ui.onprem-be.orcasecurity.io Open in urlscan Pro
52.222.190.116 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ui.onprem-be.orcasecurity.io/
Submission: On May 08 via automatic, source certstream-suspicious (May 8th 2020, 2:20:30 pm UTC)

Summary HTTP 17 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 52.222.190.116, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is ui.onprem-be.orcasecurity.io.
TLS certificate: Issued by Amazon on May 7th 2020. Valid for: a year.

This is the only time ui.onprem-be.orcasecurity.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
13	52.222.190.116 52.222.190.116		16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:814::200a		15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:819::2003		15169 (GOOGLE) (GOOGLE)
17	3

13 52.222.190.116 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-190-116.ham50.r.cloudfront.net

ui.onprem-be.orcasecurity.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	orcasecurity.io ui.onprem-be.orcasecurity.io	770 KB
3	gstatic.com fonts.gstatic.com	33 KB
1	googleapis.com fonts.googleapis.com	983 B
17	3

	Domain	Requested by
13	ui.onprem-be.orcasecurity.io	ui.onprem-be.orcasecurity.io
3	fonts.gstatic.com	ui.onprem-be.orcasecurity.io
1	fonts.googleapis.com	ui.onprem-be.orcasecurity.io
17	3

This site contains no links.

Subject Issuer	Validity	Valid
ui.onprem-be.orcasecurity.io Amazon	`2020-05-07` - `2021-06-07`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ui.onprem-be.orcasecurity.io/
Frame ID: 9BF3C34EC4D9DB2D75CBF20990BDA7BA
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ant Design (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /\(CloudFront\)$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /\(CloudFront\)$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

17
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

804 kB
Transfer

3011 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ui.onprem-be.orcasecurity.io/ 7 KB
5 KB 264ms
69ms Document
text/html 52.222.190.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.onprem-be.orcasecurity.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.190.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-116.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e8c4cf67796787f0b3914cd89c3f93711e564144d20537d8cb2625d94fcd5b4

Request headers

:method: GET
:authority: ui.onprem-be.orcasecurity.io
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html
date: Fri, 08 May 2020 14:20:02 GMT
last-modified: Fri, 08 May 2020 14:04:51 GMT
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 c3ea695df6623739937b8dda8c1599f9.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: 6JRNQqqZPx9q0UbzLvoAjCz3lxldkpvzG7lWM66CnXk7ZgonwNzaOQ==

GET
H2 200 css
fonts.googleapis.com/ 12 KB
983 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Exo+2:300,500,700|Roboto:400,500,700&display=swap

Requested by

Host: ui.onprem-be.orcasecurity.io
URL: https://ui.onprem-be.orcasecurity.io/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfe7ca07697ba2b2447d345be37a8b328c2949c300194b600bd1d84f956021df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ui.onprem-be.orcasecurity.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 May 2020 14:20:01 GMT
server: ESF
date: Fri, 08 May 2020 14:20:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 May 2020 14:20:01 GMT

GET
H2 200 2.ed5aefdf.chunk.css
ui.onprem-be.orcasecurity.io/static/css/ 360 KB
41 KB 68ms
66ms Stylesheet
text/css 52.222.190.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.onprem-be.orcasecurity.io/static/css/2.ed5aefdf.chunk.css
Requested by: Host: ui.onprem-be.orcasecurity.io
URL: https://ui.onprem-be.orcasecurity.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.190.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-116.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db0587691c4796013a1b0d3069eb428442129ba9a549437784d1f1d0888cb635

Request headers

Referer: https://ui.onprem-be.orcasecurity.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 14:20:02 GMT
content-encoding: gzip
last-modified: Fri, 08 May 2020 14:04:51 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
status: 200
x-amz-cf-id: TEZE_mPer3Z3EfpA0DmpaiQudDHT2BOe4BiYCpovg6vREeSaZUEzcw==
via: 1.1 c3ea695df6623739937b8dda8c1599f9.cloudfront.net (CloudFront)

GET
H2 200 main.0cc7884e.chunk.css
ui.onprem-be.orcasecurity.io/static/css/ 25 KB
5 KB 122ms
121ms Stylesheet
text/css 52.222.190.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.onprem-be.orcasecurity.io/static/css/main.0cc7884e.chunk.css
Requested by: Host: ui.onprem-be.orcasecurity.io
URL: https://ui.onprem-be.orcasecurity.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.190.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-116.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2d5ab538b001586f8423af5c674c0adb76f1525d53dc87464368c1cce6aa1b6

Request headers

Referer: https://ui.onprem-be.orcasecurity.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 14:20:02 GMT
content-encoding: gzip
last-modified: Fri, 08 May 2020 14:04:51 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
status: 200
x-amz-cf-id: u2fn76g2Bj3OfmVvrErO9dIMusJCe4fGDYnfmneL9kf8MOMoIhmiKA==
via: 1.1 c3ea695df6623739937b8dda8c1599f9.cloudfront.net (CloudFront)

GET
H2 200 ie.js Show response
ui.onprem-be.orcasecurity.io/ 801 B
1 KB 53ms
51ms Script
application/javascript 52.222.190.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.onprem-be.orcasecurity.io/ie.js
Requested by: Host: ui.onprem-be.orcasecurity.io
URL: https://ui.onprem-be.orcasecurity.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.190.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-116.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a4da418a6d546d96cd2d767b84cd1c56f627619113587d38e961516951b2538

Request headers

Referer: https://ui.onprem-be.orcasecurity.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 14:20:02 GMT
via: 1.1 c3ea695df6623739937b8dda8c1599f9.cloudfront.net (CloudFront)
last-modified: Fri, 08 May 2020 14:04:51 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
etag: "c2741a6d5e27f43ef4a601fd91929c73"
x-cache: Miss from cloudfront
content-type: application/javascript
status: 200
content-length: 801
x-amz-cf-id: hpBCosYpO_x2NNuxQXxyAQOInjRBNNxcscADSTg5u5QrLSiL0D4LHw==

GET
H2 200 2.632af150.chunk.js Show response
ui.onprem-be.orcasecurity.io/static/js/ 2 MB
614 KB 149ms
148ms Script
application/javascript 52.222.190.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.onprem-be.orcasecurity.io/static/js/2.632af150.chunk.js
Requested by: Host: ui.onprem-be.orcasecurity.io
URL: https://ui.onprem-be.orcasecurity.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.190.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-116.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49ccc313478a14f06ce2c3df9fd1126a4d70a14d4ecb8a580c1823a94f0ce486

Request headers

Referer: https://ui.onprem-be.orcasecurity.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 14:20:02 GMT
content-encoding: gzip
last-modified: Fri, 08 May 2020 14:04:51 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: YHzlgBYovBcgtS1JN9Nbq3yzBcr-OEIxyxGAzCRdkU83lrGCTmrokw==
via: 1.1 c3ea695df6623739937b8dda8c1599f9.cloudfront.net (CloudFront)

GET
H2 200 main.887a078f.chunk.js Show response
ui.onprem-be.orcasecurity.io/static/js/ 383 KB
96 KB 80ms
79ms Script
application/javascript 52.222.190.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.onprem-be.orcasecurity.io/static/js/main.887a078f.chunk.js
Requested by: Host: ui.onprem-be.orcasecurity.io
URL: https://ui.onprem-be.orcasecurity.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.190.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-116.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86eb5d27de16d076dd13eabbad080e419ffdc3aa48de8ac26238c69dc31dfce4

Request headers

Referer: https://ui.onprem-be.orcasecurity.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 14:20:02 GMT
content-encoding: gzip
last-modified: Fri, 08 May 2020 14:04:51 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: Nsu-NVGXB1WkHMlA-5L76xAOb4FNkEqPxHjmwv-TcTWQu_lsa83V2Q==
via: 1.1 c3ea695df6623739937b8dda8c1599f9.cloudfront.net (CloudFront)

GET
H2 200 bg-dot-pattern.0ebcd83a.svg
ui.onprem-be.orcasecurity.io/static/media/ 1012 B
512 B 132ms
130ms Image
image/svg+xml 52.222.190.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ui.onprem-be.orcasecurity.io/static/media/bg-dot-pattern.0ebcd83a.svg
Requested by: Host: ui.onprem-be.orcasecurity.io
URL: https://ui.onprem-be.orcasecurity.io/static/js/2.632af150.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.190.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-116.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ea78786b693f57a004b7232f2cdee4cbeff9eb441e4caebe1ee803596e38e20

Request headers

Referer: https://ui.onprem-be.orcasecurity.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 14:20:03 GMT
content-encoding: gzip
last-modified: Fri, 08 May 2020 14:04:51 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-id: AKKQikqy2KgmvgMmpWf7WhmJkFvL0VNg_es4qtlhUzN8KruDR0HuSA==
via: 1.1 c3ea695df6623739937b8dda8c1599f9.cloudfront.net (CloudFront)

GET
H2 200 logo-bg.e8bf96b3.svg
ui.onprem-be.orcasecurity.io/static/media/ 1 KB
1 KB 68ms
67ms Image
image/svg+xml 52.222.190.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ui.onprem-be.orcasecurity.io/static/media/logo-bg.e8bf96b3.svg
Requested by: Host: ui.onprem-be.orcasecurity.io
URL: https://ui.onprem-be.orcasecurity.io/static/js/2.632af150.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.190.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-116.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7026b4ffc1fa235e19a66d19b1906fb9ab7568f10f00e45a887602d7e0df6ae3

Request headers

Referer: https://ui.onprem-be.orcasecurity.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 14:20:03 GMT
content-encoding: gzip
last-modified: Fri, 08 May 2020 14:04:51 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-id: nsA5nWNdpamqbuIALgZVTnZlRp-lzeC_WAk1Uq-1JdfR1-vJqLh5uA==
via: 1.1 c3ea695df6623739937b8dda8c1599f9.cloudfront.net (CloudFront)

GET
H2 200 wave1.29c6a72e.svg
ui.onprem-be.orcasecurity.io/static/media/ 935 B
1 KB 72ms
71ms Image
image/svg+xml 52.222.190.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ui.onprem-be.orcasecurity.io/static/media/wave1.29c6a72e.svg
Requested by: Host: ui.onprem-be.orcasecurity.io
URL: https://ui.onprem-be.orcasecurity.io/static/js/2.632af150.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.190.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-116.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa3cd7440c8fa086b31db5d28baf3d60c845502f9f1dd06b2f7aed8653c5dc80

Request headers

Referer: https://ui.onprem-be.orcasecurity.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 14:20:03 GMT
via: 1.1 c3ea695df6623739937b8dda8c1599f9.cloudfront.net (CloudFront)
last-modified: Fri, 08 May 2020 14:04:52 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
etag: "29c6a72efee8a1de73cc59303c32ab61"
x-cache: Miss from cloudfront
content-type: image/svg+xml
status: 200
content-length: 935
x-amz-cf-id: TF25byNuUtBJ2cF76ZJModw7hxcF_A1EBFIyGgo7SadvUR691M4D3A==

GET
H2 200 wave2.7b58f77f.svg
ui.onprem-be.orcasecurity.io/static/media/ 965 B
1 KB 104ms
102ms Image
image/svg+xml 52.222.190.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ui.onprem-be.orcasecurity.io/static/media/wave2.7b58f77f.svg
Requested by: Host: ui.onprem-be.orcasecurity.io
URL: https://ui.onprem-be.orcasecurity.io/static/js/2.632af150.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.190.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-116.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e1bfbcc71fa22144eca04359098b892601b3bf3961593b568cf5b185444d9a7

Request headers

Referer: https://ui.onprem-be.orcasecurity.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 14:20:03 GMT
via: 1.1 c3ea695df6623739937b8dda8c1599f9.cloudfront.net (CloudFront)
last-modified: Fri, 08 May 2020 14:04:52 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
etag: "7b58f77f9b8b4fa97c74e22df5ece4a4"
x-cache: Miss from cloudfront
content-type: image/svg+xml
status: 200
content-length: 965
x-amz-cf-id: jIEE19Wg3dIyzWVPWI8OR9dvdYV06fYekJMsM2E_RtBZC_u7YTgeNg==

GET
H2 200 wave3.a78b1037.svg
ui.onprem-be.orcasecurity.io/static/media/ 948 B
1 KB 61ms
60ms Image
image/svg+xml 52.222.190.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ui.onprem-be.orcasecurity.io/static/media/wave3.a78b1037.svg
Requested by: Host: ui.onprem-be.orcasecurity.io
URL: https://ui.onprem-be.orcasecurity.io/static/js/2.632af150.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.190.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-116.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3fdf0c07dec5046e460230c181695c57f97f22981182b4fe7da331dec0a8235b

Request headers

Referer: https://ui.onprem-be.orcasecurity.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 14:20:03 GMT
via: 1.1 c3ea695df6623739937b8dda8c1599f9.cloudfront.net (CloudFront)
last-modified: Fri, 08 May 2020 14:04:52 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
etag: "a78b10373a4ecbc0dfc2ef82af57120e"
x-cache: Miss from cloudfront
content-type: image/svg+xml
status: 200
content-length: 948
x-amz-cf-id: 4FDXJwb-r3uuIqDkp4G71UeaRa0Eb8u-AX4AQGe2VejP14KUJb4MBg==

GET
H2 200 wave4.69b115f1.svg
ui.onprem-be.orcasecurity.io/static/media/ 2 KB
1 KB 45ms
44ms Image
image/svg+xml 52.222.190.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ui.onprem-be.orcasecurity.io/static/media/wave4.69b115f1.svg
Requested by: Host: ui.onprem-be.orcasecurity.io
URL: https://ui.onprem-be.orcasecurity.io/static/js/2.632af150.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.190.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-116.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c074edafa7bb55099ca134793aca41a6860568ddfb2e17647f388f9ae443b204

Request headers

Referer: https://ui.onprem-be.orcasecurity.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 14:20:03 GMT
content-encoding: gzip
last-modified: Fri, 08 May 2020 14:04:52 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-id: nUUybOOcQuicX2ASqDciM5B_aQwYUf8-3t5otp4UirUju6U2g37K0Q==
via: 1.1 c3ea695df6623739937b8dda8c1599f9.cloudfront.net (CloudFront)

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: ui.onprem-be.orcasecurity.io
URL: https://ui.onprem-be.orcasecurity.io/static/js/2.632af150.chunk.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Exo+2:300,500,700|Roboto:400,500,700&display=swap
Origin: https://ui.onprem-be.orcasecurity.io

Response headers

date: Tue, 14 Apr 2020 23:26:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2040783
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 14 Apr 2021 23:26:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: ui.onprem-be.orcasecurity.io
URL: https://ui.onprem-be.orcasecurity.io/static/js/2.632af150.chunk.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Exo+2:300,500,700|Roboto:400,500,700&display=swap
Origin: https://ui.onprem-be.orcasecurity.io

Response headers

date: Tue, 05 May 2020 21:43:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 232605
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Wed, 05 May 2021 21:43:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: ui.onprem-be.orcasecurity.io
URL: https://ui.onprem-be.orcasecurity.io/static/js/2.632af150.chunk.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Exo+2:300,500,700|Roboto:400,500,700&display=swap
Origin: https://ui.onprem-be.orcasecurity.io

Response headers

date: Wed, 15 Apr 2020 00:22:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 2037468
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 15 Apr 2021 00:22:14 GMT

GET
H2 200 orca-logo.008fa6dc.svg
ui.onprem-be.orcasecurity.io/static/media/ 2 KB
1 KB 70ms
69ms Image
image/svg+xml 52.222.190.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ui.onprem-be.orcasecurity.io/static/media/orca-logo.008fa6dc.svg
Requested by: Host: ui.onprem-be.orcasecurity.io
URL: https://ui.onprem-be.orcasecurity.io/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.190.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-116.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee9a09afa81e538eb27a63c5976d496bedf1c129ab52d07a686d00653d155162

Request headers

Referer: https://ui.onprem-be.orcasecurity.io/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 14:20:03 GMT
content-encoding: gzip
last-modified: Fri, 08 May 2020 14:04:52 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-id: Rf20no2DmYgDpMY8Qwaeu2_bbfuegNwrx8K7d6l3B73_k6sfUS8kEg==
via: 1.1 c3ea695df6623739937b8dda8c1599f9.cloudfront.net (CloudFront)

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| webpackJsonporca string| RaygunObject function| rg4js object| TraceKit function| raygunUtilityFactory function| raygunNetworkTrackingFactory function| raygunBreadcrumbsFactory object| Raygun object| __core-js_shared__ function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ function| _ object| core string| __VERSION__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
ui.onprem-be.orcasecurity.io
2a00:1450:4001:814::200a
2a00:1450:4001:819::2003
52.222.190.116
0a4da418a6d546d96cd2d767b84cd1c56f627619113587d38e961516951b2538
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e8c4cf67796787f0b3914cd89c3f93711e564144d20537d8cb2625d94fcd5b4
1ea78786b693f57a004b7232f2cdee4cbeff9eb441e4caebe1ee803596e38e20
3fdf0c07dec5046e460230c181695c57f97f22981182b4fe7da331dec0a8235b
49ccc313478a14f06ce2c3df9fd1126a4d70a14d4ecb8a580c1823a94f0ce486
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6e1bfbcc71fa22144eca04359098b892601b3bf3961593b568cf5b185444d9a7
7026b4ffc1fa235e19a66d19b1906fb9ab7568f10f00e45a887602d7e0df6ae3
86eb5d27de16d076dd13eabbad080e419ffdc3aa48de8ac26238c69dc31dfce4
aa3cd7440c8fa086b31db5d28baf3d60c845502f9f1dd06b2f7aed8653c5dc80
bfe7ca07697ba2b2447d345be37a8b328c2949c300194b600bd1d84f956021df
c074edafa7bb55099ca134793aca41a6860568ddfb2e17647f388f9ae443b204
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
db0587691c4796013a1b0d3069eb428442129ba9a549437784d1f1d0888cb635
e2d5ab538b001586f8423af5c674c0adb76f1525d53dc87464368c1cce6aa1b6
ee9a09afa81e538eb27a63c5976d496bedf1c129ab52d07a686d00653d155162