accounts.stage.plex.lat Open in urlscan Pro
209.126.134.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://accounts.stage.plex.lat/
Effective URL:
https://accounts.stage.plex.lat/login
Submission: On February 03 via automatic, source certstream-suspicious (February 3rd 2023, 11:11:22 pm UTC) — Scanned from DE

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 209.126.134.54, located in United States and belongs to CARINET, US. The main domain is accounts.stage.plex.lat.
TLS certificate: Issued by R3 on February 3rd 2023. Valid for: 3 months.

This is the only time accounts.stage.plex.lat was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	209.126.134.54 209.126.134.54	10439 (CARINET) (CARINET)
3	2400:52e0:1e0... 2400:52e0:1e00::1077:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2a02:26f0:dc:... 2a02:26f0:dc::6853:53b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	3

6 209.126.134.54 (United States) 1 redirects

ASN10439 (CARINET, US)

accounts.stage.plex.lat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1077:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

fonts.bunny.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc::6853:53b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

storage.cari.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	plex.lat 1 redirects accounts.stage.plex.lat	441 KB
3	bunny.net fonts.bunny.net — Cisco Umbrella Rank: 14282	30 KB
1	cari.net storage.cari.net	13 KB
9	3

	Domain	Requested by
6	accounts.stage.plex.lat	1 redirects accounts.stage.plex.lat
3	fonts.bunny.net	accounts.stage.plex.lat fonts.bunny.net
1	storage.cari.net	accounts.stage.plex.lat
9	3

This site contains links to these domains. Also see Links.

Domain
carilat.zendesk.com

Subject Issuer	Validity	Valid
accounts.stage.plex.lat R3	`2023-02-03` - `2023-05-04`	3 months	crt.sh
fonts.bunny.net R3	`2023-01-24` - `2023-04-24`	3 months	crt.sh
cert00095-azurecdn.akamaized.net R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://accounts.stage.plex.lat/login
Frame ID: D51214FDC4527BB3715B77811E8E0E3D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PLEX Apps

Page URL History Show full URLs

https://accounts.stage.plex.lat/ HTTP 302
https://accounts.stage.plex.lat/login Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Livewire (Web frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]{1,512}\bwire:
livewire(?:\.min)?\.js

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 75%
Detected patterns

<[^>]+[^\w-]x-data[^\w-][^<]+

Page Statistics

9
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

484 kB
Transfer

486 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://carilat.zendesk.com/hc/es/categories/10909664771987
Title: Ayuda

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://accounts.stage.plex.lat/ HTTP 302
https://accounts.stage.plex.lat/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response accounts.stage.plex.lat/ Redirect Chain https://accounts.stage.plex.lat/ https://accounts.stage.plex.lat/login	21 KB 22 KB	167ms 166ms	Document text/html	209.126.134.54 CARINET
General Check archive.org Show headers Download Go to Full URL https://accounts.stage.plex.lat/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.126.134.54 , United States, ASN10439 (CARINET, US), Reverse DNS Software / Resource Hash `7a010e80e0b1ca990a4e983bcb68a8e2bd630aa0a4302ac40f116533e6d269ca` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=0, must-revalidate, no-cache, no-store, private content-type text/html; charset=UTF-8 date Fri, 03 Feb 2023 23:11:17 GMT expires Fri, 01 Jan 1990 00:00:00 GMT pragma no-cache Redirect headers cache-control no-cache, private content-length 394 content-type text/html; charset=UTF-8 date Fri, 03 Feb 2023 23:11:17 GMT location https://accounts.stage.plex.lat/login
GET H2	200	css2 fonts.bunny.net/	6 KB 1 KB	50ms 7ms	Stylesheet text/css	2400:52e0:1e00::1077:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://fonts.bunny.net/css2?family=Nunito:wght@400;600;700&display=swap Requested by Host: accounts.stage.plex.lat URL: https://accounts.stage.plex.lat/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1077:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1077 / Resource Hash `01e0300b8c3bbed8a7d39de4c1b10f87321b442e05c324cfffafba66a63d26ce` Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.stage.plex.lat/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Fri, 03 Feb 2023 23:11:17 GMT content-encoding br cdn-edgestorageid 1047 x-do-app-origin 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 cdn-cachedat 01/09/2023 10:40:03 cdn-pullzone 781720 last-modified Mon, 09 Jan 2023 10:40:03 GMT server BunnyCDN-DE1-1077 cdn-proxyver 1.03 cdn-requestpullcode 200 vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 5fdc38b672bd8b3a0985899aaa830076 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	tall-toasts.js Show response accounts.stage.plex.lat/toast/	3 KB 3 KB	457ms 455ms	Script application/javascript	209.126.134.54 CARINET
General Check archive.org Show headers Download Go to Full URL https://accounts.stage.plex.lat/toast/tall-toasts.js?id=0cc223945ca0ee3abb68 Requested by Host: accounts.stage.plex.lat URL: https://accounts.stage.plex.lat/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.126.134.54 , United States, ASN10439 (CARINET, US), Reverse DNS Software / Resource Hash `3576f32a1236ff8d6107fd1de4a7db4745f7181c44ae1190a7499c4fef83c136` Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.stage.plex.lat/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers content-type application/javascript; charset=utf-8 date Fri, 03 Feb 2023 23:11:17 GMT cache-control max-age=31536000, public last-modified Thu, 11 Aug 2022 11:47:49 GMT accept-ranges bytes content-length 2904 expires Sat, 03 Feb 2024 23:11:17 GMT
GET H2	200	app.25750530.css accounts.stage.plex.lat/build/assets/	57 KB 57 KB	160ms 159ms	Stylesheet text/css	209.126.134.54 CARINET
General Check archive.org Show headers Download Go to Full URL https://accounts.stage.plex.lat/build/assets/app.25750530.css Requested by Host: accounts.stage.plex.lat URL: https://accounts.stage.plex.lat/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.126.134.54 , United States, ASN10439 (CARINET, US), Reverse DNS Software / Resource Hash `257505304db3eacd64404f647fd1cace50596a7c1eba63094f629b20ac50e93a` Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.stage.plex.lat/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Fri, 03 Feb 2023 23:11:17 GMT last-modified Fri, 27 Jan 2023 18:44:24 GMT accept-ranges bytes content-length 58636 content-type text/css; charset=utf-8
GET H2	200	app.8dfd2f43.js Show response accounts.stage.plex.lat/build/assets/	202 KB 202 KB	160ms 160ms	Script application/javascript	209.126.134.54 CARINET
General Check archive.org Show headers Download Go to Full URL https://accounts.stage.plex.lat/build/assets/app.8dfd2f43.js Requested by Host: accounts.stage.plex.lat URL: https://accounts.stage.plex.lat/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.126.134.54 , United States, ASN10439 (CARINET, US), Reverse DNS Software / Resource Hash `f9edaa4f66630d862bcbb6f522baf4caa27bf6a47f52da6aee29054d2e8e71fe` Request headers Referer https://accounts.stage.plex.lat/login Origin https://accounts.stage.plex.lat accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Fri, 03 Feb 2023 23:11:17 GMT last-modified Fri, 27 Jan 2023 18:44:24 GMT accept-ranges bytes content-length 207110 content-type application/javascript
GET H2	200	plexapps-4addcf9a-1a4b-11ed-861d-0242ac120002.png storage.cari.net/email/	13 KB 13 KB	2506ms 954ms	Image image/png	2a02:26f0:dc::6853:53b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://storage.cari.net/email/plexapps-4addcf9a-1a4b-11ed-861d-0242ac120002.png Requested by Host: accounts.stage.plex.lat URL: https://accounts.stage.plex.lat/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:dc::6853:53b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `fc45bc84b00e30851bc6b8b849a9e85053e6e99276a648af6fd9425a96519d40` Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.stage.plex.lat/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Fri, 03 Feb 2023 23:11:20 GMT content-encoding gzip last-modified Tue, 20 Sep 2022 22:33:07 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 content-md5 8OFTbObhxNGAW27Bj61CeA== etag 0x8DA9B5817317D9B vary Accept-Encoding content-type image/png x-ms-request-id d1a6ced1-401e-013a-1424-3806c4000000 cache-control max-age=2592000 x-ms-version 2009-09-19 content-length 13342
GET H2	200	livewire.js Show response accounts.stage.plex.lat/livewire/	156 KB 156 KB	166ms 165ms	Script application/javascript	209.126.134.54 CARINET
General Check archive.org Show headers Download Go to Full URL https://accounts.stage.plex.lat/livewire/livewire.js?id=de3fca26689cb5a39af4 Requested by Host: accounts.stage.plex.lat URL: https://accounts.stage.plex.lat/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.126.134.54 , United States, ASN10439 (CARINET, US), Reverse DNS Software / Resource Hash `db7fc4a5fe60fb79b594ddd13b6839a6c688b65fbe73421698194f67841fce2b` Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.stage.plex.lat/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers content-type application/javascript; charset=utf-8 date Fri, 03 Feb 2023 23:11:17 GMT cache-control max-age=31536000, public last-modified Wed, 21 Dec 2022 22:28:25 GMT accept-ranges bytes content-length 159822 expires Sat, 03 Feb 2024 23:11:17 GMT
GET H2	200	nunito-latin-400-normal.woff2 fonts.bunny.net/nunito/files/	14 KB 14 KB	23ms 9ms	Font font/woff2	2400:52e0:1e00::1077:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://fonts.bunny.net/nunito/files/nunito-latin-400-normal.woff2 Requested by Host: fonts.bunny.net URL: https://fonts.bunny.net/css2?family=Nunito:wght@400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1077:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1077 / Resource Hash `5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7` Request headers Referer https://fonts.bunny.net/css2?family=Nunito:wght@400;600;700&display=swap Origin https://accounts.stage.plex.lat accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Fri, 03 Feb 2023 23:11:17 GMT cdn-edgestorageid 860 cdn-storageserver DE-164 cdn-cachedat 01/09/2023 10:40:04 cdn-pullzone 781720 content-length 14060 last-modified Fri, 30 Dec 2022 12:52:57 GMT server BunnyCDN-DE1-1077 cdn-fileserver 352 cdn-requestpullcode 200 cdn-proxyver 1.03 etag "63aedf29-36ec" content-type font/woff2 access-control-allow-origin * cdn-cache HIT cdn-uid 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid ba677a6e8c825cf7819d0cc6dcec82ef accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	nunito-latin-600-normal.woff2 fonts.bunny.net/nunito/files/	14 KB 15 KB	9ms 9ms	Font font/woff2	2400:52e0:1e00::1077:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://fonts.bunny.net/nunito/files/nunito-latin-600-normal.woff2 Requested by Host: fonts.bunny.net URL: https://fonts.bunny.net/css2?family=Nunito:wght@400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1077:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1077 / Resource Hash `4e1f5eed370c7c49f6173881aafa9a47a35c6f5d24ef0f9c9b63acc99e411cf2` Request headers Referer https://fonts.bunny.net/css2?family=Nunito:wght@400;600;700&display=swap Origin https://accounts.stage.plex.lat accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Fri, 03 Feb 2023 23:11:18 GMT cdn-edgestorageid 1081 cdn-storageserver DE-198 cdn-cachedat 01/09/2023 10:40:04 cdn-pullzone 781720 content-length 14224 last-modified Fri, 30 Dec 2022 12:52:53 GMT server BunnyCDN-DE1-1077 cdn-fileserver 332 cdn-requestpullcode 200 cdn-proxyver 1.03 etag "63aedf25-3790" content-type font/woff2 access-control-allow-origin * cdn-cache HIT cdn-uid 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 0717e6040cb9379b929e5b8706132a6c accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			accounts.stage.plex.lat/	1970-01-20 09:25:09	Name: XSRF-TOKEN Value: eyJpdiI6IjgzemhMUi9xdjRqWlBqVUF3MURWQWc9PSIsInZhbHVlIjoicDN6cCtGa3ZIQ1F4cUx1V3JsL2MyZkFHSEZwYXFyd2tyRUZnTnppSmVvWkJhTTF1RDV3SUJXZDRDQUNUdHFUU3lHaDdHK2R6LzFadWRNOGRray84RWlrRWltbGd5K2ZzYWwzTWZQMUp4NDlrcDlJcnBqRlovOFBiTURSSUJ5SW8iLCJtYWMiOiIyZGE3M2Y4YzA1N2M5MGY1ZjI0ZDNmZjFiNmNjOGI4MDI4ZTNkYWJjMDRhNzc2NzA4ZjgzZDAwOGZlMWM4YWJkIiwidGFnIjoiIn0%3D
			accounts.stage.plex.lat/	1970-01-20 09:25:09	Name: laravel_session Value: eyJpdiI6IjB4NmdGSUNaOUhUY3piRit2ZjVEWVE9PSIsInZhbHVlIjoiV0ZGeDc4anlUQWdEMnEyTnVySGdndUJKWjg0MENMajZmUitWdzFFOURIMVFCMVphVkN1SHlrUFVud1duYWlmaHE1WW15NjZqQXZyd3VXdjB6Qll1WTcveFFuaUloa1ZHaVFTRkdrQUpXZEkwZnp0Q1BGN1dXckV5cFBydW42bEwiLCJtYWMiOiIyMWIyYjU3NDliMDI3MGM2OTkyNTRmZjFjYjFmYjM3ODgzYmJiYjM0NzJjNzcxNDVmOGZkOThkNWMyMjk3OTc3IiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.stage.plex.lat
fonts.bunny.net
storage.cari.net
209.126.134.54
2400:52e0:1e00::1077:1
2a02:26f0:dc::6853:53b
01e0300b8c3bbed8a7d39de4c1b10f87321b442e05c324cfffafba66a63d26ce
257505304db3eacd64404f647fd1cace50596a7c1eba63094f629b20ac50e93a
3576f32a1236ff8d6107fd1de4a7db4745f7181c44ae1190a7499c4fef83c136
4e1f5eed370c7c49f6173881aafa9a47a35c6f5d24ef0f9c9b63acc99e411cf2
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
7a010e80e0b1ca990a4e983bcb68a8e2bd630aa0a4302ac40f116533e6d269ca
db7fc4a5fe60fb79b594ddd13b6839a6c688b65fbe73421698194f67841fce2b
f9edaa4f66630d862bcbb6f522baf4caa27bf6a47f52da6aee29054d2e8e71fe
fc45bc84b00e30851bc6b8b849a9e85053e6e99276a648af6fd9425a96519d40

accounts.stage.plex.lat Open in urlscan Pro 209.126.134.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

484 kBTransfer

486 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

2 Cookies

Indicators

accounts.stage.plex.lat Open in urlscan Pro
209.126.134.54 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

484 kB
Transfer

486 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions