urlscan.io logo urlscan.io
SecurityTrails logo

thearcccr-users-staging.clone-02.annkissamprojects.com Open in urlscan Pro
35.237.97.228  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://thearcccr-users-staging.clone-02.annkissamprojects.com/
Effective URL: https://thearcccr-users-staging.clone-02.annkissamprojects.com/users/sign_in
Submission: On July 22 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 35.237.97.228, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is thearcccr-users-staging.clone-02.annkissamprojects.com.
TLS certificate: Issued by R11 on July 20th 2024. Valid for: 3 months.
This is the only time thearcccr-users-staging.clone-02.annkissamprojects.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 35.237.97.228 396982 (GOOGLE-CL...)
1 35.239.42.83 396982 (GOOGLE-CL...)
8 3
Domain Requested by
7 thearcccr-users-staging.clone-02.annkissamprojects.com 1 redirects thearcccr-users-staging.clone-02.annkissamprojects.com
1 fms-one.bluebedrock.com thearcccr-users-staging.clone-02.annkissamprojects.com
8 2

This site contains no links.

Subject Issuer Validity Valid
thearcccr-users-staging.clone-02.annkissamprojects.com
R11		 2024-07-20 -
2024-10-18		 3 months crt.sh
bluebedrock.com
R10		 2024-07-20 -
2024-10-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://thearcccr-users-staging.clone-02.annkissamprojects.com/users/sign_in
Frame ID: 99EA2BE8E401E57D997A6252A5D6C67B
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FMS Users - Sign In

Page URL History Show full URLs

  1. https://thearcccr-users-staging.clone-02.annkissamprojects.com/ HTTP 302
    https://thearcccr-users-staging.clone-02.annkissamprojects.com/users/sign_in Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

308 kB
Transfer

1220 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://thearcccr-users-staging.clone-02.annkissamprojects.com/ HTTP 302
    https://thearcccr-users-staging.clone-02.annkissamprojects.com/users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign_in
thearcccr-users-staging.clone-02.annkissamprojects.com/users/
Redirect Chain
  • https://thearcccr-users-staging.clone-02.annkissamprojects.com/
  • https://thearcccr-users-staging.clone-02.annkissamprojects.com/users/sign_in
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thearcccr-users-staging.clone-02.annkissamprojects.com/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.237.97.228 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.97.237.35.bc.googleusercontent.com
Software
Apache / Phusion Passenger(R)
Resource Hash
2b4985f8dee2b6845381dea3722df96fe947780a44bca7d60182dc864d822278
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
close
Content-Encoding
gzip
Content-Length
2778
Content-Type
text/html; charset=utf-8
Date
Mon, 22 Jul 2024 20:43:16 GMT
ETag
W/"2b4985f8dee2b6845381dea3722df96f-gzip"
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
Status
200 OK
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Powered-By
Phusion Passenger(R)
X-Request-Id
39dbfd37-6274-4824-9376-6508accddb89
X-Runtime
0.037770
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Connection
close
Content-Type
text/html; charset=utf-8
Date
Mon, 22 Jul 2024 20:43:15 GMT
Location
https://thearcccr-users-staging.clone-02.annkissamprojects.com/users/sign_in
Server
Apache
Status
302 Found
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Powered-By
Phusion Passenger(R)
X-Request-Id
b24d9968-d233-4881-81d9-32d1e75aaa39
X-Runtime
0.020396
application-911e244bec2f3521a03765f989f3121c0d966105c1a49b04403521c3a7611533.css
thearcccr-users-staging.clone-02.annkissamprojects.com/assets/ 		318 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thearcccr-users-staging.clone-02.annkissamprojects.com/assets/application-911e244bec2f3521a03765f989f3121c0d966105c1a49b04403521c3a7611533.css
Requested by
Host: thearcccr-users-staging.clone-02.annkissamprojects.com
URL: https://thearcccr-users-staging.clone-02.annkissamprojects.com/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.237.97.228 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.97.237.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
6ee1c2ee1890f578d34aeb45a8b20686d53d2e5ed01cec441dafacb8240ab768

Request headers

Referer
https://thearcccr-users-staging.clone-02.annkissamprojects.com/users/sign_in
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 20:43:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Sep 2022 07:20:25 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
close
Accept-Ranges
bytes
Content-Length
53824
Expires
Tue, 22 Jul 2025 20:43:16 GMT
application-60b89c550fd86e19ae9fc0f59dedf0e09a50c304f872a4f01546784240c93ed5.js
thearcccr-users-staging.clone-02.annkissamprojects.com/assets/ 		869 KB
223 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thearcccr-users-staging.clone-02.annkissamprojects.com/assets/application-60b89c550fd86e19ae9fc0f59dedf0e09a50c304f872a4f01546784240c93ed5.js
Requested by
Host: thearcccr-users-staging.clone-02.annkissamprojects.com
URL: https://thearcccr-users-staging.clone-02.annkissamprojects.com/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.237.97.228 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.97.237.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
60b89c550fd86e19ae9fc0f59dedf0e09a50c304f872a4f01546784240c93ed5

Request headers

Referer
https://thearcccr-users-staging.clone-02.annkissamprojects.com/users/sign_in
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 20:43:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jun 2023 08:04:48 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
close
Accept-Ranges
bytes
Expires
Tue, 22 Jul 2025 20:43:16 GMT
fms_one_login_button.png
thearcccr-users-staging.clone-02.annkissamprojects.com/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thearcccr-users-staging.clone-02.annkissamprojects.com/images/fms_one_login_button.png
Requested by
Host: thearcccr-users-staging.clone-02.annkissamprojects.com
URL: https://thearcccr-users-staging.clone-02.annkissamprojects.com/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.237.97.228 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.97.237.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
be33eebd7f8aae07d2ac17ca0ce2eeee15d86e0258c65a5371b8f9086b4f5b38

Request headers

Referer
https://thearcccr-users-staging.clone-02.annkissamprojects.com/users/sign_in
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 20:43:16 GMT
Last-Modified
Tue, 28 Sep 2021 14:05:08 GMT
Server
Apache
ETag
"2314-5cd0eb380f5dc"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
8980
google_oauth2.png
thearcccr-users-staging.clone-02.annkissamprojects.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thearcccr-users-staging.clone-02.annkissamprojects.com/images/google_oauth2.png
Requested by
Host: thearcccr-users-staging.clone-02.annkissamprojects.com
URL: https://thearcccr-users-staging.clone-02.annkissamprojects.com/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.237.97.228 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.97.237.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
9d0b1ee42100eb68d73622b9d4380231d19a6b3902ff0656a1a6dd4ea282b786

Request headers

Referer
https://thearcccr-users-staging.clone-02.annkissamprojects.com/users/sign_in
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 20:43:16 GMT
Last-Modified
Tue, 28 Sep 2021 14:05:08 GMT
Server
Apache
ETag
"db0-5cd0eb380f5dc"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
3504
check-session
fms-one.bluebedrock.com/ 		0
0
check-session
fms-one.bluebedrock.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fms-one.bluebedrock.com/check-session
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.239.42.83 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
83.42.239.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thearcccr-users-staging.clone-02.annkissamprojects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-length
0
date
Mon, 22 Jul 2024 20:43:18 GMT
favicon-accdd7c5502363967c18f053aa62210c740dfd061110a07fbcd525b6696b41c4.ico
thearcccr-users-staging.clone-02.annkissamprojects.com/assets/favicon/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://thearcccr-users-staging.clone-02.annkissamprojects.com/assets/favicon/favicon-accdd7c5502363967c18f053aa62210c740dfd061110a07fbcd525b6696b41c4.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.237.97.228 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
228.97.237.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
accdd7c5502363967c18f053aa62210c740dfd061110a07fbcd525b6696b41c4

Request headers

Referer
https://thearcccr-users-staging.clone-02.annkissamprojects.com/users/sign_in
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 20:43:18 GMT
Last-Modified
Tue, 28 Sep 2021 14:05:08 GMT
Server
Apache
Content-Type
image/vnd.microsoft.icon
Cache-Control
max-age=31536000
Connection
close
Accept-Ranges
bytes
Content-Length
15086
Expires
Tue, 22 Jul 2025 20:43:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fms-one.bluebedrock.com
URL
https://fms-one.bluebedrock.com/check-session

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| toggleSignInWithEmail function| toggleFMSOneDetails function| spinner_overlay_replace function| remove_spinner_overlay_from function| setup_search function| setup_date_search function| set_reload function| loadSystemUserRoles function| removeAttribute function| ajax_search object| config function| $ function| jQuery object| jQuery112409472681629323736 object| angular function| _ object| ahoy function| postData

4 Cookies

Domain/Path Name / Value
thearcccr-users-staging.clone-02.annkissamprojects.com/ Name: ahoy_visitor
Value: 3a9ea2c1-3793-46ae-98a9-719680c92345
thearcccr-users-staging.clone-02.annkissamprojects.com/ Name: ahoy_visit
Value: ef1876d4-354e-4bed-a2a4-3b3a326855b8
thearcccr-users-staging.clone-02.annkissamprojects.com/ Name: XSRF-TOKEN
Value: bcgM4zj4xZpqcES%2BdXsuDixrXc0klhNKs%2B3cfPjXIlMjqW8fqKQzDGCgXqGcG8SxEIQzBnpnfpa10OEC%2FbCb%2FA%3D%3D
thearcccr-users-staging.clone-02.annkissamprojects.com/ Name: _the_arc_ccr_users_session
Value: VktCUWZZOS9jWkxnTHNQM2laTEhTdDA5b0dhRXEzV2JyV0x1aWxsallDcEJyK2RubjJRSWxKWVRqVTBrN3NLblV2RDdhaXRlTjZKeTIwQ3Jqckg4TEZuR3M2ZmFaT3U3MmQ1Slgzd1ZzaXN4RFFZVUlJV0trODRRa3hZdlFOdkpJd0NFRDJkbHk5Z0tORTlHSGxtR3ZvYkZDVzh6MDJMc2dpTm1ZNnRzdmhPUzNSSUZYS3g3QVRPc040ZTc0TWYzQ2JUTk8rN1VyOXU2N1l6M1h6OHk3Zz09LS1jQlpYTVVseDgzbGNnMVUxeXFXa2dnPT0%3D--7f5967a8335a69478f88c821badca1f4776427e8

2 Console Messages

Source Level URL
Text
javascript error URL: https://thearcccr-users-staging.clone-02.annkissamprojects.com/users/sign_in
Message:
Access to fetch at 'https://fms-one.bluebedrock.com/check-session' from origin 'https://thearcccr-users-staging.clone-02.annkissamprojects.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://fms-one.bluebedrock.com/check-session
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block