urlscan.io logo urlscan.io
SecurityTrails logo

app.snapapp.com Open in urlscan Pro
54.230.95.146  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.cyberimpact.com/click-tracking?ct=axGeg1-STgiZhhwEbvIKO1Omu6SquVFpi7nB88tdAFoX4gJO9wIIuLlNpI4R_vTvR3vW6ApN3PJ77m...
Effective URL: https://app.snapapp.com/the-finance-professionals-nightmare?utm_source=cyberimpact&utm_medium=email&utm_campaign=2019-cy...
Submission: On August 07 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 8 HTTP transactions. The main IP is 54.230.95.146, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is app.snapapp.com.
TLS certificate: Issued by Amazon on February 26th 2019. Valid for: a year.
This is the only time app.snapapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 204.154.174.220 18499 (CYBER-GEN...)
3 54.230.95.146 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
8 4
Domain Requested by
3 app.snapapp.com app.snapapp.com
2 connect.facebook.net app.snapapp.com
connect.facebook.net
1 ajax.googleapis.com app.snapapp.com
1 app.cyberimpact.com 1 redirects
0 pangeamedia-eeprod.s3.amazonaws.com Failed ajax.googleapis.com
0 scdn.snapapp.com Failed app.snapapp.com
8 6

This site contains no links.

Subject Issuer Validity Valid
*.snapapp.com
Amazon		 2019-02-26 -
2020-03-26		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-06-06 -
2019-09-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app.snapapp.com/the-finance-professionals-nightmare?utm_source=cyberimpact&utm_medium=email&utm_campaign=2019-cyberimpact-nurture&utm_content=ci-email-step2
Frame ID: 9584B5CB2E3452C44972DA131AB2FEF4
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://app.cyberimpact.com/click-tracking?ct=axGeg1-STgiZhhwEbvIKO1Omu6SquVFpi7nB88tdAFoX4gJO9wIIuLlNpI... HTTP 302
    https://app.snapapp.com/the-finance-professionals-nightmare?utm_source=cyberimpact&utm_medium=email&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Page Statistics

8
Requests

75 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

4
IPs

4
Countries

100 kB
Transfer

306 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.cyberimpact.com/click-tracking?ct=axGeg1-STgiZhhwEbvIKO1Omu6SquVFpi7nB88tdAFoX4gJO9wIIuLlNpI4R_vTvR3vW6ApN3PJ77mSwp4E2dlikq6zfiQqpauvpinHDnj9R6Ke_YH-6tTyMaJpGGraT HTTP 302
    https://app.snapapp.com/the-finance-professionals-nightmare?utm_source=cyberimpact&utm_medium=email&utm_campaign=2019-cyberimpact-nurture&utm_content=ci-email-step2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request the-finance-professionals-nightmare
app.snapapp.com/
Redirect Chain
  • https://app.cyberimpact.com/click-tracking?ct=axGeg1-STgiZhhwEbvIKO1Omu6SquVFpi7nB88tdAFoX4gJO9wIIuLlNpI4R_vTvR3vW6ApN3PJ77mSwp4E2dlikq6zfiQqpauvpinHDnj9R6Ke_YH-6tTyMaJpGGraT
  • https://app.snapapp.com/the-finance-professionals-nightmare?utm_source=cyberimpact&utm_medium=email&utm_campaign=2019-cyberimpact-nurture&utm_content=ci-email-step2
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.snapapp.com/the-finance-professionals-nightmare?utm_source=cyberimpact&utm_medium=email&utm_campaign=2019-cyberimpact-nurture&utm_content=ci-email-step2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.146 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-146.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
f274a340af33fec7e06bd499f79da5224ade95a7b0fb8b23f133a6155f9d3964
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
app.snapapp.com
:scheme
https
:path
/the-finance-professionals-nightmare?utm_source=cyberimpact&utm_medium=email&utm_campaign=2019-cyberimpact-nurture&utm_content=ci-email-step2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
content-type
text/html; charset=utf-8
content-length
1830
content-encoding
gzip
date
Wed, 07 Aug 2019 15:19:09 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server
Apache
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
x-cache
Miss from cloudfront
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2
x-amz-cf-id
qaLOcq_Z--5E2wM_GBLBOlptbeunaKJDSH09u2NwUd8492e69RDrnA==

Redirect headers

Server
nginx
Date
Wed, 07 Aug 2019 15:18:56 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
cisession=UlyX7sqak6%2FnKF95uyiOVGYOf5Ucn9Nx4o3px2LxMOQTMeaicDB0yqoH5VBvS9Q%2BhWuwkeU%2B4uM77lk9dqH0o3VImk1LuvDpJj0NSzmXJQte65AN0nPojdbKOTdPywkp9QD2aNtyiwbgnHOeRZUNKWciuTM3n3mey0PftcLuvDPiRLV%2FiSUwS5rHBglQwKdUiHgqNTuQPHFQw7bK416RGVpMBnocnEch2Urj9B1iAGqCCUZe5Rr8X7GIKyBRHsWL0T6Eep8pm1%2F0OFiDeYjEVQPkO9%2FEaPC2ND2gEuxoVc90TbnuFc8J2L%2BJkk0YnJxaMLnUyLimKI8c2eC9RTIuo5bgy%2BpSx2PoW4Sk06N0m8U1xP7Kkz42tItcOhm2Yn%2BKesvRzaAcfNqLeDwfbGcN2fRYbmoAkP%2FD4d19jCbszrSvu7uYlmfEgHOB9QD4Yfs7j%2B1%2Fe2s7gUPROnf3QVbDRQ%3D%3D078ab95784cebf51447d6852b92e84fab1b94679; path=/; secure; HttpOnly cisession=pmNsKDtusslx2tGL2pYxURf4Is38U6zINQG2qtubgt%2BZnjf8mtwxRqr6vnlQJtWFcYWWml2lKdJVaQTSqwdQhiCMyIHBldI2DmRkSPBxSnjobyz7g5J05SDJFL4h30rQ6hFXmAgIg%2B0GbE8wtWq9C0GHjJFM0xqHI6gmF5xHp1UFoR1wSYNXumUXc1Ai2HqFQGtENSucC7BhO4Tvz0Er7gyWYclzV5oXqRQjZt2sn2Ex%2B91hZ2C%2BrvgsrZtqecRcUz9npw67dQbYK3LxO9Ffi%2B%2BeAF%2BRwGMh2Rojy3p3X08niC%2FhHx2FDU%2BwyNU4%2FHY8ml%2Fs%2FKWABw%2BYexV5mNaPsOdowmkxwLddaWNFrqJGy8RG4cQgyo%2FL2qCfxbJ7uQORL%2Bu3WkOgJwLn%2BeLF%2FpF9AEffAMfYSUZW5AheLWccfu2z4HhJVsg7JelGXHBQci9IYU9PoujIqrePvVervNwusBYGg7IfX0VPzG8rX9HSF6VMqsHzVi3CUSXOgWKnVddKqMBpdrO9gRp7FV6T7WOcNi4qZ26l4Fp4OQHARnnwReI%3D3cf7997165738463a2a4c954428863dd14abffb8; path=/; secure; HttpOnly
X-Frame-Options
sameorigin
X-Content-Type-Options
nosniff
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=2592000
X-Robots-Tag
noindex, nofollow
Location
https://app.snapapp.com/the-finance-professionals-nightmare?utm_source=cyberimpact&utm_medium=email&utm_campaign=2019-cyberimpact-nurture&utm_content=ci-email-step2
X-UA-Compatible
IE=edge,chrome=1
microsite.css
app.snapapp.com/static/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.snapapp.com/static/microsite.css?_=576
Requested by
Host: app.snapapp.com
URL: https://app.snapapp.com/the-finance-professionals-nightmare?utm_source=cyberimpact&utm_medium=email&utm_campaign=2019-cyberimpact-nurture&utm_content=ci-email-step2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.146 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-146.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
cb16867923a53e4f73a23eb88b4f72472c1f1701e8b96212102f7c9cfdc4ed91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://app.snapapp.com/the-finance-professionals-nightmare?utm_source=cyberimpact&utm_medium=email&utm_campaign=2019-cyberimpact-nurture&utm_content=ci-email-step2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 07 Aug 2019 15:19:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA2
x-cache
Miss from cloudfront
status
200
vary
Accept-Encoding
content-length
651
last-modified
Tue, 06 Aug 2019 02:18:53 GMT
server
Apache
etag
"69d-58f6972263d40-gzip"
strict-transport-security
max-age=31536000; includeSubdomains;
content-type
text/css
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-id
5OYL9dPy4CMGAac-OZoWxYJZYywV9PDzUQjIBWy5RRpBEnZqeDCPlQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.0/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js
Requested by
Host: app.snapapp.com
URL: https://app.snapapp.com/the-finance-professionals-nightmare?utm_source=cyberimpact&utm_medium=email&utm_campaign=2019-cyberimpact-nurture&utm_content=ci-email-step2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://app.snapapp.com/the-finance-professionals-nightmare?utm_source=cyberimpact&utm_medium=email&utm_campaign=2019-cyberimpact-nurture&utm_content=ci-email-step2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 19 Jun 2019 14:46:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4235579
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
34044
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jun 2020 14:46:11 GMT
microsite.js
app.snapapp.com/static/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.snapapp.com/static/microsite.js?_=576
Requested by
Host: app.snapapp.com
URL: https://app.snapapp.com/the-finance-professionals-nightmare?utm_source=cyberimpact&utm_medium=email&utm_campaign=2019-cyberimpact-nurture&utm_content=ci-email-step2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.146 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-146.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
3b6cff498a7b0d80943bbd979d561397ee818e8b4c5d9cf74554f6b2b3ed99af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://app.snapapp.com/the-finance-professionals-nightmare?utm_source=cyberimpact&utm_medium=email&utm_campaign=2019-cyberimpact-nurture&utm_content=ci-email-step2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 07 Aug 2019 15:19:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA2
x-cache
Miss from cloudfront
status
200
vary
Accept-Encoding
content-length
1051
last-modified
Tue, 06 Aug 2019 02:18:53 GMT
server
Apache
etag
"b15-58f6972263d40-gzip"
strict-transport-security
max-age=31536000; includeSubdomains;
content-type
application/javascript
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-id
8zY7Mba8Dr9ffn7U-3cMTeqE4u3UkobE6U-QYemEFdbjfgf9Fq32_w==
widget.js
scdn.snapapp.com/widget/ 		0
0
4KI6qMU9T22HYbWMuRw2_Manual_Budgeting.png
pangeamedia-eeprod.s3.amazonaws.com/5c50ae3dad83326ff1489b76/5cf13ac0ad83324b62575ef4/ 		0
0
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: app.snapapp.com
URL: https://app.snapapp.com/the-finance-professionals-nightmare?utm_source=cyberimpact&utm_medium=email&utm_campaign=2019-cyberimpact-nurture&utm_content=ci-email-step2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
12fe655510551e12f13aacb35281b0038e806086a2cafb1652dc24eee135a5f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://app.snapapp.com/the-finance-professionals-nightmare?utm_source=cyberimpact&utm_medium=email&utm_campaign=2019-cyberimpact-nurture&utm_content=ci-email-step2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
xmuChnySbwWHVCDsTHRryg==
status
200
content-length
1779
etag
"2868636e23da645e3a7e996180b7ab94"
x-fb-debug
8L8gV1I7VtYJ1roowZOjW/+iO9Y0/JzfkbH98WNzOfhVXzSYW2TVCEQxxav6pgqGokp1m6Rok+yF+yOpN9y0dg==
x-fb-trip-id
997090344
x-fb-content-md5
a36e87fdddadeb9ed37c12273a944161
x-frame-options
DENY
date
Wed, 07 Aug 2019 15:19:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 07 Aug 2019 15:23:55 GMT
sdk.js
connect.facebook.net/en_US/ 		199 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f60a8aaaeb364e16548e21006465b6f3&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
33909b4c5af7baa5bff95b4c56b6c12685811f4eec6e0db63a38fa20ab20a89b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
https://app.snapapp.com/the-finance-professionals-nightmare?utm_source=cyberimpact&utm_medium=email&utm_campaign=2019-cyberimpact-nurture&utm_content=ci-email-step2
Origin
https://app.snapapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
k1uAFC0mD/3qlSvK2MIg8g==
status
200
content-length
60486
etag
"72d575d523e9464609d1d8b34fcda989"
x-fb-debug
6t7uUb/s51hELsjWHdYjxbWvqQxKWxpEYCtTqi8cvpVLqggoikm/6IwSFs6r7GskqKJ2dGBtScLIV83cQNaO1Q==
x-fb-trip-id
997090344
x-fb-content-md5
59ab1dee21960aafe2b815309fae1a32
x-frame-options
DENY
date
Wed, 07 Aug 2019 15:19:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Thu, 06 Aug 2020 14:45:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
scdn.snapapp.com
URL
https://scdn.snapapp.com/widget/widget.js
Domain
pangeamedia-eeprod.s3.amazonaws.com
URL
https://pangeamedia-eeprod.s3.amazonaws.com/5c50ae3dad83326ff1489b76/5cf13ac0ad83324b62575ef4/4KI6qMU9T22HYbWMuRw2_Manual_Budgeting.png

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff