customer.staging.joinworth.com Open in urlscan Pro
13.33.187.57 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://customer.staging.joinworth.com/
Submission: On November 25 via automatic, source certstream-suspicious (November 25th 2024, 7:48:29 am UTC) — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 3 domains to perform 18 HTTP transactions. The main IP is 13.33.187.57, located in United States and belongs to AMAZON-02, US. The main domain is customer.staging.joinworth.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 26th 2023. Valid for: a year.

This is the only time customer.staging.joinworth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	13.33.187.57 13.33.187.57	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:119b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
4	52.202.96.212 52.202.96.212	14618 (AMAZON-AES) (AMAZON-AES)
1	15.197.213.252 15.197.213.252	16509 (AMAZON-02) (AMAZON-02)
18	6

7 13.33.187.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-57.fra60.r.cloudfront.net

customer.staging.joinworth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:119b (United States)

ASN13335 (CLOUDFLARENET, US)

js.userpilot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.130.217 (San Francisco, United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.202.96.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-96-212.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.213.252 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa1ba9bef7b18c265.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 696 events.launchdarkly.com — Cisco Umbrella Rank: 877 clientstream.launchdarkly.com — Cisco Umbrella Rank: 939	2 KB
7	joinworth.com customer.staging.joinworth.com	3 MB
1	userpilot.io js.userpilot.io — Cisco Umbrella Rank: 15022	6 KB
18	3

	Domain	Requested by
7	customer.staging.joinworth.com	customer.staging.joinworth.com
4	events.launchdarkly.com	customer.staging.joinworth.com
4	app.launchdarkly.com	customer.staging.joinworth.com
1	clientstream.launchdarkly.com
1	js.userpilot.io	customer.staging.joinworth.com
18	5

This site contains no links.

Subject Issuer	Validity	Valid
customer.staging.joinworth.com Amazon RSA 2048 M03	`2023-12-26` - `2025-01-23`	a year	crt.sh
userpilot.io WE1	`2024-11-10` - `2025-02-08`	3 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M03	`2024-07-16` - `2025-08-14`	a year	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M02	`2024-07-16` - `2025-08-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://customer.staging.joinworth.com/
Frame ID: 9937C58937CC09BAA67D860D8AA7672B
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Customer Admin

Page Statistics

18
Requests

94 %
HTTPS

20 %
IPv6

3
Domains

5
Subdomains

6
IPs

1
Countries

2776 kB
Transfer

2783 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
customer.staging.joinworth.com/ 920 B
1 KB 112ms
25ms Document
text/html 13.33.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customer.staging.joinworth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d81bf7945de3f241f1f073d462cc42651900ca08eb6a66007a89470f6d585bd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1125
content-length: 920
content-type: text/html
date: Mon, 25 Nov 2024 07:29:38 GMT
etag: "dc153e226e496dbda15d281361666e1a"
last-modified: Tue, 19 Nov 2024 12:05:20 GMT
server: AmazonS3
via: 1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
x-amz-cf-id: NP8KiC0OHxAWxqKz4jKAM_UPjRTcrgbbmkGKjys91PJ-YFby8wu44Q==
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 index-f48e654e.js Show response
customer.staging.joinworth.com/assets/ 3 MB
3 MB 539ms
538ms Script
text/javascript 13.33.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customer.staging.joinworth.com/assets/index-f48e654e.js
Requested by: Host: customer.staging.joinworth.com
URL: https://customer.staging.joinworth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09e0196888558c15fdc25ce1d16a0be8d270772b5e18ffcc0aa457e3620aa808

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://customer.staging.joinworth.com
Referer: https://customer.staging.joinworth.com/

Response headers

etag: "127d4a19dab3769eaf40fde25e18ed03"
via: 1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 2698489
x-amz-cf-id: Hb_4a5C4scdLfXOYTSMVHmkKVJD_cua0UEfCBHznA3Z2yAjSsrzXzg==
date: Mon, 25 Nov 2024 07:48:24 GMT
content-type: text/javascript
last-modified: Tue, 19 Nov 2024 12:05:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 index-f0e8fcaa.css
customer.staging.joinworth.com/assets/ 110 KB
111 KB 486ms
486ms Stylesheet
text/css 13.33.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customer.staging.joinworth.com/assets/index-f0e8fcaa.css
Requested by: Host: customer.staging.joinworth.com
URL: https://customer.staging.joinworth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0e8fcaa4a272a500d1d35188340dae40fce96ba76f4a3bebee35146bb8717f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://customer.staging.joinworth.com/

Response headers

etag: "f4b4e405dd92238d08809d6cf263f87f"
via: 1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 113085
x-amz-cf-id: TBQL1RoVQbz3iIIgpyPz5NkPtfvg5RbnChODR_etdXJKD7byloHmFQ==
date: Mon, 25 Nov 2024 07:48:24 GMT
content-type: text/css
last-modified: Tue, 19 Nov 2024 12:05:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 workbox-window.prod.es5-08b2315b.js Show response
customer.staging.joinworth.com/assets/ 5 KB
6 KB 479ms
479ms Script
text/javascript 13.33.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customer.staging.joinworth.com/assets/workbox-window.prod.es5-08b2315b.js
Requested by: Host: customer.staging.joinworth.com
URL: https://customer.staging.joinworth.com/assets/index-f48e654e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 436bac75ac20973f09f6a293c19cfc2e3edc851259685b0cfe628a0073114028

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://customer.staging.joinworth.com
Referer: https://customer.staging.joinworth.com/assets/index-f48e654e.js

Response headers

etag: "999ed2acaf5386df20e4ca18dcf8d3d7"
via: 1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 5289
x-amz-cf-id: PfwTRKbEhROC8kQKNfz9-Orrf11dt_KYn87EykkYrDNM38hJrtV24g==
date: Mon, 25 Nov 2024 07:48:25 GMT
content-type: text/javascript
last-modified: Tue, 19 Nov 2024 12:05:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 latest.js Show response
js.userpilot.io/sdk/ 18 KB
6 KB 126ms
35ms Script
text/javascript 2606:4700::6812:119b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.userpilot.io/sdk/latest.js

Requested by

Host: customer.staging.joinworth.com
URL: https://customer.staging.joinworth.com/assets/index-f48e654e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:119b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

940dff112bb9b39e025469b2b5df93bc760cd9db1c202c3e4b92a221ce278158

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://customer.staging.joinworth.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"91eb949fdab3375e85d7ca6b73b1b2f3"
age: 35
x-content-type-options: nosniff
date: Mon, 25 Nov 2024 07:48:24 GMT
content-type: text/javascript
last-modified: Sun, 24 Nov 2024 13:11:14 GMT
vary: Accept-Encoding
x-amz-id-2: FYxXxONHkeP0st1hCnPl/rKCeIQYSJ+dsSlLAKo0pT/ZAH12tQHxXAe0hRyVrJuIjaXCWPEMN4Q=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=120
x-amz-request-id: XZN0W6B7JAFTXX8R
cf-ray: 8e8009461e1fd9da-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 66a8c7c151ed450faa3169f3 Show response
app.launchdarkly.com/sdk/goals/ 2 B
177 B 172ms
172ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/66a8c7c151ed450faa3169f3

Requested by

Host: customer.staging.joinworth.com
URL: https://customer.staging.joinworth.com/assets/index-f48e654e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper: react-client-sdk/3.4.0
Referer: https://customer.staging.joinworth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent: JSClient/3.4.0

Response headers

content-md5: d751713988987e9331980363e24189ce
access-control-max-age: 300
content-encoding: gzip
etag: "d751713988987e9331980363e24189ce"
age: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-cache: MISS
date: Mon, 25 Nov 2024 07:48:24 GMT
content-type: application/json
x-served-by: cache-cph2320048-CPH
x-cache-hits: 0
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cache-control: max-age=0
x-timer: S1732520905.828232,VS0,VE128
ld-region: us-east-1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYTY1M2M3MDAtYWIwMS0xMWVmLTgwMTgtZTMzYmY2ZDgyNGE0In0 Show response
app.launchdarkly.com/sdk/evalx/66a8c7c151ed450faa3169f3/contexts/ 1 KB
720 B 486ms
486ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/66a8c7c151ed450faa3169f3/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYTY1M2M3MDAtYWIwMS0xMWVmLTgwMTgtZTMzYmY2ZDgyNGE0In0
Requested by: Host: customer.staging.joinworth.com
URL: https://customer.staging.joinworth.com/assets/index-f48e654e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0fa2ba89759a3bbc387e0ff85facca555683437fd81235c3bd956c37573a1258

Request headers

X-LaunchDarkly-Wrapper: react-client-sdk/3.4.0
Referer: https://customer.staging.joinworth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent: JSClient/3.4.0

Response headers

access-control-max-age: 3600
content-encoding: gzip
etag: "80dbb"
age: 0
access-control-allow-methods: OPTIONS, GET
x-cache: MISS
date: Mon, 25 Nov 2024 07:48:25 GMT
content-type: application/json
vary: Authorization, Accept-Encoding
x-served-by: cache-cph2320022-CPH, cache-cph2320048-CPH
x-cache-hits: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
cache-control: max-age=0
x-timer: S1732520905.830596,VS0,VE443
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 332

GET 28fb651b-2282-491b-8bad-455a569cc417
https://customer.staging.joinworth.com/ 0
0

OPTIONS
H2 200 66a8c7c151ed450faa3169f3
app.launchdarkly.com/sdk/goals/ 0
0 245ms
142ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/66a8c7c151ed450faa3169f3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://customer.staging.joinworth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Mon, 25 Nov 2024 07:48:24 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-cph2320048-CPH
x-timer: S1732520905.685455,VS0,VE102

OPTIONS
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYTY1M2M3MDAtYWIwMS0xMWVmLTgwMTgtZTMzYmY2ZDgyNGE0In0
app.launchdarkly.com/sdk/evalx/66a8c7c151ed450faa3169f3/contexts/ 0
0 245ms
144ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/66a8c7c151ed450faa3169f3/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYTY1M2M3MDAtYWIwMS0xMWVmLTgwMTgtZTMzYmY2ZDgyNGE0In0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://customer.staging.joinworth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Mon, 25 Nov 2024 07:48:24 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-cph2320048-CPH
x-timer: S1732520905.685389,VS0,VE104

POST
H2 202 66a8c7c151ed450faa3169f3 Show response
events.launchdarkly.com/events/diagnostic/ 0
358 B 141ms
131ms XHR
application/json 52.202.96.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/66a8c7c151ed450faa3169f3

Requested by

Host: customer.staging.joinworth.com
URL: https://customer.staging.joinworth.com/assets/index-f48e654e.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.202.96.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-96-212.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper: react-client-sdk/3.4.0
Referer: https://customer.staging.joinworth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent: JSClient/3.4.0
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-expose-headers: Date
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
content-length: 0
date: Mon, 25 Nov 2024 07:48:25 GMT
content-type: application/json
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags

OPTIONS
H2 204 66a8c7c151ed450faa3169f3
events.launchdarkly.com/events/diagnostic/ 0
0 437ms
121ms Preflight 52.202.96.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/66a8c7c151ed450faa3169f3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.202.96.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-96-212.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://customer.staging.joinworth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Mon, 25 Nov 2024 07:48:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 favicon.svg
customer.staging.joinworth.com/ 5 KB
5 KB 37ms
36ms Other
image/svg+xml 13.33.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customer.staging.joinworth.com/favicon.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25b4ceb7ec2c1924720f244bf052912181712a0bdefbc53af76cf70dd45327be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://customer.staging.joinworth.com/

Response headers

etag: "0a1a14418f39a677a1d2cb8e1dad9dfe"
age: 1127
via: 1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 5096
x-amz-cf-id: VDRwVQEDlOusAOo08lF3BGjYuRbw9KeML66R-3HN1VoflUimXc3W-g==
date: Mon, 25 Nov 2024 07:29:38 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Nov 2024 12:05:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 favicon.svg
customer.staging.joinworth.com/src/ 920 B
1 KB 419ms
419ms Other
text/html 13.33.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customer.staging.joinworth.com/src/favicon.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d81bf7945de3f241f1f073d462cc42651900ca08eb6a66007a89470f6d585bd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://customer.staging.joinworth.com/

Response headers

etag: "dc153e226e496dbda15d281361666e1a"
age: 1128
via: 1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Error from cloudfront
content-length: 920
x-amz-cf-id: 0YhdtMZeqpEqK-XAHiXHX8GdbcSqZ-F9q5_GQNebI37XM_z8m4G4sw==
date: Mon, 25 Nov 2024 07:29:38 GMT
content-type: text/html
last-modified: Tue, 19 Nov 2024 12:05:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 logo.svg
customer.staging.joinworth.com/ 5 KB
5 KB 470ms
468ms Image
image/svg+xml 13.33.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://customer.staging.joinworth.com/logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 732eb1193af94bf86e52be75285cb4d1d0b95dc05344dfbf5e3aa26d4f0a7bb1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://customer.staging.joinworth.com/

Response headers

etag: "8a9653a537f79b96e05869caaabe476e"
via: 1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 4980
x-amz-cf-id: ZW2HhVyiSZDMFem4uSz3EIV_fnn81nJdRWNNyApsPxLdgIu1-mtX_g==
date: Mon, 25 Nov 2024 07:48:26 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Nov 2024 12:05:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYTY1M2M3MDAtYWIwMS0xMWVmLTgwMTgtZTMzYmY2ZDgyNGE0In0
clientstream.launchdarkly.com/eval/66a8c7c151ed450faa3169f3/ 1 KB
0 311ms
145ms EventSource
text/event-stream 15.197.213.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/66a8c7c151ed450faa3169f3/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYTY1M2M3MDAtYWIwMS0xMWVmLTgwMTgtZTMzYmY2ZDgyNGE0In0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.197.213.252 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aa1ba9bef7b18c265.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Cache-Control: no-cache
Referer: https://customer.staging.joinworth.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/event-stream

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
cache-control: no-cache, no-store, must-revalidate
ld-region: eu-west-1
access-control-allow-methods: GET,OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
date: Mon, 25 Nov 2024 07:48:25 GMT
content-type: text/event-stream; charset=utf-8
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

POST
H2 202 66a8c7c151ed450faa3169f3 Show response
events.launchdarkly.com/events/bulk/ 0
358 B 141ms
141ms XHR
application/json 52.202.96.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/66a8c7c151ed450faa3169f3

Requested by

Host: customer.staging.joinworth.com
URL: https://customer.staging.joinworth.com/assets/index-f48e654e.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.202.96.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-96-212.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper: react-client-sdk/3.4.0
X-LaunchDarkly-Event-Schema: 4
Referer: https://customer.staging.joinworth.com/
X-LaunchDarkly-Payload-ID: a798ca20-ab01-11ef-8018-e33bf6d824a4
X-LaunchDarkly-User-Agent: JSClient/3.4.0
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-expose-headers: Date
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
content-length: 0
date: Mon, 25 Nov 2024 07:48:26 GMT
content-type: application/json
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags

OPTIONS
H2 204 66a8c7c151ed450faa3169f3
events.launchdarkly.com/events/bulk/ 0
0 130ms
129ms Preflight 52.202.96.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/66a8c7c151ed450faa3169f3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.202.96.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-96-212.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://customer.staging.joinworth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Mon, 25 Nov 2024 07:48:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: customer.staging.joinworth.com
URL: blob:https://customer.staging.joinworth.com/28fb651b-2282-491b-8bad-455a569cc417

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			customer.staging.joinworth.com/	1970-01-21 01:15:21	Name: _dd_s Value: rum=1&id=5a5ade99-1741-44fd-b79e-6f6ecc80abd0&created=1732520904520&expire=1732521804520

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
clientstream.launchdarkly.com
customer.staging.joinworth.com
events.launchdarkly.com
js.userpilot.io
customer.staging.joinworth.com
13.33.187.57
15.197.213.252
151.101.130.217
2606:4700::6812:119b
52.202.96.212
09e0196888558c15fdc25ce1d16a0be8d270772b5e18ffcc0aa457e3620aa808
0fa2ba89759a3bbc387e0ff85facca555683437fd81235c3bd956c37573a1258
25b4ceb7ec2c1924720f244bf052912181712a0bdefbc53af76cf70dd45327be
436bac75ac20973f09f6a293c19cfc2e3edc851259685b0cfe628a0073114028
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
732eb1193af94bf86e52be75285cb4d1d0b95dc05344dfbf5e3aa26d4f0a7bb1
940dff112bb9b39e025469b2b5df93bc760cd9db1c202c3e4b92a221ce278158
d81bf7945de3f241f1f073d462cc42651900ca08eb6a66007a89470f6d585bd7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0e8fcaa4a272a500d1d35188340dae40fce96ba76f4a3bebee35146bb8717f9

customer.staging.joinworth.com Open in urlscan Pro 13.33.187.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

18 Requests

94 %HTTPS

20 %IPv6

3 Domains

5 Subdomains

6 IPs

1 Countries

2776 kBTransfer

2783 kBSize

1 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

Indicators

customer.staging.joinworth.com Open in urlscan Pro
13.33.187.57 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

94 %
HTTPS

20 %
IPv6

3
Domains

5
Subdomains

6
IPs

1
Countries

2776 kB
Transfer

2783 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions