login.app.us.cobalt.io Open in urlscan Pro
2606:4700::6813:a718 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app.cobalt.io/ctc_tester
Effective URL:
https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SA4SEtLUUVCNy0tMGR3X0lJQTVBa0dDaVNDVzNfT2wwYqFur3VuaXZlcnNhbC1sb2d...
Submission: On July 06 via api (July 6th 2024, 4:25:35 pm UTC) from LU — Scanned from DE

Summary HTTP 14 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 4 domains to perform 14 HTTP transactions. The main IP is 2606:4700::6813:a718, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.app.us.cobalt.io.
TLS certificate: Issued by E6 on June 21st 2024. Valid for: 3 months.

This is the only time login.app.us.cobalt.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	2606:4700::68... 2606:4700::6812:1fc6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.36.213.229 34.36.213.229	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2606:4700::68... 2606:4700::6813:a718	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:235... 2600:9000:2359:c00:10:474e:104a:2961	() ()
4	2606:4700::68... 2606:4700::6812:7d	() ()
14	6

6 2606:4700::6812:1fc6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

app.cobalt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.us.cobalt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:a718 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

login.app.us.cobalt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2359:c00:10:474e:104a:2961 (None, )

ASN- ()

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:7d (None, )

ASN- ()

static.co27.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cobalt.io 2 redirects app.cobalt.io app.us.cobalt.io login.app.us.cobalt.io	5 MB
4	co27.io static.co27.io	983 KB
1	auth0.com cdn.auth0.com	63 KB
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 990	157 KB
14	4

	Domain	Requested by
5	app.us.cobalt.io	app.us.cobalt.io
4	static.co27.io	login.app.us.cobalt.io
2	login.app.us.cobalt.io	1 redirects app.us.cobalt.io
1	cdn.auth0.com	login.app.us.cobalt.io
1	cdn.pendo.io	app.us.cobalt.io
1	app.cobalt.io	1 redirects
14	6

This site contains links to these domains. Also see Links.

Domain
cobalt.io

Subject Issuer	Validity	Valid
cobalt.io E6	`2024-06-11` - `2024-09-09`	3 months	crt.sh
cdn.pendo.io WR3	`2024-05-27` - `2024-08-25`	3 months	crt.sh
login.app.us.cobalt.io E6	`2024-06-21` - `2024-09-19`	3 months	crt.sh
*.auth0.com Amazon RSA 2048 M03	`2024-01-25` - `2025-02-22`	a year	crt.sh
co27.io E6	`2024-06-17` - `2024-09-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SA4SEtLUUVCNy0tMGR3X0lJQTVBa0dDaVNDVzNfT2wwYqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHoyNFp5a1VCdzdqMVIxMlh0NXpNeTFXWjJRUlZUakRno2NpZNkgeUlnb0tyS2pVU29TWE9UM2d0d2lEOU41cDRFWHRBaU4
Frame ID: 3DC13910BF8A51B6D2567EB66D83EEE4
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In | Cobalt

Page URL History Show full URLs

https://app.cobalt.io/ctc_tester HTTP 301
https://app.us.cobalt.io/ctc_tester Page URL
https://login.app.us.cobalt.io/authorize?client_id=yIgoKrKjUSoSXOT3gtwiD9N5p4EXtAiN&scope=openid+profile+em... HTTP 302
https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SA4SEtLUUVCNy0tMGR3X0lJQTVBa0dDaVNDVzNfT2wwYqF... Page URL

Page Statistics

14
Requests

86 %
HTTPS

80 %
IPv6

4
Domains

6
Subdomains

6
IPs

1
Countries

6717 kB
Transfer

15198 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://cobalt.io/terms
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://cobalt.io/terms#privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://app.cobalt.io/ctc_tester HTTP 301
https://app.us.cobalt.io/ctc_tester Page URL
https://login.app.us.cobalt.io/authorize?client_id=yIgoKrKjUSoSXOT3gtwiD9N5p4EXtAiN&scope=openid+profile+email+offline_access&audience=api.us.cobalt.io&redirect_uri=https%3A%2F%2Fapp.us.cobalt.io&response_type=code&response_mode=query&state=N3Yxa2Nia0NMWlJuaGxxbm9BTEo4RkpnLnZkZjN4TDBmdGkzQjdyZFFwUg%3D%3D&nonce=cFBEUTFiRkl5TG02V2pJfk1EMjhlc2tQdWIuMjZubjdiRk41OVBvSzBTWQ%3D%3D&code_challenge=i7L9Jz-lq-Bd7OLlF9j6xU6im_Mkv9DYwLOljC_u6dE&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjEifQ%3D%3D HTTP 302
https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SA4SEtLUUVCNy0tMGR3X0lJQTVBa0dDaVNDVzNfT2wwYqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHoyNFp5a1VCdzdqMVIxMlh0NXpNeTFXWjJRUlZUakRno2NpZNkgeUlnb0tyS2pVU29TWE9UM2d0d2lEOU41cDRFWHRBaU4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://app.cobalt.io/ctc_tester HTTP 301
https://app.us.cobalt.io/ctc_tester

14 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

ctc_tester Show response
app.us.cobalt.io/
Redirect Chain

https://app.cobalt.io/ctc_tester
https://app.us.cobalt.io/ctc_tester

291 B
2 KB

369ms
323ms

Document
text/html

2606:4700::6812:1fc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.us.cobalt.io/ctc_tester

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fc6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a43ea1e1fcd5635ac7b349c520423b432329ae2ef81898074778d16a8da9bcb5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com .auth0.com: login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' .doubleclick.net https://www.google-analytics.com https://.usercentrics.eu https://grsm.io/pr/signup .auth0.com: login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com .ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors .atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://.usercentrics.eu https://.calendly.com .auth0.com: login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com https://play.vidyard.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 89f0f37abff91c2e-FRA
content-encoding: br
content-security-policy: default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com *.auth0.com:* login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors *.atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://*.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://*.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.usercentrics.eu https://*.calendly.com *.auth0.com:* login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com https://play.vidyard.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
content-type: text/html
date: Sat, 06 Jul 2024 16:25:30 GMT
last-modified: Fri, 05 Jul 2024 13:08:41 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 89f0f3786c3b972d-FRA
content-type: text/html
date: Sat, 06 Jul 2024 16:25:29 GMT
expires: Sat, 06 Jul 2024 17:25:29 GMT
location: https://app.us.cobalt.io/ctc_tester
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

GET
H2 200 main.1db6f472.js Show response
app.us.cobalt.io/static/js/ 20 KB
7 KB 388ms
386ms Script
application/javascript 2606:4700::6812:1fc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.us.cobalt.io/static/js/main.1db6f472.js

Requested by

Host: app.us.cobalt.io
URL: https://app.us.cobalt.io/ctc_tester

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fc6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02d74bb050714eef4652ce0baf9ec02888f7b37db1dbc292f58cffbb5787bcd7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com .auth0.com: login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' .doubleclick.net https://www.google-analytics.com https://.usercentrics.eu https://grsm.io/pr/signup .auth0.com: login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com .ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors .atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://.usercentrics.eu https://.calendly.com .auth0.com: login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com https://play.vidyard.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://app.us.cobalt.io/ctc_tester
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 06 Jul 2024 16:25:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com *.auth0.com:* login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors *.atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://*.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://*.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.usercentrics.eu https://*.calendly.com *.auth0.com:* login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com https://play.vidyard.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
cf-cache-status: MISS
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Jul 2024 13:08:42 GMT
server: cloudflare
etag: W/"6687f05a-4f58"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 89f0f37dbb421c2e-FRA

GET
H2 200 563.464d4404.chunk.js Show response
app.us.cobalt.io/static/js/ 9 MB
5 MB 381ms
381ms Script
application/javascript 2606:4700::6812:1fc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.us.cobalt.io/static/js/563.464d4404.chunk.js

Requested by

Host: app.us.cobalt.io
URL: https://app.us.cobalt.io/static/js/main.1db6f472.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fc6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7991f534fffb2d57a35fb2cbacca6fc64567a1aef27227fda66b41005c9bc76

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com .auth0.com: login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' .doubleclick.net https://www.google-analytics.com https://.usercentrics.eu https://grsm.io/pr/signup .auth0.com: login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com .ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors .atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://.usercentrics.eu https://.calendly.com .auth0.com: login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com https://play.vidyard.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://app.us.cobalt.io/ctc_tester
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 06 Jul 2024 16:25:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com *.auth0.com:* login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors *.atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://*.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://*.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.usercentrics.eu https://*.calendly.com *.auth0.com:* login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com https://play.vidyard.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
cf-cache-status: MISS
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Jul 2024 13:08:42 GMT
server: cloudflare
etag: W/"6687f05a-8f5691"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 89f0f3802dec1c2e-FRA

GET
H2 200 549.48ee346e3b459d5cb6d2.css
app.us.cobalt.io/static/css/ 11 KB
3 KB 388ms
387ms Stylesheet
text/css 2606:4700::6812:1fc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.us.cobalt.io/static/css/549.48ee346e3b459d5cb6d2.css

Requested by

Host: app.us.cobalt.io
URL: https://app.us.cobalt.io/static/js/main.1db6f472.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fc6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c679a09abce5bf37a82dd08ed46ceabf4eb2d038053b2b2e45290717d5e56325

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com .auth0.com: login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' .doubleclick.net https://www.google-analytics.com https://.usercentrics.eu https://grsm.io/pr/signup .auth0.com: login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com .ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors .atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://.usercentrics.eu https://.calendly.com .auth0.com: login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com https://play.vidyard.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://app.us.cobalt.io/ctc_tester
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 06 Jul 2024 16:25:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com *.auth0.com:* login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors *.atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://*.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://*.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.usercentrics.eu https://*.calendly.com *.auth0.com:* login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com https://play.vidyard.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
cf-cache-status: MISS
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Jul 2024 13:08:41 GMT
server: cloudflare
etag: W/"6687f059-2b4f"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: no-cache
cf-ray: 89f0f3802def1c2e-FRA

GET
H2 200 549.c4d01e49.chunk.js Show response
app.us.cobalt.io/static/js/ 4 MB
749 KB 389ms
389ms Script
application/javascript 2606:4700::6812:1fc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.us.cobalt.io/static/js/549.c4d01e49.chunk.js

Requested by

Host: app.us.cobalt.io
URL: https://app.us.cobalt.io/static/js/main.1db6f472.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fc6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ca27bc4061d6bdf4139ae82d9d412f5c1ff54fcb77854cc49f0cfe15d9dc78

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com .auth0.com: login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' .doubleclick.net https://www.google-analytics.com https://.usercentrics.eu https://grsm.io/pr/signup .auth0.com: login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com .ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors .atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://.usercentrics.eu https://.calendly.com .auth0.com: login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com https://play.vidyard.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://app.us.cobalt.io/ctc_tester
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 06 Jul 2024 16:25:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com *.auth0.com:* login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors *.atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://*.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://*.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.usercentrics.eu https://*.calendly.com *.auth0.com:* login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com https://play.vidyard.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
cf-cache-status: MISS
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Jul 2024 19:03:51 GMT
server: cloudflare
etag: W/"66884397-41caa5"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 89f0f3802df01c2e-FRA

GET
H2 200 pendo.js
cdn.pendo.io/agent/static/2e056d99-1cbb-4c18-619a-0e064fab9ce0/ 484 KB
157 KB 409ms
9ms Script
application/javascript 34.36.213.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pendo.io/agent/static/2e056d99-1cbb-4c18-619a-0e064fab9ce0/pendo.js

Requested by

Host: app.us.cobalt.io
URL: https://app.us.cobalt.io/static/js/549.c4d01e49.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

229.213.36.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://app.us.cobalt.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 06 Jul 2024 06:58:17 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
age: 34036
x-guploader-uploadid: ACJd0Np9OhV0ycgK1DDo1w-swWirRDmCGm2xIeihtw6iRgVaeyoaQJimf1K6deqSNw8VLg8IsQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160600
last-modified: Tue, 02 Jul 2024 15:16:36 GMT
server: UploadServer
etag: "e1901b6bc580517db7ee65d3d10c9912"
vary: Accept-Encoding
x-goog-generation: 1719933396584720
x-goog-hash: crc32c=EadfNw==, md5=4ZAba8WAUX237mXT0QyZEg==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,max-age=450
x-goog-stored-content-length: 160600
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
BLOB 200
OK 6389ad9a-1f53-46b0-b06f-8c371aba1c50
https://app.us.cobalt.io/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.us.cobalt.io/6389ad9a-1f53-46b0-b06f-8c371aba1c50
Requested by: Host: app.us.cobalt.io
URL: https://app.us.cobalt.io/ctc_tester
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Length: 2183
Content-Type: application/javascript

GET
H2

200

Primary Request identifier Show response
login.app.us.cobalt.io/u/login/
Redirect Chain

https://login.app.us.cobalt.io/authorize?client_id=yIgoKrKjUSoSXOT3gtwiD9N5p4EXtAiN&scope=openid+profile+email+offline_access&audience=api.us.cobalt.io&redirect_uri=https%3A%2F%2Fapp.us.cobalt.io&r...
https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SA4SEtLUUVCNy0tMGR3X0lJQTVBa0dDaVNDVzNfT2wwYqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHoyNFp5a1VCdzdqMVIxMlh0NXpNeTFXWjJRUlZUakRno2NpZNkgeUlnb0tyS...

38 KB
39 KB

634ms
633ms

Document
text/html

2606:4700::6813:a718
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SA4SEtLUUVCNy0tMGR3X0lJQTVBa0dDaVNDVzNfT2wwYqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHoyNFp5a1VCdzdqMVIxMlh0NXpNeTFXWjJRUlZUakRno2NpZNkgeUlnb0tyS2pVU29TWE9UM2d0d2lEOU41cDRFWHRBaU4

Requested by

Host: app.us.cobalt.io
URL: https://app.us.cobalt.io/static/js/563.464d4404.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a718 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bfdac93d0832035d7fc6888933a8d1d5599fbcef7fe6147733f500f01d1473a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://app.us.cobalt.io/ctc_tester
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
baggage: auth0-request-id=df733e197ae19046721efa854ab261af
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 89f0f39259871e14-FRA
content-language: en
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Sat, 06 Jul 2024 16:25:34 GMT
etag: W/"9889-NIATan2BankAlMs1VY7ETPvidUw"
expires: Sat, 06 Jul 2024 16:25:34 GMT
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-df733e197ae19046721efa854ab261af-d482dad5adade862-01
vary: Accept-Encoding
x-auth0-dl: 326
x-auth0-requestid: a74420e56c84ba951587
x-content-type-options: nosniff
x-frame-options: deny
x-ratelimit-limit: 20
x-ratelimit-remaining: 19
x-ratelimit-reset: 1720283140
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
baggage: auth0-request-id=66a99b31fe44d491672815f6cff99fae
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 89f0f3903e651e14-FRA
content-length: 446
content-type: text/html; charset=utf-8
date: Sat, 06 Jul 2024 16:25:33 GMT
location: /u/login/identifier?state=hKFo2SA4SEtLUUVCNy0tMGR3X0lJQTVBa0dDaVNDVzNfT2wwYqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHoyNFp5a1VCdzdqMVIxMlh0NXpNeTFXWjJRUlZUakRno2NpZNkgeUlnb0tyS2pVU29TWE9UM2d0d2lEOU41cDRFWHRBaU4
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-66a99b31fe44d491672815f6cff99fae-0797cc854bd46972-01
vary: Accept, Accept-Encoding
x-auth0-requestid: efc52755644a95e3d56c
x-content-type-options: nosniff
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1720283134

GET
H2 200 main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.94.6/css/ 273 KB
63 KB 92ms
11ms Stylesheet
text/css 2600:9000:2359:c00:10:474e:104a:2961

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/ulp/react-components/1.94.6/css/main.cdn.min.css

Requested by

Host: login.app.us.cobalt.io
URL: https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SA4SEtLUUVCNy0tMGR3X0lJQTVBa0dDaVNDVzNfT2wwYqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHoyNFp5a1VCdzdqMVIxMlh0NXpNeTFXWjJRUlZUakRno2NpZNkgeUlnb0tyS2pVU29TWE9UM2d0d2lEOU41cDRFWHRBaU4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:c00:10:474e:104a:2961 -, , ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0009a6f5c2fb0070291fc9b2e475ce44aa33b7d4911ed49045af8dbded58327f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-version-id: 0ajQeInlmsnO0JWLKEZ5dKWD4IO76bsX
content-encoding: gzip
via: 1.1 9b253b6508bd634345864697c48abb50.cloudfront.net (CloudFront)
date: Fri, 05 Jul 2024 23:55:56 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 59379
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
last-modified: Thu, 27 Jun 2024 17:05:12 GMT
server: AmazonS3
etag: W/"c4d72da96406955808d8661725b53f8c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
x-robots-tag: noindex
x-amz-cf-id: FnB41gm4OdZP_Rtx2_R86BrK_OYcbHCCZ4hlNf6NAQSwJ5cz724I1A==

GET
H2 200 New_Cobalt_logo.svg
static.co27.io/assets/images/ 8 KB
4 KB 350ms
298ms Image
image/svg+xml 2606:4700::6812:7d

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.co27.io/assets/images/New_Cobalt_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7d -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3ed70ba40baa316aa8710bd277de5bd7f421ff9177872c52230d8bcd6a0f968

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 06 Jul 2024 16:25:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Aug 2023 13:23:20 GMT
server: cloudflare
etag: W/"64d4e4c8-1e16"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 89f0f396b99b6904-FRA
expires: Sat, 06 Jul 2024 20:25:34 GMT

GET
H2 200 login-hero.png
static.co27.io/assets/images/ 653 KB
654 KB 314ms
313ms Image
image/png 2606:4700::6812:7d

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.co27.io/assets/images/login-hero.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7d -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

cfcd099530f8d95f3b36cab401a23d54d517c52d86e89f775b1103f157126e1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://login.app.us.cobalt.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 06 Jul 2024 16:25:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Aug 2023 13:23:20 GMT
server: cloudflare
etag: "64d4e4c8-a342d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89f0f39719de6904-FRA
content-length: 668717
expires: Sat, 06 Jul 2024 20:25:34 GMT

GET
H2 200 Cobalt-Logo.png
static.co27.io/assets/images/ 7 KB
7 KB 308ms
308ms Image
image/png 2606:4700::6812:7d

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.co27.io/assets/images/Cobalt-Logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7d -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4bd74133a6f37a44cce3a4062abece2c2d98c34509b6ec3819ab7780e219e844

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://login.app.us.cobalt.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 06 Jul 2024 16:25:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Aug 2023 13:23:20 GMT
server: cloudflare
etag: "64d4e4c8-1c89"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89f0f39719e06904-FRA
content-length: 7305
expires: Sat, 06 Jul 2024 20:25:34 GMT

GET
DATA 200
OK truncated
/ 688 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd0c91dae3964654557348546b167581cdac13a2e00555b3c5b73e0981d4b165

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Inter.var.woff2
static.co27.io/assets/fonts/ 317 KB
318 KB 326ms
304ms Font
font/woff2 2606:4700::6812:7d

General

Check archive.org

Show headers Download Go to

Full URL

https://static.co27.io/assets/fonts/Inter.var.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7d -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://login.app.us.cobalt.io/
Origin: https://login.app.us.cobalt.io
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 06 Jul 2024 16:25:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Aug 2023 13:23:20 GMT
server: cloudflare
etag: "64d4e4c8-4f500"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89f0f3976aed9226-FRA
content-length: 324864
expires: Sat, 06 Jul 2024 20:25:34 GMT

GET favicon.ico
static.co27.io/assets/images/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.co27.io
URL: https://static.co27.io/assets/images/favicon.ico

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| ulpFlags

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.app.us.cobalt.io/	1969-12-31 23:59:59	Name: did Value: s%3Av0%3A44d29b81-2fed-4969-8d35-b3a0972c43e2.C4%2F62PZhXoXxrf561Vk1DAmOrRWMFMEortS8cz59KHQ
login.app.us.cobalt.io/	1969-12-31 23:59:59	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQKOhn1RSs-6ySlggmZnBp8l_FIKVnRRPG8BzqAd43S1HzeX435le2GvRgMWsRcoa2UrA2nsNCsOXOR-MXjxxmSmmY29va2llg6dleHBpcmVz1_-tzqEAZo1kfa5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.NlChNIIqg%2FJ6F8BA5JuE7QSNPt%2FhJLkDoL2OMXA6FIQ
login.app.us.cobalt.io/	1969-12-31 23:59:59	Name: did_compat Value: s%3Av0%3A44d29b81-2fed-4969-8d35-b3a0972c43e2.C4%2F62PZhXoXxrf561Vk1DAmOrRWMFMEortS8cz59KHQ
login.app.us.cobalt.io/	1969-12-31 23:59:59	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQKOhn1RSs-6ySlggmZnBp8l_FIKVnRRPG8BzqAd43S1HzeX435le2GvRgMWsRcoa2UrA2nsNCsOXOR-MXjxxmSmmY29va2llg6dleHBpcmVz1_-tzqEAZo1kfa5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.NlChNIIqg%2FJ6F8BA5JuE7QSNPt%2FhJLkDoL2OMXA6FIQ

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://app.us.cobalt.io/static/js/549.c4d01e49.chunk.js(Line 194) Message: Refused to connect to 'https://o159135.ingest.us.sentry.io/api/1220993/envelope/?sentry_key=41e49729f6c74b8e9cb00cd7f860b73c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.58.1' because it violates the following Content Security Policy directive: "connect-src wss://* data: blob: 'self' .doubleclick.net https://www.google-analytics.com https://.usercentrics.eu https://grsm.io/pr/signup .auth0.com: login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com".
javascript	error	URL: https://app.us.cobalt.io/static/js/549.c4d01e49.chunk.js(Line 194) Message: Refused to connect to 'https://o159135.ingest.us.sentry.io/api/1220993/envelope/?sentry_key=41e49729f6c74b8e9cb00cd7f860b73c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.58.1' because it violates the document's Content Security Policy.
security	error	URL: https://app.us.cobalt.io/static/js/549.c4d01e49.chunk.js(Line 194) Message: Refused to connect to 'https://o159135.ingest.us.sentry.io/api/1220993/envelope/?sentry_key=41e49729f6c74b8e9cb00cd7f860b73c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.58.1' because it violates the following Content Security Policy directive: "connect-src wss://* data: blob: 'self' .doubleclick.net https://www.google-analytics.com https://.usercentrics.eu https://grsm.io/pr/signup .auth0.com: login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com".
javascript	error	URL: https://app.us.cobalt.io/static/js/549.c4d01e49.chunk.js(Line 194) Message: Refused to connect to 'https://o159135.ingest.us.sentry.io/api/1220993/envelope/?sentry_key=41e49729f6c74b8e9cb00cd7f860b73c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.58.1' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com .auth0.com: login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' .doubleclick.net https://www.google-analytics.com https://.usercentrics.eu https://grsm.io/pr/signup .auth0.com: login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com .ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors .atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://.usercentrics.eu https://.calendly.com .auth0.com: login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com https://play.vidyard.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.cobalt.io
app.us.cobalt.io
cdn.auth0.com
cdn.pendo.io
login.app.us.cobalt.io
static.co27.io
static.co27.io
2600:9000:2359:c00:10:474e:104a:2961
2606:4700::6812:1fc6
2606:4700::6812:7d
2606:4700::6813:a718
34.36.213.229
0009a6f5c2fb0070291fc9b2e475ce44aa33b7d4911ed49045af8dbded58327f
02d74bb050714eef4652ce0baf9ec02888f7b37db1dbc292f58cffbb5787bcd7
4bd74133a6f37a44cce3a4062abece2c2d98c34509b6ec3819ab7780e219e844
4bfdac93d0832035d7fc6888933a8d1d5599fbcef7fe6147733f500f01d1473a
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8
93ca27bc4061d6bdf4139ae82d9d412f5c1ff54fcb77854cc49f0cfe15d9dc78
a43ea1e1fcd5635ac7b349c520423b432329ae2ef81898074778d16a8da9bcb5
b7991f534fffb2d57a35fb2cbacca6fc64567a1aef27227fda66b41005c9bc76
c679a09abce5bf37a82dd08ed46ceabf4eb2d038053b2b2e45290717d5e56325
cfcd099530f8d95f3b36cab401a23d54d517c52d86e89f775b1103f157126e1a
e3ed70ba40baa316aa8710bd277de5bd7f421ff9177872c52230d8bcd6a0f968
fd0c91dae3964654557348546b167581cdac13a2e00555b3c5b73e0981d4b165

login.app.us.cobalt.io Open in urlscan Pro 2606:4700::6813:a718 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

86 %HTTPS

80 %IPv6

4 Domains

6 Subdomains

6 IPs

1 Countries

6717 kBTransfer

15198 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

4 Cookies

4 Console Messages

Security Headers

Indicators

login.app.us.cobalt.io Open in urlscan Pro
2606:4700::6813:a718 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

86 %
HTTPS

80 %
IPv6

4
Domains

6
Subdomains

6
IPs

1
Countries

6717 kB
Transfer

15198 kB
Size

4
Cookies

14 HTTP transactions
1 data transactions