urlscan.io logo urlscan.io
SecurityTrails logo

login.app.us.cobalt.io Open in urlscan Pro
2606:4700::6813:a818  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.cobalt.io/
Effective URL: https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SBMam1GRnZIY3dicjNGRkNjZ0pZZE1DdWZpajM0WVhaaqFur3VuaXZlcnNhbC1sb2d...
Submission: On October 09 via api from DE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 4 domains to perform 14 HTTP transactions. The main IP is 2606:4700::6813:a818, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.app.us.cobalt.io.
TLS certificate: Issued by E5 on August 19th 2024. Valid for: 3 months.
This is the only time login.app.us.cobalt.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.36.213.229 396982 (GOOGLE-CL...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:27c... 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
14 6
6    2606:4700::6812:1fc6 (United States)

ASN13335 (CLOUDFLARENET, US)
app.cobalt.io
app.us.cobalt.io
1    34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com
cdn.pendo.io
2    2606:4700::6813:a818 (United States)

ASN13335 (CLOUDFLARENET, US)
login.app.us.cobalt.io
1    2600:9000:27c2:9800:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
5    2606:4700::6812:7d (United States)

ASN13335 (CLOUDFLARENET, US)
static.co27.io
Apex Domain
Subdomains		 Transfer
8 cobalt.io
app.cobalt.io
app.us.cobalt.io
login.app.us.cobalt.io
6 MB
5 co27.io
static.co27.io
985 KB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 6411
63 KB
1 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 626
155 KB
14 4
Domain Requested by
5 static.co27.io login.app.us.cobalt.io
5 app.us.cobalt.io app.us.cobalt.io
2 login.app.us.cobalt.io 1 redirects app.us.cobalt.io
1 cdn.auth0.com login.app.us.cobalt.io
1 cdn.pendo.io app.us.cobalt.io
1 app.cobalt.io 1 redirects
14 6

This site contains links to these domains. Also see Links.

Domain
cobalt.io
Subject Issuer Validity Valid
admin-api.us.cobalt.io
WE1		 2024-10-07 -
2025-01-05		 3 months crt.sh
cdn.pendo.io
WR3		 2024-09-19 -
2024-12-18		 3 months crt.sh
login.app.us.cobalt.io
E5		 2024-08-19 -
2024-11-17		 3 months crt.sh
*.auth0.com
Amazon RSA 2048 M03		 2024-01-25 -
2025-02-22		 a year crt.sh
co27.io
WE1		 2024-10-06 -
2025-01-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SBMam1GRnZIY3dicjNGRkNjZ0pZZE1DdWZpajM0WVhaaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDdod3VxelM5WU04X3ZadkNiTXhNS2ZhWWJhQkxNYXRuo2NpZNkgeUlnb0tyS2pVU29TWE9UM2d0d2lEOU41cDRFWHRBaU4
Frame ID: 739B5EDF2B74412DD996B8020A4B852C
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In | Cobalt

Page URL History Show full URLs

  1. http://app.cobalt.io/ HTTP 307
    https://app.cobalt.io/ HTTP 301
    https://app.us.cobalt.io/ Page URL
  2. https://login.app.us.cobalt.io/authorize?client_id=yIgoKrKjUSoSXOT3gtwiD9N5p4EXtAiN&scope=openid+profile+em... HTTP 302
    https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SBMam1GRnZIY3dicjNGRkNjZ0pZZE1DdWZpajM0WVhaaqF... Page URL

Page Statistics

14
Requests

93 %
HTTPS

80 %
IPv6

4
Domains

6
Subdomains

6
IPs

1
Countries

7004 kB
Transfer

15538 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.cobalt.io/ HTTP 307
    https://app.cobalt.io/ HTTP 301
    https://app.us.cobalt.io/ Page URL
  2. https://login.app.us.cobalt.io/authorize?client_id=yIgoKrKjUSoSXOT3gtwiD9N5p4EXtAiN&scope=openid+profile+email+offline_access&audience=api.us.cobalt.io&redirect_uri=https%3A%2F%2Fapp.us.cobalt.io&response_type=code&response_mode=query&state=Z3RxNi43dGZGLVBZUktIYn5KfmpzZGRLOV9WM1EzYU9zTDFHVEhkdGZOTw%3D%3D&nonce=LVVnRmJCVWJpRjBhQUtkUjg3QnBHQ245b19ZRHYxU1AydVZQRURwd3E1YQ%3D%3D&code_challenge=a4pjPLbUcTfinjmhfAB5lM-JhkTh1KalOXy3hidewCc&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjEifQ%3D%3D HTTP 302
    https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SBMam1GRnZIY3dicjNGRkNjZ0pZZE1DdWZpajM0WVhaaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDdod3VxelM5WU04X3ZadkNiTXhNS2ZhWWJhQkxNYXRuo2NpZNkgeUlnb0tyS2pVU29TWE9UM2d0d2lEOU41cDRFWHRBaU4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://app.cobalt.io/ HTTP 307
  • https://app.cobalt.io/ HTTP 301
  • https://app.us.cobalt.io/

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
app.us.cobalt.io/
Redirect Chain
  • http://app.cobalt.io/
  • https://app.cobalt.io/
  • https://app.us.cobalt.io/
291 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.us.cobalt.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba8b86ac5a8c0640d618483269075247e3fa9d8585dd57f028aaec47b758aafa
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com *.auth0.com:* login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors *.atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://*.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://*.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.usercentrics.eu https://*.calendly.com https://embedding.workato.com/r/embedding-client.js *.auth0.com:* login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com app.eu.workato.com https://play.vidyard.com https://www.loom.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8d002a264a926e06-YUL
content-encoding
br
content-security-policy
default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com *.auth0.com:* login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors *.atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://*.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://*.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.usercentrics.eu https://*.calendly.com https://embedding.workato.com/r/embedding-client.js *.auth0.com:* login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com app.eu.workato.com https://play.vidyard.com https://www.loom.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
content-type
text/html
date
Wed, 09 Oct 2024 17:41:59 GMT
last-modified
Wed, 09 Oct 2024 14:40:10 GMT
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials=(self), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
8d002a2518ec6e06-YUL
content-type
text/html
date
Wed, 09 Oct 2024 17:41:59 GMT
expires
Wed, 09 Oct 2024 18:41:59 GMT
location
https://app.us.cobalt.io/
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
main.882cea50.js
app.us.cobalt.io/static/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.us.cobalt.io/static/js/main.882cea50.js
Requested by
Host: app.us.cobalt.io
URL: https://app.us.cobalt.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb91c4c5e33ede989511ebadb3ab9030b34b9fa4a9d34267a784ae549a4328cd
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com *.auth0.com:* login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors *.atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://*.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://*.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.usercentrics.eu https://*.calendly.com https://embedding.workato.com/r/embedding-client.js *.auth0.com:* login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com app.eu.workato.com https://play.vidyard.com https://www.loom.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.us.cobalt.io/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"670695ca-4f58"
x-content-type-options
nosniff
date
Wed, 09 Oct 2024 17:41:59 GMT
content-type
application/javascript
last-modified
Wed, 09 Oct 2024 14:40:10 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com *.auth0.com:* login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors *.atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://*.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://*.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.usercentrics.eu https://*.calendly.com https://embedding.workato.com/r/embedding-client.js *.auth0.com:* login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com app.eu.workato.com https://play.vidyard.com https://www.loom.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
cache-control
no-cache
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d002a272bde6e06-YUL
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials=(self), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
x-xss-protection
1; mode=block
server
cloudflare
163.8847c715.chunk.js
app.us.cobalt.io/static/js/ 		9 MB
5 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.us.cobalt.io/static/js/163.8847c715.chunk.js
Requested by
Host: app.us.cobalt.io
URL: https://app.us.cobalt.io/static/js/main.882cea50.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b81f7bc2632121110dba8d2e1ae44dc9be558a832ede403a2a954484719ac4c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com *.auth0.com:* login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors *.atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://*.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://*.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.usercentrics.eu https://*.calendly.com https://embedding.workato.com/r/embedding-client.js *.auth0.com:* login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com app.eu.workato.com https://play.vidyard.com https://www.loom.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.us.cobalt.io/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"670695ca-953f3d"
x-content-type-options
nosniff
date
Wed, 09 Oct 2024 17:41:59 GMT
content-type
application/javascript
last-modified
Wed, 09 Oct 2024 14:40:10 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com *.auth0.com:* login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors *.atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://*.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://*.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.usercentrics.eu https://*.calendly.com https://embedding.workato.com/r/embedding-client.js *.auth0.com:* login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com app.eu.workato.com https://play.vidyard.com https://www.loom.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
cache-control
no-cache
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d002a27dd976e06-YUL
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials=(self), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
x-xss-protection
1; mode=block
server
cloudflare
746.119af46698d81752e6d5.css
app.us.cobalt.io/static/css/ 		11 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.us.cobalt.io/static/css/746.119af46698d81752e6d5.css
Requested by
Host: app.us.cobalt.io
URL: https://app.us.cobalt.io/static/js/main.882cea50.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8726246f25b37108f841af98e5a4203dbe480ce109508353c9729304a11b3bb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com *.auth0.com:* login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors *.atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://*.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://*.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.usercentrics.eu https://*.calendly.com https://embedding.workato.com/r/embedding-client.js *.auth0.com:* login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com app.eu.workato.com https://play.vidyard.com https://www.loom.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.us.cobalt.io/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"670695ca-2b4f"
x-content-type-options
nosniff
date
Wed, 09 Oct 2024 17:41:59 GMT
content-type
text/css
last-modified
Wed, 09 Oct 2024 14:40:10 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com *.auth0.com:* login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors *.atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://*.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://*.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.usercentrics.eu https://*.calendly.com https://embedding.workato.com/r/embedding-client.js *.auth0.com:* login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com app.eu.workato.com https://play.vidyard.com https://www.loom.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
cache-control
no-cache
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d002a27dd9f6e06-YUL
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials=(self), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
x-xss-protection
1; mode=block
server
cloudflare
746.36786143.chunk.js
app.us.cobalt.io/static/js/ 		4 MB
794 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.us.cobalt.io/static/js/746.36786143.chunk.js
Requested by
Host: app.us.cobalt.io
URL: https://app.us.cobalt.io/static/js/main.882cea50.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
651c9569d772c930d163b5e4333746e1f3a9544e297177141134de0f68952de6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com *.auth0.com:* login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors *.atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://*.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://*.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.usercentrics.eu https://*.calendly.com https://embedding.workato.com/r/embedding-client.js *.auth0.com:* login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com app.eu.workato.com https://play.vidyard.com https://www.loom.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.us.cobalt.io/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"67069a31-410925"
x-content-type-options
nosniff
date
Wed, 09 Oct 2024 17:41:59 GMT
content-type
application/javascript
last-modified
Wed, 09 Oct 2024 14:58:57 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=15724800; includeSubDomains
content-security-policy
default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com *.auth0.com:* login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors *.atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://*.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://*.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.usercentrics.eu https://*.calendly.com https://embedding.workato.com/r/embedding-client.js *.auth0.com:* login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com app.eu.workato.com https://play.vidyard.com https://www.loom.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
cache-control
no-cache
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d002a27dda26e06-YUL
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials=(self), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
x-xss-protection
1; mode=block
server
cloudflare
pendo.js
cdn.pendo.io/agent/static/2e056d99-1cbb-4c18-619a-0e064fab9ce0/ 		476 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/2e056d99-1cbb-4c18-619a-0e064fab9ce0/pendo.js
Requested by
Host: app.us.cobalt.io
URL: https://app.us.cobalt.io/static/js/746.36786143.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
229.213.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.us.cobalt.io/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
content-encoding
gzip
x-goog-hash
crc32c=leXzJw==, md5=46XPKP05cW+ga4PaJPxxcw==
etag
"e3a5cf28fd39716fa06b83da24fc7173"
age
70
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
158587
date
Wed, 09 Oct 2024 17:40:51 GMT
last-modified
Thu, 03 Oct 2024 18:18:11 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3nf2Q6vyTWF1q99HDTfAUFIX_Dg7kiWBGTAQj1IBGpIdvBmw5L8GW7XSqvWnA2Pt995kUzQNZhIw
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public,max-age=450
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727979491166698
content-length
158587
server
UploadServer
c51544ed-1b49-4638-90ea-e677b1ca7733
https://app.us.cobalt.io/ 		0
0
Primary Request identifier
login.app.us.cobalt.io/u/login/
Redirect Chain
  • https://login.app.us.cobalt.io/authorize?client_id=yIgoKrKjUSoSXOT3gtwiD9N5p4EXtAiN&scope=openid+profile+email+offline_access&audience=api.us.cobalt.io&redirect_uri=https%3A%2F%2Fapp.us.cobalt.io&r...
  • https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SBMam1GRnZIY3dicjNGRkNjZ0pZZE1DdWZpajM0WVhaaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDdod3VxelM5WU04X3ZadkNiTXhNS2ZhWWJhQkxNYXRuo2NpZNkgeUlnb0tyS...
39 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SBMam1GRnZIY3dicjNGRkNjZ0pZZE1DdWZpajM0WVhaaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDdod3VxelM5WU04X3ZadkNiTXhNS2ZhWWJhQkxNYXRuo2NpZNkgeUlnb0tyS2pVU29TWE9UM2d0d2lEOU41cDRFWHRBaU4
Requested by
Host: app.us.cobalt.io
URL: https://app.us.cobalt.io/static/js/163.8847c715.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a818 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a65df5510232f4d0a580d154f888df4ffdfee2ec8d333bc0d32c555dca6ab8d8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.us.cobalt.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8d002a376e56a275-YUL
content-language
en
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Wed, 09 Oct 2024 17:42:02 GMT
etag
W/"9a56-EYDRuYvPxz/AnveyxMrjth2DO7E"
expires
Wed, 09 Oct 2024 17:42:02 GMT
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-dl
417
x-auth0-requestid
d9a7cb8e279f3605e524
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1728495729
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8d002a357a59a275-YUL
content-length
446
content-type
text/html; charset=utf-8
date
Wed, 09 Oct 2024 17:42:02 GMT
location
/u/login/identifier?state=hKFo2SBMam1GRnZIY3dicjNGRkNjZ0pZZE1DdWZpajM0WVhaaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDdod3VxelM5WU04X3ZadkNiTXhNS2ZhWWJhQkxNYXRuo2NpZNkgeUlnb0tyS2pVU29TWE9UM2d0d2lEOU41cDRFWHRBaU4
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-requestid
6f64bd226e597123aca5
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-ratelimit-reset
1728495722
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.98.3/css/ 		278 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/ulp/react-components/1.98.3/css/main.cdn.min.css
Requested by
Host: login.app.us.cobalt.io
URL: https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SBMam1GRnZIY3dicjNGRkNjZ0pZZE1DdWZpajM0WVhaaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDdod3VxelM5WU04X3ZadkNiTXhNS2ZhWWJhQkxNYXRuo2NpZNkgeUlnb0tyS2pVU29TWE9UM2d0d2lEOU41cDRFWHRBaU4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27c2:9800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4161aa017f4ad49104b44061a7deeb8cce9b74956b724bdc1840bd86c5ec5ea2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag
noindex
content-encoding
gzip
x-amz-version-id
3KVYhiwffseGWoIBklhMFCg3A6YvP.Ri
etag
W/"f12b05dcb083f3da7908d9766b61eef9"
age
71525
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
yvV38rUyD6DnZFbuiXrH2oM0i0pjjoMrKpXKjjTRegmKwRpomkIrsg==
date
Tue, 08 Oct 2024 21:50:20 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Fri, 04 Oct 2024 17:09:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-replication-status
FAILED
cache-control
max-age=86400
via
1.1 7188701415bacec1212330181f9c1646.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
New_Cobalt_logo.svg
static.co27.io/assets/images/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.co27.io/assets/images/New_Cobalt_logo.svg
Requested by
Host: login.app.us.cobalt.io
URL: https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SBMam1GRnZIY3dicjNGRkNjZ0pZZE1DdWZpajM0WVhaaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDdod3VxelM5WU04X3ZadkNiTXhNS2ZhWWJhQkxNYXRuo2NpZNkgeUlnb0tyS2pVU29TWE9UM2d0d2lEOU41cDRFWHRBaU4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3ed70ba40baa316aa8710bd277de5bd7f421ff9177872c52230d8bcd6a0f968
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6697b25b-1e16"
access-control-allow-methods
GET, OPTIONS
cf-ray
8d002a3cbb6ba2f3-YUL
expires
Wed, 09 Oct 2024 21:42:03 GMT
access-control-allow-origin
*
date
Wed, 09 Oct 2024 17:42:03 GMT
content-type
image/svg+xml
last-modified
Wed, 17 Jul 2024 12:00:27 GMT
vary
Accept-Encoding
server
cloudflare
login-hero.png
static.co27.io/assets/images/ 		653 KB
654 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.co27.io/assets/images/login-hero.png
Requested by
Host: login.app.us.cobalt.io
URL: https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SBMam1GRnZIY3dicjNGRkNjZ0pZZE1DdWZpajM0WVhaaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDdod3VxelM5WU04X3ZadkNiTXhNS2ZhWWJhQkxNYXRuo2NpZNkgeUlnb0tyS2pVU29TWE9UM2d0d2lEOU41cDRFWHRBaU4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfcd099530f8d95f3b36cab401a23d54d517c52d86e89f775b1103f157126e1a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.app.us.cobalt.io/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
public, max-age=14400
cf-cache-status
HIT
etag
"6697b25b-a342d"
access-control-allow-methods
GET, OPTIONS
cf-ray
8d002a3d3cc1a2f3-YUL
expires
Wed, 09 Oct 2024 21:42:03 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
668717
date
Wed, 09 Oct 2024 17:42:03 GMT
content-type
image/png
last-modified
Wed, 17 Jul 2024 12:00:27 GMT
vary
Accept-Encoding
server
cloudflare
Cobalt-Logo.png
static.co27.io/assets/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.co27.io/assets/images/Cobalt-Logo.png
Requested by
Host: login.app.us.cobalt.io
URL: https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SBMam1GRnZIY3dicjNGRkNjZ0pZZE1DdWZpajM0WVhaaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDdod3VxelM5WU04X3ZadkNiTXhNS2ZhWWJhQkxNYXRuo2NpZNkgeUlnb0tyS2pVU29TWE9UM2d0d2lEOU41cDRFWHRBaU4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bd74133a6f37a44cce3a4062abece2c2d98c34509b6ec3819ab7780e219e844
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.app.us.cobalt.io/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
public, max-age=14400
cf-cache-status
HIT
etag
"6697b25b-1c89"
access-control-allow-methods
GET, OPTIONS
cf-ray
8d002a3d3cc3a2f3-YUL
expires
Wed, 09 Oct 2024 21:42:03 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
7305
date
Wed, 09 Oct 2024 17:42:03 GMT
content-type
image/png
last-modified
Wed, 17 Jul 2024 12:00:27 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/ 		688 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd0c91dae3964654557348546b167581cdac13a2e00555b3c5b73e0981d4b165

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
Inter.var.woff2
static.co27.io/assets/fonts/ 		317 KB
318 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.co27.io/assets/fonts/Inter.var.woff2
Requested by
Host: login.app.us.cobalt.io
URL: https://login.app.us.cobalt.io/u/login/identifier?state=hKFo2SBMam1GRnZIY3dicjNGRkNjZ0pZZE1DdWZpajM0WVhaaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDdod3VxelM5WU04X3ZadkNiTXhNS2ZhWWJhQkxNYXRuo2NpZNkgeUlnb0tyS2pVU29TWE9UM2d0d2lEOU41cDRFWHRBaU4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://login.app.us.cobalt.io
Referer
https://login.app.us.cobalt.io/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
public, max-age=14400
cf-cache-status
HIT
etag
"6697b25b-4f500"
access-control-allow-methods
GET, OPTIONS
cf-ray
8d002a3d9f0ea294-YUL
expires
Wed, 09 Oct 2024 21:42:03 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
324864
date
Wed, 09 Oct 2024 17:42:03 GMT
content-type
font/woff2
last-modified
Wed, 17 Jul 2024 12:00:27 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
static.co27.io/assets/images/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.co27.io/assets/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07dfcd5bbe72b2b06b23f9f4f3fcc76549d7cd684da813593065d23929aa363
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6697b25b-3aee"
age
6640
access-control-allow-methods
GET, OPTIONS
cf-ray
8d002a3ebfd6a2f3-YUL
expires
Wed, 09 Oct 2024 21:42:03 GMT
access-control-allow-origin
*
date
Wed, 09 Oct 2024 17:42:03 GMT
content-type
image/x-icon
last-modified
Wed, 17 Jul 2024 12:00:27 GMT
vary
Accept-Encoding
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
app.us.cobalt.io
URL
blob:https://app.us.cobalt.io/c51544ed-1b49-4638-90ea-e677b1ca7733

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ulpFlags

4 Cookies

Domain/Path Name / Value
login.app.us.cobalt.io/ Name: did
Value: s%3Av0%3Ae12c9fe9-0497-44f5-af93-984f3f05af30.7BfaWRaLfOHQzStBjfmqQBcN%2BNWtfX4VkuD6DA41SKY
login.app.us.cobalt.io/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQEEGSbfuS07c5zJHE1TZFxNhR4Lo7Lm6-F-mBjAPbyPPi-uJ0u3jKI7Pb9v2xnnTCLlK3PhuIGW9196A1ce9i2-mY29va2llg6dleHBpcmVz1_8S1ccAZwq06q5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.9gqn2ZcuAZdm7PF6BNrsj5t7iudXV%2FJwaXz%2BZCVhcH8
login.app.us.cobalt.io/ Name: did_compat
Value: s%3Av0%3Ae12c9fe9-0497-44f5-af93-984f3f05af30.7BfaWRaLfOHQzStBjfmqQBcN%2BNWtfX4VkuD6DA41SKY
login.app.us.cobalt.io/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQEEGSbfuS07c5zJHE1TZFxNhR4Lo7Lm6-F-mBjAPbyPPi-uJ0u3jKI7Pb9v2xnnTCLlK3PhuIGW9196A1ce9i2-mY29va2llg6dleHBpcmVz1_8S1ccAZwq06q5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.9gqn2ZcuAZdm7PF6BNrsj5t7iudXV%2FJwaXz%2BZCVhcH8

9 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'publickey-credentials'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security error URL: https://app.us.cobalt.io/static/js/746.36786143.chunk.js(Line 17)
Message:
Refused to connect to 'https://o159135.ingest.us.sentry.io/api/1220993/envelope/?sentry_key=41e49729f6c74b8e9cb00cd7f860b73c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.58.1' because it violates the following Content Security Policy directive: "connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com".
javascript error URL: https://app.us.cobalt.io/static/js/746.36786143.chunk.js(Line 17)
Message:
Refused to connect to 'https://o159135.ingest.us.sentry.io/api/1220993/envelope/?sentry_key=41e49729f6c74b8e9cb00cd7f860b73c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.58.1' because it violates the document's Content Security Policy.
security error URL: https://app.us.cobalt.io/static/js/746.36786143.chunk.js(Line 17)
Message:
Refused to connect to 'https://o159135.ingest.us.sentry.io/api/1220993/envelope/?sentry_key=41e49729f6c74b8e9cb00cd7f860b73c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.58.1' because it violates the following Content Security Policy directive: "connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com".
javascript error URL: https://app.us.cobalt.io/static/js/746.36786143.chunk.js(Line 17)
Message:
Refused to connect to 'https://o159135.ingest.us.sentry.io/api/1220993/envelope/?sentry_key=41e49729f6c74b8e9cb00cd7f860b73c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.58.1' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https: blob: ;child-src 'self' https://play.vidyard.com *.auth0.com:* login.app.us.cobalt.io:* app.pendo.io pendo-io-extensions.storage.googleapis.com blob: ;connect-src wss://* data: blob: 'self' *.doubleclick.net https://www.google-analytics.com https://*.usercentrics.eu https://grsm.io/pr/signup *.auth0.com:* login.app.us.cobalt.io:* api.transferwise.com work-formation.production.us.cobalt.io work-formation.us.cobalt.io cve-api.us.cobalt.io taxonomy-api.us.cobalt.io taxonomy-api.production.us.cobalt.io engine.us.cobalt.io engine.production.us.cobalt.io api.us.cobalt.io api.production.us.cobalt.io admin-api.us.cobalt.io admin-api.production.us.cobalt.io s3.amazonaws.com s3-us-west-2.amazonaws.com storage.googleapis.com *.ingest.sentry.io gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-ancestors *.atlassian.net app.pendo.io ;font-src 'self' https://fonts.gstatic.com data: ;img-src 'self' blob: https://*.usercentrics.eu https://cdn.vidyard.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.de https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com www.googletagmanager.com data: api.us.cobalt.io api.production.us.cobalt.io storage.googleapis.com s3-us-west-2.amazonaws.com s3.amazonaws.com gravatar.com secure.gravatar.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;object-src 'self' blob: data: https://*.usercentrics.eu ;script-src 'self' https://snippet.growsumo.com https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.usercentrics.eu https://*.calendly.com https://embedding.workato.com/r/embedding-client.js *.auth0.com:* login.app.us.cobalt.io:* 'sha256-W//r7zYFhph26WyKhE7ziPbRACTMBF5wevdDMttEcac=' bam.nr-data.net 'sha256-sZ6svVsJZQZ7dK7F8dSLy0yIWWPqgDn6JswaEs57G5U=' 'sha256-QNjm9/X1muv3XaN2YjLgRB2zF/F3LKy/8kxQPBQwWa8=' 'sha256-s2ms0zhlxVUZzHf+tnGL+zQ9Kia3HD14zV5J2bGzgCY=' s3.amazonaws.com pendo-io-static.storage.googleapis.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-extensions.storage.googleapis.com ;frame-src www.workato.com app.workato.com app.eu.workato.com https://play.vidyard.com https://www.loom.com login.app.us.cobalt.io:* pendo-io-extensions.storage.googleapis.com app.pendo.io ;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com s3.amazonaws.com pendo-static-6219827428196352.storage.googleapis.com app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com ;upgrade-insecure-requests;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block