webtrac.northstarenv.com Open in urlscan Pro
142.93.49.222 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://billpay.northstarenv.com/
Effective URL:
https://webtrac.northstarenv.com/billpay
Submission: On September 15 via automatic, source certstream-suspicious (September 15th 2021, 9:54:12 am UTC) — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 14 HTTP transactions. The main IP is 142.93.49.222, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is webtrac.northstarenv.com.
TLS certificate: Issued by R3 on September 13th 2021. Valid for: 3 months.

This is the only time webtrac.northstarenv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	142.93.49.222 142.93.49.222	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	172.217.168.202 172.217.168.202	15169 (GOOGLE) (GOOGLE)
1	172.217.168.232 172.217.168.232	15169 (GOOGLE) (GOOGLE)
1	52.222.138.46 52.222.138.46	16509 (AMAZON-02) (AMAZON-02)
1	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
14	6

10 142.93.49.222 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

billpay.northstarenv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webtrac.northstarenv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.168.202 (United States)

ASN15169 (GOOGLE, US)
PTR: ams16s32-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.168.232 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s40-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.138.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-138-46.ams50.r.cloudfront.net

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	northstarenv.com 1 redirects billpay.northstarenv.com webtrac.northstarenv.com	237 KB
2	fullstory.com edge.fullstory.com rs.fullstory.com	64 KB
1	matomo.cloud cdn.matomo.cloud
1	googletagmanager.com www.googletagmanager.com	35 KB
1	googleapis.com ajax.googleapis.com	33 KB
14	5

	Domain	Requested by
9	webtrac.northstarenv.com	webtrac.northstarenv.com
1	rs.fullstory.com	edge.fullstory.com
1	edge.fullstory.com	webtrac.northstarenv.com
1	cdn.matomo.cloud	webtrac.northstarenv.com
1	www.googletagmanager.com	webtrac.northstarenv.com
1	ajax.googleapis.com	webtrac.northstarenv.com
1	billpay.northstarenv.com	1 redirects
14	7

This site contains no links.

Subject Issuer	Validity	Valid
webtrac.northstarenv.com R3	`2021-09-13` - `2021-12-12`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
cdn.matomo.cloud Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2021-08-22` - `2021-11-20`	3 months	crt.sh
*.fullstory.com R3	`2021-07-27` - `2021-10-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://webtrac.northstarenv.com/billpay
Frame ID: BC43F7CB73EDBF0B5ED3A36CC36F9E28
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Northstar

Page URL History Show full URLs

https://billpay.northstarenv.com/ HTTP 301
https://webtrac.northstarenv.com/billpay Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

6
IPs

1
Countries

368 kB
Transfer

624 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://billpay.northstarenv.com/ HTTP 301
https://webtrac.northstarenv.com/billpay Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set billpay Show response
webtrac.northstarenv.com/
Redirect Chain

https://billpay.northstarenv.com/
https://webtrac.northstarenv.com/billpay

5 KB
3 KB

411ms
100ms

Document
text/html

142.93.49.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrac.northstarenv.com/billpay
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.93.49.222 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6d9c58a3a1c89a37462f093aded2999553afd5ba32f8eacb73187c2123996e69

Request headers

Host: webtrac.northstarenv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Wed, 15 Sep 2021 09:54:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 200 OK
X-UA-Compatible: IE=Edge,chrome=1
ETag: W/"527d0d5d5448df979ec1d55de25707e2"
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: _northstar_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTFiMjIyZmExZjdjMTMyOGRjMTA4MGMwNjQ5YmYwZGI4BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXpIdDR4NW9NOG1NQ3FZVVk4MnNvaTNURVU0WjlycnNuaGtEZlZqWTNSSlU9BjsARg%3D%3D--52dc295c0fc7673664f25d1cc023fff09e20a78c; path=/; HttpOnly
X-Runtime: 0.009390
X-Rack-Cache: miss
Content-Encoding: gzip

Redirect headers

Server: nginx/1.10.3 (Ubuntu)
Date: Wed, 15 Sep 2021 09:54:07 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
Location: https://webtrac.northstarenv.com/billpay

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
33 KB 102ms
32ms Script
text/javascript 172.217.168.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: webtrac.northstarenv.com
URL: https://webtrac.northstarenv.com/billpay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.168.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s32-in-f10.1e100.net

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://webtrac.northstarenv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 18:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 227846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33333
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 18:36:42 GMT

GET
H/1.1 200
OK public-313ff3c592c9bb62efa5270dd16759c0.js Show response
webtrac.northstarenv.com/assets/ 141 KB
141 KB 186ms
185ms Script
application/javascript 142.93.49.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrac.northstarenv.com/assets/public-313ff3c592c9bb62efa5270dd16759c0.js
Requested by: Host: webtrac.northstarenv.com
URL: https://webtrac.northstarenv.com/billpay
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.93.49.222 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: cbbbef98a63e37e0a065d7c1818fd8db3714fec27fab57ff5ebd65c430d710ae

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: webtrac.northstarenv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://webtrac.northstarenv.com/billpay
Cookie: _northstar_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTFiMjIyZmExZjdjMTMyOGRjMTA4MGMwNjQ5YmYwZGI4BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXpIdDR4NW9NOG1NQ3FZVVk4MnNvaTNURVU0WjlycnNuaGtEZlZqWTNSSlU9BjsARg%3D%3D--52dc295c0fc7673664f25d1cc023fff09e20a78c
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://webtrac.northstarenv.com/billpay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Runtime: 0.012131
Date: Wed, 15 Sep 2021 09:54:08 GMT
X-Content-Digest: c8da26591a76077169ceec8beab27b3e7c182fb6
Last-Modified: Mon, 01 Jun 2020 12:11:29 GMT
Server: nginx/1.10.3 (Ubuntu)
Age: 0
ETag: "313ff3c592c9bb62efa5270dd16759c0"
Content-Type: application/javascript
Status: 200 OK
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 143928
X-Rack-Cache: stale, valid, store
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK reports-d9d21e42d6e003cb266dbf8fc15861d9.css
webtrac.northstarenv.com/assets/ 81 KB
81 KB 362ms
181ms Stylesheet
text/css 142.93.49.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrac.northstarenv.com/assets/reports-d9d21e42d6e003cb266dbf8fc15861d9.css
Requested by: Host: webtrac.northstarenv.com
URL: https://webtrac.northstarenv.com/billpay
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.93.49.222 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: bb860e2aa34a36e41d9afb9cbced54d7ba88d2f3d351d65386106874835e8857

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: webtrac.northstarenv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://webtrac.northstarenv.com/billpay
Cookie: _northstar_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTFiMjIyZmExZjdjMTMyOGRjMTA4MGMwNjQ5YmYwZGI4BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXpIdDR4NW9NOG1NQ3FZVVk4MnNvaTNURVU0WjlycnNuaGtEZlZqWTNSSlU9BjsARg%3D%3D--52dc295c0fc7673664f25d1cc023fff09e20a78c
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://webtrac.northstarenv.com/billpay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Runtime: 0.131727
Date: Wed, 15 Sep 2021 09:54:08 GMT
X-Content-Digest: 2e958e1ef2800808ab62d1f88a2ef17fe4b3363b
Last-Modified: Tue, 28 Apr 2020 04:30:00 GMT
Server: nginx/1.10.3 (Ubuntu)
Age: 0
ETag: "d9d21e42d6e003cb266dbf8fc15861d9"
Content-Type: text/css
Status: 200 OK
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 82680
X-Rack-Cache: stale, valid, store
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK monitoring_reports-d96e9d9b15c659534a19be0153b6bb4b.css
webtrac.northstarenv.com/assets/ 136 B
580 B 274ms
94ms Stylesheet
text/css 142.93.49.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrac.northstarenv.com/assets/monitoring_reports-d96e9d9b15c659534a19be0153b6bb4b.css
Requested by: Host: webtrac.northstarenv.com
URL: https://webtrac.northstarenv.com/billpay
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.93.49.222 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d933a37e8be605aaa80fac57ff4b8c6470670d78723898b5a4533e15da3bcf57

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: webtrac.northstarenv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://webtrac.northstarenv.com/billpay
Cookie: _northstar_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTFiMjIyZmExZjdjMTMyOGRjMTA4MGMwNjQ5YmYwZGI4BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXpIdDR4NW9NOG1NQ3FZVVk4MnNvaTNURVU0WjlycnNuaGtEZlZqWTNSSlU9BjsARg%3D%3D--52dc295c0fc7673664f25d1cc023fff09e20a78c
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://webtrac.northstarenv.com/billpay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Runtime: 0.001235
Date: Wed, 15 Sep 2021 09:54:08 GMT
X-Content-Digest: ecfb2f67bb833a78651588189640fdbda20f0f3f
Last-Modified: Mon, 30 Dec 2019 04:38:43 GMT
Server: nginx/1.10.3 (Ubuntu)
Age: 0
ETag: "d96e9d9b15c659534a19be0153b6bb4b"
Content-Type: text/css
Status: 200 OK
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 136
X-Rack-Cache: stale, valid, store
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK font-awesome-f62eecb06a74d9becdbf569cd108da2b.css
webtrac.northstarenv.com/assets/ 9 KB
9 KB 275ms
95ms Stylesheet
text/css 142.93.49.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrac.northstarenv.com/assets/font-awesome-f62eecb06a74d9becdbf569cd108da2b.css
Requested by: Host: webtrac.northstarenv.com
URL: https://webtrac.northstarenv.com/billpay
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.93.49.222 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 24763932d67de9588ec940e32b1a41f13c67c0f6e16afc418990c3c1cfa6c354

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: webtrac.northstarenv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://webtrac.northstarenv.com/billpay
Cookie: _northstar_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTFiMjIyZmExZjdjMTMyOGRjMTA4MGMwNjQ5YmYwZGI4BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXpIdDR4NW9NOG1NQ3FZVVk4MnNvaTNURVU0WjlycnNuaGtEZlZqWTNSSlU9BjsARg%3D%3D--52dc295c0fc7673664f25d1cc023fff09e20a78c
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://webtrac.northstarenv.com/billpay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Runtime: 0.002904
Date: Wed, 15 Sep 2021 09:54:08 GMT
X-Content-Digest: a551477678341d0cf27813ce9d2d5e9c8cf92793
Last-Modified: Mon, 30 Dec 2019 04:38:43 GMT
Server: nginx/1.10.3 (Ubuntu)
Age: 0
ETag: "f62eecb06a74d9becdbf569cd108da2b"
Content-Type: text/css
Status: 200 OK
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 9153
X-Rack-Cache: stale, valid, store
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK reports-366fcc0b0a500f9d76c8fdd36c563c0a.js Show response
webtrac.northstarenv.com/assets/ 498 B
956 B 276ms
96ms Script
application/javascript 142.93.49.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrac.northstarenv.com/assets/reports-366fcc0b0a500f9d76c8fdd36c563c0a.js
Requested by: Host: webtrac.northstarenv.com
URL: https://webtrac.northstarenv.com/billpay
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.93.49.222 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: faa18ab12b0c7b1bd5db66aaeb432f5c006f93933039faf02c6ec92212f2dbcf

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: webtrac.northstarenv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://webtrac.northstarenv.com/billpay
Cookie: _northstar_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTFiMjIyZmExZjdjMTMyOGRjMTA4MGMwNjQ5YmYwZGI4BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXpIdDR4NW9NOG1NQ3FZVVk4MnNvaTNURVU0WjlycnNuaGtEZlZqWTNSSlU9BjsARg%3D%3D--52dc295c0fc7673664f25d1cc023fff09e20a78c
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://webtrac.northstarenv.com/billpay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Runtime: 0.002263
Date: Wed, 15 Sep 2021 09:54:08 GMT
X-Content-Digest: d924616a42f3f4c313b955ef5877cacda11e043d
Last-Modified: Tue, 05 May 2020 19:38:43 GMT
Server: nginx/1.10.3 (Ubuntu)
Age: 0
ETag: "366fcc0b0a500f9d76c8fdd36c563c0a"
Content-Type: application/javascript
Status: 200 OK
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 498
X-Rack-Cache: stale, valid, store
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 86 KB
35 KB 649ms
60ms Script
application/javascript 172.217.168.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K5SDKJQ

Requested by

Host: webtrac.northstarenv.com
URL: https://webtrac.northstarenv.com/billpay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.168.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s40-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c439202aee5d24dd897f7db9bdc3006233122fad72b7cf24713a965107af8644

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://webtrac.northstarenv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 09:54:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35196
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 09:54:09 GMT

GET
H/1.1 404
Not Found glyphicons-halflings.png
webtrac.northstarenv.com/img/ 671 B
671 B 97ms
96ms Image
text/html 142.93.49.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrac.northstarenv.com/img/glyphicons-halflings.png
Requested by: Host: webtrac.northstarenv.com
URL: https://webtrac.northstarenv.com/assets/reports-d9d21e42d6e003cb266dbf8fc15861d9.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.93.49.222 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 8a633f37cef0a678ee22a28df45dbd1191fec17f9a0bc83fc3a1555769ad251b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: webtrac.northstarenv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://webtrac.northstarenv.com/assets/reports-d9d21e42d6e003cb266dbf8fc15861d9.css
Cookie: _northstar_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTFiMjIyZmExZjdjMTMyOGRjMTA4MGMwNjQ5YmYwZGI4BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXpIdDR4NW9NOG1NQ3FZVVk4MnNvaTNURVU0WjlycnNuaGtEZlZqWTNSSlU9BjsARg%3D%3D--52dc295c0fc7673664f25d1cc023fff09e20a78c
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://webtrac.northstarenv.com/assets/reports-d9d21e42d6e003cb266dbf8fc15861d9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Runtime: 0.006455
Date: Wed, 15 Sep 2021 09:54:08 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Status: 404 Not Found
Cache-Control: private
Connection: keep-alive
X-Rack-Cache: miss

GET
H/1.1 404
Not Found fontawesome-webfont.woff
webtrac.northstarenv.com/fonts/ 0
0 96ms
96ms Font
text/html 142.93.49.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrac.northstarenv.com/fonts/fontawesome-webfont.woff
Requested by: Host: webtrac.northstarenv.com
URL: https://webtrac.northstarenv.com/assets/font-awesome-f62eecb06a74d9becdbf569cd108da2b.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.93.49.222 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://webtrac.northstarenv.com
Accept-Encoding: gzip, deflate, br
Host: webtrac.northstarenv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://webtrac.northstarenv.com/assets/font-awesome-f62eecb06a74d9becdbf569cd108da2b.css
Cookie: _northstar_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTFiMjIyZmExZjdjMTMyOGRjMTA4MGMwNjQ5YmYwZGI4BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXpIdDR4NW9NOG1NQ3FZVVk4MnNvaTNURVU0WjlycnNuaGtEZlZqWTNSSlU9BjsARg%3D%3D--52dc295c0fc7673664f25d1cc023fff09e20a78c
Connection: keep-alive
Referer: https://webtrac.northstarenv.com/assets/font-awesome-f62eecb06a74d9becdbf569cd108da2b.css
Origin: https://webtrac.northstarenv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Runtime: 0.006553
Date: Wed, 15 Sep 2021 09:54:08 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Status: 404 Not Found
Cache-Control: private
Connection: keep-alive
X-Rack-Cache: miss

GET
H/1.1 404
Not Found fontawesome-webfont.ttf
webtrac.northstarenv.com/fonts/ 0
0 95ms
95ms Font
text/html 142.93.49.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrac.northstarenv.com/fonts/fontawesome-webfont.ttf
Requested by: Host: webtrac.northstarenv.com
URL: https://webtrac.northstarenv.com/assets/font-awesome-f62eecb06a74d9becdbf569cd108da2b.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.93.49.222 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://webtrac.northstarenv.com
Accept-Encoding: gzip, deflate, br
Host: webtrac.northstarenv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://webtrac.northstarenv.com/assets/font-awesome-f62eecb06a74d9becdbf569cd108da2b.css
Cookie: _northstar_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTFiMjIyZmExZjdjMTMyOGRjMTA4MGMwNjQ5YmYwZGI4BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXpIdDR4NW9NOG1NQ3FZVVk4MnNvaTNURVU0WjlycnNuaGtEZlZqWTNSSlU9BjsARg%3D%3D--52dc295c0fc7673664f25d1cc023fff09e20a78c
Connection: keep-alive
Referer: https://webtrac.northstarenv.com/assets/font-awesome-f62eecb06a74d9becdbf569cd108da2b.css
Origin: https://webtrac.northstarenv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Runtime: 0.005178
Date: Wed, 15 Sep 2021 09:54:08 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Status: 404 Not Found
Cache-Control: private
Connection: keep-alive
X-Rack-Cache: miss

GET
H2 403 matomo.js
cdn.matomo.cloud/northstarenv.matomo.cloud/ 0
0 103ms
41ms Script
application/xml 52.222.138.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/northstarenv.matomo.cloud/matomo.js
Requested by: Host: webtrac.northstarenv.com
URL: https://webtrac.northstarenv.com/billpay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.138.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-138-46.ams50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://webtrac.northstarenv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 210 KB
63 KB 69ms
21ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: webtrac.northstarenv.com
URL: https://webtrac.northstarenv.com/billpay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4ed0d037d05b85bd4cdaffb1b856c6bbdc909819c15547d4eea1d64fae3f9da5

Request headers

Referer: https://webtrac.northstarenv.com/
Origin: https://webtrac.northstarenv.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 09:05:00 GMT
content-encoding: gzip
age: 2949
x-guploader-uploadid: ADPycdsknm97ApCfcNN5p9nrITKgtNv-VTOXgHARNNbOca5G7Vztb6q-9MIpQTnxu7waHkfoMCATAKbFkZGmBOsb3QZzl-Bzmw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 64293
last-modified: Thu, 26 Aug 2021 17:33:28 GMT
server: UploadServer
etag: "3279f654c7f61ca00ecbb7d2ef197511"
x-goog-hash: crc32c=sObuww==, md5=Mnn2VMf2HKAOy7fS7xl1EQ==
x-goog-generation: 1629999208621409
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 64293
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 15 Sep 2021 10:05:00 GMT

POST
H2 202 page Show response
rs.fullstory.com/rec/ 53 B
234 B 299ms
199ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

f97e53789e47c6537553ef5f1b1f4ae016834946a18f6bf0f17d6ed0b834f814

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://webtrac.northstarenv.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 09:54:09 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://webtrac.northstarenv.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 53

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			webtrac.northstarenv.com/	1969-12-31 23:59:59	Name: _northstar_session Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTFiMjIyZmExZjdjMTMyOGRjMTA4MGMwNjQ5YmYwZGI4BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXpIdDR4NW9NOG1NQ3FZVVk4MnNvaTNURVU0WjlycnNuaGtEZlZqWTNSSlU9BjsARg%3D%3D--52dc295c0fc7673664f25d1cc023fff09e20a78c

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://webtrac.northstarenv.com/img/glyphicons-halflings.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://webtrac.northstarenv.com/fonts/fontawesome-webfont.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://webtrac.northstarenv.com/fonts/fontawesome-webfont.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cdn.matomo.cloud/northstarenv.matomo.cloud/matomo.js Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
billpay.northstarenv.com
cdn.matomo.cloud
edge.fullstory.com
rs.fullstory.com
webtrac.northstarenv.com
www.googletagmanager.com
142.93.49.222
172.217.168.202
172.217.168.232
35.186.194.58
35.201.112.186
52.222.138.46
24763932d67de9588ec940e32b1a41f13c67c0f6e16afc418990c3c1cfa6c354
4ed0d037d05b85bd4cdaffb1b856c6bbdc909819c15547d4eea1d64fae3f9da5
6d9c58a3a1c89a37462f093aded2999553afd5ba32f8eacb73187c2123996e69
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8a633f37cef0a678ee22a28df45dbd1191fec17f9a0bc83fc3a1555769ad251b
bb860e2aa34a36e41d9afb9cbced54d7ba88d2f3d351d65386106874835e8857
c439202aee5d24dd897f7db9bdc3006233122fad72b7cf24713a965107af8644
cbbbef98a63e37e0a065d7c1818fd8db3714fec27fab57ff5ebd65c430d710ae
d933a37e8be605aaa80fac57ff4b8c6470670d78723898b5a4533e15da3bcf57
f97e53789e47c6537553ef5f1b1f4ae016834946a18f6bf0f17d6ed0b834f814
faa18ab12b0c7b1bd5db66aaeb432f5c006f93933039faf02c6ec92212f2dbcf

webtrac.northstarenv.com Open in urlscan Pro 142.93.49.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

5 Domains

7 Subdomains

6 IPs

1 Countries

368 kBTransfer

624 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

1 Cookies

4 Console Messages

Indicators

webtrac.northstarenv.com Open in urlscan Pro
142.93.49.222 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

6
IPs

1
Countries

368 kB
Transfer

624 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions