urlscan.io logo urlscan.io
SecurityTrails logo

covius.youearnedit.com Open in urlscan Pro
35.199.32.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://covius.youearnedit.com/
Effective URL: https://covius.youearnedit.com/users/sign_in
Submission: On October 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 6 HTTP transactions. The main IP is 35.199.32.36, located in Washington, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is covius.youearnedit.com.
TLS certificate: Issued by R11 on August 21st 2024. Valid for: 3 months.
This is the only time covius.youearnedit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 35.199.32.36 396982 (GOOGLE-CL...)
2 2600:9000:26d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 4
Apex Domain
Subdomains		 Transfer
3 youearnedit.com
covius.youearnedit.com
15 KB
2 cloudfront.net
d2y682l68cpwit.cloudfront.net
147 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
100 KB
1 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 380
106 KB
6 4
Domain Requested by
3 covius.youearnedit.com 1 redirects
2 d2y682l68cpwit.cloudfront.net covius.youearnedit.com
1 www.googletagmanager.com covius.youearnedit.com
1 storage.googleapis.com covius.youearnedit.com
6 4

This site contains links to these domains. Also see Links.

Domain
login.youearnedit.com
www.worktango.com
Subject Issuer Validity Valid
*.youearnedit.com
R11		 2024-08-21 -
2024-11-19		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
storage.googleapis.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://covius.youearnedit.com/users/sign_in
Frame ID: 4810EA70E121910D80DABBE2C4AAC8FC
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WorkTango

Page URL History Show full URLs

  1. https://covius.youearnedit.com/ HTTP 302
    https://covius.youearnedit.com/users/sign_in Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

6
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

368 kB
Transfer

851 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://covius.youearnedit.com/ HTTP 302
    https://covius.youearnedit.com/users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign_in
covius.youearnedit.com/users/
Redirect Chain
  • https://covius.youearnedit.com/
  • https://covius.youearnedit.com/users/sign_in
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://covius.youearnedit.com/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.199.32.36 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.32.199.35.bc.googleusercontent.com
Software
/
Resource Hash
cb18f328dc38c501b4a499ebe9ff421124b906c698d1791cb652793605c39847
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Security-Policy
default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
Content-Type
text/html; charset=utf-8
Date
Wed, 02 Oct 2024 13:30:14 GMT
ETag
W/"cb18f328dc38c501b4a499ebe9ff4211"
Referrer-Policy
strict-origin-when-cross-origin
Status
200 OK
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
198fa24b09e1cc64d0406aaf8c152e33
X-Runtime
0.228512
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
110
Content-Security-Policy
default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
Content-Type
text/html
Date
Wed, 02 Oct 2024 13:30:13 GMT
Location
https://covius.youearnedit.com/users/sign_in
Status
302 Found
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Request-Id
bb4916ba1556c69c4728cba56ad1d759
X-Runtime
0.000908
login-0c83841265c8b1e93b87b1c80dddbff920990ae6982a2877bcf842cd1a031794.css
d2y682l68cpwit.cloudfront.net/assets/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2y682l68cpwit.cloudfront.net/assets/login-0c83841265c8b1e93b87b1c80dddbff920990ae6982a2877bcf842cd1a031794.css
Requested by
Host: covius.youearnedit.com
URL: https://covius.youearnedit.com/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:4400:5:54af:3940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0c83841265c8b1e93b87b1c80dddbff920990ae6982a2877bcf842cd1a031794
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://covius.youearnedit.com/

Response headers

content-encoding
gzip
age
18839
access-control-request-method
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
4cTW_4b3gCwJGUR5U8dAzp5me99I6zddlh1-l9AJcCRSF12EvcU4tg==
date
Wed, 02 Oct 2024 13:30:14 GMT
content-type
text/css
last-modified
Mon, 16 Sep 2024 16:51:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
cache-control
max-age=315360000, public
via
1.1 ac174bd7948c4e669be0382ce2c052e8.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
3004
x-amz-cf-pop
MUC50-P3
login-0a036d562a9a3fd1dc5d83ea5af297861aff331341d04f4fa20258bed0695c73.js
d2y682l68cpwit.cloudfront.net/assets/ 		426 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2y682l68cpwit.cloudfront.net/assets/login-0a036d562a9a3fd1dc5d83ea5af297861aff331341d04f4fa20258bed0695c73.js
Requested by
Host: covius.youearnedit.com
URL: https://covius.youearnedit.com/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:4400:5:54af:3940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0a036d562a9a3fd1dc5d83ea5af297861aff331341d04f4fa20258bed0695c73
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://covius.youearnedit.com/

Response headers

content-encoding
gzip
age
18839
access-control-request-method
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
kzhSpRb7Al6SncpzAeZG1pLLfBxrW9VW7Q6tKzRUO6NNFtY4FW8bYQ==
date
Wed, 02 Oct 2024 13:30:14 GMT
content-type
application/javascript
last-modified
Mon, 16 Sep 2024 16:56:35 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
cache-control
max-age=315360000, public
via
1.1 ac174bd7948c4e669be0382ce2c052e8.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
146533
x-amz-cf-pop
MUC50-P3
a0d48552-b239-465f-bc23-fafcdbda6af3-loginLogo.png
storage.googleapis.com/kazoohr-kazoo-web-prod-public/layout/branding/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/kazoohr-kazoo-web-prod-public/layout/branding/a0d48552-b239-465f-bc23-fafcdbda6af3-loginLogo.png
Requested by
Host: covius.youearnedit.com
URL: https://covius.youearnedit.com/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d1af58110956b097cb72bb3c066bbdf6e5c6aca526567999f019690a67fc550b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://covius.youearnedit.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=OG4jjw==, md5=JlmHRAuCEoOcp+wNHTPJwg==
etag
"265987440b8212839ca7ec0d1d33c9c2"
x-goog-stored-content-encoding
identity
expires
Wed, 02 Oct 2024 14:30:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
107761
date
Wed, 02 Oct 2024 13:30:14 GMT
last-modified
Wed, 21 Aug 2024 19:12:51 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljurdUCqAp91n7JsDuCLhV7EZdC8gt_t6arNIwqJeKPjh3Actu9rkQV4ckO2OqCetaRvpWzx1-lN4w
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
x-goog-meta-x-goog-reserved-source-generation
1666640825366208
accept-ranges
bytes
x-goog-generation
1724267571942634
content-length
107761
server
UploadServer
gtm.js
www.googletagmanager.com/ 		295 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=G-MHGX8N9D52
Requested by
Host: covius.youearnedit.com
URL: https://covius.youearnedit.com/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7f8d63b93ab896767818f063952b01a02a8ff446fdce6d00d26234959d680a85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://covius.youearnedit.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 02 Oct 2024 13:30:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 02 Oct 2024 13:30:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102075
x-xss-protection
0
server
Google Tag Manager
favicon.ico
covius.youearnedit.com/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://covius.youearnedit.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.199.32.36 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.32.199.35.bc.googleusercontent.com
Software
/
Resource Hash
14967ca639c8371c13fc74e6c861b4d75304104bfb21a1289e7cf89dc238bd22
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://covius.youearnedit.com/users/sign_in

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
ETag
"66e8622e-1ece"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7886
Date
Wed, 02 Oct 2024 13:30:15 GMT
Content-Type
image/x-icon
Last-Modified
Mon, 16 Sep 2024 16:51:58 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQuery11240776560307008664 function| webpackJsonp object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| React object| jQuery111103623608508934897 function| _ function| underscore object| yei object| dataLayer object| style object| sheet object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady

1 Cookies

Domain/Path Name / Value
covius.youearnedit.com/ Name: _session_id
Value: 8190dfa09eadae7b1238bb6ae2270e7e

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://covius.youearnedit.com/users/sign_in
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block