urlscan.io logo urlscan.io
SecurityTrails logo

app4.prismacloud.io Open in urlscan Pro
54.183.131.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app4.prismacloud.io/alerts/details#alert.status=resolved&policy.id=66435ff2-30ed-4ed3-b312-08b51754fcdd&policy.sever...
Effective URL: https://app4.prismacloud.io/alerts/details
Submission: On August 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 54.183.131.34, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is app4.prismacloud.io.
TLS certificate: Issued by Amazon on June 23rd 2020. Valid for: a year.
This is the only time app4.prismacloud.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 54.183.131.34 16509 (AMAZON-02)
1 13.226.155.115 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 4
Domain Requested by
7 app4.prismacloud.io app4.prismacloud.io
2 www.google-analytics.com app4.prismacloud.io
1 cdn.pendo.io app4.prismacloud.io
10 3

This site contains no links.

Subject Issuer Validity Valid
*.prismacloud.io
Amazon		 2020-06-23 -
2021-07-23		 a year crt.sh
cdn.pendo.io
DigiCert SHA2 Extended Validation Server CA		 2019-06-04 -
2021-09-02		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app4.prismacloud.io/alerts/details
Frame ID: B57AF1D1D747BA0CDD0AF98230538384
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

10
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

272 kB
Transfer

4063 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request details
app4.prismacloud.io/alerts/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app4.prismacloud.io/alerts/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.131.34 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-131-34.us-west-1.compute.amazonaws.com
Software
RedLock /
Resource Hash
bdf2c14b3ad010d92b45eed5691f778ea81ce1abe80435e5a1ecfc7f7336b23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api4.prismacloud.io/ *.pendo.io api.usersnap.com https://www.google-analytics.com https://redlock-dev-spovj3.mocklab.io *.prismacloud.io https://sentry.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js www.google.com www.gstatic.com ajax.cloudflare.com *.cloudfront.net api.usersnap.com cdn.usersnap.com *.pendo.io *.googleapis.com; img-src 'self' data: www.gravatar.com *.go.net *.s3.amazonaws.com https://mt.google.com *.pendo.io *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com www.google-analytics.com cdn.usersnap.com;style-src 'self' 'unsafe-inline' s3.amazonaws.com *.googleapis.com *.cloudfront.net fonts.gstatic.com maxcdn.bootstrapcdn.com *.pendo.io;font-src 'self' data: *.cloudfront.net s3.amazonaws.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com;object-src 'none';child-src blob: www.google.com api.usersnap.com receptive.io *.twistlock.com *.pendo.io *.receptive.io
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
app4.prismacloud.io
:scheme
https
:path
/alerts/details
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 17 Aug 2020 17:44:48 GMT
content-type
text/html
last-modified
Tue, 11 Aug 2020 02:44:33 GMT
vary
Accept-Encoding
etag
W/"5f320611-140a"
server
RedLock
x-frame-options
DENY
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
default-src 'self'; connect-src 'self' https://api4.prismacloud.io/ *.pendo.io api.usersnap.com https://www.google-analytics.com https://redlock-dev-spovj3.mocklab.io *.prismacloud.io https://sentry.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js www.google.com www.gstatic.com ajax.cloudflare.com *.cloudfront.net api.usersnap.com cdn.usersnap.com *.pendo.io *.googleapis.com; img-src 'self' data: www.gravatar.com *.go.net *.s3.amazonaws.com https://mt.google.com *.pendo.io *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com www.google-analytics.com cdn.usersnap.com;style-src 'self' 'unsafe-inline' s3.amazonaws.com *.googleapis.com *.cloudfront.net fonts.gstatic.com maxcdn.bootstrapcdn.com *.pendo.io;font-src 'self' data: *.cloudfront.net s3.amazonaws.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com;object-src 'none';child-src blob: www.google.com api.usersnap.com receptive.io *.twistlock.com *.pendo.io *.receptive.io
content-encoding
gzip
vendor~app-14ffbbca82efc170850d.css
app4.prismacloud.io/ 		483 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app4.prismacloud.io/vendor~app-14ffbbca82efc170850d.css
Requested by
Host: app4.prismacloud.io
URL: https://app4.prismacloud.io/alerts/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.131.34 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-131-34.us-west-1.compute.amazonaws.com
Software
RedLock /
Resource Hash
ba35fa40f83095b0f1b9d61954915156f8c33ead2f8bf1756bf43e5f2df35833
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api4.prismacloud.io/ *.pendo.io api.usersnap.com https://www.google-analytics.com https://redlock-dev-spovj3.mocklab.io *.prismacloud.io https://sentry.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js www.google.com www.gstatic.com ajax.cloudflare.com *.cloudfront.net api.usersnap.com cdn.usersnap.com *.pendo.io *.googleapis.com; img-src 'self' data: www.gravatar.com *.go.net *.s3.amazonaws.com https://mt.google.com *.pendo.io *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com www.google-analytics.com cdn.usersnap.com;style-src 'self' 'unsafe-inline' s3.amazonaws.com *.googleapis.com *.cloudfront.net fonts.gstatic.com maxcdn.bootstrapcdn.com *.pendo.io;font-src 'self' data: *.cloudfront.net s3.amazonaws.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com;object-src 'none';child-src blob: www.google.com api.usersnap.com receptive.io *.twistlock.com *.pendo.io *.receptive.io
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app4.prismacloud.io/alerts/details
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 17 Aug 2020 17:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Aug 2020 02:44:33 GMT
server
RedLock
x-frame-options
DENY
etag
W/"5f320611-78cd8"
vary
Accept-Encoding
content-type
text/css
status
200
content-security-policy
default-src 'self'; connect-src 'self' https://api4.prismacloud.io/ *.pendo.io api.usersnap.com https://www.google-analytics.com https://redlock-dev-spovj3.mocklab.io *.prismacloud.io https://sentry.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js www.google.com www.gstatic.com ajax.cloudflare.com *.cloudfront.net api.usersnap.com cdn.usersnap.com *.pendo.io *.googleapis.com; img-src 'self' data: www.gravatar.com *.go.net *.s3.amazonaws.com https://mt.google.com *.pendo.io *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com www.google-analytics.com cdn.usersnap.com;style-src 'self' 'unsafe-inline' s3.amazonaws.com *.googleapis.com *.cloudfront.net fonts.gstatic.com maxcdn.bootstrapcdn.com *.pendo.io;font-src 'self' data: *.cloudfront.net s3.amazonaws.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com;object-src 'none';child-src blob: www.google.com api.usersnap.com receptive.io *.twistlock.com *.pendo.io *.receptive.io
x-xss-protection
1; mode=block
app-14271301666946c8be46.css
app4.prismacloud.io/ 		193 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app4.prismacloud.io/app-14271301666946c8be46.css
Requested by
Host: app4.prismacloud.io
URL: https://app4.prismacloud.io/alerts/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.131.34 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-131-34.us-west-1.compute.amazonaws.com
Software
RedLock /
Resource Hash
abae3f38b4753a4f26708bdd98a72e791f62a9b8750a307422ae2fc8dba8c6f7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api4.prismacloud.io/ *.pendo.io api.usersnap.com https://www.google-analytics.com https://redlock-dev-spovj3.mocklab.io *.prismacloud.io https://sentry.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js www.google.com www.gstatic.com ajax.cloudflare.com *.cloudfront.net api.usersnap.com cdn.usersnap.com *.pendo.io *.googleapis.com; img-src 'self' data: www.gravatar.com *.go.net *.s3.amazonaws.com https://mt.google.com *.pendo.io *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com www.google-analytics.com cdn.usersnap.com;style-src 'self' 'unsafe-inline' s3.amazonaws.com *.googleapis.com *.cloudfront.net fonts.gstatic.com maxcdn.bootstrapcdn.com *.pendo.io;font-src 'self' data: *.cloudfront.net s3.amazonaws.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com;object-src 'none';child-src blob: www.google.com api.usersnap.com receptive.io *.twistlock.com *.pendo.io *.receptive.io
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app4.prismacloud.io/alerts/details
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 17 Aug 2020 17:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Aug 2020 02:44:33 GMT
server
RedLock
x-frame-options
DENY
etag
W/"5f320611-303a5"
vary
Accept-Encoding
content-type
text/css
status
200
content-security-policy
default-src 'self'; connect-src 'self' https://api4.prismacloud.io/ *.pendo.io api.usersnap.com https://www.google-analytics.com https://redlock-dev-spovj3.mocklab.io *.prismacloud.io https://sentry.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js www.google.com www.gstatic.com ajax.cloudflare.com *.cloudfront.net api.usersnap.com cdn.usersnap.com *.pendo.io *.googleapis.com; img-src 'self' data: www.gravatar.com *.go.net *.s3.amazonaws.com https://mt.google.com *.pendo.io *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com www.google-analytics.com cdn.usersnap.com;style-src 'self' 'unsafe-inline' s3.amazonaws.com *.googleapis.com *.cloudfront.net fonts.gstatic.com maxcdn.bootstrapcdn.com *.pendo.io;font-src 'self' data: *.cloudfront.net s3.amazonaws.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com;object-src 'none';child-src blob: www.google.com api.usersnap.com receptive.io *.twistlock.com *.pendo.io *.receptive.io
x-xss-protection
1; mode=block
vendor~app-fca42bf950628ade9040.js
app4.prismacloud.io/ 		2 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://app4.prismacloud.io/vendor~app-fca42bf950628ade9040.js
Requested by
Host: app4.prismacloud.io
URL: https://app4.prismacloud.io/alerts/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.131.34 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-131-34.us-west-1.compute.amazonaws.com
Software
RedLock /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api4.prismacloud.io/ *.pendo.io api.usersnap.com https://www.google-analytics.com https://redlock-dev-spovj3.mocklab.io *.prismacloud.io https://sentry.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js www.google.com www.gstatic.com ajax.cloudflare.com *.cloudfront.net api.usersnap.com cdn.usersnap.com *.pendo.io *.googleapis.com; img-src 'self' data: www.gravatar.com *.go.net *.s3.amazonaws.com https://mt.google.com *.pendo.io *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com www.google-analytics.com cdn.usersnap.com;style-src 'self' 'unsafe-inline' s3.amazonaws.com *.googleapis.com *.cloudfront.net fonts.gstatic.com maxcdn.bootstrapcdn.com *.pendo.io;font-src 'self' data: *.cloudfront.net s3.amazonaws.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com;object-src 'none';child-src blob: www.google.com api.usersnap.com receptive.io *.twistlock.com *.pendo.io *.receptive.io
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app4.prismacloud.io/alerts/details
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 17 Aug 2020 17:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Aug 2020 02:44:33 GMT
server
RedLock
x-frame-options
DENY
etag
W/"5f320611-847526"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
content-security-policy
default-src 'self'; connect-src 'self' https://api4.prismacloud.io/ *.pendo.io api.usersnap.com https://www.google-analytics.com https://redlock-dev-spovj3.mocklab.io *.prismacloud.io https://sentry.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js www.google.com www.gstatic.com ajax.cloudflare.com *.cloudfront.net api.usersnap.com cdn.usersnap.com *.pendo.io *.googleapis.com; img-src 'self' data: www.gravatar.com *.go.net *.s3.amazonaws.com https://mt.google.com *.pendo.io *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com www.google-analytics.com cdn.usersnap.com;style-src 'self' 'unsafe-inline' s3.amazonaws.com *.googleapis.com *.cloudfront.net fonts.gstatic.com maxcdn.bootstrapcdn.com *.pendo.io;font-src 'self' data: *.cloudfront.net s3.amazonaws.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com;object-src 'none';child-src blob: www.google.com api.usersnap.com receptive.io *.twistlock.com *.pendo.io *.receptive.io
x-xss-protection
1; mode=block
app-5ab18827f72d8d81b945.js
app4.prismacloud.io/ 		916 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://app4.prismacloud.io/app-5ab18827f72d8d81b945.js
Requested by
Host: app4.prismacloud.io
URL: https://app4.prismacloud.io/alerts/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.131.34 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-131-34.us-west-1.compute.amazonaws.com
Software
RedLock /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api4.prismacloud.io/ *.pendo.io api.usersnap.com https://www.google-analytics.com https://redlock-dev-spovj3.mocklab.io *.prismacloud.io https://sentry.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js www.google.com www.gstatic.com ajax.cloudflare.com *.cloudfront.net api.usersnap.com cdn.usersnap.com *.pendo.io *.googleapis.com; img-src 'self' data: www.gravatar.com *.go.net *.s3.amazonaws.com https://mt.google.com *.pendo.io *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com www.google-analytics.com cdn.usersnap.com;style-src 'self' 'unsafe-inline' s3.amazonaws.com *.googleapis.com *.cloudfront.net fonts.gstatic.com maxcdn.bootstrapcdn.com *.pendo.io;font-src 'self' data: *.cloudfront.net s3.amazonaws.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com;object-src 'none';child-src blob: www.google.com api.usersnap.com receptive.io *.twistlock.com *.pendo.io *.receptive.io
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app4.prismacloud.io/alerts/details
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 17 Aug 2020 17:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Aug 2020 02:44:33 GMT
server
RedLock
x-frame-options
DENY
etag
W/"5f320611-41a42e"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
content-security-policy
default-src 'self'; connect-src 'self' https://api4.prismacloud.io/ *.pendo.io api.usersnap.com https://www.google-analytics.com https://redlock-dev-spovj3.mocklab.io *.prismacloud.io https://sentry.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js www.google.com www.gstatic.com ajax.cloudflare.com *.cloudfront.net api.usersnap.com cdn.usersnap.com *.pendo.io *.googleapis.com; img-src 'self' data: www.gravatar.com *.go.net *.s3.amazonaws.com https://mt.google.com *.pendo.io *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com www.google-analytics.com cdn.usersnap.com;style-src 'self' 'unsafe-inline' s3.amazonaws.com *.googleapis.com *.cloudfront.net fonts.gstatic.com maxcdn.bootstrapcdn.com *.pendo.io;font-src 'self' data: *.cloudfront.net s3.amazonaws.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com;object-src 'none';child-src blob: www.google.com api.usersnap.com receptive.io *.twistlock.com *.pendo.io *.receptive.io
x-xss-protection
1; mode=block
moment.min.js
app4.prismacloud.io/assets/libs/js/momentjs/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app4.prismacloud.io/assets/libs/js/momentjs/moment.min.js
Requested by
Host: app4.prismacloud.io
URL: https://app4.prismacloud.io/alerts/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.131.34 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-131-34.us-west-1.compute.amazonaws.com
Software
RedLock /
Resource Hash
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api4.prismacloud.io/ *.pendo.io api.usersnap.com https://www.google-analytics.com https://redlock-dev-spovj3.mocklab.io *.prismacloud.io https://sentry.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js www.google.com www.gstatic.com ajax.cloudflare.com *.cloudfront.net api.usersnap.com cdn.usersnap.com *.pendo.io *.googleapis.com; img-src 'self' data: www.gravatar.com *.go.net *.s3.amazonaws.com https://mt.google.com *.pendo.io *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com www.google-analytics.com cdn.usersnap.com;style-src 'self' 'unsafe-inline' s3.amazonaws.com *.googleapis.com *.cloudfront.net fonts.gstatic.com maxcdn.bootstrapcdn.com *.pendo.io;font-src 'self' data: *.cloudfront.net s3.amazonaws.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com;object-src 'none';child-src blob: www.google.com api.usersnap.com receptive.io *.twistlock.com *.pendo.io *.receptive.io
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app4.prismacloud.io/alerts/details
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 17 Aug 2020 17:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Aug 2020 02:44:34 GMT
server
RedLock
x-frame-options
DENY
etag
W/"5f320612-c9df"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
content-security-policy
default-src 'self'; connect-src 'self' https://api4.prismacloud.io/ *.pendo.io api.usersnap.com https://www.google-analytics.com https://redlock-dev-spovj3.mocklab.io *.prismacloud.io https://sentry.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js www.google.com www.gstatic.com ajax.cloudflare.com *.cloudfront.net api.usersnap.com cdn.usersnap.com *.pendo.io *.googleapis.com; img-src 'self' data: www.gravatar.com *.go.net *.s3.amazonaws.com https://mt.google.com *.pendo.io *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com www.google-analytics.com cdn.usersnap.com;style-src 'self' 'unsafe-inline' s3.amazonaws.com *.googleapis.com *.cloudfront.net fonts.gstatic.com maxcdn.bootstrapcdn.com *.pendo.io;font-src 'self' data: *.cloudfront.net s3.amazonaws.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com;object-src 'none';child-src blob: www.google.com api.usersnap.com receptive.io *.twistlock.com *.pendo.io *.receptive.io
x-xss-protection
1; mode=block
moment-timezone-with-data-2012-2022.min.js
app4.prismacloud.io/assets/libs/js/momentjs/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app4.prismacloud.io/assets/libs/js/momentjs/moment-timezone-with-data-2012-2022.min.js
Requested by
Host: app4.prismacloud.io
URL: https://app4.prismacloud.io/alerts/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.131.34 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-131-34.us-west-1.compute.amazonaws.com
Software
RedLock /
Resource Hash
a503655996a47686020a80566791bc8573ea38d1fb97b417f8c185a0092206ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api4.prismacloud.io/ *.pendo.io api.usersnap.com https://www.google-analytics.com https://redlock-dev-spovj3.mocklab.io *.prismacloud.io https://sentry.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js www.google.com www.gstatic.com ajax.cloudflare.com *.cloudfront.net api.usersnap.com cdn.usersnap.com *.pendo.io *.googleapis.com; img-src 'self' data: www.gravatar.com *.go.net *.s3.amazonaws.com https://mt.google.com *.pendo.io *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com www.google-analytics.com cdn.usersnap.com;style-src 'self' 'unsafe-inline' s3.amazonaws.com *.googleapis.com *.cloudfront.net fonts.gstatic.com maxcdn.bootstrapcdn.com *.pendo.io;font-src 'self' data: *.cloudfront.net s3.amazonaws.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com;object-src 'none';child-src blob: www.google.com api.usersnap.com receptive.io *.twistlock.com *.pendo.io *.receptive.io
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app4.prismacloud.io/alerts/details
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 17 Aug 2020 17:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Aug 2020 02:44:34 GMT
server
RedLock
x-frame-options
DENY
etag
W/"5f320612-7f53"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
content-security-policy
default-src 'self'; connect-src 'self' https://api4.prismacloud.io/ *.pendo.io api.usersnap.com https://www.google-analytics.com https://redlock-dev-spovj3.mocklab.io *.prismacloud.io https://sentry.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js www.google.com www.gstatic.com ajax.cloudflare.com *.cloudfront.net api.usersnap.com cdn.usersnap.com *.pendo.io *.googleapis.com; img-src 'self' data: www.gravatar.com *.go.net *.s3.amazonaws.com https://mt.google.com *.pendo.io *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com www.google-analytics.com cdn.usersnap.com;style-src 'self' 'unsafe-inline' s3.amazonaws.com *.googleapis.com *.cloudfront.net fonts.gstatic.com maxcdn.bootstrapcdn.com *.pendo.io;font-src 'self' data: *.cloudfront.net s3.amazonaws.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com;object-src 'none';child-src blob: www.google.com api.usersnap.com receptive.io *.twistlock.com *.pendo.io *.receptive.io
x-xss-protection
1; mode=block
pendo.js
cdn.pendo.io/agent/static/4748d8f5-c11f-416e-5858-7a970fd93d83/ 		363 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/4748d8f5-c11f-416e-5858-7a970fd93d83/pendo.js
Requested by
Host: app4.prismacloud.io
URL: https://app4.prismacloud.io/alerts/details
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.115 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-115.dus51.r.cloudfront.net
Software
UploadServer /
Resource Hash
f2fe3d23b0b5775f279b3b4911761cfba24156a3a3f871cb8c74b202617ccb06

Request headers

Referer
https://app4.prismacloud.io/alerts/details
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 17 Aug 2020 17:44:49 GMT
Content-Encoding
gzip
Content-Type
application/javascript
X-Amz-Cf-Pop
DUS51-C1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Alt-Svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin
*
Last-Modified
Thu, 06 Aug 2020 17:09:40 GMT
Server
UploadServer
ETag
"8386f734b8046b6e8ffdfcc4d1074237"
Vary
Accept-Encoding
x-goog-hash
crc32c=UKypWQ==, md5=g4b3NLgEa26P/fzE0QdCNw==
x-goog-generation
1596733780549909
Via
1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
116387
Accept-Ranges
bytes
X-GUploader-UploadID
AAANsUl3RHKPQSz7iA_HksOGbAkxZUF0bnUZsMArVOEkBzJWwMxse-JXcOycC9LXVsPtDudqqHdFh92uvLJR6y76XCM
X-Amz-Cf-Id
_ROLEkn8rbuEks9lL7JvqJOU8EXez0Z456GCiHrMXz_ugSCfdATxUg==
Expires
Mon, 17 Aug 2020 17:52:19 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: app4.prismacloud.io
URL: https://app4.prismacloud.io/alerts/details
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app4.prismacloud.io/alerts/details
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
4268
date
Mon, 17 Aug 2020 16:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Mon, 17 Aug 2020 18:33:41 GMT
collect
www.google-analytics.com/r/ 		35 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1252594377&t=pageview&_s=1&dl=https%3A%2F%2Fapp4.prismacloud.io%2Falerts%2Fdetails&ul=en-us&de=UTF-8&dt=Prisma%20Cloud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=311427393&gjid=581238773&cid=1488155309.1597686290&tid=UA-92074503-1&_gid=1993440881.1597686290&_r=1&z=562923072
Requested by
Host: app4.prismacloud.io
URL: https://app4.prismacloud.io/alerts/details
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app4.prismacloud.io/alerts/details
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Aug 2020 17:44:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| moment object| pendo number| pendoInterval string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.prismacloud.io/ Name: _gat
Value: 1
.prismacloud.io/ Name: _gid
Value: GA1.2.1993440881.1597686290
.prismacloud.io/ Name: _ga
Value: GA1.2.1488155309.1597686290

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api4.prismacloud.io/ *.pendo.io api.usersnap.com https://www.google-analytics.com https://redlock-dev-spovj3.mocklab.io *.prismacloud.io https://sentry.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js www.google.com www.gstatic.com ajax.cloudflare.com *.cloudfront.net api.usersnap.com cdn.usersnap.com *.pendo.io *.googleapis.com; img-src 'self' data: www.gravatar.com *.go.net *.s3.amazonaws.com https://mt.google.com *.pendo.io *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com www.google-analytics.com cdn.usersnap.com;style-src 'self' 'unsafe-inline' s3.amazonaws.com *.googleapis.com *.cloudfront.net fonts.gstatic.com maxcdn.bootstrapcdn.com *.pendo.io;font-src 'self' data: *.cloudfront.net s3.amazonaws.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com;object-src 'none';child-src blob: www.google.com api.usersnap.com receptive.io *.twistlock.com *.pendo.io *.receptive.io
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block