auth.staging.bridgeapp.com Open in urlscan Pro
3.130.112.218 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bugcrowd.suite.staging.bridgeapp.com/
Effective URL:
https://auth.staging.bridgeapp.com/oauth2/authorize?client_id=8cdd72c7-0017-40e4-b1da-ffe2b0964978&redirect_uri=https%3A%2F%2Fbugcr...
Submission: On January 31 via api (January 31st 2021, 11:01:19 pm UTC) from BR

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 6 domains to perform 21 HTTP transactions. The main IP is 3.130.112.218, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is auth.staging.bridgeapp.com.
TLS certificate: Issued by Amazon on July 29th 2020. Valid for: a year.

This is the only time auth.staging.bridgeapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	18.191.31.43 18.191.31.43	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:206... 2600:9000:206f:9400:4:1f76:58c0:21	16509 (AMAZON-02) (AMAZON-02)
1	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
1	13.224.102.30 13.224.102.30	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:14ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:4a00:d:8106:ac80:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	52.212.22.221 52.212.22.221	16509 (AMAZON-02) (AMAZON-02)
1	3.130.112.218 3.130.112.218	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
21	12

5 18.191.31.43 (Columbus, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-191-31-43.us-east-2.compute.amazonaws.com

bugcrowd.suite.staging.bridgeapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:206f:9400:4:1f76:58c0:21 (United States)

ASN16509 (AMAZON-02, US)

d10kghoxz0oe3n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.112.186 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.30 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-30.zrh50.r.cloudfront.net

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:14ef (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:4a00:d:8106:ac80:21 (United States)

ASN16509 (AMAZON-02, US)

d16yf2hp21he42.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.22.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-22-221.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.130.112.218 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-112-218.us-east-2.compute.amazonaws.com

auth.staging.bridgeapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cloudfront.net d10kghoxz0oe3n.cloudfront.net d16yf2hp21he42.cloudfront.net	96 KB
6	bridgeapp.com 2 redirects bugcrowd.suite.staging.bridgeapp.com auth.staging.bridgeapp.com	5 KB
4	googleapis.com firebaseinstallations.googleapis.com firebaseremoteconfig.googleapis.com	2 KB
2	pingdom.net rum-static.pingdom.net rum-collector-2.pingdom.net	3 KB
2	fullstory.com edge.fullstory.com rs.fullstory.com	61 KB
1	pendo.io cdn.pendo.io	118 KB
21	6

	Domain	Requested by
6	d10kghoxz0oe3n.cloudfront.net	bugcrowd.suite.staging.bridgeapp.com d10kghoxz0oe3n.cloudfront.net
5	bugcrowd.suite.staging.bridgeapp.com	2 redirects d10kghoxz0oe3n.cloudfront.net
2	firebaseremoteconfig.googleapis.com	d10kghoxz0oe3n.cloudfront.net
2	firebaseinstallations.googleapis.com	d10kghoxz0oe3n.cloudfront.net
1	auth.staging.bridgeapp.com	d10kghoxz0oe3n.cloudfront.net
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	d16yf2hp21he42.cloudfront.net	d10kghoxz0oe3n.cloudfront.net
1	rs.fullstory.com	edge.fullstory.com
1	rum-static.pingdom.net	d10kghoxz0oe3n.cloudfront.net
1	cdn.pendo.io	d10kghoxz0oe3n.cloudfront.net
1	edge.fullstory.com	d10kghoxz0oe3n.cloudfront.net
21	11

This site contains no links.

Subject Issuer	Validity	Valid
suite.staging.bridgeops.sh Amazon	`2020-03-20` - `2021-04-20`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
edge.fullstory.com GTS CA 1D2	`2020-12-26` - `2021-03-26`	3 months	crt.sh
cdn.pendo.io DigiCert SHA2 Extended Validation Server CA	`2019-06-04` - `2021-09-02`	2 years	crt.sh
*.pingdom.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-15` - `2022-01-15`	a year	crt.sh
*.fullstory.com R3	`2021-01-28` - `2021-04-28`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
authmonger.staging.cmh.shared.bridgeops.net Amazon	`2020-07-29` - `2021-08-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://auth.staging.bridgeapp.com/oauth2/authorize?client_id=8cdd72c7-0017-40e4-b1da-ffe2b0964978&redirect_uri=https%3A%2F%2Fbugcrowd.suite.staging.bridgeapp.com%2Fsso%2Fauthmonger%2Fauthorize&response_type=code&state=%2F
Frame ID: FF3D4411BCF2CCA790699DEAE5E7D25A
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bugcrowd.suite.staging.bridgeapp.com/ HTTP 301
https://bugcrowd.suite.staging.bridgeapp.com/ Page URL
https://bugcrowd.suite.staging.bridgeapp.com/sso/authmonger/login?location=%2F HTTP 302
https://auth.staging.bridgeapp.com/oauth2/authorize?client_id=8cdd72c7-0017-40e4-b1da-ffe2b0964978&redirect_uri... Page URL

Detected technologies

Envoy (Reverse Proxy) Expand

Overall confidence: 100%
Detected patterns

headers server /^envoy$/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

21
Requests

95 %
HTTPS

45 %
IPv6

6
Domains

11
Subdomains

12
IPs

4
Countries

285 kB
Transfer

973 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bugcrowd.suite.staging.bridgeapp.com/ HTTP 301
https://bugcrowd.suite.staging.bridgeapp.com/ Page URL
https://bugcrowd.suite.staging.bridgeapp.com/sso/authmonger/login?location=%2F HTTP 302
https://auth.staging.bridgeapp.com/oauth2/authorize?client_id=8cdd72c7-0017-40e4-b1da-ffe2b0964978&redirect_uri=https%3A%2F%2Fbugcrowd.suite.staging.bridgeapp.com%2Fsso%2Fauthmonger%2Fauthorize&response_type=code&state=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bugcrowd.suite.staging.bridgeapp.com/ HTTP 301
https://bugcrowd.suite.staging.bridgeapp.com/

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
bugcrowd.suite.staging.bridgeapp.com/
Redirect Chain

http://bugcrowd.suite.staging.bridgeapp.com/
https://bugcrowd.suite.staging.bridgeapp.com/

2 KB
1 KB

628ms
204ms

Document
text/html

18.191.31.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bugcrowd.suite.staging.bridgeapp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.191.31.43 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-31-43.us-east-2.compute.amazonaws.com
Software: envoy /
Resource Hash: df1dc167943769507644eabeb1938f1164cec8441c6072eb05af52573fe079e1

Request headers

Host: bugcrowd.suite.staging.bridgeapp.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

age: 153
content-encoding: gzip
content-type: text/html
date: Sun, 31 Jan 2021 22:58:28 GMT
etag: W/"d9ea6a5c16dc2b572864bfcbca10dced"
last-modified: Mon, 11 Jan 2021 16:00:59 GMT
server: envoy
vary: Accept-Encoding
via: 1.1 653b8fd02b9c66ea441f0baaa36e85ec.cloudfront.net (CloudFront)
x-amz-cf-id: hN0G34y_lyYpPhVYp8tY4An0bUg-n-Erm_eXoyk9-K5qKdcHbkXvfQ==
x-amz-cf-pop: YTO50-C1
x-amz-version-id: Pd2Rbdt6_6qd.N.sZqclMEbMcTCeee.p
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 57
x-request-id: a1f173a5-11bb-47d9-9b49-d3759ba9b522
Content-Length: 827
Connection: keep-alive

Redirect headers

date: Sun, 31 Jan 2021 23:00:59 GMT
location: https://bugcrowd.suite.staging.bridgeapp.com/
server: envoy
Content-Length: 0
Connection: keep-alive

GET
H2 200 tapestry.9076fb2dcc13eb388f86.css
d10kghoxz0oe3n.cloudfront.net/bridge-platform/ 1 KB
884 B 476ms
442ms Stylesheet
text/css 2600:9000:206f:9400:4:1f76:58c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10kghoxz0oe3n.cloudfront.net/bridge-platform/tapestry.9076fb2dcc13eb388f86.css
Requested by: Host: bugcrowd.suite.staging.bridgeapp.com
URL: https://bugcrowd.suite.staging.bridgeapp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9400:4:1f76:58c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 373cad7d5af4019ac279e50eaf42d2b9c4fa3cbb86418d6099e28f5e81649761

Request headers

Referer: https://bugcrowd.suite.staging.bridgeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 23:01:01 GMT
content-encoding: gzip
last-modified: Mon, 11 Jan 2021 16:00:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"fc7e5bea6f023e8cd7a2ad14342c06c5"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: P0RXkh7uXahoJgX41OZQsGynGFrpn8l.
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
content-type: text/css
x-amz-cf-id: ydapsgJnTLrZnJ-kAZyhXylm28iD9FPyfwaDXoG-0XQ6ZFUB_-Zllw==

GET
H2 200 polyfills.js Show response
d10kghoxz0oe3n.cloudfront.net/bridge-platform/packages/@inst/tapestry-polyfills-1.0.2/ 47 KB
18 KB 496ms
461ms Script
application/javascript 2600:9000:206f:9400:4:1f76:58c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10kghoxz0oe3n.cloudfront.net/bridge-platform/packages/@inst/tapestry-polyfills-1.0.2/polyfills.js
Requested by: Host: bugcrowd.suite.staging.bridgeapp.com
URL: https://bugcrowd.suite.staging.bridgeapp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9400:4:1f76:58c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fa86dfaa8a5f1b5615be107f51557f90759df16e83d45fa5a2ff0d8377a0be6

Request headers

Referer: https://bugcrowd.suite.staging.bridgeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 23:01:01 GMT
content-encoding: gzip
last-modified: Mon, 11 Jan 2021 16:00:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"d70342a0185fd12113a8fec069f9440f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: fJviH8jsPsdZoMjkx2LGHna5MFTQKljI
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
content-type: application/javascript
x-amz-cf-id: w5E0SpINGp_Sp19xaiiM0UE0tUQ9zmZpNPNPLXkm2PgxIU1QsxNY1w==

GET
H2 200 first-input-delay.min.js Show response
d10kghoxz0oe3n.cloudfront.net/bridge-platform/packages/first-input-delay-0.1.3/ 695 B
1 KB 481ms
447ms Script
application/javascript 2600:9000:206f:9400:4:1f76:58c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10kghoxz0oe3n.cloudfront.net/bridge-platform/packages/first-input-delay-0.1.3/first-input-delay.min.js
Requested by: Host: bugcrowd.suite.staging.bridgeapp.com
URL: https://bugcrowd.suite.staging.bridgeapp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9400:4:1f76:58c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 088bfae5bcb108ef26b5fca81762fa985e20ecb993787103cfdda85be5f9fdf6

Request headers

Referer: https://bugcrowd.suite.staging.bridgeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 23:01:01 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jan 2021 16:00:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "e991ca0a27870d216966231395b833b7"
x-cache: Miss from cloudfront
x-amz-version-id: .wiw4KRd0QeBxP4CGYbTqavt7xL4QOcE
accept-ranges: bytes
content-type: application/javascript
content-length: 695
x-amz-cf-id: b3xuG5SAdXVBwIbIniGZBX4MrGeNLlWe4Zt4hODGigsDBorzayGAvw==

GET
H2 200 1.76076f804e4cdf4b403e.js Show response
d10kghoxz0oe3n.cloudfront.net/bridge-platform/ 118 KB
35 KB 517ms
483ms Script
application/javascript 2600:9000:206f:9400:4:1f76:58c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10kghoxz0oe3n.cloudfront.net/bridge-platform/1.76076f804e4cdf4b403e.js
Requested by: Host: bugcrowd.suite.staging.bridgeapp.com
URL: https://bugcrowd.suite.staging.bridgeapp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9400:4:1f76:58c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9431f8f7ed8bf8db93be3c506d7c04abd6e73f4fe4b89f0b2fe73a3aeb0abd3

Request headers

Referer: https://bugcrowd.suite.staging.bridgeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 23:01:01 GMT
content-encoding: gzip
last-modified: Mon, 11 Jan 2021 16:00:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"17bb8fe6a8a90518a6f62435eed25fe6"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: FlRfFJrE_giScPckoEFyKD0XeMH8z9wP
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
content-type: application/javascript
x-amz-cf-id: xlHapg0cI3qKaQ2fO3fRAWz0aMWZ6AvDXVK-3GkrrQ2ELv5oNAZUtA==

GET
H2 200 tapestry.16f114f8990e48d0cf3e.js Show response
d10kghoxz0oe3n.cloudfront.net/bridge-platform/ 49 KB
14 KB 491ms
457ms Script
application/javascript 2600:9000:206f:9400:4:1f76:58c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10kghoxz0oe3n.cloudfront.net/bridge-platform/tapestry.16f114f8990e48d0cf3e.js
Requested by: Host: bugcrowd.suite.staging.bridgeapp.com
URL: https://bugcrowd.suite.staging.bridgeapp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9400:4:1f76:58c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d342f9273905b819dcd28888913b54647ab1886028e4610f35212eb464ab6ede

Request headers

Referer: https://bugcrowd.suite.staging.bridgeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 23:01:01 GMT
content-encoding: gzip
last-modified: Mon, 11 Jan 2021 16:00:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"c1b748d64f5d7d7ca5e0cbb18841dc03"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: Qby3YOuj6iDCRflHQ57JFb_wxANW0Abj
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
content-type: application/javascript
x-amz-cf-id: C3UjIEP9ao2Q5M5MudBoQ5DJB_e1Sq8fR3XC98VSAcCc-lRzpjVsKA==

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 200 KB
61 KB 56ms
18ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: d10kghoxz0oe3n.cloudfront.net
URL: https://d10kghoxz0oe3n.cloudfront.net/bridge-platform/tapestry.16f114f8990e48d0cf3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6efe2d85334d803779f2cab92b810ac483774a7b95d48ce6ec133122cf9aa6c0

Request headers

Origin: https://bugcrowd.suite.staging.bridgeapp.com
Referer: https://bugcrowd.suite.staging.bridgeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 22:57:53 GMT
content-encoding: gzip
age: 188
x-guploader-uploadid: ABg5-Ux19TTGjbb78zvzFYivtEwTHS-7KvUOTYrGuEGKJiA25De8XL2EV5vUk3tZbAuWHleM9vRAmTRjvy8b1NPeRY4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 61646
last-modified: Tue, 19 Jan 2021 16:21:54 GMT
server: UploadServer
etag: "8d3ea82f199a9308f2da58df3bd04d30"
x-goog-hash: crc32c=HgVT1Q==, md5=jT6oLxmakwjy2ljfO9BNMA==
x-goog-generation: 1611073313936875
access-control-allow-origin: *
cache-control: public, max-age=600,no-transform
x-goog-stored-content-length: 61646
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 31 Jan 2021 23:07:53 GMT

GET
H2 200 2.b7fe4432c5b93887852e.js Show response
d10kghoxz0oe3n.cloudfront.net/bridge-platform/ 141 KB
27 KB 492ms
491ms Script
application/javascript 2600:9000:206f:9400:4:1f76:58c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10kghoxz0oe3n.cloudfront.net/bridge-platform/2.b7fe4432c5b93887852e.js
Requested by: Host: d10kghoxz0oe3n.cloudfront.net
URL: https://d10kghoxz0oe3n.cloudfront.net/bridge-platform/tapestry.16f114f8990e48d0cf3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9400:4:1f76:58c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c3474fe2d709b9b39cc3224c6eaf8a106a859c216488565f8b842629d5b8b5d

Request headers

Referer: https://bugcrowd.suite.staging.bridgeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 23:01:02 GMT
content-encoding: gzip
last-modified: Mon, 11 Jan 2021 16:00:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"3c3f399e407cb66bdb4fd7847fcf70b9"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: z61cFP0HBGAdDxVil4.hGzoL8yra2dPp
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
content-type: application/javascript
x-amz-cf-id: yDJOnKGZCj7rdhw6lKhBIb4nxXT9swO2iNlR5aC4nf8qR3XZANld1A==

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/eb8a769a-f84e-4cb4-4e02-e98305ed7e51/ 373 KB
118 KB 148ms
32ms Script
application/javascript 13.224.102.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/eb8a769a-f84e-4cb4-4e02-e98305ed7e51/pendo.js
Requested by: Host: d10kghoxz0oe3n.cloudfront.net
URL: https://d10kghoxz0oe3n.cloudfront.net/bridge-platform/tapestry.16f114f8990e48d0cf3e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-30.zrh50.r.cloudfront.net
Software: UploadServer /
Resource Hash: d9099a7196c9d69cf7017fd9d88711d03d0d762a0bbbe5f253e2080035963505

Request headers

Referer: https://bugcrowd.suite.staging.bridgeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date: Sun, 31 Jan 2021 22:57:51 GMT
Content-Encoding: gzip
Content-Type: application/javascript
Age: 190
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: *
Last-Modified: Fri, 29 Jan 2021 21:07:54 GMT
Server: UploadServer
ETag: "938f5697b79e0bffd44dc2c8e1501fad"
Vary: Accept-Encoding
x-goog-hash: crc32c=6yKCMg==, md5=k49Wl7eeC//UTcLI4VAfrQ==
x-goog-generation: 1611954474766986
Via: 1.1 e8a7e21f51478f02a6e51b69e3450928.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 119437
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
X-GUploader-UploadID: ABg5-Uy3HH6YQ25hdwVIQELZyjhUsNphAcQkyNOJfsVPYoYii3otHVCF2ZHMrCfTh4iNY1datOIIlJ-vOzoBSfUTHw
X-Amz-Cf-Id: tbd3eVGTLLn57xf-ataMHi1Qrvz37VjQLQIAKvF5DIltl5J4aeXJNQ==
Expires: Sun, 31 Jan 2021 23:05:21 GMT

GET
H2 200 pa-5ca27f5ecea07b00160010c6.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 132ms
116ms Script
application/javascript 2606:4700:10::6814:14ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-5ca27f5ecea07b00160010c6.js
Requested by: Host: d10kghoxz0oe3n.cloudfront.net
URL: https://d10kghoxz0oe3n.cloudfront.net/bridge-platform/tapestry.16f114f8990e48d0cf3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:14ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f43b770fbb3b6235caa9a4d14307376523e31877e04b7509a23175d393f86366

Request headers

Referer: https://bugcrowd.suite.staging.bridgeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 23:01:01 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 27 Nov 2020 12:36:14 GMT
server: cloudflare
etag: W/"5fc0f2be-1889"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 61a70d5aa9dd2c01-FRA
cf-request-id: 07fc46acae00002c01868e0000000001
expires: Sun, 31 Jan 2021 23:06:01 GMT

POST
H2 202 page Show response
rs.fullstory.com/rec/ 50 B
239 B 355ms
316ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

36e1c21937e47cdc6c5fbdd9f530b90bc90a0c1070e52ae4aeca017a6e937db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bugcrowd.suite.staging.bridgeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 31 Jan 2021 23:01:01 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://bugcrowd.suite.staging.bridgeapp.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 50

GET
H/1.1 200
OK feature_flags Show response
bugcrowd.suite.staging.bridgeapp.com/api/ 714 B
1 KB 180ms
179ms Fetch
text/html 18.191.31.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bugcrowd.suite.staging.bridgeapp.com/api/feature_flags

Requested by

Host: d10kghoxz0oe3n.cloudfront.net
URL: https://d10kghoxz0oe3n.cloudfront.net/bridge-platform/tapestry.16f114f8990e48d0cf3e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.191.31.43 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-191-31-43.us-east-2.compute.amazonaws.com

Software

envoy / Phusion Passenger Enterprise

Resource Hash

154cc048a8ed41f50aa7678c5e56ff8f48440b0f4181ed9cf8ea8457bd7522b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://bugcrowd.suite.staging.bridgeapp.com/
Content-Type: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
X-SSO-CSRF: undefined

Response headers

date: Sun, 31 Jan 2021 23:01:02 GMT
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: Phusion Passenger Enterprise
status: 200 OK
x-envoy-upstream-service-time: 20
Connection: keep-alive
Content-Length: 460
x-request-id: b40d9b96-8328-4c62-bc21-57302b8cf63e
x-runtime: 0.004772
server: envoy
etag: W/"154cc048a8ed41f50aa7678c5e56ff8f"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/html
access-control-allow-origin: https://tableau-connector.bridgeapp.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With

GET
H/1.1 200
OK /
d16yf2hp21he42.cloudfront.net/ 31 KB
0 1099ms
1075ms Fetch
application/json 2600:9000:206f:4a00:d:8106:ac80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16yf2hp21he42.cloudfront.net/
Requested by: Host: d10kghoxz0oe3n.cloudfront.net
URL: https://d10kghoxz0oe3n.cloudfront.net/bridge-platform/tapestry.16f114f8990e48d0cf3e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:d:8106:ac80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash

Request headers

Referer: https://bugcrowd.suite.staging.bridgeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date: Sun, 31 Jan 2021 23:01:03 GMT
Via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA56-C1
X-Cache: Miss from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 44000
X-Amz-Cf-Id: vgCoE6XE6-dW_ffRL9jINFUhCHKYKv8WX0BcF2cQmehR9hKPebRTzQ==

GET
H/1.1 401
Unauthorized self
bugcrowd.suite.staging.bridgeapp.com/sso/users/ 13 B
216 B 324ms
146ms XHR
text/plain 18.191.31.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bugcrowd.suite.staging.bridgeapp.com/sso/users/self?timestamp=1612134062012
Requested by: Host: d10kghoxz0oe3n.cloudfront.net
URL: https://d10kghoxz0oe3n.cloudfront.net/bridge-platform/1.76076f804e4cdf4b403e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.191.31.43 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-31-43.us-east-2.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer: https://bugcrowd.suite.staging.bridgeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 23:01:01 GMT
server: envoy
Connection: keep-alive
Content-Length: 13
x-request-id: cd10a111-b573-4b06-a746-83065781da66
content-type: text/plain

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/bridge-mobile-dev/ 0
0 45ms
16ms Other
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/bridge-mobile-dev/installations

Protocol

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key
Origin: https://bugcrowd.suite.staging.bridgeapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://bugcrowd.suite.staging.bridgeapp.com
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key
access-control-max-age: 3600
date: Sun, 31 Jan 2021 23:01:02 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 installations
firebaseinstallations.googleapis.com/v1/projects/bridge-mobile-dev/ 578 B
868 B 295ms
262ms Fetch
application/json 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/bridge-mobile-dev/installations

Requested by

Host: d10kghoxz0oe3n.cloudfront.net
URL: https://d10kghoxz0oe3n.cloudfront.net/bridge-platform/tapestry.16f114f8990e48d0cf3e.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://bugcrowd.suite.staging.bridgeapp.com/
x-goog-api-key: AIzaSyAWf6B59O6_vsZkWPuO26oawE9YBprgMmE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
content-type: application/json

Response headers

date: Sun, 31 Jan 2021 23:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bugcrowd.suite.staging.bridgeapp.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 461
x-xss-protection: 0

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 186ms
45ms XHR
text/plain 52.212.22.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=5ca27f5ecea07b00160010c6&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=380&cE=804&dLE=380&dLS=380&fS=380&hS=397&rE=-1&rS=-1&reS=804&resS=1008&resE=1009&uEE=-1&uES=-1&dL=1011&dI=1750&dCLES=1750&dCLEE=1750&dC=2556&lES=2556&lEE=2557&s=nt&title=Bridge&path=https%3A%2F%2Fbugcrowd.suite.staging.bridgeapp.com%2F&ref=&sId=2rj3fpp3&sST=1612134062&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5ca27f5ecea07b00160010c6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.22.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-22-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bugcrowd.suite.staging.bridgeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sun, 31 Jan 2021 23:01:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET 503.html
bugcrowd.suite.staging.bridgeapp.com/ 0
0

GET
H/1.1

400
Bad Request

Primary Request authorize Show response
auth.staging.bridgeapp.com/oauth2/
Redirect Chain

https://bugcrowd.suite.staging.bridgeapp.com/sso/authmonger/login?location=%2F
https://auth.staging.bridgeapp.com/oauth2/authorize?client_id=8cdd72c7-0017-40e4-b1da-ffe2b0964978&redirect_uri=https%3A%2F%2Fbugcrowd.suite.staging.bridgeapp.com%2Fsso%2Fauthmonger%2Fauthorize&res...

27 B
2 KB

618ms
161ms

Document
application/json

3.130.112.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.staging.bridgeapp.com/oauth2/authorize?client_id=8cdd72c7-0017-40e4-b1da-ffe2b0964978&redirect_uri=https%3A%2F%2Fbugcrowd.suite.staging.bridgeapp.com%2Fsso%2Fauthmonger%2Fauthorize&response_type=code&state=%2F
Requested by: Host: d10kghoxz0oe3n.cloudfront.net
URL: https://d10kghoxz0oe3n.cloudfront.net/bridge-platform/tapestry.16f114f8990e48d0cf3e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.112.218 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-112-218.us-east-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 52977cef16ffb1e7392b602fc98ae422b15b03d9403f17ac43ad8e59b51c8782

Request headers

Host: auth.staging.bridgeapp.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://bugcrowd.suite.staging.bridgeapp.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer: https://bugcrowd.suite.staging.bridgeapp.com/

Response headers

cache-control: no-store
content-type: application/json;charset=utf-8
date: Sun, 31 Jan 2021 23:01:02 GMT
pragma: no-cache
server: istio-envoy
x-envoy-decorator-operation: authmonger-api-elb.authmonger-staging.svc.cluster.local:80/*
x-envoy-peer-metadata: Ch4KDElOU1RBTkNFX0lQUxIOGgwxMC4xMi4xNi4xMDQK0AMKBkxBQkVMUxLFAyrCAwoTCgNhcHASDBoKYXV0aG1vbmdlcgorChxhcHAua3ViZXJuZXRlcy5pby9tYW5hZ2VkLWJ5EgsaCXNwaW5uYWtlcgomChZhcHAua3ViZXJuZXRlcy5pby9uYW1lEgwaCmF1dGhtb25nZXIKEAoDZW52EgkaB3N0YWdpbmcKIQoRcG9kLXRlbXBsYXRlLWhhc2gSDBoKNTQ0NDQ0ZDg0ZAoPCgZyZWdpb24SBRoDY21oCg0KBHJvbGUSBRoDYXBpCiQKGXNlY3VyaXR5LmlzdGlvLmlvL3Rsc01vZGUSBxoFaXN0aW8KIAoMc2VydmljZS1uYW1lEhAaDmF1dGhtb25nZXItYXBpCi8KH3NlcnZpY2UuaXN0aW8uaW8vY2Fub25pY2FsLW5hbWUSDBoKYXV0aG1vbmdlcgpRCiNzZXJ2aWNlLmlzdGlvLmlvL2Nhbm9uaWNhbC1yZXZpc2lvbhIqGigyN2ZmM2U1Mjg3ZGZkNzE4MTdlNWYyZjdjZGI4NzEwNjdkMTUwZjYyCjUKB3ZlcnNpb24SKhooMjdmZjNlNTI4N2RmZDcxODE3ZTVmMmY3Y2RiODcxMDY3ZDE1MGY2MgoaCgdNRVNIX0lEEg8aDWNsdXN0ZXIubG9jYWwKKQoETkFNRRIhGh9hdXRobW9uZ2VyLWFwaS01NDQ0NDRkODRkLWhndzZ4CiEKCU5BTUVTUEFDRRIUGhJhdXRobW9uZ2VyLXN0YWdpbmcKXQoFT1dORVISVBpSa3ViZXJuZXRlczovL2FwaXMvYXBwcy92MS9uYW1lc3BhY2VzL2F1dGhtb25nZXItc3RhZ2luZy9kZXBsb3ltZW50cy9hdXRobW9uZ2VyLWFwaQorCg9TRVJWSUNFX0FDQ09VTlQSGBoWYXV0aG1vbmdlci1zdGFnaW5nLWFwaQohCg1XT1JLTE9BRF9OQU1FEhAaDmF1dGhtb25nZXItYXBp
x-envoy-peer-metadata-id: sidecar~10.12.16.104~authmonger-api-544444d84d-hgw6x.authmonger-staging~authmonger-staging.svc.cluster.local
x-envoy-upstream-service-time: 18
x-request-id: fbad5e55-d2cb-4b1e-9429-9faf1171f782
Content-Length: 27
Connection: keep-alive

Redirect headers

content-type: text/html; charset=utf-8
date: Sun, 31 Jan 2021 23:01:02 GMT
location: https://auth.staging.bridgeapp.com/oauth2/authorize?client_id=8cdd72c7-0017-40e4-b1da-ffe2b0964978&redirect_uri=https%3A%2F%2Fbugcrowd.suite.staging.bridgeapp.com%2Fsso%2Fauthmonger%2Fauthorize&response_type=code&state=%2F
server: envoy
x-envoy-upstream-service-time: 4
x-request-id: cc92e4cd-47dd-48d5-bb32-eba909adf3a9
Content-Length: 257
Connection: keep-alive

OPTIONS
H2 200 fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/bridge-mobile-dev/namespaces/ 0
0 34ms
13ms Other
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/bridge-mobile-dev/namespaces/fireperf:fetch?key=AIzaSyAWf6B59O6_vsZkWPuO26oawE9YBprgMmE

Protocol

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://bugcrowd.suite.staging.bridgeapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://bugcrowd.suite.staging.bridgeapp.com
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: authorization
access-control-max-age: 3600
date: Sun, 31 Jan 2021 23:01:02 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/bridge-mobile-dev/namespaces/ 1 KB
868 B 389ms
356ms Fetch
application/json 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/bridge-mobile-dev/namespaces/fireperf:fetch?key=AIzaSyAWf6B59O6_vsZkWPuO26oawE9YBprgMmE

Requested by

Host: d10kghoxz0oe3n.cloudfront.net
URL: https://d10kghoxz0oe3n.cloudfront.net/bridge-platform/tapestry.16f114f8990e48d0cf3e.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer: https://bugcrowd.suite.staging.bridgeapp.com/
Authorization: FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJmaWQiOiJjaDhWeWp6a3NRNUhUZ3paODRpak8xIiwicHJvamVjdE51bWJlciI6MzIxMDYyMzI1Mjg0LCJleHAiOjE2MTI3Mzg4NjIsImFwcElkIjoiMTozMjEwNjIzMjUyODQ6d2ViOjNiMzdhNjA4M2JiNGQ1YzU4MGRjYjEifQ.AB2LPV8wRQIhAPdta4DlWpKPhA-9RDI2h7MTfBslzhoOubyt7MFsSH5qAiB810GBcedQiCQZB91J9eBbjJ9CWmstSCX7lvFTiw4Q4Q
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 31 Jan 2021 23:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
etag: etag-bridge-mobile-dev-fireperf-fetch-2080576520
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bugcrowd.suite.staging.bridgeapp.com
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 422
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bugcrowd.suite.staging.bridgeapp.com
URL: https://bugcrowd.suite.staging.bridgeapp.com/503.html?origin=%2F

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://d10kghoxz0oe3n.cloudfront.net/bridge-platform/tapestry.16f114f8990e48d0cf3e.js(Line 1) Message: Error: Unable to fetch the feature flags from Bridge Learn. Please verify it is enabled as a platform module. Source error: SyntaxError: Unexpected token < in JSON at position 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.staging.bridgeapp.com
bugcrowd.suite.staging.bridgeapp.com
cdn.pendo.io
d10kghoxz0oe3n.cloudfront.net
d16yf2hp21he42.cloudfront.net
edge.fullstory.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
rs.fullstory.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
bugcrowd.suite.staging.bridgeapp.com
13.224.102.30
18.191.31.43
2600:9000:206f:4a00:d:8106:ac80:21
2600:9000:206f:9400:4:1f76:58c0:21
2606:4700:10::6814:14ef
2a00:1450:4001:811::200a
2a00:1450:4001:827::200a
3.130.112.218
35.186.194.58
35.201.112.186
52.212.22.221
088bfae5bcb108ef26b5fca81762fa985e20ecb993787103cfdda85be5f9fdf6
154cc048a8ed41f50aa7678c5e56ff8f48440b0f4181ed9cf8ea8457bd7522b0
36e1c21937e47cdc6c5fbdd9f530b90bc90a0c1070e52ae4aeca017a6e937db4
373cad7d5af4019ac279e50eaf42d2b9c4fa3cbb86418d6099e28f5e81649761
52977cef16ffb1e7392b602fc98ae422b15b03d9403f17ac43ad8e59b51c8782
5fa86dfaa8a5f1b5615be107f51557f90759df16e83d45fa5a2ff0d8377a0be6
6c3474fe2d709b9b39cc3224c6eaf8a106a859c216488565f8b842629d5b8b5d
6efe2d85334d803779f2cab92b810ac483774a7b95d48ce6ec133122cf9aa6c0
d342f9273905b819dcd28888913b54647ab1886028e4610f35212eb464ab6ede
d9099a7196c9d69cf7017fd9d88711d03d0d762a0bbbe5f253e2080035963505
d9431f8f7ed8bf8db93be3c506d7c04abd6e73f4fe4b89f0b2fe73a3aeb0abd3
df1dc167943769507644eabeb1938f1164cec8441c6072eb05af52573fe079e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f43b770fbb3b6235caa9a4d14307376523e31877e04b7509a23175d393f86366

auth.staging.bridgeapp.com Open in urlscan Pro 3.130.112.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

95 %HTTPS

45 %IPv6

6 Domains

11 Subdomains

12 IPs

4 Countries

285 kBTransfer

973 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

auth.staging.bridgeapp.com Open in urlscan Pro
3.130.112.218 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

95 %
HTTPS

45 %
IPv6

6
Domains

11
Subdomains

12
IPs

4
Countries

285 kB
Transfer

973 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions