ui.threatstream.com
Open in
urlscan Pro
52.5.29.156
Public Scan
Submission: On November 23 via api from AE — Scanned from DE
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 25th 2023. Valid for: a year.
This is the only time ui.threatstream.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 52.5.29.156 52.5.29.156 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::2003 | 15169 (GOOGLE) (GOOGLE) | |
6 | 3 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-29-156.compute-1.amazonaws.com
ui.threatstream.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
threatstream.com
ui.threatstream.com — Cisco Umbrella Rank: 565646 |
580 KB |
1 |
gstatic.com
www.gstatic.com |
188 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
6 | 3 |
Domain | Requested by | |
---|---|---|
4 | ui.threatstream.com |
ui.threatstream.com
|
1 | www.gstatic.com |
www.google.com
|
1 | www.google.com |
ui.threatstream.com
|
6 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.threatstream.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-25 - 2024-08-24 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ui.threatstream.com/login.
Frame ID: 7C256FD4ECD8E1C373EDCDDBA4C5D633
Requests: 6 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.
ui.threatstream.com/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
ui.threatstream.com/css/ |
185 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
libraries-login.js
ui.threatstream.com/js/ |
181 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opt-login.js
ui.threatstream.com/js/ |
2 MB 482 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ |
468 KB 188 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture string| SETTINGS_BASE_API_URL boolean| SETTINGS_OPTIC_APPLIANCE boolean| SETTINGS_OPTIC_APPLIANCE_ON_PREM boolean| SETTINGS_OPTIC_SVL boolean| SETTINGS_REGISTRATION_ENABLED boolean| SETTINGS_RECAPTCHA_ENABLED string| SETTINGS_RECAPTCHA_PUBLIC_KEY boolean| SETTINGS_SHOW_INTEGRATION string| SETTINGS_RESELLER_IMAGE string| SETTINGS_SOURCE_NAME string| SETTINGS_SOURCE_DOMAIN undefined| SETTINGS_CUSTOM_LINKS boolean| SETTINGS_IS_CUSTOM_REBRAND object| SETTINGS_CUSTOM_REBRAND_INFO string| SETTINGS_ONPREM_MISUSE_WARNING string| SETTINGS_ONPREM_CLASSIFICATION object| angular function| flatpickr object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client number| ng339 function| setForceSource object| recaptcha0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com data.pendo.io *.threatstream.com *.anomali.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com; frame-ancestors 'self' *.anomali.com *.threatstream.com app.pendo.io; frame-src 'self' blob: https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ *.threatstream.com *.anomali.com app.pendo.io; |
Strict-Transport-Security | max-age=16000000; includeSubDomains; preload; |
X-Content-Type-Options | : nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ui.threatstream.com
www.google.com
www.gstatic.com
2a00:1450:4001:80f::2003
2a00:1450:4001:827::2004
52.5.29.156
3573b8bc8ed0307395d1b8b24e27e040fdcbd7ded5f5041c4c40e91803805905
476e84e03dc7db379f38234ce67f792ab7f18290eba2dbcd90760ee8d4e18530
6238f660457a0e030e5952c344b4ef92bfb230cca3107648f511160a8642054f
80e6dd4246f9ef6509119d8763e7faa2b1c2b544c263f4aa15905f701297e70b
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
b20c16f92cece9036532930e7b74b44333b47dbebc8be73df30c4c2faecee3d0