urlscan.io logo urlscan.io
SecurityTrails logo

admin.formstack.com Open in urlscan Pro
52.202.20.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sgclick.webmerge.me/ls/click?upn=X5KkvbXk4ZoKET1OAdwhSvRnlF1H5hnXsJ7Mz2CAiYtaQ-2FDOq-2FUOcs4HPCjOa2bBhxaiU5ZYcd4kmIN...
Effective URL: https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
Submission: On April 15 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 8 HTTP transactions. The main IP is 52.202.20.20, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is admin.formstack.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 21st 2019. Valid for: 2 years.
This is the only time admin.formstack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.52 11377 (SENDGRID)
2 3 52.42.215.194 16509 (AMAZON-02)
1 1 34.238.81.79 14618 (AMAZON-AES)
7 52.202.20.20 14618 (AMAZON-AES)
8 2
Apex Domain
Subdomains		 Transfer
7 formstack.com
admin.formstack.com
777 KB
4 webmerge.me
sgclick.webmerge.me
www.webmerge.me
20 KB
1 formstackservices.com
oauth.formstackservices.com
422 B
8 3
Domain Requested by
7 admin.formstack.com admin.formstack.com
3 www.webmerge.me 2 redirects admin.formstack.com
1 oauth.formstackservices.com 1 redirects
1 sgclick.webmerge.me 1 redirects
8 4

This site contains links to these domains. Also see Links.

Domain
www.webmerge.me
Subject Issuer Validity Valid
admin.formstack.com
Go Daddy Secure Certificate Authority - G2		 2019-11-21 -
2021-11-21		 2 years crt.sh
*.webmerge.me
Go Daddy Secure Certificate Authority - G2		 2019-05-12 -
2020-07-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
Frame ID: 65F50E83B5BC661CCF3D000A5128054C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://sgclick.webmerge.me/ls/click?upn=X5KkvbXk4ZoKET1OAdwhSvRnlF1H5hnXsJ7Mz2CAiYtaQ-2FDOq-2FUOcs4HPCj... HTTP 302
    https://www.webmerge.me/manage/account?page=notification_accounts HTTP 302
    https://www.webmerge.me/oauth HTTP 302
    https://oauth.formstackservices.com/oauth2/auth?state=39e8176e0973c305ad21a2382368aede&scope=openid%20email%20pl... HTTP 302
    https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

1
Countries

795 kB
Transfer

791 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sgclick.webmerge.me/ls/click?upn=X5KkvbXk4ZoKET1OAdwhSvRnlF1H5hnXsJ7Mz2CAiYtaQ-2FDOq-2FUOcs4HPCjOa2bBhxaiU5ZYcd4kmINH8mUaI5OoiSkd05KxzDdy37T4Tl8-3DP1fe_K-2FanM9w1mF4K4X8wvtR8FInVytxA3FlXiEMbOe25e9cfPE2LChAi1bzDFZjZKIwFi9IptLZFokcFNWzFZzMLNkZ7yGLc3Ja0dY8tEGpCmPZFfyPhNL41k-2FbE-2FoIRYiPt80LKDgHxS7BJiM-2FxmZNsZIqARpV3Ew2YwJo2YjPnsBN-2BMeIEqYY7GBRxoPX4452dO9VVd2-2FHhjPBwOlNzAIyKSxEk9qu9zecQZwG3HOuTlSbPMdY01AlQAtOkWW6zl2jR2ubfeZmV4nUAARwMOO76dKXXaqtVYpzdT8WKhufzUtRVDi9kk9Yd9VKhTmRb8dZlHAPKCVCqrspIk-2BakTfqMw-3D-3D HTTP 302
    https://www.webmerge.me/manage/account?page=notification_accounts HTTP 302
    https://www.webmerge.me/oauth HTTP 302
    https://oauth.formstackservices.com/oauth2/auth?state=39e8176e0973c305ad21a2382368aede&scope=openid%20email%20platform_roles&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fwww.webmerge.me%2Foauth&client_id=webmerge HTTP 302
    https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
admin.formstack.com/
Redirect Chain
  • http://sgclick.webmerge.me/ls/click?upn=X5KkvbXk4ZoKET1OAdwhSvRnlF1H5hnXsJ7Mz2CAiYtaQ-2FDOq-2FUOcs4HPCjOa2bBhxaiU5ZYcd4kmINH8mUaI5OoiSkd05KxzDdy37T4Tl8-3DP1fe_K-2FanM9w1mF4K4X8wvtR8FInVytxA3FlXiEMb...
  • https://www.webmerge.me/manage/account?page=notification_accounts
  • https://www.webmerge.me/oauth
  • https://oauth.formstackservices.com/oauth2/auth?state=39e8176e0973c305ad21a2382368aede&scope=openid%20email%20platform_roles&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fwww.w...
  • https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.20.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-20-20.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d1957730a2f657cbd6ebd95de4da4f6e63ff85cf79b199ef966a8f731b8e32c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
admin.formstack.com
:scheme
https
:path
/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 15 Apr 2020 15:47:58 GMT
content-type
text/html; charset=UTF-8
server
nginx
cache-control
no-cache, private public
set-cookie
XSRF-TOKEN=eyJpdiI6IlpCelAxRDZWMk5CcXVvTlwvM3NLdTl3PT0iLCJ2YWx1ZSI6IlpocHVyemg5T1FXR0UrSVRaeWhFcjZFdCtYdUtSZDcxeHdYNnlycXptMkhLemlIZDNaZDVETEoxUGR2MHc4YUkiLCJtYWMiOiI3M2E2NjkxZDhhYzlhMDBjYzUwMGFkZTQ5N2FlZTFlYTMxNDNmNmY4ZDE2NGU2M2FhODg1ZmNiYTM2ZGFkNDMwIn0%3D; expires=Mon, 03-May-2088 19:01:58 GMT; Max-Age=2147483640; path=/; secure formstack_id_session=eyJpdiI6IkxXcEh0Rm42YXQ4QjdwKzdFR3l4bVE9PSIsInZhbHVlIjoiSElQMUlFYVpGdzZSNVVXZkZxaUtRUGJGSlBxWWhIWVRzZTZiSFA5enVoOW1nVFd4YmlTeE5aQnpTVXhFOUVwTSIsIm1hYyI6ImNlNmMwZDdhNTQ2ZmEwZjFkZjJiMGFkY2EyOGZjOGM2MjBkMWEzOTQ5YmZkNGMyOTE0NmVlZmYzOTRlMzA2NDUifQ%3D%3D; expires=Mon, 03-May-2088 19:01:58 GMT; Max-Age=2147483640; path=/; secure; httponly
x-frame-options
sameorigin
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block

Redirect headers

status
302
date
Wed, 15 Apr 2020 15:47:58 GMT
content-type
text/html; charset=utf-8
content-length
105
location
https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
server
nginx
set-cookie
oauth2_authentication_csrf=MTU4Njk2NTY3OHxEdi1CQkFFQ180SUFBUkFCRUFBQVB2LUNBQUVHYzNSeWFXNW5EQVlBQkdOemNtWUdjM1J5YVc1bkRDSUFJR0l4WWpReE1ETmxOVFF4TWpRNVlqVTROekF3TnpBME5HWmxNakZpTmpBd3ySwBV8FbzQVNIxYqgQdM12VczWDQSMVql6zk43LDD0Uw==; Path=/; Expires=Fri, 15 May 2020 15:47:58 GMT; Max-Age=2592000; HttpOnly; Secure; SameSite=None
cache-control
public
public.css
admin.formstack.com/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.formstack.com/css/public.css
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.20.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-20-20.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c572439b4a60909d130c62ae83b828b76c7e6d4f84acde75cc13dcdcbed78078
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 15:47:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Apr 2020 14:53:02 GMT
server
nginx
etag
"5e8f36ce-ba7"
x-frame-options
sameorigin
content-type
text/css
status
200
cache-control
public
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
2983
x-xss-protection
1; mode=block
phoenix.css
admin.formstack.com/css/ 		51 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.formstack.com/css/phoenix.css
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.20.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-20-20.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0db53633fc2a7c26d712d2520cf6a587bcc50416917dcc1e7a7d4c13eecbdd7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 15:47:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Apr 2020 14:53:02 GMT
server
nginx
etag
"5e8f36ce-ccf1"
x-frame-options
sameorigin
content-type
text/css
status
200
cache-control
public
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
52465
x-xss-protection
1; mode=block
manifest.js
admin.formstack.com/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.formstack.com/js/manifest.js
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.20.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-20-20.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0cda93427f381fa612cce8702924b167a8b27dbedbaa45a7784423f0da02032b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 15:47:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Apr 2020 14:53:02 GMT
server
nginx
etag
"5e8f36ce-5d5"
x-frame-options
sameorigin
content-type
application/javascript; charset=utf-8
status
200
cache-control
public
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1493
x-xss-protection
1; mode=block
vendor.js
admin.formstack.com/js/ 		579 KB
580 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.formstack.com/js/vendor.js
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.20.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-20-20.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8b68de827ea09a96aa036d753e7fb13a9719ef992c0a8a398465b151c8eeb297
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 15:47:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Apr 2020 14:53:02 GMT
server
nginx
etag
"5e8f36ce-90cc4"
x-frame-options
sameorigin
content-type
application/javascript; charset=utf-8
status
200
cache-control
public
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
593092
x-xss-protection
1; mode=block
formstack-documents-formerly-webmerge.svg
www.webmerge.me/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.webmerge.me/images/formstack-documents-formerly-webmerge.svg
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.215.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-215-194.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
1bc305f2a0ddf9a4920f1ae89e72fc7681b6bcda761a4b2fcc72a55cf1ea279d

Request headers

Referer
https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 15:47:59 GMT
last-modified
Tue, 15 Oct 2019 12:44:06 GMT
server
nginx
etag
"5da5bf16-4819"
content-type
image/svg+xml
status
200
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
18457
expires
Fri, 15 May 2020 15:47:59 GMT
login.js
admin.formstack.com/js/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.formstack.com/js/login.js
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.20.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-20-20.compute-1.amazonaws.com
Software
nginx /
Resource Hash
803e14476815c7756e638db98a06d91df237e9ced282d5c7b39f69122e58d45d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 15:47:59 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Apr 2020 14:53:02 GMT
server
nginx
etag
"5e8f36ce-31e4"
x-frame-options
sameorigin
content-type
application/javascript; charset=utf-8
status
200
cache-control
public
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
12772
x-xss-protection
1; mode=block
google.svg
admin.formstack.com/images/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.formstack.com/images/google.svg?a7c6521c51750e66efb2c3fab6574235
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.20.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-20-20.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6e8eba479d0838447b734809e3757bac11a31492d04a508c94e2017c136b3850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://admin.formstack.com/login?login_challenge=7c5b85f9d04f49f6b0e9a263f3f7246c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 15:47:59 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Apr 2020 14:53:02 GMT
server
nginx
etag
"5e8f36ce-1eca0"
x-frame-options
sameorigin
content-type
image/svg+xml
status
200
cache-control
public
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
126112
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| webpackJsonp object| FS_ID_PRELOADED_STATE object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block