kirby-staging.userleap.com Open in urlscan Pro
52.21.98.197 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kirby-staging.userleap.com/
Submission: On December 08 via automatic, source certstream-suspicious (December 8th 2021, 8:42:57 am UTC) — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 52.21.98.197, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is kirby-staging.userleap.com.
TLS certificate: Issued by Amazon on January 8th 2021. Valid for: a year.

This is the only time kirby-staging.userleap.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	52.21.98.197 52.21.98.197	14618 (AMAZON-AES) (AMAZON-AES)
2	54.87.14.194 54.87.14.194	14618 (AMAZON-AES) (AMAZON-AES)
8	3

5 52.21.98.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-98-197.compute-1.amazonaws.com

kirby-staging.userleap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.87.14.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-14-194.compute-1.amazonaws.com

api-staging.userleap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	userleap.com kirby-staging.userleap.com api-staging.userleap.com	1 MB
0	googleapis.com Failed fonts.googleapis.com Failed
8	2

	Domain	Requested by
5	kirby-staging.userleap.com	kirby-staging.userleap.com
2	api-staging.userleap.com	kirby-staging.userleap.com
0	fonts.googleapis.com Failed	kirby-staging.userleap.com
8	3

This site contains no links.

Subject Issuer	Validity	Valid
staging.userleap.com Amazon	`2021-01-08` - `2022-02-05`	a year	crt.sh
*.staging.sprig.com Amazon	`2021-09-15` - `2022-10-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://kirby-staging.userleap.com/
Frame ID: 78CEF995F3D6ED22474A1142AB14E549
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Annotations - Kirby

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

1356 kB
Transfer

1349 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
kirby-staging.userleap.com/ 2 KB
3 KB 366ms
122ms Document
text/html 52.21.98.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://kirby-staging.userleap.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.98.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-98-197.compute-1.amazonaws.com

Software

nginx/1.21.4 /

Resource Hash

b9c391636c0353ff14cd69be06554fcfb09b28919ace613e1424ff652eea619e

Security Headers

Name	Value
Content-Security-Policy	default-src .sprig.com; script-src .sprig.com .userleap.com 'self' 'unsafe-inline' https://js.hs-analytics.net https://js.hs-scripts.com https://cdn.heapanalytics.com https://js.hscollectedforms.net https://js.hs-banner.com https://js.usemessages.com https://js-na1.hs-scripts.com https://cdn.segment.com https://api.segment.io https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; connect-src .sprig.com .userleap.com https://cdn.segment.com https://api.segment.io https://events.launchdarkly.com https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; img-src https://track.hubspot.com https://heapanalytics.com .sprig.com .userleap.com; style-src .sprig.com *.userleap.com 'self' 'unsafe-inline'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 08 Dec 2021 08:42:52 GMT
content-type: text/html; charset=UTF-8
content-length: 2243
ratelimit-reset: 1
x-ratelimit-remaining-second: 99
x-ratelimit-limit-second: 100
ratelimit-limit: 100
ratelimit-remaining: 99
server: nginx/1.21.4
last-modified: Mon, 06 Dec 2021 20:14:38 GMT
etag: "61ae6f2e-8c3"
x-frame-options: SAMEORIGIN
accept-ranges: bytes
vary: Origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(), geolocation=()
content-security-policy: default-src *.sprig.com; script-src *.sprig.com *.userleap.com 'self' 'unsafe-inline' https://js.hs-analytics.net https://js.hs-scripts.com https://cdn.heapanalytics.com https://js.hscollectedforms.net https://js.hs-banner.com https://js.usemessages.com https://js-na1.hs-scripts.com https://cdn.segment.com https://api.segment.io https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; connect-src *.sprig.com *.userleap.com https://cdn.segment.com https://api.segment.io https://events.launchdarkly.com https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; img-src https://track.hubspot.com https://heapanalytics.com *.sprig.com *.userleap.com; style-src *.sprig.com *.userleap.com 'self' 'unsafe-inline'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests;

GET
H2 200 2.2b5e708a.chunk.css
kirby-staging.userleap.com/static/css/ 196 KB
197 KB 121ms
120ms Stylesheet
text/css 52.21.98.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://kirby-staging.userleap.com/static/css/2.2b5e708a.chunk.css

Requested by

Host: kirby-staging.userleap.com
URL: https://kirby-staging.userleap.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.98.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-98-197.compute-1.amazonaws.com

Software

nginx/1.21.4 /

Resource Hash

eb3d8932a2e2944b0e958a511da8411fd8576b2804697df4dc2d97c0b671b614

Security Headers

Name	Value
Content-Security-Policy	default-src .sprig.com; script-src .sprig.com .userleap.com 'self' 'unsafe-inline' https://js.hs-analytics.net https://js.hs-scripts.com https://cdn.heapanalytics.com https://js.hscollectedforms.net https://js.hs-banner.com https://js.usemessages.com https://js-na1.hs-scripts.com https://cdn.segment.com https://api.segment.io https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; connect-src .sprig.com .userleap.com https://cdn.segment.com https://api.segment.io https://events.launchdarkly.com https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; img-src https://track.hubspot.com https://heapanalytics.com .sprig.com .userleap.com; style-src .sprig.com *.userleap.com 'self' 'unsafe-inline'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kirby-staging.userleap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 08:42:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-ratelimit-limit-second: 100
ratelimit-reset: 1
x-ratelimit-remaining-second: 98
ratelimit-limit: 100
content-length: 200605
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 Dec 2021 20:14:38 GMT
server: nginx/1.21.4
x-frame-options: SAMEORIGIN
etag: "61ae6f2e-30f9d"
vary: Origin
content-type: text/css
access-control-allow-origin: *
permissions-policy: fullscreen=(), geolocation=()
content-security-policy: default-src *.sprig.com; script-src *.sprig.com *.userleap.com 'self' 'unsafe-inline' https://js.hs-analytics.net https://js.hs-scripts.com https://cdn.heapanalytics.com https://js.hscollectedforms.net https://js.hs-banner.com https://js.usemessages.com https://js-na1.hs-scripts.com https://cdn.segment.com https://api.segment.io https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; connect-src *.sprig.com *.userleap.com https://cdn.segment.com https://api.segment.io https://events.launchdarkly.com https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; img-src https://track.hubspot.com https://heapanalytics.com *.sprig.com *.userleap.com; style-src *.sprig.com *.userleap.com 'self' 'unsafe-inline'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests;
accept-ranges: bytes
ratelimit-remaining: 98

GET
H2 200 main.2d8a5ccc.chunk.css
kirby-staging.userleap.com/static/css/ 4 KB
5 KB 227ms
227ms Stylesheet
text/css 52.21.98.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://kirby-staging.userleap.com/static/css/main.2d8a5ccc.chunk.css

Requested by

Host: kirby-staging.userleap.com
URL: https://kirby-staging.userleap.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.98.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-98-197.compute-1.amazonaws.com

Software

nginx/1.21.4 /

Resource Hash

cac8a1c898b5aadcb53929015e505ff326516bd3a8eb21924cbe97a614029dad

Security Headers

Name	Value
Content-Security-Policy	default-src .sprig.com; script-src .sprig.com .userleap.com 'self' 'unsafe-inline' https://js.hs-analytics.net https://js.hs-scripts.com https://cdn.heapanalytics.com https://js.hscollectedforms.net https://js.hs-banner.com https://js.usemessages.com https://js-na1.hs-scripts.com https://cdn.segment.com https://api.segment.io https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; connect-src .sprig.com .userleap.com https://cdn.segment.com https://api.segment.io https://events.launchdarkly.com https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; img-src https://track.hubspot.com https://heapanalytics.com .sprig.com .userleap.com; style-src .sprig.com *.userleap.com 'self' 'unsafe-inline'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kirby-staging.userleap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 08:42:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-ratelimit-limit-second: 100
ratelimit-reset: 1
x-ratelimit-remaining-second: 97
ratelimit-limit: 100
content-length: 3603
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 Dec 2021 20:14:38 GMT
server: nginx/1.21.4
x-frame-options: SAMEORIGIN
etag: "61ae6f2e-e13"
vary: Origin
content-type: text/css
access-control-allow-origin: *
permissions-policy: fullscreen=(), geolocation=()
content-security-policy: default-src *.sprig.com; script-src *.sprig.com *.userleap.com 'self' 'unsafe-inline' https://js.hs-analytics.net https://js.hs-scripts.com https://cdn.heapanalytics.com https://js.hscollectedforms.net https://js.hs-banner.com https://js.usemessages.com https://js-na1.hs-scripts.com https://cdn.segment.com https://api.segment.io https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; connect-src *.sprig.com *.userleap.com https://cdn.segment.com https://api.segment.io https://events.launchdarkly.com https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; img-src https://track.hubspot.com https://heapanalytics.com *.sprig.com *.userleap.com; style-src *.sprig.com *.userleap.com 'self' 'unsafe-inline'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests;
accept-ranges: bytes
ratelimit-remaining: 97

GET
H2 200 2.7ec32962.chunk.js Show response
kirby-staging.userleap.com/static/js/ 1 MB
1 MB 335ms
334ms Script
application/javascript 52.21.98.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://kirby-staging.userleap.com/static/js/2.7ec32962.chunk.js

Requested by

Host: kirby-staging.userleap.com
URL: https://kirby-staging.userleap.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.98.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-98-197.compute-1.amazonaws.com

Software

nginx/1.21.4 /

Resource Hash

e11414b66ce0538ad1ac5388f2f73ae68df13c82be2b23c0189b3eae287c75b5

Security Headers

Name	Value
Content-Security-Policy	default-src .sprig.com; script-src .sprig.com .userleap.com 'self' 'unsafe-inline' https://js.hs-analytics.net https://js.hs-scripts.com https://cdn.heapanalytics.com https://js.hscollectedforms.net https://js.hs-banner.com https://js.usemessages.com https://js-na1.hs-scripts.com https://cdn.segment.com https://api.segment.io https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; connect-src .sprig.com .userleap.com https://cdn.segment.com https://api.segment.io https://events.launchdarkly.com https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; img-src https://track.hubspot.com https://heapanalytics.com .sprig.com .userleap.com; style-src .sprig.com *.userleap.com 'self' 'unsafe-inline'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kirby-staging.userleap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 08:42:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-ratelimit-limit-second: 100
ratelimit-reset: 1
x-ratelimit-remaining-second: 96
ratelimit-limit: 100
content-length: 1086464
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 Dec 2021 20:14:38 GMT
server: nginx/1.21.4
x-frame-options: SAMEORIGIN
etag: "61ae6f2e-109400"
vary: Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
permissions-policy: fullscreen=(), geolocation=()
content-security-policy: default-src *.sprig.com; script-src *.sprig.com *.userleap.com 'self' 'unsafe-inline' https://js.hs-analytics.net https://js.hs-scripts.com https://cdn.heapanalytics.com https://js.hscollectedforms.net https://js.hs-banner.com https://js.usemessages.com https://js-na1.hs-scripts.com https://cdn.segment.com https://api.segment.io https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; connect-src *.sprig.com *.userleap.com https://cdn.segment.com https://api.segment.io https://events.launchdarkly.com https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; img-src https://track.hubspot.com https://heapanalytics.com *.sprig.com *.userleap.com; style-src *.sprig.com *.userleap.com 'self' 'unsafe-inline'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests;
accept-ranges: bytes
ratelimit-remaining: 96

GET
H2 200 main.b0e87a0e.chunk.js Show response
kirby-staging.userleap.com/static/js/ 86 KB
88 KB 334ms
333ms Script
application/javascript 52.21.98.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://kirby-staging.userleap.com/static/js/main.b0e87a0e.chunk.js

Requested by

Host: kirby-staging.userleap.com
URL: https://kirby-staging.userleap.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.98.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-98-197.compute-1.amazonaws.com

Software

nginx/1.21.4 /

Resource Hash

0df2c2c14f7fd656ee25c09cc8095ecd89210390027519ef87478a82b64fe7e4

Security Headers

Name	Value
Content-Security-Policy	default-src .sprig.com; script-src .sprig.com .userleap.com 'self' 'unsafe-inline' https://js.hs-analytics.net https://js.hs-scripts.com https://cdn.heapanalytics.com https://js.hscollectedforms.net https://js.hs-banner.com https://js.usemessages.com https://js-na1.hs-scripts.com https://cdn.segment.com https://api.segment.io https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; connect-src .sprig.com .userleap.com https://cdn.segment.com https://api.segment.io https://events.launchdarkly.com https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; img-src https://track.hubspot.com https://heapanalytics.com .sprig.com .userleap.com; style-src .sprig.com *.userleap.com 'self' 'unsafe-inline'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kirby-staging.userleap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 08:42:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-ratelimit-limit-second: 100
ratelimit-reset: 1
x-ratelimit-remaining-second: 96
ratelimit-limit: 100
content-length: 88544
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 Dec 2021 20:14:38 GMT
server: nginx/1.21.4
x-frame-options: SAMEORIGIN
etag: "61ae6f2e-159e0"
vary: Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
permissions-policy: fullscreen=(), geolocation=()
content-security-policy: default-src *.sprig.com; script-src *.sprig.com *.userleap.com 'self' 'unsafe-inline' https://js.hs-analytics.net https://js.hs-scripts.com https://cdn.heapanalytics.com https://js.hscollectedforms.net https://js.hs-banner.com https://js.usemessages.com https://js-na1.hs-scripts.com https://cdn.segment.com https://api.segment.io https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; connect-src *.sprig.com *.userleap.com https://cdn.segment.com https://api.segment.io https://events.launchdarkly.com https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; img-src https://track.hubspot.com https://heapanalytics.com *.sprig.com *.userleap.com; style-src *.sprig.com *.userleap.com 'self' 'unsafe-inline'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests;
accept-ranges: bytes
ratelimit-remaining: 96

GET css
fonts.googleapis.com/ 0
0

OPTIONS
H/1.1 200
OK current
api-staging.userleap.com/1/annotators/ 0
0 417ms
101ms Preflight 54.87.14.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api-staging.userleap.com/1/annotators/current
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.14.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-14-194.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://kirby-staging.userleap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Wed, 08 Dec 2021 08:42:53 GMT
Connection: keep-alive
vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Accept,Content-Type,authorization,*
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
Access-Control-Max-Age: 3600
Content-Length: 0

GET
H/1.1 401
Unauthorized current Show response
api-staging.userleap.com/1/annotators/ 12 B
361 B 107ms
106ms Fetch 54.87.14.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api-staging.userleap.com/1/annotators/current
Requested by: Host: kirby-staging.userleap.com
URL: https://kirby-staging.userleap.com/static/js/2.7ec32962.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.14.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-14-194.compute-1.amazonaws.com
Software: /
Resource Hash: d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Request headers

Referer: https://kirby-staging.userleap.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 08 Dec 2021 08:42:53 GMT
vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Disposition
Connection: keep-alive
Timing-Allow-Origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
Content-Length: 12
X-Request-Id: 398d6621-3ea7-4413-9e90-255c5db5ee3a

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500,700

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://kirby-staging.userleap.com/ Message: Refused to load the stylesheet 'https://fonts.googleapis.com/css?family=Rubik:300,400,500,700' because it violates the following Content Security Policy directive: "style-src .sprig.com .userleap.com 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
network	error	URL: https://api-staging.userleap.com/1/annotators/current Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src .sprig.com; script-src .sprig.com .userleap.com 'self' 'unsafe-inline' https://js.hs-analytics.net https://js.hs-scripts.com https://cdn.heapanalytics.com https://js.hscollectedforms.net https://js.hs-banner.com https://js.usemessages.com https://js-na1.hs-scripts.com https://cdn.segment.com https://api.segment.io https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; connect-src .sprig.com .userleap.com https://cdn.segment.com https://api.segment.io https://events.launchdarkly.com https://app.launchdarkly.com https://forms.hubspot.com https://rum-http-intake.logs.datadoghq.com; img-src https://track.hubspot.com https://heapanalytics.com .sprig.com .userleap.com; style-src .sprig.com *.userleap.com 'self' 'unsafe-inline'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-staging.userleap.com
fonts.googleapis.com
kirby-staging.userleap.com
fonts.googleapis.com
52.21.98.197
54.87.14.194
0df2c2c14f7fd656ee25c09cc8095ecd89210390027519ef87478a82b64fe7e4
b9c391636c0353ff14cd69be06554fcfb09b28919ace613e1424ff652eea619e
cac8a1c898b5aadcb53929015e505ff326516bd3a8eb21924cbe97a614029dad
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
e11414b66ce0538ad1ac5388f2f73ae68df13c82be2b23c0189b3eae287c75b5
eb3d8932a2e2944b0e958a511da8411fd8576b2804697df4dc2d97c0b671b614

kirby-staging.userleap.com Open in urlscan Pro 52.21.98.197 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

88 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

1 Countries

1356 kBTransfer

1349 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

kirby-staging.userleap.com Open in urlscan Pro
52.21.98.197 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

1356 kB
Transfer

1349 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions