rookie-baby.hello-charles.com
Open in
urlscan Pro
2606:4700:10::6816:4ec5
Public Scan
Effective URL: https://rookie-baby.hello-charles.com/api/auth?redirect_path=%2Fconversations
Submission: On December 11 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 9th 2023. Valid for: a year.
This is the only time rookie-baby.hello-charles.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 12 | 2606:4700:10:... 2606:4700:10::6816:4ec5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a04:4e42::622 2a04:4e42::622 | 54113 (FASTLY) (FASTLY) | |
2 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
20 | 5 |
ASN13335 (CLOUDFLARENET, US)
rookie-baby.hello-charles.com | |
cdn.hello-charles.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
hello-charles.com
1 redirects
rookie-baby.hello-charles.com cdn.hello-charles.com — Cisco Umbrella Rank: 264805 |
3 MB |
3 |
appcues.com
fast.appcues.com — Cisco Umbrella Rank: 4861 |
134 KB |
2 |
gstatic.com
www.gstatic.com |
18 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 |
931 B |
0 |
heapanalytics.com
Failed
cdn.heapanalytics.com Failed |
|
20 | 5 |
Domain | Requested by | |
---|---|---|
10 | rookie-baby.hello-charles.com |
1 redirects
rookie-baby.hello-charles.com
|
3 | fast.appcues.com |
rookie-baby.hello-charles.com
fast.appcues.com |
2 | cdn.hello-charles.com |
rookie-baby.hello-charles.com
|
2 | www.gstatic.com |
rookie-baby.hello-charles.com
|
1 | fonts.googleapis.com |
rookie-baby.hello-charles.com
|
0 | cdn.heapanalytics.com Failed |
rookie-baby.hello-charles.com
|
20 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
oauth.prod.charlesidentity.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
hello-charles.com Cloudflare Inc ECC CA-3 |
2023-10-09 - 2024-10-08 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
fast.appcues.com GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-08-05 - 2024-09-05 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://rookie-baby.hello-charles.com/api/auth?redirect_path=%2Fconversations
Frame ID: A81B173CA966DB95D35C8D69221F4A3F
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
Charles UniversePage URL History Show full URLs
-
http://rookie-baby.hello-charles.com/
HTTP 301
https://rookie-baby.hello-charles.com/ Page URL
- https://rookie-baby.hello-charles.com/api/auth?redirect_path=%2Fconversations Page URL
Detected technologies
Firebase (Databases) ExpandDetected patterns
- /firebasejs/([\d.]+)/firebase
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Sign in with charles
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://rookie-baby.hello-charles.com/
HTTP 301
https://rookie-baby.hello-charles.com/ Page URL
- https://rookie-baby.hello-charles.com/api/auth?redirect_path=%2Fconversations Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://rookie-baby.hello-charles.com/ HTTP 301
- https://rookie-baby.hello-charles.com/
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
rookie-baby.hello-charles.com/ Redirect Chain
|
9 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
3 KB 931 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
130785.js
fast.appcues.com/ |
22 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.616a2d10.js
rookie-baby.hello-charles.com/js/ |
5 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.4b99408a.js
rookie-baby.hello-charles.com/js/ |
3 MB 760 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.0292b014.css
rookie-baby.hello-charles.com/css/ |
561 KB 105 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-app.js
www.gstatic.com/firebasejs/8.4.1/ |
21 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-messaging.js
www.gstatic.com/firebasejs/8.4.1/ |
40 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appcues.main.d0231f3d493abd624afa4a834d21141fbe717bea.js
fast.appcues.com/generic/main/4.60.54/ |
447 KB 127 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
heap-3355954813.js
cdn.heapanalytics.com/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emojis-json.afcc65c7.js
rookie-baby.hello-charles.com/js/ |
0 28 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
66 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
me
rookie-baby.hello-charles.com/api/v0/ |
138 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
8ac0dd9f-f80e-4eff-b457-bf7e824cfacd
https://rookie-baby.hello-charles.com/ |
4 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
8ac0dd9f-f80e-4eff-b457-bf7e824cfacd
https://rookie-baby.hello-charles.com/ |
4 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
auth
rookie-baby.hello-charles.com/api/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.d0231f3d493abd624afa4a834d21141fbe717bea.css
fast.appcues.com/generic/main/4.60.54/ |
16 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
rookie-baby.hello-charles.com/api/public/stylesheets/ |
3 MB 241 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js
rookie-baby.hello-charles.com/api/oauth/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_text.svg
cdn.hello-charles.com/charles-agent-ui/statics/logo/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
typie-black-outline.png
cdn.hello-charles.com/assets/icons/integrations/charles/charles-identity/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cdn.heapanalytics.com
- URL
- https://cdn.heapanalytics.com/js/heap-3355954813.js
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture undefined| authCode undefined| refreshToken undefined| accessToken function| initAuth function| signInCallback function| post0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self';connect-src 'self' wss://rookie-baby.hello-charles.com https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-3e99479a-184a-434e-b7b0-66ad43949105.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-523630b34bab338f415a6ec5a65e2d52' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-523630b34bab338f415a6ec5a65e2d52' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' |
Strict-Transport-Security | max-age=0; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.heapanalytics.com
cdn.hello-charles.com
fast.appcues.com
fonts.googleapis.com
rookie-baby.hello-charles.com
www.gstatic.com
cdn.heapanalytics.com
2606:4700:10::6816:4ec5
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a04:4e42::622
247c637963da1a490b39fde9308c2f0c3976b1482cc740e0e7b025411b7702eb
3051a54e14015e206c5a2550730917a918554e5476bd07a72db59d07eccc2dab
562f25537a9f3ccfceee414e65f529d18677f0817b2c4e0eb529465659c18f5a
6eb8344528e850e3c4df5c78d3afb5f6e3e44d4824b19b3c45b8eefed06a7737
921bf1ff62082b68c62e8bfa267bbb21bad82ae86e99f699139c0caa99aa853b
9ce40e53d478fc55f3d7646d76becc8b09eb5bdc37b374eb1e57fef60b3d00c8
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
c65d97091b3775acbfbbd978d5b6b73100d3ef2bad63d052a74ce4713fc696bd
c713af24709270ff08e04dcf7f242d5d52266026fb0020317c7da3afbdf63797
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
dacc7944c13d1fa21eaf26b49314810d5f6be866030f443017914f46d1a69cc5
f8103f23aa36ebb5ff0539c9068c4519346842bfd0eb5d1f39538155341ab532
fe442b1562283f7a27f022c2aafacd83b520e421f2dfbfc6385fea9c51410993