urlscan.io logo urlscan.io
SecurityTrails logo

app.posthog.com Open in urlscan Pro
2606:4700:10::ac43:2832  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.posthog.com/S/?COMPRESSION=GZIP-JS&IP=1&_=1614105733099
Effective URL: https://app.posthog.com/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099
Submission: On February 23 via api from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 2606:4700:10::ac43:2832, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.posthog.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2020. Valid for: a year.
This is the only time app.posthog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
8 2
Apex Domain
Subdomains		 Transfer
8 posthog.com
app.posthog.com
128 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com
23 KB
8 2
Domain Requested by
8 app.posthog.com 1 redirects app.posthog.com
1 stackpath.bootstrapcdn.com app.posthog.com
8 2

This site contains links to these domains. Also see Links.

Domain
posthog.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-16 -
2021-07-16		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://app.posthog.com/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099
Frame ID: 6F603E81C30932E19EB2902AC76BCFCF
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://app.posthog.com/S/?COMPRESSION=GZIP-JS&IP=1&_=1614105733099 HTTP 302
    https://app.posthog.com/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

8
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

150 kB
Transfer

878 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.posthog.com/S/?COMPRESSION=GZIP-JS&IP=1&_=1614105733099 HTTP 302
    https://app.posthog.com/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
app.posthog.com/
Redirect Chain
  • https://app.posthog.com/S/?COMPRESSION=GZIP-JS&IP=1&_=1614105733099
  • https://app.posthog.com/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2cdb9be9aa1f237b3f5ff20742263e8e616f9d951e2bfa9565666757a19de9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:method
GET
:authority
app.posthog.com
:scheme
https
:path
/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d29fd818bf999097dc40e6df06b1749591614107805
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 19:16:45 GMT
content-type
text/html; charset=utf-8
x-frame-options
DENY
vary
Cookie
x-content-type-options
nosniff
set-cookie
csrftoken=sMjzEhdMTuKhz0vIN8TbNVJ1KFaBAqH51yfvoKd6mRB5WzHquOkd09C1YTX93fAM; expires=Tue, 22 Feb 2022 19:16:45 GMT; Max-Age=31449600; Path=/; SameSite=Lax; Secure
cf-cache-status
DYNAMIC
cf-request-id
0871eb9f05000097c6aebed000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
626348780ff397c6-FRA
content-encoding
gzip

Redirect headers

date
Tue, 23 Feb 2021 19:16:45 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d29fd818bf999097dc40e6df06b1749591614107805; expires=Thu, 25-Mar-21 19:16:45 GMT; path=/; domain=.posthog.com; HttpOnly; SameSite=Lax
location
/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099
x-frame-options
DENY
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cf-request-id
0871eb9d61000097c68b219000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
626348756f2997c6-FRA
main.css
app.posthog.com/static/ 		535 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/static/main.css
Requested by
Host: app.posthog.com
URL: https://app.posthog.com/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7cd4ba09c6dcc21814c953371ca49559a5b6240dd7150fcdc9ffeec89f639e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.posthog.com/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 19:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-length
69177
cf-request-id
0871eba0d3000097c67c0c4000000001
last-modified
Tue, 23 Feb 2021 17:14:26 GMT
server
cloudflare
x-frame-options
DENY
etag
"603537f2-85db9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Cookie
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
6263487ae8d397c6-FRA
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 		156 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: app.posthog.com
URL: https://app.posthog.com/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://app.posthog.com
Referer
https://app.posthog.com/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 19:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Nov 2019 17:52:46 GMT
etag
"1574963566"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
23681
array.js
app.posthog.com/static/ 		102 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/static/array.js
Requested by
Host: app.posthog.com
URL: https://app.posthog.com/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec4366c3c6af4969e7154f711745e517cb8f6eccd9b1744c93fdf5cfd9c7f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.posthog.com/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 19:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1493
content-length
32002
cf-request-id
0871eba0d7000097c680939000000001
last-modified
Tue, 23 Feb 2021 17:14:26 GMT
server
cloudflare
x-frame-options
DENY
etag
"603537f2-19797"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Cookie
content-type
application/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
6263487af8d597c6-FRA
/
app.posthog.com/decide/ 		537 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/decide/?ip=1&_=1614107805949
Requested by
Host: app.posthog.com
URL: https://app.posthog.com/static/array.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d039024f331e571f114a51eab71c6a58ba74909eb69d19015c7081c40119defd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.posthog.com/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 23 Feb 2021 19:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app.posthog.com
access-control-allow-credentials
true
cf-ray
6263487b38e697c6-FRA
access-control-allow-headers
X-Requested-With
cf-request-id
0871eba100000097c6aebf7000000001
recorder.js
app.posthog.com/static/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/static/recorder.js?v=1.8.7
Requested by
Host: app.posthog.com
URL: https://app.posthog.com/static/array.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc09c6fa9059d7f1cee76620ae03e228fde43a0f68441f9ade8b0fd6fd1e6763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.posthog.com/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 19:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1049542
content-length
24847
cf-request-id
0871eba1b6000097c68093d000000001
last-modified
Thu, 11 Feb 2021 15:23:32 GMT
server
cloudflare
x-frame-options
DENY
etag
"60254bf4-13b6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Cookie
content-type
application/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6263487c592997c6-FRA
/
app.posthog.com/e/ 		13 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/e/?compression=gzip-js&ip=1&_=1614107809515
Requested by
Host: app.posthog.com
URL: https://app.posthog.com/static/array.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.posthog.com/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Feb 2021 19:16:49 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app.posthog.com
access-control-allow-credentials
true
cf-ray
626348917ed797c6-FRA
access-control-allow-headers
X-Requested-With
content-length
13
cf-request-id
0871ebaeee000097c69a8fc000000001
/
app.posthog.com/s/ 		13 B
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/s/?compression=gzip-js&ip=1&_=1614107809589
Requested by
Host: app.posthog.com
URL: https://app.posthog.com/static/array.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.posthog.com/login?next=/S/%3FCOMPRESSION%3DGZIP-JS%26IP%3D1%26_%3D1614105733099
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Feb 2021 19:16:50 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app.posthog.com
access-control-allow-credentials
true
cf-ray
62634891fef597c6-FRA
access-control-allow-headers
X-Requested-With
content-length
13
cf-request-id
0871ebaf38000097c6a216f000000001

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| JS_POSTHOG_API_KEY string| JS_POSTHOG_HOST string| SENTRY_DSN object| posthog function| parcelRequire object| rrweb

3 Cookies

Domain/Path Name / Value
.posthog.com/ Name: ph_sTMFPsFhdP1Ssg_posthog
Value: %7B%22distinct_id%22%3A%22177d05288fb213-08f3b1c05ed49f-1b396256-1d4c00-177d05288fcf47%22%2C%22%24device_id%22%3A%22177d05288fb213-08f3b1c05ed49f-1b396256-1d4c00-177d05288fcf47%22%2C%22%24initial_referrer%22%3A%22%24direct%22%2C%22%24initial_referring_domain%22%3A%22%24direct%22%2C%22%24referrer%22%3A%22%24direct%22%2C%22%24referring_domain%22%3A%22%24direct%22%2C%22%24session_recording_enabled%22%3Atrue%2C%22%24active_feature_flags%22%3A%5B%22session-recording-player%22%2C%22ch-path-endpoint%22%2C%22test%22%2C%22launch-tutorials-section%22%2C%22ch-retention-endpoint%22%2C%22ch-funnel-endpoint%22%2C%22ch-session-endpoint%22%2C%221694-dashboards%22%2C%22ch-event-endpoint%22%2C%22ch-action-endpoint%22%2C%22ch-trend-endpoint%22%2C%22billing-management-page%22%2C%22remove-shownas%22%2C%22filter_by_session_props%22%2C%22new-onboarding-2822%22%5D%2C%22%24sesid%22%3A%5B1614107806620%2C%22177d0528b2fd77-01975ee93a2b25-1b396256-1d4c00-177d0528b3087c%22%5D%7D
app.posthog.com/ Name: csrftoken
Value: sMjzEhdMTuKhz0vIN8TbNVJ1KFaBAqH51yfvoKd6mRB5WzHquOkd09C1YTX93fAM
.posthog.com/ Name: __cfduid
Value: d29fd818bf999097dc40e6df06b1749591614107805

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY