urlscan.io logo urlscan.io
SecurityTrails logo

studio-backend.castify.com Open in urlscan Pro
34.110.249.216  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://studio-backend.castify.com/
Effective URL: https://studio-backend.castify.com/
Submission: On February 08 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 5 domains to perform 18 HTTP transactions. The main IP is 34.110.249.216, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is studio-backend.castify.com. The Cisco Umbrella rank of the primary domain is 14602.
TLS certificate: Issued by GTS CA 1D4 on January 25th 2023. Valid for: 3 months.
This is the only time studio-backend.castify.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 34.110.249.216 396982 (GOOGLE-CL...)
6 142.250.4.95 15169 (GOOGLE)
2 142.251.10.101 15169 (GOOGLE)
1 13.225.103.107 16509 (AMAZON-02)
3 172.217.194.84 15169 (GOOGLE)
1 74.125.24.94 15169 (GOOGLE)
18 7
5    34.110.249.216 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 216.249.110.34.bc.googleusercontent.com
studio-backend.castify.com
6    142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net
fonts.googleapis.com
2    142.251.10.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f101.1e100.net
apis.google.com
1    13.225.103.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-103-107.hkg60.r.cloudfront.net
cdn.pendo.io
3    172.217.194.84 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f84.1e100.net
accounts.google.com
1    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
www.gstatic.com
Apex Domain
Subdomains		 Transfer
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
4 KB
5 google.com
apis.google.com — Cisco Umbrella Rank: 92
accounts.google.com — Cisco Umbrella Rank: 75
117 KB
5 castify.com
studio-backend.castify.com — Cisco Umbrella Rank: 14602
7 MB
1 gstatic.com
www.gstatic.com
35 KB
1 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 791
135 KB
18 5
Domain Requested by
6 fonts.googleapis.com studio-backend.castify.com
5 studio-backend.castify.com 1 redirects studio-backend.castify.com
3 accounts.google.com apis.google.com
studio-backend.castify.com
www.gstatic.com
2 apis.google.com studio-backend.castify.com
apis.google.com
1 www.gstatic.com accounts.google.com
1 cdn.pendo.io studio-backend.castify.com
18 6

This site contains links to these domains. Also see Links.

Domain
www.screencastify.com
Subject Issuer Validity Valid
app.castify.com
GTS CA 1D4		 2023-01-25 -
2023-04-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
cdn.pendo.io
Amazon		 2022-07-30 -
2023-08-28		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://studio-backend.castify.com/
Frame ID: A74F835482A45F97A20CBFFD6242FCA0
Requests: 14 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 5CF1899188582F90B894C2DC0710C00C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ScreencastifyThe Screencastify WordmarkSharon Error Image

Page URL History Show full URLs

  1. http://studio-backend.castify.com/ HTTP 301
    https://studio-backend.castify.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

18
Requests

94 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

7
IPs

1
Countries

7118 kB
Transfer

7684 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://studio-backend.castify.com/ HTTP 301
    https://studio-backend.castify.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
studio-backend.castify.com/
Redirect Chain
  • http://studio-backend.castify.com/
  • https://studio-backend.castify.com/
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://studio-backend.castify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.249.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
216.249.110.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
95bef8cf6535cdd6f53e73e25231493367e421a69f2246a16e9a9a4db61e63d5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=0
content-length
3702
content-type
text/html; charset=UTF-8
date
Wed, 08 Feb 2023 01:37:34 GMT
etag
W/"e76-185e6439578"
last-modified
Wed, 25 Jan 2023 00:11:07 GMT
via
1.1 google
x-powered-by
Express

Redirect headers

Cache-Control
private
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Feb 2023 01:37:34 GMT
Location
https://studio-backend.castify.com:443/
icon
fonts.googleapis.com/ 		569 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: studio-backend.castify.com
URL: https://studio-backend.castify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://studio-backend.castify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Feb 2023 01:37:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 01:37:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Feb 2023 01:37:35 GMT
css
fonts.googleapis.com/ 		2 KB
973 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro
Requested by
Host: studio-backend.castify.com
URL: https://studio-backend.castify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
619a808802b71dd9406f6988a933d1c3893b39066325988f1256598b644e3c83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://studio-backend.castify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Feb 2023 01:37:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 00:04:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Feb 2023 01:37:35 GMT
css
fonts.googleapis.com/ 		2 KB
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:600
Requested by
Host: studio-backend.castify.com
URL: https://studio-backend.castify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
0e23cf6ee3ef8e7d496f1e50f1cff98e874549bfd99d1595d37997e8238a93c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://studio-backend.castify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Feb 2023 01:37:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 00:08:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Feb 2023 01:37:35 GMT
css
fonts.googleapis.com/ 		2 KB
617 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:900
Requested by
Host: studio-backend.castify.com
URL: https://studio-backend.castify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
76678fd8775a8ddc5779441201cda04f02dd3088caa00b270d424bc019c7f778
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://studio-backend.castify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Feb 2023 01:37:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 01:37:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Feb 2023 01:37:35 GMT
css
fonts.googleapis.com/ 		2 KB
612 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: studio-backend.castify.com
URL: https://studio-backend.castify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://studio-backend.castify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Feb 2023 01:37:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 00:05:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Feb 2023 01:37:35 GMT
css2
fonts.googleapis.com/ 		4 KB
708 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Requested by
Host: studio-backend.castify.com
URL: https://studio-backend.castify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
3f8a233d057abaab43390e166b1525cc4821e863053e68d72fb4387c825f6110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://studio-backend.castify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Feb 2023 01:37:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 00:04:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Feb 2023 01:37:35 GMT
api.js
apis.google.com/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: studio-backend.castify.com
URL: https://studio-backend.castify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f101.1e100.net
Software
sffe /
Resource Hash
1fe505460b64dc2fb0eaff5c3cbb50bcd65257e4faada4a98134f0f0610cc786
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://studio-backend.castify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 08 Feb 2023 01:37:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6892
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"3a54ae5e7b38cd35"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Feb 2023 01:37:35 GMT
runtime.85078244d2463708.esm.js
studio-backend.castify.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://studio-backend.castify.com/runtime.85078244d2463708.esm.js
Requested by
Host: studio-backend.castify.com
URL: https://studio-backend.castify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.249.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
216.249.110.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
10f13693d6edc1d715d51d5e33c50a118e6bd6bf86faed776a9453ad62fd17a0

Request headers

Referer
https://studio-backend.castify.com/
Origin
https://studio-backend.castify.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 01:37:34 GMT
via
1.1 google
last-modified
Wed, 25 Jan 2023 00:11:07 GMT
x-powered-by
Express
etag
W/"925-185e6439578"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2341
polyfills.08c6b1a0b8dc55db.esm.js
studio-backend.castify.com/ 		78 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://studio-backend.castify.com/polyfills.08c6b1a0b8dc55db.esm.js
Requested by
Host: studio-backend.castify.com
URL: https://studio-backend.castify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.249.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
216.249.110.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
8fa419a1cb2e82099d44336640378b897c22a55f4d725d406fe14842e577a53b

Request headers

Referer
https://studio-backend.castify.com/
Origin
https://studio-backend.castify.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 01:37:34 GMT
via
1.1 google
last-modified
Wed, 25 Jan 2023 00:11:07 GMT
x-powered-by
Express
etag
W/"13816-185e6439578"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79894
main.2bd65ce3d9cd3b37.esm.js
studio-backend.castify.com/ 		7 MB
7 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://studio-backend.castify.com/main.2bd65ce3d9cd3b37.esm.js
Requested by
Host: studio-backend.castify.com
URL: https://studio-backend.castify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.249.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
216.249.110.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
2617f0a5a72280ac05ae60444dd4ab4d6fb6e18c284a446e9c82da5b8a6aac2d

Request headers

Referer
https://studio-backend.castify.com/
Origin
https://studio-backend.castify.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 01:37:34 GMT
via
1.1 google
last-modified
Wed, 25 Jan 2023 00:11:07 GMT
x-powered-by
Express
etag
W/"694a3c-185e6439578"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6900284
pendo.js
cdn.pendo.io/agent/static/7d729e1e-f991-4862-4839-ee60b119170e/ 		408 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/7d729e1e-f991-4862-4839-ee60b119170e/pendo.js
Requested by
Host: studio-backend.castify.com
URL: https://studio-backend.castify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.103.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-103-107.hkg60.r.cloudfront.net
Software
UploadServer /
Resource Hash
26c4c25e28a836550c0db1413a163044776cb6a8b1f801c9b57629e188b112eb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://studio-backend.castify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 01:35:23 GMT
content-encoding
gzip
via
1.1 0e4baa40f8860e2e0eea54b2a4c33ba4.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG60-C1
age
198
x-guploader-uploadid
ADPycdsZbtWwfRgBDAs9w_OAjkiCsFXBadyMYV9RCWXa3-zq5DlxXHRy1mza1lmFCyI3-n0pgu0kIxJTGa3IOeFV4eujYQ
x-cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
137349
last-modified
Fri, 03 Feb 2023 17:21:16 GMT
server
UploadServer
etag
"9e790adc75a99b5479d712ea4f2e6cb4"
vary
Accept-Encoding
x-goog-generation
1675444876674045
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=a4CO5A==, md5=nnkK3HWpm1R51xLqTy5stA==
access-control-expose-headers
*
cache-control
max-age=450
x-goog-stored-content-length
137349
accept-ranges
bytes
x-amz-cf-id
m0ewjMC6I88mD5cate3YKbFU_wzNowEFoLMUMRCZxl3gd0rAOHvkuQ==
expires
Wed, 08 Feb 2023 01:41:47 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/ 		314 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f101.1e100.net
Software
sffe /
Resource Hash
3c71b23d43b4d7eee0a901d09b153e0f6babbdd3404bc134e0225feadba57d5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://studio-backend.castify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 08:42:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109686
x-xss-protection
0
last-modified
Sat, 07 Jan 2023 15:19:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 05 Feb 2024 08:42:53 GMT
4ed77248-a920-4dd8-b5bc-6735b962cb83
https://studio-backend.castify.com/ 		7 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://studio-backend.castify.com/4ed77248-a920-4dd8-b5bc-6735b962cb83
Requested by
Host: studio-backend.castify.com
URL: https://studio-backend.castify.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c99f46a6740abf01bcc9c73bc58cee8b42ba384453fb32d9904d4a3e57424eeb

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length
7617
Content-Type
iframe
accounts.google.com/o/oauth2/ Frame 5CF1 		283 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f84.1e100.net
Software
ESF /
Resource Hash
9274a19a8f07900540f798ed7bf7f6e09bdf5e5870552cbf33796df9f0da6bc6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-bcfhP2FTvx2GrI8AEz5BiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://studio-backend.castify.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-bcfhP2FTvx2GrI8AEz5BiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 01:37:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 5CF1 		2 KB
916 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: studio-backend.castify.com
URL: https://studio-backend.castify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f84.1e100.net
Software
GSE /
Resource Hash
4e3eb929b5ec959f9f9c1e0ed51bf405562307052d05ece6de43acb728164026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 01:37:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.6aBqqaLLM8w.es5.O/d=1/rs=AOaEmlH4CTSZgrCV-yiLf0uXME__vad8UQ/ Frame 5CF1 		100 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.6aBqqaLLM8w.es5.O/d=1/rs=AOaEmlH4CTSZgrCV-yiLf0uXME__vad8UQ/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
ec181a6359401e12fdb3cf30d41cfa7abf49144f66965044f27c3decb40b2664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 15:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35454
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35032
x-xss-protection
0
last-modified
Sat, 28 Jan 2023 03:39:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 15:46:43 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 5CF1 		48 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fstudio-backend.castify.com&client_id=854681965650-odv280a8ho74jc56fvnd0m0u7i747093.apps.googleusercontent.com&plugin_name=enable%20deprecated%20auth%20api
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.6aBqqaLLM8w.es5.O/d=1/rs=AOaEmlH4CTSZgrCV-yiLf0uXME__vad8UQ/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f84.1e100.net
Software
ESF /
Resource Hash
97c9518cdf9c69d12154cd446cc55a65cafa65464dd39e585a4c99b9f71b0758
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-E-PNGtLoJh0ukkV4j-yvJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 01:37:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-E-PNGtLoJh0ukkV4j-yvJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-encoding
gzip
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
content-type
application/json; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 08 Feb 2023 01:37:37 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| pendo function| gapiOnLoad object| __GAPI_CLIENT_PROMISE object| webpackChunk function| setImmediate function| clearImmediate object| gapi object| ___jsl object| axe object| DD_RUM object| DD_LOGS number| __mobxInstanceCount object| __mobxGlobals object| vttjs function| WebVTT object| players function| hotkeys object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis

3 Cookies

Domain/Path Name / Value
.studio-backend.castify.com/ Name: G_ENABLED_IDPS
Value: google
.google.com/ Name: NID
Value: 511=BeClea37knmAe09j29PShCwljm5GAQAe3LzSpdFLmt08SvBNBaSxSiIFsKN0XJ7AwNeGLcSkzu-JzgowA76_e9c5BrEec4phLlUr1t0_TxvNGaJFjf3OpdL4740ROUmL5LblD1oc9yJdbKkGZZl26yry16hyMVS8zHmsHEaGV0M
.castify.com/ Name: _dd_s
Value: logs=1&id=c70799d7-57d2-4634-93c9-366c087a8ac7&created=1675820256300&expire=1675821156303&rum=1

3 Console Messages

Source Level URL
Text
security warning URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs(Line 404)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
cdn.pendo.io
fonts.googleapis.com
studio-backend.castify.com
www.gstatic.com
13.225.103.107
142.250.4.95
142.251.10.101
172.217.194.84
34.110.249.216
74.125.24.94
0e23cf6ee3ef8e7d496f1e50f1cff98e874549bfd99d1595d37997e8238a93c2
10f13693d6edc1d715d51d5e33c50a118e6bd6bf86faed776a9453ad62fd17a0
1fe505460b64dc2fb0eaff5c3cbb50bcd65257e4faada4a98134f0f0610cc786
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
2617f0a5a72280ac05ae60444dd4ab4d6fb6e18c284a446e9c82da5b8a6aac2d
26c4c25e28a836550c0db1413a163044776cb6a8b1f801c9b57629e188b112eb
3c71b23d43b4d7eee0a901d09b153e0f6babbdd3404bc134e0225feadba57d5b
3f8a233d057abaab43390e166b1525cc4821e863053e68d72fb4387c825f6110
4e3eb929b5ec959f9f9c1e0ed51bf405562307052d05ece6de43acb728164026
619a808802b71dd9406f6988a933d1c3893b39066325988f1256598b644e3c83
76678fd8775a8ddc5779441201cda04f02dd3088caa00b270d424bc019c7f778
8fa419a1cb2e82099d44336640378b897c22a55f4d725d406fe14842e577a53b
9274a19a8f07900540f798ed7bf7f6e09bdf5e5870552cbf33796df9f0da6bc6
95bef8cf6535cdd6f53e73e25231493367e421a69f2246a16e9a9a4db61e63d5
97c9518cdf9c69d12154cd446cc55a65cafa65464dd39e585a4c99b9f71b0758
c99f46a6740abf01bcc9c73bc58cee8b42ba384453fb32d9904d4a3e57424eeb
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
ec181a6359401e12fdb3cf30d41cfa7abf49144f66965044f27c3decb40b2664