URL: https://file.virginpulse.com/api/file/1FnPnlJCSPe5SptVTTHC
Submission: On April 05 via api from US — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 2606:4700::6810:d615, located in United States and belongs to CLOUDFLARENET, US. The main domain is file.virginpulse.com. The Cisco Umbrella rank of the primary domain is 70063.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 30th 2023. Valid for: a year.
This is the only time file.virginpulse.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 1
Apex Domain
Subdomains
Transfer
2 virginpulse.com
file.virginpulse.com — Cisco Umbrella Rank: 70063
57 KB
2 1
Domain Requested by
2 file.virginpulse.com
2 1

This site contains no links.

Subject Issuer Validity Valid
member.virginpulse.com
DigiCert SHA2 Secure Server CA
2023-11-30 -
2024-12-04
a year crt.sh

This page contains 1 frames:

Primary Page: https://file.virginpulse.com/api/file/1FnPnlJCSPe5SptVTTHC
Frame ID: 7243793D6E28FC30700BC11A622128F7
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

1FnPnlJCSPe5SptVTTHC (2000×808)

Page Statistics

2
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

57 kB
Transfer

56 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 1FnPnlJCSPe5SptVTTHC
file.virginpulse.com/api/file/
55 KB
56 KB
Document
General
Full URL
https://file.virginpulse.com/api/file/1FnPnlJCSPe5SptVTTHC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:d615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418125aaa9a010feb16e945667b36fd47670ac53964452a3619c1c124b5637c2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-headers
Content-Type, X-No-Stream
access-control-allow-methods
DELETE, GET, HEAD, POST, PUT
access-control-allow-origin
*
access-control-expose-headers
X-File-Name
access-control-max-age
21600
age
2286743
cache-control
public, max-age=2678400
cf-cache-status
DYNAMIC
cf-ray
86f8a14fbd6e372f-FRA
content-disposition
inline; filename="virgin_pulse_horizontal_color.png"
content-length
55886
content-type
image/png
date
Fri, 05 Apr 2024 09:49:46 GMT
etag
"f1f5a68598c788e42a04b89f93ee846d"
filestack-trace-id
1710023842-5M7qQiZiRm
last-modified
Wed, 21 Feb 2024 22:00:14 GMT
server
cloudflare
via
1.1 varnish, 1.1 varnish, 1.1 172c1df55a41f1a1b144f3711399cfc4.cloudfront.net (CloudFront)
x-amz-cf-id
z3pMP3hhxfpadjvH_8hIXQGTDA604QEXziLfi-ootf9TqrxwRJEOLg==
x-amz-cf-pop
FRA60-P10
x-cache
Hit from cloudfront
x-cache-hits
9, 1
x-file-name
virgin_pulse_horizontal_color.png
x-served-by
cache-iad-kiad7000053-IAD, cache-fra-eddf8230056-FRA
x-timer
S1712268105.080960,VS0,VE2
favicon.ico
file.virginpulse.com/
1 KB
1 KB
Other
General
Full URL
https://file.virginpulse.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:d615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aecd343a1c8f2416474f32c469827123e59c584bbabbbe231c09ddd430adf86c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://file.virginpulse.com/api/file/1FnPnlJCSPe5SptVTTHC
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Fri, 05 Apr 2024 09:49:47 GMT
via
1.1 varnish, 1.1 ea1aadbeedf1001a86f79fc729fb39e0.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P10
age
11
x-cache
Miss from cloudfront
x-served-by
cache-fra-etou8220138-FRA
last-modified
Sun, 10 Mar 2024 12:05:33 GMT
server
cloudflare
x-timer
S1712205408.289125,VS0,VE273
etag
W/"flask-1710072333.08-1406-2106268003"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
image/vnd.microsoft.icon
cache-control
public, max-age=43200
access-control-allow-credentials
true
cf-ray
86f8a1511ed5372f-FRA
access-control-allow-headers
Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Origin, X-File-Name, Key, Content-Type, X-Requested-With, Origin, X-NO-STREAM, Deletion-Source
x-amz-cf-id
s-XtMPF0jkMg8xUo6rV4DWhoL9dWUGmNRG8QjYV8UCJJrVusvTRGfw==
expires
Fri, 05 Apr 2024 21:49:47 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
.virginpulse.com/ Name: __cf_bm
Value: FccwTDY171wfbSb3OAj2vLAe237Wtc8Qdx5TDClSRoY-1712310586-1.0.1.1-r8YgbGT65TXW9X3p2WJhkBIMKX8UUkQ5j8KrxW7KzVxGJeIk5N7RvpzPf8ObirnDmXMtGFZvjkYWKinIlguyEHxMlFTW9mwBNm_esu8fEvI

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

file.virginpulse.com
2606:4700::6810:d615
418125aaa9a010feb16e945667b36fd47670ac53964452a3619c1c124b5637c2
aecd343a1c8f2416474f32c469827123e59c584bbabbbe231c09ddd430adf86c