app.si-wid-goo-1257.npr.service-initiation.asurion.com Open in urlscan Pro
18.173.154.101  Public Scan

URL: https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Submission: On May 10 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 15 HTTP transactions. The main IP is 18.173.154.101, located in United States and belongs to AMAZON-02, US. The main domain is app.si-wid-goo-1257.npr.service-initiation.asurion.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 9th 2024. Valid for: a year.
This is the only time app.si-wid-goo-1257.npr.service-initiation.asurion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 18.173.154.101 16509 (AMAZON-02)
4 3.213.63.189 14618 (AMAZON-AES)
4 54.230.228.82 16509 (AMAZON-02)
15 4
Apex Domain
Subdomains
Transfer
7 asurion.com
app.si-wid-goo-1257.npr.service-initiation.asurion.com
616 KB
4 asurion53.com
assets.asurion-ui.my.asurion53.com — Cisco Umbrella Rank: 173234
98 KB
4 gosimplr.com
dev.gosimplr.com
1 KB
15 3
Domain Requested by
7 app.si-wid-goo-1257.npr.service-initiation.asurion.com app.si-wid-goo-1257.npr.service-initiation.asurion.com
4 assets.asurion-ui.my.asurion53.com app.si-wid-goo-1257.npr.service-initiation.asurion.com
4 dev.gosimplr.com app.si-wid-goo-1257.npr.service-initiation.asurion.com
15 3

This site contains no links.

Subject Issuer Validity Valid
app.si-wid-goo-1257.npr.service-initiation.asurion.com
Amazon RSA 2048 M02
2024-05-09 -
2025-06-07
a year crt.sh
*.gosimplr.com
Amazon RSA 2048 M02
2024-01-23 -
2025-02-19
a year crt.sh
assets.asurion-ui.my.asurion53.com
Amazon RSA 2048 M01
2023-07-05 -
2024-08-03
a year crt.sh

This page contains 1 frames:

Primary Page: https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Frame ID: D8C35AC8AF1A909CE28BD97A8BAEE97F
Requests: 14 HTTP requests in this frame

Screenshot


Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

715 kB
Transfer

710 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
app.si-wid-goo-1257.npr.service-initiation.asurion.com/
594 B
950 B
Document
General
Full URL
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-101.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ffadbb3c2a540123bf0c9a015ab60ec6260f99774df088bf168883e5f14a3834

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
35160
content-length
594
content-type
text/html
date
Thu, 09 May 2024 16:37:19 GMT
etag
"430528d970e81b9251276c1d2768a6cb"
last-modified
Thu, 09 May 2024 13:51:45 GMT
server
AmazonS3
via
1.1 bc5539655ffc88be2596a0239ddfae52.cloudfront.net (CloudFront)
x-amz-cf-id
z0HhIUB0EfQ_ydDBPb2jj3byJdKNpV58Bwpu4YvGpE2l0-R13rXw5A==
x-amz-cf-pop
MUC50-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vendor.css
app.si-wid-goo-1257.npr.service-initiation.asurion.com/
5 KB
5 KB
Stylesheet
General
Full URL
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/vendor.css
Requested by
Host: app.si-wid-goo-1257.npr.service-initiation.asurion.com
URL: https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-101.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cc3ca8e6bcf5d8606653590447b72e9dfb03f5ed6116894e815de089a926954

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 17:43:00 GMT
via
1.1 bc5539655ffc88be2596a0239ddfae52.cloudfront.net (CloudFront)
last-modified
Thu, 09 May 2024 13:51:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
31219
etag
"74255f4db8c388385fee24d35164ea48"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
4786
x-amz-cf-id
StlRE5gYO1_sHd2vgWcYeIztsmf0UZUcoLW9JCS_8-VbG_M1pHB2LQ==
main.css
app.si-wid-goo-1257.npr.service-initiation.asurion.com/
170 B
524 B
Stylesheet
General
Full URL
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/main.css
Requested by
Host: app.si-wid-goo-1257.npr.service-initiation.asurion.com
URL: https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-101.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5523de0fa5c6405f8e1c1ad2ab7e7a0748f3fe3e4b9403710c08e5d9f8c783e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 17:43:00 GMT
via
1.1 bc5539655ffc88be2596a0239ddfae52.cloudfront.net (CloudFront)
last-modified
Thu, 09 May 2024 13:51:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
31219
etag
"9c01ba819370bf42b5cddc26c4d4c679"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
170
x-amz-cf-id
Y8jMS0EbVsy-ErKla2f4KCzKyvSlZc_OBrPKghaRZYhNVO3vM4Bkvg==
runtime.js
app.si-wid-goo-1257.npr.service-initiation.asurion.com/
13 KB
13 KB
Script
General
Full URL
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/runtime.js
Requested by
Host: app.si-wid-goo-1257.npr.service-initiation.asurion.com
URL: https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-101.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e3a4d8f1f654878b69701f6358ecd5546a37478c698787a557b0662106ec715

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Origin
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 17:43:00 GMT
via
1.1 bc5539655ffc88be2596a0239ddfae52.cloudfront.net (CloudFront)
last-modified
Thu, 09 May 2024 13:51:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
31219
etag
"4a78ac9115acfb654bc684ef38e850e2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13040
x-amz-cf-id
JnCoKsHu-H_WVAJox_mSmdeH_n4FXB8GBKrLiD8DN3C1L4unZYZoCg==
vendor.js
app.si-wid-goo-1257.npr.service-initiation.asurion.com/
543 KB
544 KB
Script
General
Full URL
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/vendor.js
Requested by
Host: app.si-wid-goo-1257.npr.service-initiation.asurion.com
URL: https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-101.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a3d7bc60a3e11b23e37589e4c719f77f5c2cf80df0fd5761c0f2ee348e62fc9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Origin
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 17:43:00 GMT
via
1.1 bc5539655ffc88be2596a0239ddfae52.cloudfront.net (CloudFront)
last-modified
Thu, 09 May 2024 13:51:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
31219
etag
"6ecf8325577eada8ff9b866a11f4f859"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
556298
x-amz-cf-id
1ummAvuYZRYQe8JfgjypU98k0FdphPpHtkSzAh7tf4P0ORcrPNaGAA==
main.js
app.si-wid-goo-1257.npr.service-initiation.asurion.com/
51 KB
52 KB
Script
General
Full URL
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/main.js
Requested by
Host: app.si-wid-goo-1257.npr.service-initiation.asurion.com
URL: https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-101.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2b4aaeb2de6dc884536e3028b451b65fdb43398b24d00ab505fb4da5003c7c9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Origin
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 17:43:00 GMT
via
1.1 bc5539655ffc88be2596a0239ddfae52.cloudfront.net (CloudFront)
last-modified
Thu, 09 May 2024 13:51:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
31219
etag
"d8b053bf6dcb14cc3ff79529b773cfa8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
52390
x-amz-cf-id
oV198EjShzsfgJS6fJl11NNpv_fSIoHCfo5UvhtOe5LKHguzfy1mgg==
jwt
dev.gosimplr.com/chat-api/v1/chat/
0
0
Preflight
General
Full URL
https://dev.gosimplr.com/chat-api/v1/chat/jwt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.63.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-63-189.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lang-code,x-simplr-custom-flow-system-id,x-simplr-show-state-debugger,x-simplr-user-origin-url,x-user-agent
Access-Control-Request-Method
POST
Origin
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,x-lang-code,x-simplr-custom-flow-system-id,x-simplr-show-state-debugger,x-simplr-user-origin-url,x-user-agent
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Fri, 10 May 2024 02:23:19 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
Apercu-Bold-Pro.woff2
assets.asurion-ui.my.asurion53.com/fonts/
46 KB
47 KB
Font
General
Full URL
https://assets.asurion-ui.my.asurion53.com/fonts/Apercu-Bold-Pro.woff2
Requested by
Host: app.si-wid-goo-1257.npr.service-initiation.asurion.com
URL: https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-82.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47a6d427b9f549f52ec7103a6ad5ce45c0f69e29b740eb88be8dfa053db21441
Security Headers
Name Value
Content-Security-Policy default-src 'self' assets.asurion-ui.my.asurion53.com *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; img-src 'self' data: *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com *.fullstory.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com *.fullstory.com; style-src 'self' 'unsafe-inline' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; object-src 'self' 'unsafe-eval' *.npr.ui.asurion.com *.my.asurion53.com; connect-src 'self' *.fullstory.com *.contentful.com assets.asurion-ui.my.asurion53.com api.ui.asurion.com; frame-src self *.npr.ui.asurion.com *.my.asurion53.com https://www.figma.com/; child-src 'self' *.npr.ui.asurion.com; font-src 'self' *.asurion.com *.asurionid.dev *.npr.ui.asurion.com *.my.asurion53.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Origin
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 17:43:01 GMT
via
1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'self' assets.asurion-ui.my.asurion53.com *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; img-src 'self' data: *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com *.fullstory.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com *.fullstory.com; style-src 'self' 'unsafe-inline' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; object-src 'self' 'unsafe-eval' *.npr.ui.asurion.com *.my.asurion53.com; connect-src 'self' *.fullstory.com *.contentful.com assets.asurion-ui.my.asurion53.com api.ui.asurion.com; frame-src self *.npr.ui.asurion.com *.my.asurion53.com https://www.figma.com/; child-src 'self' *.npr.ui.asurion.com; font-src 'self' *.asurion.com *.asurionid.dev *.npr.ui.asurion.com *.my.asurion53.com;
x-amz-cf-pop
MUC50-P5
age
31219
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
46660
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 09 May 2024 14:26:03 GMT
server
AmazonS3
etag
"ea96e87226e7edc6d46a59d76e2055f5"
vary
Origin
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
XwB3CKN75OhLnI0ZVrNXG21JMuSxWujGg2DM0yQ_1CfJUaaS6bSaLg==
Apercu-Regular-Pro.woff2
assets.asurion-ui.my.asurion53.com/fonts/
46 KB
48 KB
Font
General
Full URL
https://assets.asurion-ui.my.asurion53.com/fonts/Apercu-Regular-Pro.woff2
Requested by
Host: app.si-wid-goo-1257.npr.service-initiation.asurion.com
URL: https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-82.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7f9f03b575a718693645cfd1184c7af2baf85d940df3f5925716fb2b5c22657
Security Headers
Name Value
Content-Security-Policy default-src 'self' assets.asurion-ui.my.asurion53.com *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; img-src 'self' data: *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com *.fullstory.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com *.fullstory.com; style-src 'self' 'unsafe-inline' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; object-src 'self' 'unsafe-eval' *.npr.ui.asurion.com *.my.asurion53.com; connect-src 'self' *.fullstory.com *.contentful.com assets.asurion-ui.my.asurion53.com api.ui.asurion.com; frame-src self *.npr.ui.asurion.com *.my.asurion53.com https://www.figma.com/; child-src 'self' *.npr.ui.asurion.com; font-src 'self' *.asurion.com *.asurionid.dev *.npr.ui.asurion.com *.my.asurion53.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Origin
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 17:43:01 GMT
via
1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'self' assets.asurion-ui.my.asurion53.com *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; img-src 'self' data: *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com *.fullstory.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com *.fullstory.com; style-src 'self' 'unsafe-inline' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; object-src 'self' 'unsafe-eval' *.npr.ui.asurion.com *.my.asurion53.com; connect-src 'self' *.fullstory.com *.contentful.com assets.asurion-ui.my.asurion53.com api.ui.asurion.com; frame-src self *.npr.ui.asurion.com *.my.asurion53.com https://www.figma.com/; child-src 'self' *.npr.ui.asurion.com; font-src 'self' *.asurion.com *.asurionid.dev *.npr.ui.asurion.com *.my.asurion53.com;
x-amz-cf-pop
MUC50-P5
age
31219
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
47512
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 09 May 2024 14:26:04 GMT
server
AmazonS3
etag
"2333a1d21f530639dd033e144c5fd2fb"
vary
Origin
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
EG4PzkO-WX2djqaZ6bOb0CKKrKQ1PzGqxO9bR76syRmtydagPRhDrQ==
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bd41fe153d0f2cd13bf41be3f249d4f7f6fb74677d318fc4c768b1b815e7bbb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
jwt
dev.gosimplr.com/chat-api/v1/chat/
200 B
828 B
Fetch
General
Full URL
https://dev.gosimplr.com/chat-api/v1/chat/jwt
Requested by
Host: app.si-wid-goo-1257.npr.service-initiation.asurion.com
URL: https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.63.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-63-189.compute-1.amazonaws.com
Software
/
Resource Hash
6bf4b6cfe6096bf2b61ac2b61c666f334dd65178c1985fab27d0e4a26cdf4883
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-simplr-user-origin-url
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
x-simplr-show-state-debugger
true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Accept
application/json
Referer
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
x-simplr-custom-flow-system-id
t9ogohjSrW
x-lang-code
en
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 02:23:19 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
200
x-xss-protection
0
referrer-policy
no-referrer
etag
W/"c8-yZWxQg+69fzyRx4xqUofnMtNR0M"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com
x-download-options
noopen
chat-bubble-circle.svg
assets.asurion-ui.my.asurion53.com/icons/nova/
607 B
2 KB
Fetch
General
Full URL
https://assets.asurion-ui.my.asurion53.com/icons/nova/chat-bubble-circle.svg
Requested by
Host: app.si-wid-goo-1257.npr.service-initiation.asurion.com
URL: https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-82.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13d41e8f3bdc43478d720de9c65b8692b495e0e37cdf7f17d9f70568f31ae601
Security Headers
Name Value
Content-Security-Policy default-src 'self' assets.asurion-ui.my.asurion53.com *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; img-src 'self' data: *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com *.fullstory.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com *.fullstory.com; style-src 'self' 'unsafe-inline' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; object-src 'self' 'unsafe-eval' *.npr.ui.asurion.com *.my.asurion53.com; connect-src 'self' *.fullstory.com *.contentful.com assets.asurion-ui.my.asurion53.com api.ui.asurion.com; frame-src self *.npr.ui.asurion.com *.my.asurion53.com https://www.figma.com/; child-src 'self' *.npr.ui.asurion.com; font-src 'self' *.asurion.com *.asurionid.dev *.npr.ui.asurion.com *.my.asurion53.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 17:43:01 GMT
via
1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'self' assets.asurion-ui.my.asurion53.com *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; img-src 'self' data: *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com *.fullstory.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com *.fullstory.com; style-src 'self' 'unsafe-inline' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; object-src 'self' 'unsafe-eval' *.npr.ui.asurion.com *.my.asurion53.com; connect-src 'self' *.fullstory.com *.contentful.com assets.asurion-ui.my.asurion53.com api.ui.asurion.com; frame-src self *.npr.ui.asurion.com *.my.asurion53.com https://www.figma.com/; child-src 'self' *.npr.ui.asurion.com; font-src 'self' *.asurion.com *.asurionid.dev *.npr.ui.asurion.com *.my.asurion53.com;
x-amz-cf-pop
MUC50-P5
age
31219
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
607
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 09 May 2024 14:26:14 GMT
server
AmazonS3
etag
"c70e5bafa2b4dfd96d165591b0fe0f5b"
vary
Origin
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
vGWajNzxqkWD00H0V-lFgIdSQd-RG0LG7szeIh8Z6a4Ru-6MJRWlpA==
phone.svg
assets.asurion-ui.my.asurion53.com/icons/nova/
582 B
2 KB
Fetch
General
Full URL
https://assets.asurion-ui.my.asurion53.com/icons/nova/phone.svg
Requested by
Host: app.si-wid-goo-1257.npr.service-initiation.asurion.com
URL: https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-82.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22566c50cc2921924b2764fa91e67725c2fda82be87027b7a9e3bee7c9c3f117
Security Headers
Name Value
Content-Security-Policy default-src 'self' assets.asurion-ui.my.asurion53.com *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; img-src 'self' data: *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com *.fullstory.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com *.fullstory.com; style-src 'self' 'unsafe-inline' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; object-src 'self' 'unsafe-eval' *.npr.ui.asurion.com *.my.asurion53.com; connect-src 'self' *.fullstory.com *.contentful.com assets.asurion-ui.my.asurion53.com api.ui.asurion.com; frame-src self *.npr.ui.asurion.com *.my.asurion53.com https://www.figma.com/; child-src 'self' *.npr.ui.asurion.com; font-src 'self' *.asurion.com *.asurionid.dev *.npr.ui.asurion.com *.my.asurion53.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 17:43:01 GMT
via
1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'self' assets.asurion-ui.my.asurion53.com *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; img-src 'self' data: *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com *.fullstory.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com *.fullstory.com; style-src 'self' 'unsafe-inline' *.asurion.com *.npr.ui.asurion.com *.my.asurion53.com; object-src 'self' 'unsafe-eval' *.npr.ui.asurion.com *.my.asurion53.com; connect-src 'self' *.fullstory.com *.contentful.com assets.asurion-ui.my.asurion53.com api.ui.asurion.com; frame-src self *.npr.ui.asurion.com *.my.asurion53.com https://www.figma.com/; child-src 'self' *.npr.ui.asurion.com; font-src 'self' *.asurion.com *.asurionid.dev *.npr.ui.asurion.com *.my.asurion53.com;
x-amz-cf-pop
MUC50-P5
age
31219
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
582
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 09 May 2024 14:26:59 GMT
server
AmazonS3
etag
"ee601980eb33f60b69572910a915b958"
vary
Origin
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
oF1xrXhd0rN29M4IB0JiqdqdxNQor7jPr_UIoUhIGM2-kLNntfkSDg==
favicon.ico
app.si-wid-goo-1257.npr.service-initiation.asurion.com/
243 B
484 B
Other
General
Full URL
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-101.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
191a6fa0b2b201c055ef063979634750df64be787918f590a121b0360f8bad51

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 02:23:19 GMT
via
1.1 bc5539655ffc88be2596a0239ddfae52.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
MUC50-P3
x-amz-cf-id
MMj762W6UihZZ0_mQFAkjqdu9X--2qGTQLmqrjHr7eMZoVNZaLT2nw==
x-cache
Error from cloudfront
content-type
application/xml
room
dev.gosimplr.com/chat-api/v1/chat/
49 B
675 B
Fetch
General
Full URL
https://dev.gosimplr.com/chat-api/v1/chat/room
Requested by
Host: app.si-wid-goo-1257.npr.service-initiation.asurion.com
URL: https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.63.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-63-189.compute-1.amazonaws.com
Software
/
Resource Hash
3a7a0559899eb491108be68cc2367be6d0941a1b6a54d89332e16c42f3966567
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-simplr-user-origin-url
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
x-simplr-show-state-debugger
true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ3aWRnZXRJZCI6Imdvb2dsZV9zb2x1dG8iLCJpYXQiOjE3MTUzMDc3OTksImV4cCI6MTcxNTQ4MDU5OX0.v9DcxmgBZrYT5uy5Bz1Siw34FB9BExItb-FX7OvKmqA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Accept
application/json
Referer
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/
x-simplr-custom-flow-system-id
t9ogohjSrW
x-lang-code
en
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 02:23:19 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
49
x-xss-protection
0
referrer-policy
no-referrer
etag
W/"31-zBf74dyWJ50hibfq896cyQbboyQ"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com
x-download-options
noopen
room
dev.gosimplr.com/chat-api/v1/chat/
0
0
Preflight
General
Full URL
https://dev.gosimplr.com/chat-api/v1/chat/room
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.63.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-63-189.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lang-code,x-simplr-custom-flow-system-id,x-simplr-show-state-debugger,x-simplr-user-origin-url,x-user-agent
Access-Control-Request-Method
POST
Origin
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,x-lang-code,x-simplr-custom-flow-system-id,x-simplr-show-state-debugger,x-simplr-user-origin-url,x-user-agent
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://app.si-wid-goo-1257.npr.service-initiation.asurion.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Fri, 10 May 2024 02:23:19 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunk object| __global__ object| SVGLoader

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://app.si-wid-goo-1257.npr.service-initiation.asurion.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()