserLanguage Value: en-US
chat.chatra.io/	1970-01-22 22:58:52	Name: dBe8NpMos8NEdYY7R.penstripe.bluemantis-staging.com.userAgent Value: Mozilla/5.0 (X11
chat.chatra.io/	1970-01-22 22:58:52	Name: dBe8NpMos8NEdYY7R.penstripe.bluemantis-staging.com.currentPage Value: https://penstripe.bluemantis-staging.com/login
penstripe.bluemantis-staging.com/	1970-01-22 22:58:52	Name: Chatra.clientId Value: W9GlthZIKHcD5zXrVK2F2VmI-httTPQRIzA2ZdT3
penstripe.bluemantis-staging.com/	1970-01-22 22:58:52	Name: Chatra.referrer Value:
penstripe.bluemantis-staging.com/	1970-01-22 22:58:52	Name: Chatra.hostedItems Value: {"dBe8NpMos8NEdYY7R.penstripe.bluemantis-staging.com.browserLanguage":"en-US","dBe8NpMos8NEdYY7R.penstripe.bluemantis-staging.com.currentPage":"https://penstripe.bluemantis-staging.com/login","dBe8NpMos8NEdYY7R.penstripe.bluemantis-staging.com.currentPageTitle":"MyPenstripe","dBe8NpMos8NEdYY7R.lastHostname":"penstripe.bluemantis-staging.com","dBe8NpMos8NEdYY7R.penstripe.bluemantis-staging.com.clientId":"W9GlthZIKHcD5zXrVK2F2VmI-httTPQRIzA2ZdT3"}
chat.chatra.io/	1970-01-22 22:58:52	Name: dBe8NpMos8NEdYY7R.penstripe.bluemantis-staging.com.clientId Value: W9GlthZIKHcD5zXrVK2F2VmI-httTPQRIzA2ZdT3
penstripe.bluemantis-staging.com/	1970-01-19 07:23:00	Name: XSRF-TOKEN Value: eyJpdiI6IlFHSVFcL2E1TGt6Q3NTNXlKVkROdUt3PT0iLCJ2YWx1ZSI6IlRLNXJ4b0NHd3gyWEtEaXdURnc0QUVJV2txZnI0bTVuMlVUWWJWQUFrUEtIYlBHa216aThxclQ5NVVaYlFjV0ciLCJtYWMiOiJjNjZmZjJiYzNlZWUwM2M5ZDAxZTY3NTE2MWFjNWJkYWZhN2U4YTA1ZmZjZTFjY2E4YTVmNzQzN2VjNTA3ZGQwIn0%3D
penstripe.bluemantis-staging.com/	1970-01-22 22:58:52	Name: Chatra.lastPageViewAt Value: 1581772904821
chat.chatra.io/	1970-01-22 22:58:52	Name: dBe8NpMos8NEdYY7R.penstripe.bluemantis-staging.com.currentPageTitle Value: MyPenstripe
penstripe.bluemantis-staging.com/	1970-01-19 07:23:00	Name: mypenstripe_session Value: eyJpdiI6IlZKK3RRSHRQTkxOYXF3MUJEb09zZ1E9PSIsInZhbHVlIjoiMFl3RklCVEFoYzl2bENjZUFFOERNZzZmbVZzUjNTUEc1RHJEemdSd0ZwZWJVT2R6QXdYV2J3Z2xpcUVjeitPdCIsIm1hYyI6IjEyZjQ4YTVjYzM4OWUyMDUzN2M4NDIxNTNkZTk5OTA0N2Y0NTY0MzU0MDM5MTA1NWIzYjkyMDdhZDcyODc0NzkifQ%3D%3D
chat.chatra.io/	1970-01-22 22:58:52	Name: dBe8NpMos8NEdYY7R.lastHostname Value: penstripe.bluemantis-staging.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

call.chatra.io
cdnjs.cloudflare.com
chat.chatra.io
fonts.googleapis.com
penstripe.bluemantis-staging.com
185.181.116.115
2606:4700:10::6814:a16e
2606:4700::6811:4004
2a00:1450:4001:81e::200a
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
49815c464a5f8ff59591dc4ca37fff4326ffd5d919bfef994f46a8bfe6f00417
5c06b6329970d1560039f39c4935a041d96fcf0f877b47951d8ece559a1b4dc6
5e90a5f95f7eea67990d0495951dd66c8df80ff8c906db7f0aa56c6f27f8867b
659bf179d60c2a50d248319b284c8117ea5d5c51718c4b72dc690e1c99c5d0ae
94d46798fda6e3bac261d0893148242daf391b8bdd575eec2a6e9b146cd53ede
98724c21636b15a21b1d96deff1b0ceba7fc32cbc2e6178412003fdfc4cd75b9
aa4a211abfa20ef9cc1d60a183308dd5abb960aa92431716886356cf3ff522bc
c37557c0c4b6d859e593d74ecf310cd4f3fab4ac3d3e740208d975183c2da0ad
dc9cbf19b48bae0d28f72e59e67d6ec34ab1644087ec2e8e42954180d1586b48
dc9e9a57de0d3d30fc8dbde57d626e2505a85410705c087365eb4683ac169581
de52f2620a5894e619518b7669bd6a11b8fbf618014112855e4d03925b6033d3
f850e0373b60d9668ff95488449377d23bc49dff77a534022ea2f1bf022fefff

penstripe.bluemantis-staging.com Open in urlscan Pro 185.181.116.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

75 %IPv6

4 Domains

5 Subdomains

4 IPs

3 Countries

2037 kBTransfer

2064 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

12 Cookies

Indicators

penstripe.bluemantis-staging.com Open in urlscan Pro
185.181.116.115 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

2037 kB
Transfer

2064 kB
Size

12
Cookies

14 HTTP transactions
0 data transactions