urlscan.io logo urlscan.io
SecurityTrails logo

ui.threatstream.com Open in urlscan Pro
52.5.29.156  Public Scan

Go To Rescan Add Verdict Report
URL: https://ui.threatstream.com/login.
Submission: On November 23 via api from AE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 52.5.29.156, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ui.threatstream.com. The Cisco Umbrella rank of the primary domain is 565646.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 25th 2023. Valid for: a year.
This is the only time ui.threatstream.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 52.5.29.156 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 3
Apex Domain
Subdomains		 Transfer
4 threatstream.com
ui.threatstream.com — Cisco Umbrella Rank: 565646
580 KB
1 gstatic.com
www.gstatic.com
188 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
6 3
Domain Requested by
4 ui.threatstream.com ui.threatstream.com
1 www.gstatic.com www.google.com
1 www.google.com ui.threatstream.com
6 3

This site contains no links.

Subject Issuer Validity Valid
*.threatstream.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-25 -
2024-08-24		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ui.threatstream.com/login.
Frame ID: 7C256FD4ECD8E1C373EDCDDBA4C5D633
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ThreatStream

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

6
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

770 kB
Transfer

2486 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.
ui.threatstream.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ui.threatstream.com/login.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.29.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-29-156.compute-1.amazonaws.com
Software
/
Resource Hash
b20c16f92cece9036532930e7b74b44333b47dbebc8be73df30c4c2faecee3d0
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com data.pendo.io *.threatstream.com *.anomali.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com; frame-ancestors 'self' *.anomali.com *.threatstream.com app.pendo.io; frame-src 'self' blob: https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ *.threatstream.com *.anomali.com app.pendo.io;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options : nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com data.pendo.io *.threatstream.com *.anomali.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com; frame-ancestors 'self' *.anomali.com *.threatstream.com app.pendo.io; frame-src 'self' blob: https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ *.threatstream.com *.anomali.com app.pendo.io;
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Nov 2023 11:47:31 GMT
ETag
W/"746-qgEUjyX6Hem8nxnYIwCKB3LOW5w"
Keep-Alive
timeout=5
Strict-Transport-Security
max-age=16000000; includeSubDomains; preload;
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
: nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
0
login.css
ui.threatstream.com/css/ 		185 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ui.threatstream.com/css/login.css
Requested by
Host: ui.threatstream.com
URL: https://ui.threatstream.com/login.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.29.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-29-156.compute-1.amazonaws.com
Software
/
Resource Hash
80e6dd4246f9ef6509119d8763e7faa2b1c2b544c263f4aa15905f701297e70b
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com data.pendo.io *.threatstream.com *.anomali.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com; frame-ancestors 'self' *.anomali.com *.threatstream.com app.pendo.io; frame-src 'self' blob: https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ *.threatstream.com *.anomali.com app.pendo.io;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options : nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ui.threatstream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 11:47:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
: nosniff
Strict-Transport-Security
max-age=16000000; includeSubDomains; preload;
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com data.pendo.io *.threatstream.com *.anomali.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com; frame-ancestors 'self' *.anomali.com *.threatstream.com app.pendo.io; frame-src 'self' blob: https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ *.threatstream.com *.anomali.com app.pendo.io;
X-DNS-Prefetch-Control
off
Transfer-Encoding
chunked
X-XSS-Protection
0
Last-Modified
Thu, 23 Nov 2023 00:33:39 GMT
ETag
W/"2e579-18bf998beb8"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Keep-Alive
timeout=5
libraries-login.js
ui.threatstream.com/js/ 		181 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.threatstream.com/js/libraries-login.js?v=1700700132813
Requested by
Host: ui.threatstream.com
URL: https://ui.threatstream.com/login.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.29.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-29-156.compute-1.amazonaws.com
Software
/
Resource Hash
476e84e03dc7db379f38234ce67f792ab7f18290eba2dbcd90760ee8d4e18530
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com data.pendo.io *.threatstream.com *.anomali.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com; frame-ancestors 'self' *.anomali.com *.threatstream.com app.pendo.io; frame-src 'self' blob: https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ *.threatstream.com *.anomali.com app.pendo.io;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options : nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ui.threatstream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 11:47:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
: nosniff
Strict-Transport-Security
max-age=16000000; includeSubDomains; preload;
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com data.pendo.io *.threatstream.com *.anomali.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com; frame-ancestors 'self' *.anomali.com *.threatstream.com app.pendo.io; frame-src 'self' blob: https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ *.threatstream.com *.anomali.com app.pendo.io;
ETag
W/"2d3ad-/ZLcJHm3EPGVTfIR4vKQw3CRO+Y"
X-Download-Options
noopen
Vary
Accept-Encoding
X-DNS-Prefetch-Control
off
Content-Type
application/javascript; charset=utf-8
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Keep-Alive
timeout=5
X-XSS-Protection
0
opt-login.js
ui.threatstream.com/js/ 		2 MB
482 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.threatstream.com/js/opt-login.js?v=1700700132813
Requested by
Host: ui.threatstream.com
URL: https://ui.threatstream.com/login.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.29.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-29-156.compute-1.amazonaws.com
Software
/
Resource Hash
6238f660457a0e030e5952c344b4ef92bfb230cca3107648f511160a8642054f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com data.pendo.io *.threatstream.com *.anomali.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com; frame-ancestors 'self' *.anomali.com *.threatstream.com app.pendo.io; frame-src 'self' blob: https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ *.threatstream.com *.anomali.com app.pendo.io;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options : nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ui.threatstream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 11:47:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
: nosniff
Strict-Transport-Security
max-age=16000000; includeSubDomains; preload;
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com data.pendo.io *.threatstream.com *.anomali.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com; frame-ancestors 'self' *.anomali.com *.threatstream.com app.pendo.io; frame-src 'self' blob: https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ *.threatstream.com *.anomali.com app.pendo.io;
ETag
W/"19c03f-Md0BsY4gO5ABcB6YTSlzezOqj18"
X-Download-Options
noopen
Vary
Accept-Encoding
X-DNS-Prefetch-Control
off
Content-Type
application/javascript; charset=utf-8
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Keep-Alive
timeout=5
X-XSS-Protection
0
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: ui.threatstream.com
URL: https://ui.threatstream.com/login.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3573b8bc8ed0307395d1b8b24e27e040fdcbd7ded5f5041c4c40e91803805905
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ui.threatstream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:47:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 23 Nov 2023 11:47:31 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 		468 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ui.threatstream.com/
Origin
https://ui.threatstream.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 08:23:08 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| SETTINGS_BASE_API_URL boolean| SETTINGS_OPTIC_APPLIANCE boolean| SETTINGS_OPTIC_APPLIANCE_ON_PREM boolean| SETTINGS_OPTIC_SVL boolean| SETTINGS_REGISTRATION_ENABLED boolean| SETTINGS_RECAPTCHA_ENABLED string| SETTINGS_RECAPTCHA_PUBLIC_KEY boolean| SETTINGS_SHOW_INTEGRATION string| SETTINGS_RESELLER_IMAGE string| SETTINGS_SOURCE_NAME string| SETTINGS_SOURCE_DOMAIN undefined| SETTINGS_CUSTOM_LINKS boolean| SETTINGS_IS_CUSTOM_REBRAND object| SETTINGS_CUSTOM_REBRAND_INFO string| SETTINGS_ONPREM_MISUSE_WARNING string| SETTINGS_ONPREM_CLASSIFICATION object| angular function| flatpickr object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client number| ng339 function| setForceSource object| recaptcha

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com data.pendo.io *.threatstream.com *.anomali.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' app.pendo.io cdn.pendo.io pendo-static-5100316050325504.storage.googleapis.com; frame-ancestors 'self' *.anomali.com *.threatstream.com app.pendo.io; frame-src 'self' blob: https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ *.threatstream.com *.anomali.com app.pendo.io;
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options : nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0