cl-50983.services.portal-dev.gke.sojern.net Open in urlscan Pro
34.160.211.248 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cl-50983.services.portal-dev.gke.sojern.net/
Submission: On December 01 via api (December 1st 2023, 10:54:40 pm UTC) from US — Scanned from US

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 8 HTTP transactions. The main IP is 34.160.211.248, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is cl-50983.services.portal-dev.gke.sojern.net.
TLS certificate: Issued by GTS CA 1D4 on November 29th 2023. Valid for: 3 months.

This is the only time cl-50983.services.portal-dev.gke.sojern.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	34.160.211.248 34.160.211.248	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a04:4e42:400... 2a04:4e42:400::622	54113 (FASTLY) (FASTLY)
1	13.225.239.41 13.225.239.41	16509 (AMAZON-02) (AMAZON-02)
1	34.199.19.151 34.199.19.151	14618 (AMAZON-AES) (AMAZON-AES)
8	4

3 34.160.211.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.211.160.34.bc.googleusercontent.com

cl-50983.services.portal-dev.gke.sojern.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::622 (United States)

ASN54113 (FASTLY, US)

fast.appcues.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.239.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-239-41.bru50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.19.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-19-151.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	appcues.com fast.appcues.com — Cisco Umbrella Rank: 4861	134 KB
3	sojern.net cl-50983.services.portal-dev.gke.sojern.net	9 MB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 878 heapanalytics.com — Cisco Umbrella Rank: 784	37 KB
8	3

	Domain	Requested by
3	fast.appcues.com	cl-50983.services.portal-dev.gke.sojern.net fast.appcues.com
3	cl-50983.services.portal-dev.gke.sojern.net	cl-50983.services.portal-dev.gke.sojern.net
1	heapanalytics.com	cl-50983.services.portal-dev.gke.sojern.net
1	cdn.heapanalytics.com	cl-50983.services.portal-dev.gke.sojern.net
8	4

This site contains no links.

Subject Issuer	Validity	Valid
cl-50983.services.portal-dev.gke.sojern.net GTS CA 1D4	`2023-11-29` - `2024-02-27`	3 months	crt.sh
fast.appcues.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-05` - `2024-09-05`	a year	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cl-50983.services.portal-dev.gke.sojern.net/
Frame ID: 28C9C03CADBD1A98903A0F0C0B267904
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

8
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

9202 kB
Transfer

115869 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cl-50983.services.portal-dev.gke.sojern.net/ 3 KB
2 KB 185ms
50ms Document
text/html 34.160.211.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cl-50983.services.portal-dev.gke.sojern.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.211.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

248.211.160.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

45ec1540ea3c511e361e54009e033c6d2f4539df7da2ad2c8f94499e7a06e4a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ data:; script-src 'self' https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://*.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-security-policy: default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
content-type: text/html
date: Fri, 01 Dec 2023 22:54:00 GMT
etag: W/"6569b125-b10"
last-modified: Fri, 01 Dec 2023 10:10:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only

GET
H2 200 33462.js Show response
fast.appcues.com/ 21 KB
5 KB 401ms
178ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/33462.js
Requested by: Host: cl-50983.services.portal-dev.gke.sojern.net
URL: https://cl-50983.services.portal-dev.gke.sojern.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 32f298cb521c89b3ef99a385bc3fdf9c8f2c9c192ec13dddbd0769e47b62d3f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl-50983.services.portal-dev.gke.sojern.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:54:00 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 4889
x-request-id: F5zXFA4hWARGPqGQgUOi
x-served-by: cache-ewr18129-EWR
server: Cowboy
x-timer: S1701471240.321620,VS0,VE98
vary: accept-encoding, Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=120,public
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 0

GET
H2 200 vendor.81440a9962cb50577f46.bundle.js Show response
cl-50983.services.portal-dev.gke.sojern.net/js/ 33 MB
9 MB 50ms
49ms Script
application/javascript 34.160.211.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cl-50983.services.portal-dev.gke.sojern.net/js/vendor.81440a9962cb50577f46.bundle.js

Requested by

Host: cl-50983.services.portal-dev.gke.sojern.net
URL: https://cl-50983.services.portal-dev.gke.sojern.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.211.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

248.211.160.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

8ffc8a78ffa398c10035100eceda0870722332185f891dae734ff7ae9cdf4d76

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ data:; script-src 'self' https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://*.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl-50983.services.portal-dev.gke.sojern.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
last-modified: Fri, 01 Dec 2023 10:10:45 GMT
server: nginx
x-permitted-cross-domain-policies: master-only
content-encoding: gzip
etag: W/"6569b125-20aa98b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 main.c3ca28173bc0173ab50f.bundle.js
cl-50983.services.portal-dev.gke.sojern.net/js/ 80 MB
0 59ms
58ms Script
application/javascript 34.160.211.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cl-50983.services.portal-dev.gke.sojern.net/js/main.c3ca28173bc0173ab50f.bundle.js

Requested by

Host: cl-50983.services.portal-dev.gke.sojern.net
URL: https://cl-50983.services.portal-dev.gke.sojern.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.211.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

248.211.160.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ data:; script-src 'self' https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://*.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl-50983.services.portal-dev.gke.sojern.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
last-modified: Fri, 01 Dec 2023 10:10:45 GMT
server: nginx
x-permitted-cross-domain-policies: master-only
content-encoding: gzip
etag: W/"6569b125-5e59ac8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 appcues.main.6419acf5aaf9241c9d5ea40d0059c214ae900e82.js Show response
fast.appcues.com/generic/main/4.60.47/ 447 KB
127 KB 131ms
32ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.60.47/appcues.main.6419acf5aaf9241c9d5ea40d0059c214ae900e82.js
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/33462.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0552a7557e5e284a66ce6125d74adaefb93e1b24594d160b1b09742c740fbe7c

Request headers

Referer: https://cl-50983.services.portal-dev.gke.sojern.net/
Origin: https://cl-50983.services.portal-dev.gke.sojern.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:54:00 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: 0VBSMZ587DYQPZ1W
age: 89257
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 129022
x-amz-id-2: aZSjwejzLUaV4K4lTHy/9AWiojarEFMNoyM0nIxFkngcJ+NR+CBjN7hxFAYGw83Cx7w+NqqTwYI=
x-served-by: cache-ewr18144-EWR
last-modified: Thu, 30 Nov 2023 21:27:28 GMT
server: AmazonS3
x-timer: S1701471241.581090,VS0,VE1
etag: "94993118ccff89b1c3e4d9675c025e8d"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 1

GET
H2 200 heap-3605082106.js Show response
cdn.heapanalytics.com/js/ 115 KB
37 KB 695ms
383ms Script
application/javascript 13.225.239.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-3605082106.js

Requested by

Host: cl-50983.services.portal-dev.gke.sojern.net
URL: https://cl-50983.services.portal-dev.gke.sojern.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.239.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-239-41.bru50.r.cloudfront.net

Software

nginx / Express

Resource Hash

357ea3f9ca5a027e7280ec3d8086839f23be47e9f19f399515f6f89c7f52d3b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl-50983.services.portal-dev.gke.sojern.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:54:00 GMT
content-encoding: br
via: 1.1 69154db4091f3dbde5ecf072840fdce0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: BRU50-C1
x-powered-by: Express
etag: W/"1ca99-TPryKY06qxAdaUhAiKW2/GyWri0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Ezknn4tmc5GAUl9PdbV4H7LoTGDJkJO4uxXlFGKzEHdDhMevbL65Pw==

GET
H2 200 container.6419acf5aaf9241c9d5ea40d0059c214ae900e82.css
fast.appcues.com/generic/main/4.60.47/ 16 KB
2 KB 38ms
38ms Stylesheet
text/css 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.60.47/container.6419acf5aaf9241c9d5ea40d0059c214ae900e82.css
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/4.60.47/appcues.main.6419acf5aaf9241c9d5ea40d0059c214ae900e82.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb

Request headers

Referer: https://cl-50983.services.portal-dev.gke.sojern.net/
Origin: https://cl-50983.services.portal-dev.gke.sojern.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:54:00 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: 7TQ4FFWNMW2CGBZT
age: 89347
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1992
x-amz-id-2: 6FOhEyuBPcM7i5dXsj1DYRatK9hCQUcp0omikcdkVdxKD469WCMDG3ynsps6jDArvYvf79L2Lw8=
x-served-by: cache-ewr18144-EWR
last-modified: Thu, 30 Nov 2023 21:27:28 GMT
server: AmazonS3
x-timer: S1701471241.781128,VS0,VE0
etag: "5be05ce494e7cac41d062a0b12a1657c"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css; charset=utf-8;
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 6703

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 227ms
64ms Image
image/gif 34.199.19.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3605082106&u=8779726033558062&v=747702382710802&s=7523728605228244&b=web&tv=4.0&z=0&h=%2F&d=cl-50983.services.portal-dev.gke.sojern.net&t=Sojern&ts=1701471241220&st=1701471241223

Requested by

Host: cl-50983.services.portal-dev.gke.sojern.net
URL: https://cl-50983.services.portal-dev.gke.sojern.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.199.19.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-199-19-151.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl-50983.services.portal-dev.gke.sojern.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 22:54:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.sojern.net/	1970-01-21 02:05:48	Name: _hp2_id.3605082106 Value: %7B%22userId%22%3A%228779726033558062%22%2C%22pageviewId%22%3A%22747702382710802%22%2C%22sessionId%22%3A%227523728605228244%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
			.sojern.net/	1970-01-20 16:37:53	Name: _hp2_ses_props.3605082106 Value: %7B%22ts%22%3A1701471241220%2C%22d%22%3A%22cl-50983.services.portal-dev.gke.sojern.net%22%2C%22h%22%3A%22%2F%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ data:; script-src 'self' https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://*.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
cl-50983.services.portal-dev.gke.sojern.net
fast.appcues.com
heapanalytics.com
13.225.239.41
2a04:4e42:400::622
34.160.211.248
34.199.19.151
0552a7557e5e284a66ce6125d74adaefb93e1b24594d160b1b09742c740fbe7c
32f298cb521c89b3ef99a385bc3fdf9c8f2c9c192ec13dddbd0769e47b62d3f2
357ea3f9ca5a027e7280ec3d8086839f23be47e9f19f399515f6f89c7f52d3b9
45ec1540ea3c511e361e54009e033c6d2f4539df7da2ad2c8f94499e7a06e4a6
8ffc8a78ffa398c10035100eceda0870722332185f891dae734ff7ae9cdf4d76
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb

cl-50983.services.portal-dev.gke.sojern.net Open in urlscan Pro 34.160.211.248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

8 Requests

100 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

4 IPs

1 Countries

9202 kBTransfer

115869 kBSize

2 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

cl-50983.services.portal-dev.gke.sojern.net Open in urlscan Pro
34.160.211.248 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

9202 kB
Transfer

115869 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions