urlscan.io logo urlscan.io
SecurityTrails logo

assets.supplier-portal.thunderturtle.io Open in urlscan Pro
13.224.214.84  Public Scan

Go To Rescan Add Verdict Report
URL: https://assets.supplier-portal.thunderturtle.io/
Submission: On November 20 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 17 HTTP transactions. The main IP is 13.224.214.84, located in United States and belongs to AMAZON-02, US. The main domain is assets.supplier-portal.thunderturtle.io.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 20th 2023. Valid for: a year.
This is the only time assets.supplier-portal.thunderturtle.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 13.224.214.84 16509 (AMAZON-02)
1 34.36.213.229 396982 (GOOGLE-CL...)
1 151.101.66.137 54113 (FASTLY)
3 34.149.155.70 396982 (GOOGLE-CL...)
3 162.247.243.29 54113 (FASTLY)
17 5
9    13.224.214.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-84.phl50.r.cloudfront.net
assets.supplier-portal.thunderturtle.io
1    34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com
cdn.pendo.io
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
3    34.149.155.70 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 70.155.149.34.bc.googleusercontent.com
app.pendo.io
3    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
9 thunderturtle.io
assets.supplier-portal.thunderturtle.io
149 KB
4 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 844
app.pendo.io — Cisco Umbrella Rank: 1830
147 KB
3 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 225
1 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 562
29 KB
17 4
Domain Requested by
9 assets.supplier-portal.thunderturtle.io assets.supplier-portal.thunderturtle.io
3 bam.nr-data.net assets.supplier-portal.thunderturtle.io
3 app.pendo.io assets.supplier-portal.thunderturtle.io
1 js-agent.newrelic.com assets.supplier-portal.thunderturtle.io
1 cdn.pendo.io assets.supplier-portal.thunderturtle.io
17 5

This site contains no links.

Subject Issuer Validity Valid
assets.staging.us.thunderturtle.io
Amazon RSA 2048 M03		 2023-11-20 -
2024-12-18		 a year crt.sh
cdn.pendo.io
GTS CA 1D4		 2023-10-09 -
2024-01-07		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
pendo.io
GTS CA 1D4		 2023-10-08 -
2024-01-06		 3 months crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://assets.supplier-portal.thunderturtle.io/
Frame ID: CF386D2B322D2ADC92AEEA38053686A9
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Workday Strategic Sourcing

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

327 kB
Transfer

1596 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
assets.supplier-portal.thunderturtle.io/ 		56 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.supplier-portal.thunderturtle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-84.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
49723ff891a76792b4a382dfc6e42e713ef926c527e343285d692d4326e9cf62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 21:46:55 GMT
etag
W/"49723ff891a76792b4a382dfc6e42e71"
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id
4t4JInYA4HNgsJovetvdY6zJ_PDlaHEp4jUx1u_OT8ZQmEOhds-6Ng==
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
62edb7f3-9ff4-4384-bb91-729ff0264eb5
x-runtime
0.004543
x-xss-protection
1; mode=block
index-2fe4ad65.js
assets.supplier-portal.thunderturtle.io/assets/webpack/assets/ 		935 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.supplier-portal.thunderturtle.io/assets/webpack/assets/index-2fe4ad65.js
Requested by
Host: assets.supplier-portal.thunderturtle.io
URL: https://assets.supplier-portal.thunderturtle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-84.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
d530493e8c26e25096fc4d3d7267a18168f407d489824c769aa30cec7bf9404d

Request headers

Referer
https://assets.supplier-portal.thunderturtle.io/
Origin
https://assets.supplier-portal.thunderturtle.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:46:55 GMT
content-encoding
gzip
via
1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified
Fri, 17 Nov 2023 12:30:35 GMT
server
nginx
x-amz-cf-pop
PHL50-C1
etag
W/"65575ceb-e9c7f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=315360000, public
x-amz-cf-id
w9nqWG84644rUZGjMp7v5xw2U8ddwak0P5530z4gQXkYJG8FNf0Tow==
expires
Thu, 31 Dec 2037 23:55:55 GMT
pendo.js
cdn.pendo.io/agent/static/f1fb3f9a-bbe0-477a-60c2-67706d98c540/ 		445 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/f1fb3f9a-bbe0-477a-60c2-67706d98c540/pendo.js
Requested by
Host: assets.supplier-portal.thunderturtle.io
URL: https://assets.supplier-portal.thunderturtle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
229.213.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a03b59f3a348f888683da4c2d8b72643802c1fdbe6b96e1a2a144acf548e61b6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.supplier-portal.thunderturtle.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:39:45 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains
age
430
x-guploader-uploadid
ABPtcPqGEyGvewGbFdMYGblRQoRspGWxLz-drJi4JXEcdSsIh6yXCbxMKtbPpFjgrnkL25k7O56nAMbxYcIfqQ7L2gIAIg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149322
last-modified
Thu, 16 Nov 2023 19:12:39 GMT
server
UploadServer
etag
"87fa15f315d11efb8ed182b5ad0f0eb8"
vary
Accept-Encoding
x-goog-generation
1700161959255865
x-goog-hash
crc32c=0zlyaQ==, md5=h/oV8xXRHvuO0YK1rQ8OuA==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=450
x-goog-stored-content-length
149322
accept-ranges
bytes
content-type
application/javascript
index-02a4e98c.js
assets.supplier-portal.thunderturtle.io/assets/webpack/assets/ 		820 B
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.supplier-portal.thunderturtle.io/assets/webpack/assets/index-02a4e98c.js
Requested by
Host: assets.supplier-portal.thunderturtle.io
URL: https://assets.supplier-portal.thunderturtle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-84.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
557c20e6ca0c0bcf1829c3960e39c842b3c2137faffa25837c624cc919cc05ed

Request headers

Referer
Origin
https://assets.supplier-portal.thunderturtle.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:46:55 GMT
content-encoding
gzip
via
1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified
Fri, 17 Nov 2023 12:31:47 GMT
server
nginx
x-amz-cf-pop
PHL50-C1
etag
W/"65575d33-334"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=315360000, public
x-amz-cf-id
2NVkFrWB2WJQbf6NXQhOeGpPI47E6xmOo4MiOBtIRqPgKgjM9zqhzg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
fetch-1a37ead0.js
assets.supplier-portal.thunderturtle.io/assets/webpack/assets/ 		72 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.supplier-portal.thunderturtle.io/assets/webpack/assets/fetch-1a37ead0.js
Requested by
Host: assets.supplier-portal.thunderturtle.io
URL: https://assets.supplier-portal.thunderturtle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-84.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
8dc6b4d889b9609576443a38fb6c7b91b28f94f3bff06297c357e5d2962712c0

Request headers

Referer
Origin
https://assets.supplier-portal.thunderturtle.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:46:55 GMT
content-encoding
gzip
via
1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified
Fri, 17 Nov 2023 12:30:35 GMT
server
nginx
x-amz-cf-pop
PHL50-C1
etag
W/"65575ceb-11f38"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=315360000, public
x-amz-cf-id
nYwI0jBd49TgVyGI7FAM1tBSiw2oMmW2d5tov5ehtdBYJG2lt4cBaA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
nr-spa-1.248.0.min.js
js-agent.newrelic.com/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1.248.0.min.js
Requested by
Host: assets.supplier-portal.thunderturtle.io
URL: https://assets.supplier-portal.thunderturtle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://assets.supplier-portal.thunderturtle.io/
Origin
https://assets.supplier-portal.thunderturtle.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
WdicPIzDGJD8og5dR8sXZo1iUf3RkEzi
content-encoding
br
via
1.1 varnish
date
Mon, 20 Nov 2023 21:46:56 GMT
strict-transport-security
max-age=300
x-amz-request-id
QNK6T1T9WKE2RKJP
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
29446
x-amz-id-2
tmFvgNXtXWQBjU9u60t+sV2vokRJUSD0IBK6jcx9/Aaq57wiWFzrg5MfrJXED2hmQ4chBYO3/Ys=
x-served-by
cache-mia-kmia1760068-MIA
last-modified
Thu, 16 Nov 2023 17:54:54 GMT
server
AmazonS3
x-timer
S1700516816.087580,VS0,VE0
etag
"9aea0ff91a800a354637269e96e31dac"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
194905
f1fb3f9a-bbe0-477a-60c2-67706d98c540
app.pendo.io/data/ptm.gif/ 		42 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.pendo.io/data/ptm.gif/f1fb3f9a-bbe0-477a-60c2-67706d98c540?v=2.209.1_prod&ct=1700516815929&jzb=eJw9j91OwzAMhd8l16U_sK6ld4NN08RfgUoIIRSlq0uC0iZynE3TtHdfKIhL-xx_5_jjyOhggVVMG9GxiLVo9g6QkxrCNivSNM_mZZZfZ_OI7ZRTZJCrLhzwevW4fOINX3xLS1_Da31VBIDYbo0fafKMXuuIedTBLomsq5JEOAfkYuet1QrwwhokoWOSfuwAySNpiJVJAsqisY5Vx6nbX6MincX5KWgCYaRGtJv_HPodmLx57_uHl_tVWy8LJdeB1KMYYBJFvymf16nbLfby7rZ5-3n5QBBiLvPy9HkGNTFZyA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.155.70 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
70.155.149.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.supplier-portal.thunderturtle.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:46:56 GMT
via
1.1 google
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
server
istio-envoy
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
x-envoy-upstream-service-time
63
access-control-allow-headers
*
content-length
42
alt-svc
clear
f1fb3f9a-bbe0-477a-60c2-67706d98c540
app.pendo.io/data/guide.js/ 		464 B
546 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.pendo.io/data/guide.js/f1fb3f9a-bbe0-477a-60c2-67706d98c540?id=5&jzb=eJxNjsGKg0AMht8lZ6uHHgrehC3sXrbC9i5BY50SZ4Yk42Xx3Z1SlN7yhy__l39YnDoL8jNADV17_f26dfeueU7RHvNfe75AAdj3IXl7IT4xF5CEMz2ZRa2rClXJtNQUIzuSUwxiyKVNyQ8klsSYSheq3DST4YCGUB_iPK6H4h0iCnlrPlf5iHb7QqIu-D0q8fgd1Ci_NyIrresGpZxMWA&v=2.209.1_prod&ct=1700516815934
Requested by
Host: assets.supplier-portal.thunderturtle.io
URL: https://assets.supplier-portal.thunderturtle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.155.70 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
70.155.149.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
07daa4d434a5ab2b0a3fff6966c50cb83f915fcafc02c0b0a2b4d6dbd68900b4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.supplier-portal.thunderturtle.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:46:56 GMT
via
1.1 google
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
server
istio-envoy
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
false
x-envoy-upstream-service-time
19
access-control-allow-headers
*
content-length
464
alt-svc
clear
f1fb3f9a-bbe0-477a-60c2-67706d98c540
app.pendo.io/data/guide.gif/ 		42 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.pendo.io/data/guide.gif/f1fb3f9a-bbe0-477a-60c2-67706d98c540?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1700516815936&v=2.209.1_prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.155.70 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
70.155.149.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.supplier-portal.thunderturtle.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:46:56 GMT
via
1.1 google
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
server
istio-envoy
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
x-envoy-upstream-service-time
3
access-control-allow-headers
*
content-length
42
alt-svc
clear
csrf
assets.supplier-portal.thunderturtle.io/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.supplier-portal.thunderturtle.io/csrf
Requested by
Host: assets.supplier-portal.thunderturtle.io
URL: https://assets.supplier-portal.thunderturtle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-84.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets.supplier-portal.thunderturtle.io/
tracestate
1263079@nr=0-1-1263079-1134276848-672e69fef0e8c885----1700516815947
traceparent
00-50e8a25099233e88a5fe260f2063ae00-672e69fef0e8c885-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-fe-request-id
9121928e-58e8-4f62-a6f0-4336bb9ef80a
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjEyNjMwNzkiLCJhcCI6IjExMzQyNzY4NDgiLCJpZCI6IjY3MmU2OWZlZjBlOGM4ODUiLCJ0ciI6IjUwZThhMjUwOTkyMzNlODhhNWZlMjYwZjIwNjNhZTAwIiwidGkiOjE3MDA1MTY4MTU5NDd9fQ==

Response headers

date
Mon, 20 Nov 2023 21:46:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
content-length
0
x-xss-protection
1; mode=block
x-request-id
1a76f54d-a750-4a0d-920c-d8b27eed28e2
pragma
no-cache
x-runtime
0.003024
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
no-store
x-amz-cf-id
k6gxtNIGbfQgln9cuHfs87_0-qHxMC2uS1m7N3g_huRzENecwnh-iA==
f02a7cb600
bam.nr-data.net/1/ 		40 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/f02a7cb600?a=1083354947&v=1.248.0&to=JQkPFkdYXwpdR0sMCQsDTgtbU1Ye&rst=945&ck=0&s=8845aeaea4f9a702&ref=https://assets.supplier-portal.thunderturtle.io/&af=err,xhr,stn,ins,spa&ap=3&be=327&fe=383&dc=280&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1700516815192,%22n%22:0,%22f%22:0,%22dn%22:39,%22dne%22:39,%22c%22:39,%22s%22:101,%22ce%22:175,%22rq%22:176,%22rp%22:328,%22rpe%22:336,%22di%22:399,%22ds%22:606,%22de%22:607,%22dc%22:705,%22l%22:705,%22le%22:710%7D,%22navigation%22:%7B%7D%7D
Requested by
Host: assets.supplier-portal.thunderturtle.io
URL: https://assets.supplier-portal.thunderturtle.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee

Request headers

Referer
https://assets.supplier-portal.thunderturtle.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 20 Nov 2023 21:46:56 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://assets.supplier-portal.thunderturtle.io
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-mia-kmia1760090-MIA
f02a7cb600
bam.nr-data.net/resources/1/ 		36 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/resources/1/f02a7cb600?a=1083354947&v=1.248.0&to=JQkPFkdYXwpdR0sMCQsDTgtbU1Ye&rst=1270&ck=0&s=8845aeaea4f9a702&ref=https://assets.supplier-portal.thunderturtle.io/&st=1700516815192&hr=0&fts=1700516815192&n=26&fsh=1
Requested by
Host: assets.supplier-portal.thunderturtle.io
URL: https://assets.supplier-portal.thunderturtle.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bb17a99fb40e460a96b8ae0971feb8de8c86ac24d590e4ccf2843c28fec04d3a

Request headers

Referer
https://assets.supplier-portal.thunderturtle.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 20 Nov 2023 21:46:56 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://assets.supplier-portal.thunderturtle.io
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
36
x-served-by
cache-mia-kmia1760090-MIA
csrf
assets.supplier-portal.thunderturtle.io/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.supplier-portal.thunderturtle.io/csrf
Requested by
Host: assets.supplier-portal.thunderturtle.io
URL: https://assets.supplier-portal.thunderturtle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-84.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets.supplier-portal.thunderturtle.io/
tracestate
1263079@nr=0-1-1263079-1134276848-6cf916be37961f20----1700516817104
traceparent
00-4bd5d716805e2d489e44589a33853000-6cf916be37961f20-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-fe-request-id
94774e12-5d72-4831-b082-13f09c322efd
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjEyNjMwNzkiLCJhcCI6IjExMzQyNzY4NDgiLCJpZCI6IjZjZjkxNmJlMzc5NjFmMjAiLCJ0ciI6IjRiZDVkNzE2ODA1ZTJkNDg5ZTQ0NTg5YTMzODUzMDAwIiwidGkiOjE3MDA1MTY4MTcxMDR9fQ==

Response headers

date
Mon, 20 Nov 2023 21:46:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
PHL50-C1
age
1
x-cache
Hit from cloudfront
content-length
0
x-xss-protection
1; mode=block
x-request-id
1a76f54d-a750-4a0d-920c-d8b27eed28e2
pragma
no-cache
x-runtime
0.003024
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
no-store
x-amz-cf-id
25NulzJU-gMXVSPfIIR8RrYjgn8cXexR2G8vwNNMDFxlwiWp3ZFLFQ==
csrf
assets.supplier-portal.thunderturtle.io/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.supplier-portal.thunderturtle.io/csrf
Requested by
Host: assets.supplier-portal.thunderturtle.io
URL: https://assets.supplier-portal.thunderturtle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-84.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets.supplier-portal.thunderturtle.io/
tracestate
1263079@nr=0-1-1263079-1134276848-01a6d2e7a9931a53----1700516818189
traceparent
00-de462acf5b895c45d4ded14e10516600-01a6d2e7a9931a53-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-fe-request-id
0e1054e4-37ba-4786-9c65-f486920fb1ef
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjEyNjMwNzkiLCJhcCI6IjExMzQyNzY4NDgiLCJpZCI6IjAxYTZkMmU3YTk5MzFhNTMiLCJ0ciI6ImRlNDYyYWNmNWI4OTVjNDVkNGRlZDE0ZTEwNTE2NjAwIiwidGkiOjE3MDA1MTY4MTgxODl9fQ==

Response headers

date
Mon, 20 Nov 2023 21:46:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
PHL50-C1
age
2
x-cache
Hit from cloudfront
content-length
0
x-xss-protection
1; mode=block
x-request-id
1a76f54d-a750-4a0d-920c-d8b27eed28e2
pragma
no-cache
x-runtime
0.003024
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
no-store
x-amz-cf-id
rw_ch5rWFgUyphEm-AobfGedo6-VTm0uq1PjbdEywHw64u36gua-MA==
f02a7cb600
bam.nr-data.net/events/1/ 		24 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/f02a7cb600?a=1083354947&v=1.248.0&to=JQkPFkdYXwpdR0sMCQsDTgtbU1Ye&rst=4003&ck=0&s=8845aeaea4f9a702&ref=https://assets.supplier-portal.thunderturtle.io/&ptid=7f9648fc-0001-b45d-461a-018beeb366b6
Requested by
Host: assets.supplier-portal.thunderturtle.io
URL: https://assets.supplier-portal.thunderturtle.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://assets.supplier-portal.thunderturtle.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 20 Nov 2023 21:46:59 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://assets.supplier-portal.thunderturtle.io
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-mia-kmia1760090-MIA
csrf
assets.supplier-portal.thunderturtle.io/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.supplier-portal.thunderturtle.io/csrf
Requested by
Host: assets.supplier-portal.thunderturtle.io
URL: https://assets.supplier-portal.thunderturtle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-84.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets.supplier-portal.thunderturtle.io/
tracestate
1263079@nr=0-1-1263079-1134276848-386c7d774f9acbc7----1700516819260
traceparent
00-dc48c001b7e140f9683a7df9b7ea9d00-386c7d774f9acbc7-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-fe-request-id
f999f265-b68c-4520-abbf-dd2f815d93a6
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjEyNjMwNzkiLCJhcCI6IjExMzQyNzY4NDgiLCJpZCI6IjM4NmM3ZDc3NGY5YWNiYzciLCJ0ciI6ImRjNDhjMDAxYjdlMTQwZjk2ODNhN2RmOWI3ZWE5ZDAwIiwidGkiOjE3MDA1MTY4MTkyNjB9fQ==

Response headers

date
Mon, 20 Nov 2023 21:46:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
PHL50-C1
age
3
x-cache
Hit from cloudfront
content-length
0
x-xss-protection
1; mode=block
x-request-id
1a76f54d-a750-4a0d-920c-d8b27eed28e2
pragma
no-cache
x-runtime
0.003024
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
no-store
x-amz-cf-id
-ngn67NDjcrmTnv4gaE9PTAiSU140HvS8Zy-ClZLItMrwZfmgf3iWQ==
csrf
assets.supplier-portal.thunderturtle.io/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.supplier-portal.thunderturtle.io/csrf
Requested by
Host: assets.supplier-portal.thunderturtle.io
URL: https://assets.supplier-portal.thunderturtle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-84.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets.supplier-portal.thunderturtle.io/
tracestate
1263079@nr=0-1-1263079-1134276848-7ec58651b1b099fb----1700516820339
traceparent
00-469faec36795614769768217962cc400-7ec58651b1b099fb-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-fe-request-id
44a361b6-0b44-4289-acc7-1bef34b892af
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjEyNjMwNzkiLCJhcCI6IjExMzQyNzY4NDgiLCJpZCI6IjdlYzU4NjUxYjFiMDk5ZmIiLCJ0ciI6IjQ2OWZhZWMzNjc5NTYxNDc2OTc2ODIxNzk2MmNjNDAwIiwidGkiOjE3MDA1MTY4MjAzMzl9fQ==

Response headers

date
Mon, 20 Nov 2023 21:46:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
PHL50-C1
age
4
x-cache
Hit from cloudfront
content-length
0
x-xss-protection
1; mode=block
x-request-id
1a76f54d-a750-4a0d-920c-d8b27eed28e2
pragma
no-cache
x-runtime
0.003024
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
no-store
x-amz-cf-id
zVkDjk83zSG_c1GQC8G4QhMUIIfaOWHV-_VSGYJxbq8Jh9V2EogA4Q==

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| NREUM object| webpackChunk:NRBA-1.248.0.PROD object| newrelic object| pendo object| tturtle object| singletons object| __SENTRY__

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block